<?xml version="1.0" encoding="UTF-8"?> <wsdl:definitions xmlns:schema="http://sts.idm.telekom.com/schema/" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy" xmlns:tns="http://sts.idm.telekom.com/wsdl/" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" name="sts" targetNamespace="http://sts.idm.telekom.com/wsdl/"> <wsdl:types> <xsd:schema attributeFormDefault="qualified" elementFormDefault="qualified" targetNamespace="http://sts.idm.telekom.com/schema/" version="0.1" xmlns:tns="http://sts.idm.telekom.com/schema/" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <xsd:complexType name="FaultResponse"> <xsd:sequence> <xsd:element maxOccurs="1" minOccurs="1" name="code" nillable="false" type="xsd:string"/> <xsd:element maxOccurs="1" minOccurs="1" name="msg" nillable="false" type="xsd:string"/> <xsd:element maxOccurs="1" minOccurs="0" name="lockedUntil" nillable="true" type="xsd:dateTime"/> </xsd:sequence> </xsd:complexType> <xsd:simpleType name="SecurityTokenFormatId"> <xsd:annotation> <xsd:documentation> Telekom specific format id, e.g. there will be multiple different token formats derived from SAML 2.0 Assertions </xsd:documentation> </xsd:annotation> <xsd:restriction base="xsd:string"> <xsd:enumeration value="saml20"/> </xsd:restriction> </xsd:simpleType> <xsd:simpleType name="SecurityTokenEncodingId"> <xsd:annotation> <xsd:documentation> Telekom specific encoding id - there can be different encoding formats for the same token format, e.g. SAML Assertions can be encoded as plain XML or in base64-encoding </xsd:documentation> </xsd:annotation> <xsd:restriction base="xsd:string"> <xsd:enumeration value="text/xml"/> <xsd:enumeration value="text/base64"/> </xsd:restriction> </xsd:simpleType> <xsd:complexType name="SecurityTokenResponse"> <xsd:sequence> <xsd:element maxOccurs="1" minOccurs="1" name="tokenFormat" type="tns:SecurityTokenFormatId"> <xsd:annotation> <xsd:documentation> format of the token carried by the response, determines syntax and processing rules for token </xsd:documentation> </xsd:annotation> </xsd:element> <xsd:element maxOccurs="1" minOccurs="0" name="tokenEncoding" type="tns:SecurityTokenEncodingId"> <xsd:annotation> <xsd:documentation> encoding of the token carried by the response, determines syntax and processing rules for token </xsd:documentation> </xsd:annotation> </xsd:element> <xsd:element maxOccurs="1" minOccurs="1" name="tokenData" type="xsd:string"> <xsd:annotation> <xsd:documentation> contains the string representation of the security token - no further token format identifier </xsd:documentation> </xsd:annotation> </xsd:element> </xsd:sequence> </xsd:complexType> <xsd:complexType name="login"> <xsd:sequence/> </xsd:complexType> <xsd:complexType name="getTokens"> <xsd:sequence> <xsd:element maxOccurs="unbounded" minOccurs="1" name="serviceId" type="xsd:string"> </xsd:element> </xsd:sequence> </xsd:complexType> <xsd:complexType name="getTokensResponse"> <xsd:sequence> <xsd:element maxOccurs="unbounded" minOccurs="1" name="securityToken" type="tns:SecurityTokenResponse"> </xsd:element> </xsd:sequence> </xsd:complexType> <xsd:complexType name="getTokensForSession"> <xsd:sequence> <xsd:element maxOccurs="unbounded" minOccurs="1" name="serviceId" type="xsd:string"> </xsd:element> <xsd:element maxOccurs="1" minOccurs="1" name="ssid" type="xsd:string"> <xsd:annotation> <xsd:documentation> valid SAM Session Id </xsd:documentation> </xsd:annotation> </xsd:element> </xsd:sequence> </xsd:complexType> <xsd:simpleType name="IDType"> <xsd:restriction base="xsd:string"> <xsd:enumeration value="guid"/> <xsd:enumeration value="anid"/> <xsd:enumeration value="alia"/> </xsd:restriction> </xsd:simpleType> <xsd:complexType name="getTokensForUserId"> <xsd:sequence> <xsd:element maxOccurs="unbounded" minOccurs="1" name="serviceId" type="xsd:string"> </xsd:element> <xsd:element