summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBjörn Mattsson <bjorn@sunet.se>2021-06-28 07:49:46 +0200
committerBjörn Mattsson <bjorn@sunet.se>2021-06-28 07:49:46 +0200
commit57ce9280a54f062a285fe72ab96a70d5954c7a10 (patch)
treeff4579579bf6094ce17e697e76c16a3cf6637bb1
parentb8f6080ecc9765f81c49f37d6826ba15f84ea5b1 (diff)
SWAMID-304 update of https://inacademia.org/metadata/inacademia-simple-validation.xml
Diffstat
-rw-r--r--Makefile2
-rw-r--r--swamid-2.0/inacademia.org-metadata-inacademia-simple-validation.xml.xml23
2 files changed, 21 insertions, 4 deletions
diff --git a/Makefile b/Makefile
index 19917e27..589cccdc 100644
--- a/Makefile
+++ b/Makefile
@@ -223,7 +223,7 @@ testEntCat:
@echo "Checking for entitycategories for IdPs that should be entity-category-support"
@for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l IDPSSODescriptor` ; do if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath '/EntityDescriptor/Extensions/EntityAttributes/Attribute[attribute::Name="http://macedir.org/entity-category"]/AttributeValue/text()' - 2>/dev/null | grep -q http://refeds.org/category/research-and-scholarship ; then echo " $$x" | sed 's/.*/&/' ; fi ; done | grep . && exit 1 || true
@echo "Checking for wrong Name in EntityAttributes/Attribute"
- @for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l "Attribute "` ; do if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath '/EntityDescriptor/Extensions/EntityAttributes/Attribute' - 2>/dev/null | grep "Attribute " | sed 's/.* Name="//' | sed -e 's/ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"//' -e 's/">//' | egrep -v "http://macedir.org/entity-category|http://macedir.org/entity-category-support|urn:oasis:names:tc:SAML:attribute:assurance-certification|http://www.swamid.se/assurance-requirement" ; then echo " $$x" | sed 's/.*/&/' ; fi ; done | grep . && exit 1 || true
+ @for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l "Attribute "` ; do if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath '/EntityDescriptor/Extensions/EntityAttributes/Attribute' - 2>/dev/null | grep "Attribute " | sed 's/.* Name="//' | sed -e 's/ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"//' -e 's/">//' | egrep -v "http://macedir.org/entity-category|http://macedir.org/entity-category-support|urn:oasis:names:tc:SAML:attribute:assurance-certification|urn:oasis:names:tc:SAML:profiles:subject-id:req|http://www.swamid.se/assurance-requirement" ; then echo " $$x" | sed 's/.*/&/' ; fi ; done | grep . && exit 1 || true
@echo "Checking for wrong AttributeValue in EntityAttributes/Attribute http://macedir.org/entity-category"
@for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l "http://macedir.org/entity-category"` ; do if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath '/EntityDescriptor/Extensions/EntityAttributes/Attribute[attribute::Name="http://macedir.org/entity-category"]' - 2>/dev/null | grep "AttributeValue" | egrep -v ">http://refeds.org/category/research-and-scholarship<|>http://www.geant.net/uri/dataprotection-code-of-conduct/v1<|>http://www.swamid.se/category/research-and-education<|>http://www.swamid.se/category/hei-service<|>http://www.swamid.se/category/nren-service<|>http://www.swamid.se/category/sfs-1993-1153<|>http://www.swamid.se/category/eu-adequate-protection<|>http://refeds.org/category/hide-from-discovery<|>http://id.elegnamnden.se/st/1.0/sigservice<|>http://id.elegnamnden.se/ec/1.0/loa3-pnr<|>http://id.elegnamnden.se/ec/1.0/eidas-naturalperson<" ; then echo " $$x" | sed 's/.*/&/' ; fi ; done | grep . && exit 1 || true
@echo "Checking for wrong AttributeValue in EntityAttributes/Attribute http://macedir.org/entity-category-support"
diff --git a/swamid-2.0/inacademia.org-metadata-inacademia-simple-validation.xml.xml b/swamid-2.0/inacademia.org-metadata-inacademia-simple-validation.xml.xml
index e9d4eac9..46e55dd2 100644
--- a/swamid-2.0/inacademia.org-metadata-inacademia-simple-validation.xml.xml
+++ b/swamid-2.0/inacademia.org-metadata-inacademia-simple-validation.xml.xml
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
-<!-- v12062019 -->
+<!-- v20210623 -->
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://inacademia.org/metadata/inacademia-simple-validation.xml">
<md:Extensions>
<mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/" registrationInstant="2017-04-10T18:49:39Z">
@@ -12,17 +12,26 @@
<saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</saml:AttributeValue>
</saml:Attribute>
