clients/root/models/server.go

// Code generated by go-swagger; DO NOT EDIT.

package models

// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command

import (
	"context"
	"encoding/json"
	"strconv"

	"github.com/go-openapi/errors"
	"github.com/go-openapi/strfmt"
	"github.com/go-openapi/swag"
	"github.com/go-openapi/validate"
)

// Server Multi Tenant authorization server
//
// swagger:model Server
type Server struct {

	// Access token strategy
	//
	// You can choose to go either with `JWT` or `opaque` tokens.
	//
	// The content of JSON Web Tokens is readable and it is possible to be decoded by anyone that
	// has a secret or a public key in their possession.
	//
	// Opaque tokens are in a proprietary form that contains an identifier to information stored on
	// the athorization server. To validate an opaque token, the recipient must call the server that
	// issued the token.
	// Example: jwt
	// Enum: [jwt opaque]
	AccessTokenStrategy string `json:"access_token_strategy,omitempty" yaml:"access_token_strategy,omitempty"`

	// Access token time to live
	//
	// After an access token reaches its time to live, it expires and it cannot be used to
	// authenticate the client application.
	// Example: 1h10m30s
	// Format: duration
	AccessTokenTTL strfmt.Duration `json:"access_token_ttl,omitempty" yaml:"access_token_ttl,omitempty"`

	// advanced
	Advanced *AdvancedConfiguration `json:"advanced,omitempty" yaml:"advanced,omitempty"`

	// authentication context settings
	AuthenticationContextSettings *AuthenticationContextSettings `json:"authentication_context_settings,omitempty" yaml:"authentication_context_settings,omitempty"`

	// Authorization code time to live
	//
	// After an authorization code reaches its time to live, it expires and it cannot be used to
	// authorize the request to the `/token` endpoint.
	// Example: 10m0s
	// Format: duration
	AuthorizationCodeTTL strfmt.Duration `json:"authorization_code_ttl,omitempty" yaml:"authorization_code_ttl,omitempty"`

	// backchannel token delivery modes supported
	BackchannelTokenDeliveryModesSupported []string `json:"backchannel_token_delivery_modes_supported" yaml:"backchannel_token_delivery_modes_supported"`

	// backchannel user code parameter supported
	BackchannelUserCodeParameterSupported bool `json:"backchannel_user_code_parameter_supported,omitempty" yaml:"backchannel_user_code_parameter_supported,omitempty"`

	// cdr
	Cdr *CDRConfiguration `json:"cdr,omitempty" yaml:"cdr,omitempty"`

	// Your server's label color in a HEX format.
	// Example: #007FFF
	Color string `json:"color,omitempty" yaml:"color,omitempty"`

	// Namespace used when creating Open Banking Brasil consent IDs
	//
	// Consent IDs will have the form of urn:<consent_id_namespace>:<uid> when this is set.
	// If this is empty, the tenant id is used by default
	ConsentIDNamespace string `json:"consent_id_namespace,omitempty" yaml:"consent_id_namespace,omitempty"`

	// Cookie max age
	//
	// Defines how long a cookie can live until it expires.
	// Example: 1h10m30s
	// Format: duration
	CookieMaxAge strfmt.Duration `json:"cookie_max_age,omitempty" yaml:"cookie_max_age,omitempty"`

	// Defines a custom issuer URL that can be used as the value of the `iss` claim in an access
	// token.
	//
	// If not provided, it is built dynamically based on the server's URL.
	// Example: http://example.com/default/default
	CustomIssuerURL string `json:"custom_issuer_url,omitempty" yaml:"custom_issuer_url,omitempty"`

	// Display description of the workspace
	// Example: Server description
	Description string `json:"description,omitempty" yaml:"description,omitempty"`

	// device authorization
	DeviceAuthorization *DeviceAuthorizationConfiguration `json:"device_authorization,omitempty" yaml:"device_authorization,omitempty"`

	// dynamic client registration
	DynamicClientRegistration *DynamicClientRegistrationSettings `json:"dynamic_client_registration,omitempty" yaml:"dynamic_client_registration,omitempty"`

	// You can use this property to define a separator that is used for dynamic scopes.
	//
	// For example, the default separator is `.`, so the scope could look like the following:
	// `users.*`.
	//
	// For Open Banking Brazil compliant servers, the `:` separator should be used.
	DynamicScopeSeparator string `json:"dynamic_scope_separator,omitempty" yaml:"dynamic_scope_separator,omitempty"`

	// Deprecated: Use IDPDiscovery instead
	//
	// If enabled, IDP discovery automatically redirects the user to their own IDP and does not
	// display IDPs of other users while the users accesses the server/application.
	// Example: false
	EnableIdpDiscovery bool `json:"enable_idp_discovery,omitempty" yaml:"enable_idp_discovery,omitempty"`

	// Deprecated
	//
	// If enabled, it is possible to manually register clients withouth the use of software
	// statements.
	//
	// This flag is enabled, when the `enable_trust_anchor` flag is set to `false`. You can disable
	// it using API, but it cannot be manually enabled.
	EnableLegacyClientsWithNoSoftwareStatement bool `json:"enable_legacy_clients_with_no_software_statement,omitempty" yaml:"enable_legacy_clients_with_no_software_statement,omitempty"`

	// If enabled, the server is visible on the Quick Access tab on the login page.
	EnableQuickAccess bool `json:"enable_quick_access,omitempty" yaml:"enable_quick_access,omitempty"`

	// If enabled, it makes it obligatory to provide a software statement signed by a trusted certificate authority
	//
	// when registering a client application with the use of the Dynamic Client Registration (DCR).
	//
	// In public key infrastructure (PKI), trust anchors are certification authorities. They are
	// represented by a certificate that is used to verify the signature of a certificate issued by
	// a particular trust anchor.
	EnableTrustAnchor bool `json:"enable_trust_anchor,omitempty" yaml:"enable_trust_anchor,omitempty"`

	// When enabled, the authorization server will enforce encrypted id tokens it issues
	EnforceIDTokenEncryption bool `json:"enforce_id_token_encryption,omitempty" yaml:"enforce_id_token_encryption,omitempty"`