name="uid" type="xsd:string"/> <xsd:element name="idx" type="tns:IDType"/> <xsd:element maxOccurs="unbounded" minOccurs="0" name="authn" type="xsd:string"/> </xsd:sequence> </xsd:complexType> <xsd:complexType name="getTokensForUserIdAndProfile"> <xsd:sequence> <xsd:element maxOccurs="unbounded" minOccurs="1" name="serviceId" type="xsd:string"> </xsd:element> <xsd:element name="uid" type="xsd:string"/> <xsd:element name="idx" type="tns:IDType"/> <xsd:element maxOccurs="unbounded" minOccurs="0" name="authn" type="xsd:string"/> <xsd:element maxOccurs="1" minOccurs="1" name="profileId" type="xsd:string"> </xsd:element> </xsd:sequence> </xsd:complexType> <xsd:element name="FaultResponse" type="tns:FaultResponse"/> <xsd:element name="login" type="tns:login"/> <xsd:element name="loginResponse" type="tns:SecurityTokenResponse"/> <xsd:element name="getTokens" type="tns:getTokens"/> <xsd:element name="getTokensResponse" type="tns:getTokensResponse"/> <xsd:element name="getTokensForSessionResponse" type="tns:getTokensResponse"/> <xsd:element name="getTokensForUserIdResponse" type="tns:getTokensResponse"/> <xsd:element name="getTokensForUserIdAndProfileResponse" type="tns:getTokensResponse"/> <xsd:element name="getTokensForSession" type="tns:getTokensForSession"/> <xsd:element name="getTokensForUserId" type="tns:getTokensForUserId"/> <xsd:element name="getTokensForUserIdAndProfile" type="tns:getTokensForUserIdAndProfile"/> </xsd:schema> </wsdl:types> <wsdl:message name="FaultResponse"> <wsdl:part name="fault" element="schema:FaultResponse"/> </wsdl:message> <wsdl:message name="loginRequest"> <wsdl:part name="parameters" element="schema:login"/> </wsdl:message> <wsdl:message name="loginResponse"> <wsdl:part name="parameters" element="schema:loginResponse"/> </wsdl:message> <wsdl:message name="getTokensRequest"> <wsdl:part name="parameters" element="schema:getTokens"/> </wsdl:message> <wsdl:message name="getTokensResponse"> <wsdl:part name="getTokensResponse" element="schema:getTokensResponse"> </wsdl:part> </wsdl:message> <wsdl:message name="getTokensForSessionRequest"> <wsdl:part name="parameters" element="schema:getTokensForSession"> </wsdl:part> </wsdl:message> <wsdl:message name="getTokensForSessionResponse"> <wsdl:part name="getTokensForSessionResponse" element="schema:getTokensForSessionResponse"> </wsdl:part> </wsdl:message> <wsdl:message name="getTokensForUserIdRequest"> <wsdl:part name="parameters" element="schema:getTokensForUserId"> </wsdl:part> </wsdl:message> <wsdl:message name="getTokensForUserIdResponse"> <wsdl:part name="getTokensForUserIdResponse" element="schema:getTokensForUserIdResponse"> </wsdl:part> </wsdl:message> <wsdl:message name="getTokensForUserIdAndProfileRequest"> <wsdl:part name="parameters" element="schema:getTokensForUserIdAndProfile"> </wsdl:part> </wsdl:message> <wsdl:message name="getTokensForUserIdAndProfileResponse"> <wsdl:part name="getTokensForUserIdAndProfileResponse" element="schema:getTokensForUserIdAndProfileResponse"> </wsdl:part> </wsdl:message> <wsdl:portType name="SecurityTokenServiceWS"> <wsdl:operation name="login"> <wsdl:input message="tns:loginRequest"/> <wsdl:output message="tns:loginResponse"/> <wsdl:fault name="fault" message="tns:FaultResponse"/> </wsdl:operation> <wsdl:operation name="getTokens"> <wsdl:input message="tns:getTokensRequest"/> <wsdl:output message="tns:getTokensResponse"/> <wsdl:fault name="fault" message="tns:FaultResponse"/> </wsdl:operation> <wsdl:operation name="getTokensForSession"> <wsdl:input message="tns:getTokensForSessionRequest"/> <wsdl:output message="tns:getTokensForSessionResponse"/> <wsdl:fault name="fault" message="tns:FaultResponse"/> </wsdl:operation> <wsdl:operation name="getTokensForUserId"> <wsdl:input message="tns:getTokensForUserIdRequest"/> <wsdl:output message="tns:getTokensForUserIdResponse"/> <wsdl:fault