summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBjörn Mattsson <Bjorn.Mattsson@bth.se>2020-04-16 15:02:51 +0200
committerBjörn Mattsson <Bjorn.Mattsson@bth.se>2020-04-16 15:02:51 +0200
commit034865c28f5894c7e546a37a3f1ed58e1333b38c (patch)
treedbb85a8fce163072ebfa74ddeb796eb5a24e3824
parentab186a25aee6474775fe7213879bb4605f51d984 (diff)
Resolves SWAMID-2877
-rw-r--r--Makefile6
-rw-r--r--swamid-2.0/moodle.media.nordu.net.xml54
-rw-r--r--swamid-sp-2.0.mxml1
3 files changed, 59 insertions, 2 deletions
diff --git a/Makefile b/Makefile
index ffa99627..9b8842c9 100644
--- a/Makefile
+++ b/Makefile
@@ -173,7 +173,8 @@ testEduGAINchecks:
testMDUI:
@echo "Checking for bad lang codes"
- @for x in swamid-2.0/*.xml ; do bad_langs=`cat $$x | sed -n 's/.*xml:lang="\([^"]*\)".*/\1/p' | sort -u | grep -vxE 'cs|da|de|en|fi|fr|it|sv'` ; if [ -n "$$bad_langs" ] ; then echo " $$x: `echo $$bad_langs`" | sed 's/.*/&/' ; fi ; done | grep . && exit 1 || exit 0
+ @# Lang = ISO_639-1
+ @for x in swamid-2.0/*.xml ; do bad_langs=`cat $$x | sed -n 's/.*xml:lang="\([^"]*\)".*/\1/p' | sort -u | grep -vxE 'cs|da|de|en|fi|fr|it|sv|no|nn|nb|is'` ; if [ -n "$$bad_langs" ] ; then echo " $$x: `echo $$bad_langs`" | sed 's/.*/&/' ; fi ; done | grep . && exit 1 || exit 0
@echo "Check for mismatch between MDUI DisplayName and OrganizationDisplayName"
@for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l IDPSSODescriptor` ; do for lang in `cat $$x | sed -n 's/.*xml:lang="\(..\)".*/\1/p' | sort -u` ; do mdui_displayname=`cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/IDPSSODescriptor/Extensions/UIInfo/DisplayName[@xml:lang='$$lang']" - 2>/dev/null | sed 's/^[ ]*//;s/[ ]*$$//' | tr -d '\n' | sed 's;<[^>]*>\([^<]*\)</[^>]*>;\1\n;g'` organizationdisplayname=`cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/Organization/OrganizationDisplayName[@xml:lang='$$lang']" - 2>/dev/null | sed 's/^[ ]*//;s/[ ]*$$//' | tr -d '\n' | sed 's;<[^>]*>\([^<]*\)</[^>]*>;\1\n;g'` ; if [ -n "$$mdui_displayname" -a -n "$$organizationdisplayname" -a "$$mdui_displayname" != "$$organizationdisplayname" ] ; then echo "$$x: $$lang '$$mdui_displayname' vs $$lang '$$organizationdisplayname'" | sed 's/.*/&/'; fi ; done ; done | grep . && exit 1 || true
@echo "Checking for uniq IdP MDUI DisplayName"
@@ -273,7 +274,8 @@ test2: $(SWAMIDXML) schematest testMDUI testOrgData testEntCat testSimpleSign te
@xmllint --xinclude --nowarning --noout --path schema --schema schema.xsd $< 2>&1