	// Define whether you want to enforce using the Proof Key of Code Exchange (PKCE) for both
	// private and public clients.
	//
	// PKCE is an OAuth security extension that prevents malicious applications or codes that
	// intercepted authorization code from exchanging it for an access token.
	// Example: false
	EnforcePkce bool `json:"enforce_pkce,omitempty" yaml:"enforce_pkce,omitempty"`

	// Define whether you want to enforce using the Proof Key of Code Exchange (PKCE) for
	// public clients.
	//
	// Public clients, like mobile applications or JavaScript-based applications, by their design,
	// cannot store client secrets securely. For such clients, even encrypting the client secret
	// inside the application’s code is not a reliable way of protecting secrets as the application
	// can be decompiled and the client secret can be extracted while it is decrypted in the memory
	// of the application.
	//
	// For those reasons, ACP supports the use of PKCE as an addition to the authorization code
	// grant flow to provide a secure alternative to the implicit grant flow.
	// Example: false
	EnforcePkceForPublicClients bool `json:"enforce_pkce_for_public_clients,omitempty" yaml:"enforce_pkce_for_public_clients,omitempty"`

	// fdx
	Fdx *FDXConfiguration `json:"fdx,omitempty" yaml:"fdx,omitempty"`

	// An array that defines which of the OAuth 2.0 grant types are enabled for the authorization server.
	// Example: ["authorization_code","implicit","refresh_token","client_credentials"]
	GrantTypes []string `json:"grant_types" yaml:"grant_types"`

	// Unique identifier of an authorization server (workspace)
	//
	// If not provided, a random ID is generated.
	// Example: default
	ID string `json:"id,omitempty" yaml:"id,omitempty"`

	// ID token time to live
	//
	// After an ID token reaches its time to live, it expires and it cannot be used to provide
	// user profile information to a client application.
	// Example: 1h10m30s
	// Format: duration
	IDTokenTTL strfmt.Duration `json:"id_token_ttl,omitempty" yaml:"id_token_ttl,omitempty"`

	// identity assurance
	IdentityAssurance *IdentityAssuranceConfiguration `json:"identity_assurance,omitempty" yaml:"identity_assurance,omitempty"`

	// idp discovery
	IdpDiscovery *IDPDiscovery `json:"idp_discovery,omitempty" yaml:"idp_discovery,omitempty"`

	// Issuer ID that will be used to set `iss` claim on signed messages
	//
	// If issuer_id is not set then default issuer_url will be used
	// Example: 5647fe90-f6bc-11eb-9a03-0242ac130003
	IssuerID string `json:"issuer_id,omitempty" yaml:"issuer_id,omitempty"`

	// jwks
	Jwks *ServerJWKs `json:"jwks,omitempty" yaml:"jwks,omitempty"`

	// Determines which type of asymmetric algorithms (RSA or ECDSA) is used to generate keys for signing access and
	// ID tokens.
	//
	// It is used only as an input parameter for the Create Authorization Server API.
	// Example: rsa
	// Enum: [rsa ecdsa ps]
	KeyType string `json:"key_type,omitempty" yaml:"key_type,omitempty"`

	// legal entity
	LegalEntity *LegalEntity `json:"legal_entity,omitempty" yaml:"legal_entity,omitempty"`

	// Logo URI
	LogoURI string `json:"logo_uri,omitempty" yaml:"logo_uri,omitempty"`

	// metadata
	Metadata *ServerMetadata `json:"metadata,omitempty" yaml:"metadata,omitempty"`

	// Display name of the workspace
	//
	// If not provided, a random ID is generated.
	// Example: default
	Name string `json:"name,omitempty" yaml:"name,omitempty"`

	// obbr
	Obbr *OBBRConfiguration `json:"obbr,omitempty" yaml:"obbr,omitempty"`

	// organization
	Organization *OrganizationConfiguration `json:"organization,omitempty" yaml:"organization,omitempty"`

	// Optional ID of a parent server
	ParentID string `json:"parent_id,omitempty" yaml:"parent_id,omitempty"`

	// The profile of a server
	//
	// ACP is delivered with preconfigured workspace templates that enable quick and easy setup for
	// specific configuration patterns. For example, you can instantly create an Open Banking
	// compliant workspace that has all of the required mechanisms and settings already in place.
	// Example: default
	// Enum: [default demo workforce consumer partners third_party fapi_advanced fapi_rw fapi_ro openbanking_uk_fapi_advanced openbanking_uk openbanking_br openbanking_br_unico cdr_australia cdr_australia_fapi_rw fdx openbanking_ksa fapi_20_security fapi_20_message_signing connect_id]
	Profile string `json:"profile,omitempty" yaml:"profile,omitempty"`

	// Custom pushed authentication request TTL
	// If not provided, TTL is set to 60 seconds.
	// Format: duration
	PushedAuthorizationRequestTTL strfmt.Duration `json:"pushed_authorization_request_ttl,omitempty" yaml:"pushed_authorization_request_ttl,omitempty"`

	// Refresh token time to live
	//
	// After a refresh token reaches its time to live, it expires and it cannot be used to obtain
	// new access tokens for a client application.
	// Example: 720h0m0s
	// Format: duration
	RefreshTokenTTL strfmt.Duration `json:"refresh_token_ttl,omitempty" yaml:"refresh_token_ttl,omitempty"`

	// Boolean parameter indicating whether the authorization server accepts authorization request data only via PAR.
	RequirePushedAuthorizationRequests bool `json:"require_pushed_authorization_requests,omitempty" yaml:"require_pushed_authorization_requests,omitempty"`

	// response types
	ResponseTypes ResponseTypes `json:"response_types,omitempty" yaml:"response_types,omitempty"`

	// You can provide root Certificate Authority (CA) certificates encoded to the Privacy-Enhanced
	// Mail (PEM) file format which are used for the `tls_client_auth` and the
	// `self_signed_tls_client_auth` client authentication methods that use the Mutual
	// Transport Layer Security (mTLS).
	//
	// If not set, the system root CA certifiates are used instead.
	RootCas string `json:"root_cas,omitempty" yaml:"root_cas,omitempty"`

	// An array of rotated secrets that are still used to validate tokens
	// Example: ["jFpwIvuKJP46J71WqszPv1SrzoUr-cSILP9EPdlClB4"]
	RotatedSecrets []string `json:"rotated_secrets" yaml:"rotated_secrets"`