+ <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oasis:names:tc:SAML:profiles:subject-id:req" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml:AttributeValue>any</saml:AttributeValue>
+ </saml:Attribute>
</mdattr:EntityAttributes>
</md:Extensions>
<md:SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:Extensions>
<mdui:UIInfo>
<mdui:DisplayName xml:lang="en">InAcademia Affiliation Validation Service</mdui:DisplayName>
- <mdui:Description xml:lang="en">InAcademia validates affiliation assigned by your home institution. This data is provided in anonymized form to services. While your Institution assists in validation your affiliation, it has no relation with the Service requesting the validation. </mdui:Description>
+ <mdui:DisplayName xml:lang="de">InAcademia Affiliation Validation Service</mdui:DisplayName>
+ <mdui:Description xml:lang="en">InAcademia validates affiliation assigned by your home institution. This data is provided in anonymized form to services. While your Institution assists in validation your affiliation, it has no relation with the Service requesting the validation.</mdui:Description>
+ <mdui:Description xml:lang="de">InAcademia validates affiliation assigned by your home institution. This data is provided in anonymized form to services. While your Institution assists in validation your affiliation, it has no relation with the Service requesting the validation.</mdui:Description>
<mdui:Keywords xml:lang="en">Academic Affiliation Validation</mdui:Keywords>
+ <mdui:Keywords xml:lang="de">Academic Affiliation Validation</mdui:Keywords>
<mdui:Logo xml:lang="en" height="75" width="276">https://inacademia.org/wp-content/uploads/2019/10/inacademia_logo_main.png</mdui:Logo>
+ <mdui:Logo xml:lang="de" height="75" width="276">https://inacademia.org/wp-content/uploads/2019/10/inacademia_logo_main.png</mdui:Logo>
<mdui:InformationURL xml:lang="en">https://inacademia.org/about</mdui:InformationURL>
+ <mdui:InformationURL xml:lang="de">https://inacademia.org/about</mdui:InformationURL>
<mdui:PrivacyStatementURL xml:lang="en">https://inacademia.org/privacy-statement/</mdui:PrivacyStatementURL>
+ <mdui:PrivacyStatementURL xml:lang="de">https://inacademia.org/privacy-statement/</mdui:PrivacyStatementURL>
</mdui:UIInfo>
</md:Extensions>
<md:KeyDescriptor use="encryption">
@@ -101,20 +110,28 @@
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
<md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://op.srv.inacademia.org/InAcademiaBackend/acs/post" index="1"/>
<md:AttributeConsumingService index="1">
<md:ServiceName xml:lang="en">InAcademia Affiliation Validation Service</md:ServiceName>
+ <md:ServiceName xml:lang="de">InAcademia Affiliation Validation Service</md:ServiceName>
<md:ServiceDescription xml:lang="en">InAcademia validates affiliation assigned by your home institution. This data is provided in anonymized form to services. While your Institution assists in validation your affiliation, it has no relation with the Service requesting the validation.</md:ServiceDescription>
<md:RequestedAttribute FriendlyName="eduPersonScopedAffiliation" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
- <md:RequestedAttribute FriendlyName="eduPersonPrincipalName" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/>
+ <md:RequestedAttribute FriendlyName="eduPersonPrincipalName" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="eduPersonTargetedID" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
+ <md:RequestedAttribute FriendlyName="eduPersonAffiliation" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
+ <md:RequestedAttribute FriendlyName="eduPersonUniqueID" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.13" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
+ <md:RequestedAttribute FriendlyName="schacHomeOrganization" Name="urn:oid:1.3.6.1.4.1.25178.1.2.9" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/>
</md:AttributeConsumingService>
</md:SPSSODescriptor>
<md:Organization>
<md:OrganizationName xml:lang="en">InAcademia operated by GÉANT</md:OrganizationName>
+ <md:OrganizationName xml:lang="de">InAcademia operated by GÉANT</md:OrganizationName>
<md:OrganizationDisplayName xml:lang="en">InAcademia</md:OrganizationDisplayName>
+ <md:OrganizationDisplayName xml:lang="de">InAcademia</md:OrganizationDisplayName>
<md:OrganizationURL xml:lang="en">https://inacademia.org/about</md:OrganizationURL>
+ <md:OrganizationURL xml:lang="de">https://inacademia.org/about</md:OrganizationURL>
</md:Organization>
<md:ContactPerson contactType="support">
<md:GivenName>InAcademia</md:GivenName>
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-15 10:50:40 +0000