@# make testMDUI
- @cat $< | sed -n 's/.*xml:lang="\([^"]*\)".*/\1/p' | sort -u | grep -vxE 'cs|da|de|en|fi|fr|it|sv' | sed 's/.*/Bad lang code : &/' | grep . && exit 1 || true
+ @# Lang = ISO_639-1
+ @cat $< | sed -n 's/.*xml:lang="\([^"]*\)".*/\1/p' | sort -u | grep -vxE 'cs|da|de|en|fi|fr|it|sv|no|nn|nb|is' | sed 's/.*/Bad lang code : &/' | grep . && exit 1 || true
@if ( grep -q IDPSSODescriptor $< ) ; then \
echo "Do IdP checks" ; \
for lang in `cat $< | sed -n 's/.*xml:lang="\(..\)".*/\1/p' | sort -u` ; do \
diff --git a/swamid-2.0/moodle.media.nordu.net.xml b/swamid-2.0/moodle.media.nordu.net.xml
new file mode 100644
index 00000000..390c7705
--- /dev/null
+++ b/swamid-2.0/moodle.media.nordu.net.xml
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://moodle.media.nordu.net/">
+ <md:Extensions>
+ <mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/">
+ <mdrpi:RegistrationPolicy xml:lang="en">https://www.sunet.se/wp-content/uploads/2016/08/SWAMID-Metadata-Registration-Practice-Statement-v2.pdf</mdrpi:RegistrationPolicy>
+ </mdrpi:RegistrationInfo>
+ <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml:AttributeValue xsi:type="xs:string">http://refeds.org/category/research-and-scholarship</saml:AttributeValue>
+ <saml:AttributeValue xsi:type="xs:string">http://www.geant.net/uri/dataprotection-code-of-conduct/v1</saml:AttributeValue>
+ </saml:Attribute>
+ </mdattr:EntityAttributes>
+ </md:Extensions>
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:Extensions>
+ <mdui:UIInfo>
+ <mdui:DisplayName xml:lang="en">NORDUnet Media eLearning</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="sv">NORDUnet Media eLearning</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="no">NORDUnet Media eLearning</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="nb">NORDUnet Media eLearning</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="nn">NORDUnet Media eLearning</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="fi">NORDUnet Media eLearning</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="is">NORDUnet Media eLearning</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="da">NORDUnet Media eLearning</mdui:DisplayName>
+ <mdui:InformationURL xml:lang="en">https://moodle.media.nordu.net/privacy-info.html</mdui:InformationURL>
+ <mdui:PrivacyStatementURL xml:lang="en">https://moodle.media.nordu.net/privacy-info.html</mdui:PrivacyStatementURL>