	// saml
	Saml *SAMLConfiguration `json:"saml,omitempty" yaml:"saml,omitempty"`

	// Secret used for hashing
	//
	// It must have at least 32 characters. If not provided, it is generated.
	// Example: hW5WhKX_7w7BLwUQ6mn7Cp70_OoKI_F1y1hLS5U8lIU
	Secret string `json:"secret,omitempty" yaml:"secret,omitempty"`

	// settings
	Settings *ServerSettings `json:"settings,omitempty" yaml:"settings,omitempty"`

	// sso
	Sso *SSOConfiguration `json:"sso,omitempty" yaml:"sso,omitempty"`

	// styling
	Styling *Styling `json:"styling,omitempty" yaml:"styling,omitempty"`

	// Define the format of a subject
	// When set to hash sub value is a one way hash of idp id and idp sub
	// Enum: [hash legacy]
	SubjectFormat string `json:"subject_format,omitempty" yaml:"subject_format,omitempty"`

	// Salt used to hash `subject` when the `pairwise` subject type is used.
	//
	// Salt is a random data which is used as an additional input to one-way functions that hashes
	// data, passwords, and, in this case, subjects.
	//
	// It is recommended that your salt value is long for security reasons. Preferably, the salt
	// value should be at least the same length as the output of the hash.
	//
	// If not provided, it is generated.
	SubjectIdentifierAlgorithmSalt string `json:"subject_identifier_algorithm_salt,omitempty" yaml:"subject_identifier_algorithm_salt,omitempty"`

	// An array that defines supported subject identifier types.
	//
	// Subject identifiers identify an end-user. They are locally unique and never reassigned within the Issuer,
	// and are intended to be consumed by client applications. There are two types
	// of subject identifiers: `public` and `pairwise`.
	//
	// `public` identifiers provide the same `sub` claim value to all client applications.
	// `pairwise` identifiers provide different `sub` claim values to each client application. With
	// this approach, it makes it impossible for client applications to correlate the end-user's
	// activity without their permission.
	// Example: ["public","pairwise"]
	SubjectIdentifierTypes []string `json:"subject_identifier_types" yaml:"subject_identifier_types"`

	// If true this workspace can be used as a template when creating a new ones.
	Template bool `json:"template,omitempty" yaml:"template,omitempty"`

	// ID of a tenant
	// Example: default
	// Required: true
	TenantID string `json:"tenant_id" yaml:"tenant_id"`

	// An array that lists all of the supported token endpoint authentication methods for the
	// authorization server.
	TokenEndpointAuthMethods []string `json:"token_endpoint_auth_methods" yaml:"token_endpoint_auth_methods"`

	// Token endpoint auth signing supported alg values
	//
	// Supported algorithms: HS256, RS256, ES256, PS256
	//
	// At least one algorithm must be set.
	//
	// The default values depends on the server security profile.
	TokenEndpointAuthSigningAlgValues []string `json:"token_endpoint_auth_signing_alg_values" yaml:"token_endpoint_auth_signing_alg_values"`

	// Deprecated: Use TokenEndpointAuthMethods instead
	TokenEndpointAuthnMethods []string `json:"token_endpoint_authn_methods" yaml:"token_endpoint_authn_methods"`

	// trust anchor configuration
	TrustAnchorConfiguration *TrustAnchorConfiguration `json:"trust_anchor_configuration,omitempty" yaml:"trust_anchor_configuration,omitempty"`

	// Server type
	//
	// It is an internal property used to recognize if the server is created for an admin portal,
	// a developer portal, or if it is a system or a regular workspace.
	// Example: regular
	// Enum: [admin developer system regular organization]
	Type string `json:"type,omitempty" yaml:"type,omitempty"`

	// server version to track internal changes
	// version that is currently the latest: 3
	Version int64 `json:"version,omitempty" yaml:"version,omitempty"`
}

// Validate validates this server
func (m *Server) Validate(formats strfmt.Registry) error {
	var res []error

	if err := m.validateAccessTokenStrategy(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateAccessTokenTTL(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateAdvanced(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateAuthenticationContextSettings(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateAuthorizationCodeTTL(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateCdr(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateCookieMaxAge(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateDeviceAuthorization(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateDynamicClientRegistration(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateFdx(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateGrantTypes(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateIDTokenTTL(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateIdentityAssurance(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateIdpDiscovery(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateJwks(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateKeyType(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateLegalEntity(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateMetadata(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateObbr(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateOrganization(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateProfile(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validatePushedAuthorizationRequestTTL(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateRefreshTokenTTL(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateResponseTypes(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateSaml(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateSettings(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateSso(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateStyling(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateSubjectFormat(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateSubjectIdentifierTypes(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateTenantID(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateTokenEndpointAuthMethods(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateTokenEndpointAuthnMethods(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateTrustAnchorConfiguration(formats); err != nil {
		res = append(res, err)
	}

	if err := m.validateType(formats); err != nil {
		res = append(res, err)
	}

	if len(res) > 0 {
		return errors.CompositeValidationError(res...)
	}
	return nil
}

var serverTypeAccessTokenStrategyPropEnum []interface{}

func init() {
	var res []string
	if err := json.Unmarshal([]byte(`["jwt","opaque"]`), &res); err != nil {
		panic(err)
	}
	for _, v := range res {
		serverTypeAccessTokenStrategyPropEnum = append(serverTypeAccessTokenStrategyPropEnum, v)
	}
}

const (

	// ServerAccessTokenStrategyJwt captures enum value "jwt"
	ServerAccessTokenStrategyJwt string = "jwt"

	// ServerAccessTokenStrategyOpaque captures enum value "opaque"
	ServerAccessTokenStrategyOpaque string = "opaque"
)

// prop value enum
func (m *Server) validateAccessTokenStrategyEnum(path, location string, value string) error {
	if err := validate.EnumCase(path, location, value, serverTypeAccessTokenStrategyPropEnum, true); err != nil {
		return err
	}
	return nil
}

func (m *Server) validateAccessTokenStrategy(formats strfmt.Registry) error {
	if swag.IsZero(m.AccessTokenStrategy) { // not required
		return nil
	}