name="fault" message="tns:FaultResponse"/> </wsdl:operation> <wsdl:operation name="getTokensForUserIdAndProfile"> <wsdl:input message="tns:getTokensForUserIdAndProfileRequest"> </wsdl:input> <wsdl:output message="tns:getTokensForUserIdAndProfileResponse"/> <wsdl:fault name="fault" message="tns:FaultResponse"/> </wsdl:operation> </wsdl:portType> <wsdl:binding name="SecurityTokenServiceSOAPBinding" type="tns:SecurityTokenServiceWS"> <soap:binding transport="http://schemas.xmlsoap.org/soap/http"/> <wsp:PolicyReference URI="#TransportBindingPolicy"/> <wsdl:operation name="login"> <soap:operation soapAction="http://sts.idm.telekom.com/wsdl/login"/> <wsdl:input> <wsp:PolicyReference URI="#UsernameTokenPolicy"/> <soap:body use="literal"/> </wsdl:input> <wsdl:output> <soap:body use="literal"/> </wsdl:output> <wsdl:fault name="fault"> <soap:fault name="fault" use="literal"/> </wsdl:fault> </wsdl:operation> <wsdl:operation name="getTokens"> <soap:operation soapAction="http://sts.idm.telekom.com/wsdl/getTokens"/> <wsdl:input> <wsp:PolicyReference URI="#SAMLTokenPolicy"/> <soap:body use="literal"/> </wsdl:input> <wsdl:output> <soap:body use="literal"/> </wsdl:output> <wsdl:fault name="fault"> <soap:fault name="fault" use="literal"/> </wsdl:fault> </wsdl:operation> <wsdl:operation name="getTokensForSession"> <soap:operation soapAction="http://sts.idm.telekom.com/wsdl/getTokensForSession"/> <wsdl:input> <wsp:PolicyReference URI="#SAMLTokenPolicy"/> <soap:body use="literal"/> </wsdl:input> <wsdl:output> <soap:body use="literal"/> </wsdl:output> <wsdl:fault name="fault"> <soap:fault name="fault" use="literal"/> </wsdl:fault> </wsdl:operation> <wsdl:operation name="getTokensForUserId"> <soap:operation soapAction="http://sts.idm.telekom.com/wsdl/getTokensForUserId"/> <wsdl:input> <wsp:PolicyReference URI="#SAMLTokenPolicy"/> <soap:body use="literal"/> </wsdl:input> <wsdl:output> <soap:body use="literal"/> </wsdl:output> <wsdl:fault name="fault"> <soap:fault name="fault" use="literal"/> </wsdl:fault> </wsdl:operation> <wsdl:operation name="getTokensForUserIdAndProfile"> <soap:operation soapAction="http://sts.idm.telekom.com/wsdl/getTokensForUserIdAndProfile"/> <wsdl:input> <wsp:PolicyReference URI="#SAMLTokenPolicy"/> <soap:body use="literal"/> </wsdl:input> <wsdl:output> <soap:body use="literal"/> </wsdl:output> <wsdl:fault name="fault"> <soap:fault name="fault" use="literal"/> </wsdl:fault> </wsdl:operation> </wsdl:binding> <wsdl:service name="SecurityTokenService"> <wsdl:port name="TokenService" binding="tns:SecurityTokenServiceSOAPBinding"> <soap:address location="https://sts.idm.telekom.com/TokenService"/> </wsdl:port> </wsdl:service> <wsp:Policy wsu:Id="TransportBindingPolicy"> <wsp:ExactlyOne> <wsp:All> <wsaws:UsingAddressing xmlns:wsaws="http://www.w3.org/2006/05/addressing/wsdl"/> <sp:TransportBinding> <wsp:Policy> <sp:TransportToken> <wsp:Policy> <sp:HttpsToken RequireClientCertificate="false"/> </wsp:Policy> </sp:TransportToken> <sp:Layout> <wsp:Policy> <sp:Strict/> </wsp:Policy> </sp:Layout> <sp:IncludeTimestamp/> <sp:AlgorithmSuite> <wsp:Policy> <sp:Basic256/> </wsp:Policy> </sp:AlgorithmSuite> </wsp:Policy> </sp:TransportBinding> <sp:Wss11/> </wsp:All> </wsp:ExactlyOne> </wsp:Policy> <wsp:Policy wsu:Id="UsernameTokenPolicy"> <wsp:ExactlyOne> <wsp:All> <sp:SupportingTokens> <wsp:Policy> <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"> <wsp:Policy> <sp:WssUsernameToken11/> </wsp:Policy> </sp:UsernameToken> </wsp:Policy> </sp:SupportingTokens> </wsp:All> </wsp:ExactlyOne> </wsp:Policy> <wsp:Policy wsu:Id="SAMLTokenPolicy"> <wsp:ExactlyOne> <wsp:All> <sp:SupportingTokens> <wsp:Policy> <sp:SamlToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"> <wsp:Policy> <sp:WssSamlV20Token11/> </wsp:Policy> </sp:SamlToken> </wsp:Policy> </sp:SupportingTokens> </wsp:All> </wsp:ExactlyOne> </wsp:Policy> </wsdl:definitions>