+ </mdui:UIInfo>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIFIzCCAwugAwIBAgIUDOIeenK08A5A7H9Z1NmMPOFsUPcwDQYJKoZIhvcNAQELBQAwITEfMB0GA1UEAwwWbW9vZGxlLm1lZGlhLm5vcmR1Lm5ldDAeFw0yMDA0MTUxNDI4MzlaFw0zMDA0MTMxNDI4MzlaMCExHzAdBgNVBAMMFm1vb2RsZS5tZWRpYS5ub3JkdS5uZXQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDPgWGvIysh7VB7q9ZsTBhO45OJJgoqTdEPaEEZyaMl0JEt+/5ZcG3YWyrTVwYtMUKnTK0MwPr37kZ/ng2DtrUId/cja2snbaTDGuLZxn+ft1lTb8qZhm7UZLKRbLqzwOddtbEcK6DXB1OSK66QC81mVO2QIU32cateG1h1CMloqrThYHJHgHbEBRZsCNfuTlg+2iihlVvCQRUlli642MuGeDUGeoX+5U4fLqdUmNt0dACN804ryHrKz2CrY5uaAbut/9lQBjYxR9d8FjrzAkZHEQLEMBXt5dF1OqdPrqafjmyfwQTIYWtDHgMoYuXjF50yIbGW0Jq/JPy8v3ssOqjvUUUD4jdAttABdxiUouPLps1hADlc9n0Hm9pWWnJULF7Fym9vJ75lhJ/tXQr3Lj/0Cq7Ys4JqnzA3LFznSY0dsvV+eVxR/8YtOKsGjrnB9BNDjZfg5f8LW3Thm2kYhlZXVZZtAr0dgz9hpF04+cyVPheJePNy74BdbTl9DA+oDdIgIVmyoWv/Q3vO1bb3Rs3hdm/IZR1s7xFfdioTqooXX9shFCW3qfF4MZ+8Jr8I/osrinZyBGIYWwFPMSHUfIAndsIJAME/5RMBjooTco+0wUwDmaM+1O3UHx58147j0vPRWVrwyF/gJ27rzF43VkdJpmnd0ggS1GAQIJaNUYxKKwIDAQABo1MwUTAdBgNVHQ4EFgQUbwDisyjVey8Qg43pqiUxHLWzPC8wHwYDVR0jBBgwFoAUbwDisyjVey8Qg43pqiUxHLWzPC8wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAtj23iH8DRmNCdLW3rTAhU1iWnhmYyYdRPu3atATDaAfP+70aMWzgWspHMdRYSDhOXSS8ztA41GNKovYcRVF5jj93ry/qUuw84pW4r8oaOmyksrst7x+UMvgrs8fSWRVsLUksgH0usUV/LzXzKeNaAqy6B7641GIItVxuxc7aZeyY/2TA8G6P2uwBEZ7bf8RzeNwLtenY+rpIoiLjmVRcDsNFcm22ZZnFSaJ4cEaI//fhFqvv18guUwNZm8r88VXWaz8pYG0Ko0jlX525rpEGPEU9XP7g4/2rBIlkDgVkrrZYkd0hd119SUb+QlxuySGY2L6PxIPAeZgWaq3iUH6ks+CqM+zh/2ZiL77AbXbH0r3t8AeGotZWwq8Y/tQzJe8KikLfVjRJ7RaMqF8n7HoJOBDzGzmLlxtUl5NcC/LHCDaG7Nwo4fDbQ/gOrIvCcGn5Y1eB+zx/Msjx8/Onw8I8aQE3lHhqr+Ktrq5c1jKK712TYO69ZCv0F+IgfE1E9bSh1Q9YNReK6h13tH81bGLQ126FCb3O/b8lUlolhCqWwh3W6tmHP5RdiT1xx3ZNhdYY8juLR8cM5FeLz7AtcrshryycoQlN0vkSQF60Be5gnwQsIzdrHfsUW2R752xbL2UcMOA7CJPYG58lIhICjBDBoHdmScycpZSHv5MUOUBRQNI=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIFIzCCAwugAwIBAgIUDOIeenK08A5A7H9Z1NmMPOFsUPcwDQYJKoZIhvcNAQELBQAwITEfMB0GA1UEAwwWbW9vZGxlLm1lZGlhLm5vcmR1Lm5ldDAeFw0yMDA0MTUxNDI4MzlaFw0zMDA0MTMxNDI4MzlaMCExHzAdBgNVBAMMFm1vb2RsZS5tZWRpYS5ub3JkdS5uZXQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDPgWGvIysh7VB7q9ZsTBhO45OJJgoqTdEPaEEZyaMl0JEt+/5ZcG3YWyrTVwYtMUKnTK0MwPr37kZ/ng2DtrUId/cja2snbaTDGuLZxn+ft1lTb8qZhm7UZLKRbLqzwOddtbEcK6DXB1OSK66QC81mVO2QIU32cateG1h1CMloqrThYHJHgHbEBRZsCNfuTlg+2iihlVvCQRUlli642MuGeDUGeoX+5U4fLqdUmNt0dACN804ryHrKz2CrY5uaAbut/9lQBjYxR9d8FjrzAkZHEQLEMBXt5dF1OqdPrqafjmyfwQTIYWtDHgMoYuXjF50yIbGW0Jq/JPy8v3ssOqjvUUUD4jdAttABdxiUouPLps1hADlc9n0Hm9pWWnJULF7Fym9vJ75lhJ/