	// value enum
	if err := m.validateAccessTokenStrategyEnum("access_token_strategy", "body", m.AccessTokenStrategy); err != nil {
		return err
	}

	return nil
}

func (m *Server) validateAccessTokenTTL(formats strfmt.Registry) error {
	if swag.IsZero(m.AccessTokenTTL) { // not required
		return nil
	}

	if err := validate.FormatOf("access_token_ttl", "body", "duration", m.AccessTokenTTL.String(), formats); err != nil {
		return err
	}

	return nil
}

func (m *Server) validateAdvanced(formats strfmt.Registry) error {
	if swag.IsZero(m.Advanced) { // not required
		return nil
	}

	if m.Advanced != nil {
		if err := m.Advanced.Validate(formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("advanced")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("advanced")
			}
			return err
		}
	}

	return nil
}

func (m *Server) validateAuthenticationContextSettings(formats strfmt.Registry) error {
	if swag.IsZero(m.AuthenticationContextSettings) { // not required
		return nil
	}

	if m.AuthenticationContextSettings != nil {
		if err := m.AuthenticationContextSettings.Validate(formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("authentication_context_settings")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("authentication_context_settings")
			}
			return err
		}
	}

	return nil
}

func (m *Server) validateAuthorizationCodeTTL(formats strfmt.Registry) error {
	if swag.IsZero(m.AuthorizationCodeTTL) { // not required
		return nil
	}

	if err := validate.FormatOf("authorization_code_ttl", "body", "duration", m.AuthorizationCodeTTL.String(), formats); err != nil {
		return err
	}

	return nil
}

func (m *Server) validateCdr(formats strfmt.Registry) error {
	if swag.IsZero(m.Cdr) { // not required
		return nil
	}

	if m.Cdr != nil {
		if err := m.Cdr.Validate(formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("cdr")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("cdr")
			}
			return err
		}
	}

	return nil
}

func (m *Server) validateCookieMaxAge(formats strfmt.Registry) error {
	if swag.IsZero(m.CookieMaxAge) { // not required
		return nil
	}

	if err := validate.FormatOf("cookie_max_age", "body", "duration", m.CookieMaxAge.String(), formats); err != nil {
		return err
	}

	return nil
}

func (m *Server) validateDeviceAuthorization(formats strfmt.Registry) error {
	if swag.IsZero(m.DeviceAuthorization) { // not required
		return nil
	}

	if m.DeviceAuthorization != nil {
		if err := m.DeviceAuthorization.Validate(formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("device_authorization")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("device_authorization")
			}
			return err
		}
	}

	return nil
}

func (m *Server) validateDynamicClientRegistration(formats strfmt.Registry) error {
	if swag.IsZero(m.DynamicClientRegistration) { // not required
		return nil
	}

	if m.DynamicClientRegistration != nil {
		if err := m.DynamicClientRegistration.Validate(formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("dynamic_client_registration")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("dynamic_client_registration")
			}
			return err
		}
	}

	return nil
}

func (m *Server) validateFdx(formats strfmt.Registry) error {
	if swag.IsZero(m.Fdx) { // not required
		return nil
	}

	if m.Fdx != nil {
		if err := m.Fdx.Validate(formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("fdx")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("fdx")
			}
			return err
		}
	}

	return nil
}

var serverGrantTypesItemsEnum []interface{}

func init() {
	var res []string
	if err := json.Unmarshal([]byte(`["authorization_code","implicit","client_credentials","refresh_token","password","urn:ietf:params:oauth:grant-type:jwt-bearer","urn:openid:params:grant-type:ciba","urn:ietf:params:oauth:grant-type:token-exchange","urn:ietf:params:oauth:grant-type:device_code"]`), &res); err != nil {
		panic(err)
	}
	for _, v := range res {
		serverGrantTypesItemsEnum = append(serverGrantTypesItemsEnum, v)
	}
}

func (m *Server) validateGrantTypesItemsEnum(path, location string, value string) error {
	if err := validate.EnumCase(path, location, value, serverGrantTypesItemsEnum, true); err != nil {
		return err
	}
	return nil
}

func (m *Server) validateGrantTypes(formats strfmt.Registry) error {
	if swag.IsZero(m.GrantTypes) { // not required
		return nil
	}

	for i := 0; i < len(m.GrantTypes); i++ {

		// value enum
		if err := m.validateGrantTypesItemsEnum("grant_types"+"."+strconv.Itoa(i), "body", m.GrantTypes[i]); err != nil {
			return err
		}

	}

	return nil
}

func (m *Server) validateIDTokenTTL(formats strfmt.Registry) error {
	if swag.IsZero(m.IDTokenTTL) { // not required
		return nil
	}

	if err := validate.FormatOf("id_token_ttl", "body", "duration", m.IDTokenTTL.String(), formats); err != nil {
		return err
	}

	return nil
}

func (m *Server) validateIdentityAssurance(formats strfmt.Registry) error {
	if swag.IsZero(m.IdentityAssurance) { // not required
		return nil
	}

	if m.IdentityAssurance != nil {
		if err := m.IdentityAssurance.Validate(formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("identity_assurance")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("identity_assurance")
			}
			return err
		}
	}

	return nil
}

func (m *Server) validateIdpDiscovery(formats strfmt.Registry) error {
	if swag.IsZero(m.IdpDiscovery) { // not required
		return nil
	}

	if m.IdpDiscovery != nil {
		if err := m.IdpDiscovery.Validate(formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("idp_discovery")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("idp_discovery")
			}
			return err
		}
	}

	return nil
}

func (m *Server) validateJwks(formats strfmt.Registry) error {
	if swag.IsZero(m.Jwks) { // not required
		return nil
	}

	if m.Jwks != nil {
		if err := m.Jwks.Validate(formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("jwks")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("jwks")
			}
			return err
		}
	}

	return nil
}

var serverTypeKeyTypePropEnum []interface{}

func init() {
	var res []string
	if err := json.Unmarshal([]byte(`["rsa","ecdsa","ps"]`), &res); err != nil {
		panic(err)
	}
	for _, v := range res {
		serverTypeKeyTypePropEnum = append(serverTypeKeyTypePropEnum, v)
	}
}

const (

	// ServerKeyTypeRsa captures enum value "rsa"
	ServerKeyTypeRsa string = "rsa"

	// ServerKeyTypeEcdsa captures enum value "ecdsa"
	ServerKeyTypeEcdsa string = "ecdsa"

	// ServerKeyTypePs captures enum value "ps"
	ServerKeyTypePs string = "ps"
)

// prop value enum
func (m *Server) validateKeyTypeEnum(path, location string, value string) error {
	if err := validate.EnumCase(path, location, value, serverTypeKeyTypePropEnum, true); err != nil {
		return err
	}
	return nil
}

func (m *Server) validateKeyType(formats strfmt.Registry) error {
	if swag.IsZero(m.KeyType) { // not required
		return nil
	}

	// value enum
	if err := m.validateKeyTypeEnum("key_type", "body", m.KeyType); err != nil {
		return err
	}

	return nil
}

func (m *Server) validateLegalEntity(formats strfmt.Registry) error {
	if swag.IsZero(m.LegalEntity) { // not required
		return nil
	}

	if m.LegalEntity != nil {
		if err := m.LegalEntity.Validate(formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("legal_entity")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("legal_entity")
			}
			return err
		}
	}

	return nil
}

func (m *Server) validateMetadata(formats strfmt.Registry) error {
	if swag.IsZero(m.Metadata) { // not required
		return nil
	}

	if m.Metadata != nil {
		if err := m.Metadata.Validate(formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("metadata")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("metadata")
			}
			return err
		}
	}

	return nil
}

func (m *Server) validateObbr(formats strfmt.Registry) error {
	if swag.IsZero(m.Obbr) { // not required
		return nil
	}

	if m.Obbr != nil {
		if err := m.Obbr.Validate(formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("obbr")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("obbr")
			}
			return err
		}
	}

	return nil
}

func (m *Server) validateOrganization(formats strfmt.Registry) error {
	if swag.IsZero(m.Organization) { // not required
		return nil
	}

	if m.Organization != nil {
		if err := m.Organization.Validate(formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("organization")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("organization")
			}
			return err
		}
	}

	return nil
}

var serverTypeProfilePropEnum []interface{}

func init() {
	var res []string
	if err := json.Unmarshal([]byte(`["default","demo","workforce","consumer","partners","third_party","fapi_advanced","fapi_rw","fapi_ro","openbanking_uk_fapi_advanced","openbanking_uk","openbanking_br","openbanking_br_unico","cdr_australia","cdr_australia_fapi_rw","fdx","openbanking_ksa","fapi_20_security","fapi_20_message_signing","connect_id"]`), &res); err != nil {
		panic(err)
	}
	for _, v := range res {
		serverTypeProfilePropEnum = append(serverTypeProfilePropEnum, v)
	}
}

const (

	// ServerProfileDefault captures enum value "default"
	ServerProfileDefault string = "default"

	// ServerProfileDemo captures enum value "demo"
	ServerProfileDemo string = "demo"

	// ServerProfileWorkforce captures enum value "workforce"
	ServerProfileWorkforce string = "workforce"

	// ServerProfileConsumer captures enum value "consumer"
	ServerProfileConsumer string = "consumer"

	// ServerProfilePartners captures enum value "partners"
	ServerProfilePartners string = "partners"

	// ServerProfileThirdParty captures enum value "third_party"
	ServerProfileThirdParty string = "third_party"

	// ServerProfileFapiAdvanced captures enum value "fapi_advanced"
	ServerProfileFapiAdvanced string = "fapi_advanced"

	// ServerProfileFapiRw captures enum value "fapi_rw"
	ServerProfileFapiRw string = "fapi_rw"

	// ServerProfileFapiRo captures enum value "fapi_ro"
	ServerProfileFapiRo string = "fapi_ro"

	// ServerProfileOpenbankingUkFapiAdvanced captures enum value "openbanking_uk_fapi_advanced"
	ServerProfileOpenbankingUkFapiAdvanced string = "openbanking_uk_fapi_advanced"

	// ServerProfileOpenbankingUk captures enum value "openbanking_uk"
	ServerProfileOpenbankingUk string = "openbanking_uk"

	// ServerProfileOpenbankingBr captures enum value "openbanking_br"
	ServerProfileOpenbankingBr string = "openbanking_br"

	// ServerProfileOpenbankingBrUnico captures enum value "openbanking_br_unico"
	ServerProfileOpenbankingBrUnico string = "openbanking_br_unico"

	// ServerProfileCdrAustralia captures enum value "cdr_australia"
	ServerProfileCdrAustralia string = "cdr_australia"

	// ServerProfileCdrAustraliaFapiRw captures enum value "cdr_australia_fapi_rw"
	ServerProfileCdrAustraliaFapiRw string = "cdr_australia_fapi_rw"

	// ServerProfileFdx captures enum value "fdx"
	ServerProfileFdx string = "fdx"

	// ServerProfileOpenbankingKsa captures enum value "openbanking_ksa"
	ServerProfileOpenbankingKsa string = "openbanking_ksa"

	// ServerProfileFapi20Security captures enum value "fapi_20_security"
	ServerProfileFapi20Security string = "fapi_20_security"

	// ServerProfileFapi20MessageSigning captures enum value "fapi_20_message_signing"
	ServerProfileFapi20MessageSigning string = "fapi_20_message_signing"

	// ServerProfileConnectID captures enum value "connect_id"
	ServerProfileConnectID string = "connect_id"
)

// prop value enum
func (m *Server) validateProfileEnum(path, location string, value string) error {
	if err := validate.EnumCase(path, location, value, serverTypeProfilePropEnum, true); err != nil {
		return err
	}
	return nil
}

func (m *Server) validateProfile(formats strfmt.Registry) error {
	if swag.IsZero(m.Profile) { // not required
		return nil
	}