tXQr3Lj/0Cq7Ys4JqnzA3LFznSY0dsvV+eVxR/8YtOKsGjrnB9BNDjZfg5f8LW3Thm2kYhlZXVZZtAr0dgz9hpF04+cyVPheJePNy74BdbTl9DA+oDdIgIVmyoWv/Q3vO1bb3Rs3hdm/IZR1s7xFfdioTqooXX9shFCW3qfF4MZ+8Jr8I/osrinZyBGIYWwFPMSHUfIAndsIJAME/5RMBjooTco+0wUwDmaM+1O3UHx58147j0vPRWVrwyF/gJ27rzF43VkdJpmnd0ggS1GAQIJaNUYxKKwIDAQABo1MwUTAdBgNVHQ4EFgQUbwDisyjVey8Qg43pqiUxHLWzPC8wHwYDVR0jBBgwFoAUbwDisyjVey8Qg43pqiUxHLWzPC8wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAtj23iH8DRmNCdLW3rTAhU1iWnhmYyYdRPu3atATDaAfP+70aMWzgWspHMdRYSDhOXSS8ztA41GNKovYcRVF5jj93ry/qUuw84pW4r8oaOmyksrst7x+UMvgrs8fSWRVsLUksgH0usUV/LzXzKeNaAqy6B7641GIItVxuxc7aZeyY/2TA8G6P2uwBEZ7bf8RzeNwLtenY+rpIoiLjmVRcDsNFcm22ZZnFSaJ4cEaI//fhFqvv18guUwNZm8r88VXWaz8pYG0Ko0jlX525rpEGPEU9XP7g4/2rBIlkDgVkrrZYkd0hd119SUb+QlxuySGY2L6PxIPAeZgWaq3iUH6ks+CqM+zh/2ZiL77AbXbH0r3t8AeGotZWwq8Y/tQzJe8KikLfVjRJ7RaMqF8n7HoJOBDzGzmLlxtUl5NcC/LHCDaG7Nwo4fDbQ/gOrIvCcGn5Y1eB+zx/Msjx8/Onw8I8aQE3lHhqr+Ktrq5c1jKK712TYO69ZCv0F+IgfE1E9bSh1Q9YNReK6h13tH81bGLQ126FCb3O/b8lUlolhCqWwh3W6tmHP5RdiT1xx3ZNhdYY8juLR8cM5FeLz7AtcrshryycoQlN0vkSQF60Be5gnwQsIzdrHfsUW2R752xbL2UcMOA7CJPYG58lIhICjBDBoHdmScycpZSHv5MUOUBRQNI=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://moodle.media.nordu.net/simplesaml/module.php/saml/sp/saml2-logout.php/moodle-sp"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://moodle.media.nordu.net/simplesaml/module.php/saml/sp/saml2-acs.php/moodle-sp" index="0"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://moodle.media.nordu.net/simplesaml/module.php/saml/sp/saml1-acs.php/moodle-sp" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://moodle.media.nordu.net/simplesaml/module.php/saml/sp/saml2-acs.php/moodle-sp" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://moodle.media.nordu.net/simplesaml/module.php/saml/sp/saml1-acs.php/moodle-sp/artifact" index="3"/>
+ </md:SPSSODescriptor>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>NORDUnet</md:GivenName>
+ <md:SurName>Media</md:SurName>
+ <md:EmailAddress>mailto:support@media.nordu.net</md:EmailAddress>
+ </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-sp-2.0.mxml b/swamid-sp-2.0.mxml
index 3ca154bf..a2954171 100644
--- a/swamid-sp-2.0.mxml
+++ b/swamid-sp-2.0.mxml
@@ -626,4 +626,5 @@
<xi:include href="swamid-2.0/lap559t.bmc.lu.se-shibboleth.xml"/>
<xi:include href="swamid-2.0/sig.idsec.se-sigservice-dev.xml"/>
<xi:include href="swamid-2.0/play.gih.se.xml"/>
+ <xi:include href="swamid-2.0/moodle.media.nordu.net.xml"/>
</md:EntitiesDescriptor>