	// value enum
	if err := m.validateProfileEnum("profile", "body", m.Profile); err != nil {
		return err
	}

	return nil
}

func (m *Server) validatePushedAuthorizationRequestTTL(formats strfmt.Registry) error {
	if swag.IsZero(m.PushedAuthorizationRequestTTL) { // not required
		return nil
	}

	if err := validate.FormatOf("pushed_authorization_request_ttl", "body", "duration", m.PushedAuthorizationRequestTTL.String(), formats); err != nil {
		return err
	}

	return nil
}

func (m *Server) validateRefreshTokenTTL(formats strfmt.Registry) error {
	if swag.IsZero(m.RefreshTokenTTL) { // not required
		return nil
	}

	if err := validate.FormatOf("refresh_token_ttl", "body", "duration", m.RefreshTokenTTL.String(), formats); err != nil {
		return err
	}

	return nil
}

func (m *Server) validateResponseTypes(formats strfmt.Registry) error {
	if swag.IsZero(m.ResponseTypes) { // not required
		return nil
	}

	if err := m.ResponseTypes.Validate(formats); err != nil {
		if ve, ok := err.(*errors.Validation); ok {
			return ve.ValidateName("response_types")
		} else if ce, ok := err.(*errors.CompositeError); ok {
			return ce.ValidateName("response_types")
		}
		return err
	}

	return nil
}

func (m *Server) validateSaml(formats strfmt.Registry) error {
	if swag.IsZero(m.Saml) { // not required
		return nil
	}

	if m.Saml != nil {
		if err := m.Saml.Validate(formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("saml")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("saml")
			}
			return err
		}
	}

	return nil
}

func (m *Server) validateSettings(formats strfmt.Registry) error {
	if swag.IsZero(m.Settings) { // not required
		return nil
	}

	if m.Settings != nil {
		if err := m.Settings.Validate(formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("settings")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("settings")
			}
			return err
		}
	}

	return nil
}

func (m *Server) validateSso(formats strfmt.Registry) error {
	if swag.IsZero(m.Sso) { // not required
		return nil
	}

	if m.Sso != nil {
		if err := m.Sso.Validate(formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("sso")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("sso")
			}
			return err
		}
	}

	return nil
}

func (m *Server) validateStyling(formats strfmt.Registry) error {
	if swag.IsZero(m.Styling) { // not required
		return nil
	}

	if m.Styling != nil {
		if err := m.Styling.Validate(formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("styling")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("styling")
			}
			return err
		}
	}

	return nil
}

var serverTypeSubjectFormatPropEnum []interface{}

func init() {
	var res []string
	if err := json.Unmarshal([]byte(`["hash","legacy"]`), &res); err != nil {
		panic(err)
	}
	for _, v := range res {
		serverTypeSubjectFormatPropEnum = append(serverTypeSubjectFormatPropEnum, v)
	}
}

const (

	// ServerSubjectFormatHash captures enum value "hash"
	ServerSubjectFormatHash string = "hash"

	// ServerSubjectFormatLegacy captures enum value "legacy"
	ServerSubjectFormatLegacy string = "legacy"
)

// prop value enum
func (m *Server) validateSubjectFormatEnum(path, location string, value string) error {
	if err := validate.EnumCase(path, location, value, serverTypeSubjectFormatPropEnum, true); err != nil {
		return err
	}
	return nil
}

func (m *Server) validateSubjectFormat(formats strfmt.Registry) error {
	if swag.IsZero(m.SubjectFormat) { // not required
		return nil
	}

	// value enum
	if err := m.validateSubjectFormatEnum("subject_format", "body", m.SubjectFormat); err != nil {
		return err
	}

	return nil
}

var serverSubjectIdentifierTypesItemsEnum []interface{}

func init() {
	var res []string
	if err := json.Unmarshal([]byte(`["public","pairwise"]`), &res); err != nil {
		panic(err)
	}
	for _, v := range res {
		serverSubjectIdentifierTypesItemsEnum = append(serverSubjectIdentifierTypesItemsEnum, v)
	}
}

func (m *Server) validateSubjectIdentifierTypesItemsEnum(path, location string, value string) error {
	if err := validate.EnumCase(path, location, value, serverSubjectIdentifierTypesItemsEnum, true); err != nil {
		return err
	}
	return nil
}

func (m *Server) validateSubjectIdentifierTypes(formats strfmt.Registry) error {
	if swag.IsZero(m.SubjectIdentifierTypes) { // not required
		return nil
	}

	for i := 0; i < len(m.SubjectIdentifierTypes); i++ {

		// value enum
		if err := m.validateSubjectIdentifierTypesItemsEnum("subject_identifier_types"+"."+strconv.Itoa(i), "body", m.SubjectIdentifierTypes[i]); err != nil {
			return err
		}

	}

	return nil
}

func (m *Server) validateTenantID(formats strfmt.Registry) error {

	if err := validate.RequiredString("tenant_id", "body", m.TenantID); err != nil {
		return err
	}

	return nil
}

var serverTokenEndpointAuthMethodsItemsEnum []interface{}

func init() {
	var res []string
	if err := json.Unmarshal([]byte(`["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","self_signed_tls_client_auth","tls_client_auth","none"]`), &res); err != nil {
		panic(err)
	}
	for _, v := range res {
		serverTokenEndpointAuthMethodsItemsEnum = append(serverTokenEndpointAuthMethodsItemsEnum, v)
	}
}

func (m *Server) validateTokenEndpointAuthMethodsItemsEnum(path, location string, value string) error {
	if err := validate.EnumCase(path, location, value, serverTokenEndpointAuthMethodsItemsEnum, true); err != nil {
		return err
	}
	return nil
}

func (m *Server) validateTokenEndpointAuthMethods(formats strfmt.Registry) error {
	if swag.IsZero(m.TokenEndpointAuthMethods) { // not required
		return nil
	}

	for i := 0; i < len(m.TokenEndpointAuthMethods); i++ {

		// value enum
		if err := m.validateTokenEndpointAuthMethodsItemsEnum("token_endpoint_auth_methods"+"."+strconv.Itoa(i), "body", m.TokenEndpointAuthMethods[i]); err != nil {
			return err
		}

	}

	return nil
}

var serverTokenEndpointAuthnMethodsItemsEnum []interface{}

func init() {
	var res []string
	if err := json.Unmarshal([]byte(`["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","self_signed_tls_client_auth","tls_client_auth","none"]`), &res); err != nil {
		panic(err)
	}
	for _, v := range res {
		serverTokenEndpointAuthnMethodsItemsEnum = append(serverTokenEndpointAuthnMethodsItemsEnum, v)
	}
}

func (m *Server) validateTokenEndpointAuthnMethodsItemsEnum(path, location string, value string) error {
	if err := validate.EnumCase(path, location, value, serverTokenEndpointAuthnMethodsItemsEnum, true); err != nil {
		return err
	}
	return nil
}

func (m *Server) validateTokenEndpointAuthnMethods(formats strfmt.Registry) error {
	if swag.IsZero(m.TokenEndpointAuthnMethods) { // not required
		return nil
	}

	for i := 0; i < len(m.TokenEndpointAuthnMethods); i++ {

		// value enum
		if err := m.validateTokenEndpointAuthnMethodsItemsEnum("token_endpoint_authn_methods"+"."+strconv.Itoa(i), "body", m.TokenEndpointAuthnMethods[i]); err != nil {
			return err
		}

	}

	return nil
}

func (m *Server) validateTrustAnchorConfiguration(formats strfmt.Registry) error {
	if swag.IsZero(m.TrustAnchorConfiguration) { // not required
		return nil
	}

	if m.TrustAnchorConfiguration != nil {
		if err := m.TrustAnchorConfiguration.Validate(formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("trust_anchor_configuration")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("trust_anchor_configuration")
			}
			return err
		}
	}

	return nil
}

var serverTypeTypePropEnum []interface{}

func init() {
	var res []string
	if err := json.Unmarshal([]byte(`["admin","developer","system","regular","organization"]`), &res); err != nil {
		panic(err)
	}
	for _, v := range res {
		serverTypeTypePropEnum = append(serverTypeTypePropEnum, v)
	}
}

const (

	// ServerTypeAdmin captures enum value "admin"
	ServerTypeAdmin string = "admin"

	// ServerTypeDeveloper captures enum value "developer"
	ServerTypeDeveloper string = "developer"

	// ServerTypeSystem captures enum value "system"
	ServerTypeSystem string = "system"

	// ServerTypeRegular captures enum value "regular"
	ServerTypeRegular string = "regular"

	// ServerTypeOrganization captures enum value "organization"
	ServerTypeOrganization string = "organization"
)

// prop value enum
func (m *Server) validateTypeEnum(path, location string, value string) error {
	if err := validate.EnumCase(path, location, value, serverTypeTypePropEnum, true); err != nil {
		return err
	}
	return nil
}

func (m *Server) validateType(formats strfmt.Registry) error {
	if swag.IsZero(m.Type) { // not required
		return nil
	}

	// value enum
	if err := m.validateTypeEnum("type", "body", m.Type); err != nil {
		return err
	}

	return nil
}

// ContextValidate validate this server based on the context it is used
func (m *Server) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
	var res []error

	if err := m.contextValidateAdvanced(ctx, formats); err != nil {
		res = append(res, err)
	}

	if err := m.contextValidateAuthenticationContextSettings(ctx, formats); err != nil {
		res = append(res, err)
	}

	if err := m.contextValidateCdr(ctx, formats); err != nil {
		res = append(res, err)
	}

	if err := m.contextValidateDeviceAuthorization(ctx, formats); err != nil {
		res = append(res, err)
	}

	if err := m.contextValidateDynamicClientRegistration(ctx, formats); err != nil {
		res = append(res, err)
	}

	if err := m.contextValidateFdx(ctx, formats); err != nil {
		res = append(res, err)
	}

	if err := m.contextValidateIdentityAssurance(ctx, formats); err != nil {
		res = append(res, err)
	}

	if err := m.contextValidateIdpDiscovery(ctx, formats); err != nil {
		res = append(res, err)
	}

	if err := m.contextValidateJwks(ctx, formats); err != nil {
		res = append(res, err)
	}

	if err := m.contextValidateLegalEntity(ctx, formats); err != nil {
		res = append(res, err)
	}

	if err := m.contextValidateMetadata(ctx, formats); err != nil {
		res = append(res, err)
	}

	if err := m.contextValidateObbr(ctx, formats); err != nil {
		res = append(res, err)
	}

	if err := m.contextValidateOrganization(ctx, formats); err != nil {
		res = append(res, err)
	}

	if err := m.contextValidateResponseTypes(ctx, formats); err != nil {
		res = append(res, err)
	}

	if err := m.contextValidateSaml(ctx, formats); err != nil {
		res = append(res, err)
	}

	if err := m.contextValidateSettings(ctx, formats); err != nil {
		res = append(res, err)
	}

	if err := m.contextValidateSso(ctx, formats); err != nil {
		res = append(res, err)
	}

	if err := m.contextValidateStyling(ctx, formats); err != nil {
		res = append(res, err)
	}

	if err := m.contextValidateTrustAnchorConfiguration(ctx, formats); err != nil {
		res = append(res, err)
	}

	if len(res) > 0 {
		return errors.CompositeValidationError(res...)
	}
	return nil
}

func (m *Server) contextValidateAdvanced(ctx context.Context, formats strfmt.Registry) error {

	if m.Advanced != nil {

		if swag.IsZero(m.Advanced) { // not required
			return nil
		}

		if err := m.Advanced.ContextValidate(ctx, formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("advanced")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("advanced")
			}
			return err
		}
	}

	return nil
}

func (m *Server) contextValidateAuthenticationContextSettings(ctx context.Context, formats strfmt.Registry) error {

	if m.AuthenticationContextSettings != nil {

		if swag.IsZero(m.AuthenticationContextSettings) { // not required
			return nil
		}

		if err := m.AuthenticationContextSettings.ContextValidate(ctx, formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("authentication_context_settings")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("authentication_context_settings")
			}
			return err
		}
	}

	return nil
}

func (m *Server) contextValidateCdr(ctx context.Context, formats strfmt.Registry) error {

	if m.Cdr != nil {

		if swag.IsZero(m.Cdr) { // not required
			return nil
		}

		if err := m.Cdr.ContextValidate(ctx, formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("cdr")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("cdr")
			}
			return err
		}
	}

	return nil
}

func (m *Server) contextValidateDeviceAuthorization(ctx context.Context, formats strfmt.Registry) error {

	if m.DeviceAuthorization != nil {

		if swag.IsZero(m.DeviceAuthorization) { // not required
			return nil
		}

		if err := m.DeviceAuthorization.ContextValidate(ctx, formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("device_authorization")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("device_authorization")
			}
			return err
		}
	}

	return nil
}

func (m *Server) contextValidateDynamicClientRegistration(ctx context.Context, formats strfmt.Registry) error {

	if m.DynamicClientRegistration != nil {

		if swag.IsZero(m.DynamicClientRegistration) { // not required
			return nil
		}

		if err := m.DynamicClientRegistration.ContextValidate(ctx, formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("dynamic_client_registration")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("dynamic_client_registration")
			}
			return err
		}
	}

	return nil
}

func (m *Server) contextValidateFdx(ctx context.Context, formats strfmt.Registry) error {

	if m.Fdx != nil {

		if swag.IsZero(m.Fdx) { // not required
			return nil
		}

		if err := m.Fdx.ContextValidate(ctx, formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("fdx")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("fdx")
			}
			return err
		}
	}

	return nil
}

func (m *Server) contextValidateIdentityAssurance(ctx context.Context, formats strfmt.Registry) error {

	if m.IdentityAssurance != nil {

		if swag.IsZero(m.IdentityAssurance) { // not required
			return nil
		}

		if err := m.IdentityAssurance.ContextValidate(ctx, formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("identity_assurance")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("identity_assurance")
			}
			return err
		}
	}

	return nil
}

func (m *Server) contextValidateIdpDiscovery(ctx context.Context, formats strfmt.Registry) error {

	if m.IdpDiscovery != nil {

		if swag.IsZero(m.IdpDiscovery) { // not required
			return nil
		}

		if err := m.IdpDiscovery.ContextValidate(ctx, formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("idp_discovery")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("idp_discovery")
			}
			return err
		}
	}

	return nil
}

func (m *Server) contextValidateJwks(ctx context.Context, formats strfmt.Registry) error {

	if m.Jwks != nil {

		if swag.IsZero(m.Jwks) { // not required
			return nil
		}

		if err := m.Jwks.ContextValidate(ctx, formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("jwks")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("jwks")
			}
			return err
		}
	}

	return nil
}

func (m *Server) contextValidateLegalEntity(ctx context.Context, formats strfmt.Registry) error {

	if m.LegalEntity != nil {

		if swag.IsZero(m.LegalEntity) { // not required
			return nil
		}

		if err := m.LegalEntity.ContextValidate(ctx, formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("legal_entity")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("legal_entity")
			}
			return err
		}
	}

	return nil
}

func (m *Server) contextValidateMetadata(ctx context.Context, formats strfmt.Registry) error {

	if m.Metadata != nil {

		if swag.IsZero(m.Metadata) { // not required
			return nil
		}

		if err := m.Metadata.ContextValidate(ctx, formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("metadata")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("metadata")
			}
			return err
		}
	}

	return nil
}

func (m *Server) contextValidateObbr(ctx context.Context, formats strfmt.Registry) error {

	if m.Obbr != nil {

		if swag.IsZero(m.Obbr) { // not required
			return nil
		}

		if err := m.Obbr.ContextValidate(ctx, formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("obbr")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("obbr")
			}
			return err
		}
	}

	return nil
}

func (m *Server) contextValidateOrganization(ctx context.Context, formats strfmt.Registry) error {

	if m.Organization != nil {

		if swag.IsZero(m.Organization) { // not required
			return nil
		}

		if err := m.Organization.ContextValidate(ctx, formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("organization")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("organization")
			}
			return err
		}
	}

	return nil
}

func (m *Server) contextValidateResponseTypes(ctx context.Context, formats strfmt.Registry) error {

	if err := m.ResponseTypes.ContextValidate(ctx, formats); err != nil {
		if ve, ok := err.(*errors.Validation); ok {
			return ve.ValidateName("response_types")
		} else if ce, ok := err.(*errors.CompositeError); ok {
			return ce.ValidateName("response_types")
		}
		return err
	}

	return nil
}

func (m *Server) contextValidateSaml(ctx context.Context, formats strfmt.Registry) error {

	if m.Saml != nil {

		if swag.IsZero(m.Saml) { // not required
			return nil
		}

		if err := m.Saml.ContextValidate(ctx, formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("saml")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("saml")
			}
			return err
		}
	}

	return nil
}

func (m *Server) contextValidateSettings(ctx context.Context, formats strfmt.Registry) error {

	if m.Settings != nil {

		if swag.IsZero(m.Settings) { // not required
			return nil
		}

		if err := m.Settings.ContextValidate(ctx, formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("settings")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("settings")
			}
			return err
		}
	}

	return nil
}

func (m *Server) contextValidateSso(ctx context.Context, formats strfmt.Registry) error {

	if m.Sso != nil {

		if swag.IsZero(m.Sso) { // not required
			return nil
		}

		if err := m.Sso.ContextValidate(ctx, formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("sso")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("sso")
			}
			return err
		}
	}

	return nil
}

func (m *Server) contextValidateStyling(ctx context.Context, formats strfmt.Registry) error {

	if m.Styling != nil {

		if swag.IsZero(m.Styling) { // not required
			return nil
		}

		if err := m.Styling.ContextValidate(ctx, formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("styling")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("styling")
			}
			return err
		}
	}

	return nil
}

func (m *Server) contextValidateTrustAnchorConfiguration(ctx context.Context, formats strfmt.Registry) error {

	if m.TrustAnchorConfiguration != nil {

		if swag.IsZero(m.TrustAnchorConfiguration) { // not required
			return nil
		}

		if err := m.TrustAnchorConfiguration.ContextValidate(ctx, formats); err != nil {
			if ve, ok := err.(*errors.Validation); ok {
				return ve.ValidateName("trust_anchor_configuration")
			} else if ce, ok := err.(*errors.CompositeError); ok {
				return ce.ValidateName("trust_anchor_configuration")
			}
			return err
		}
	}

	return nil
}

// MarshalBinary interface implementation
func (m *Server) MarshalBinary() ([]byte, error) {
	if m == nil {
		return nil, nil
	}
	return swag.WriteJSON(m)
}

// UnmarshalBinary interface implementation
func (m *Server) UnmarshalBinary(b []byte) error {
	var res Server
	if err := swag.ReadJSON(b, &res); err != nil {
		return err
	}
	*m = res
	return nil
}