Updates SWAMID-3559

author: Paul Scott <paul.scott@kau.se> 2020-12-02 15:54:01 +0000
committer: Paul Scott <paul.scott@kau.se> 2020-12-02 15:54:01 +0000
commit: b2f1cb18f1638d44dce6e182998fddf2f9b73509 (patch)
tree: be53301098b2c2ec8e399e4b90e6298b62d845b3 /swamid-2.0/v2.api.sto4.safedc.net-shibboleth.xml
parent: 987e36830faf760b78dcb50de85076968a721e79 (diff)
1 files changed, 67 insertions, 32 deletions
diff --git a/swamid-2.0/v2.api.sto4.safedc.net-shibboleth.xml b/swamid-2.0/v2.api.sto4.safedc.net-shibboleth.xml
index 9f787619..be451007 100644
--- a/swamid-2.0/v2.api.sto4.safedc.net-shibboleth.xml
+++ b/swamid-2.0/v2.api.sto4.safedc.net-shibboleth.xml
@@ -10,7 +10,7 @@
       </samla:Attribute>
     </mdattr:EntityAttributes>
   </md:Extensions>
-  <SPSSODescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" AuthnRequestsSigned="true" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
     <md:Extensions>
       <mdui:UIInfo>
         <mdui:DisplayName xml:lang="en">Sunet Cloud Services</mdui:DisplayName>
@@ -19,44 +19,79 @@
         <mdui:InformationURL xml:lang="en">https://wiki.sunet.se/display/Molntjanster</mdui:InformationURL>
       </mdui:UIInfo>
     </md:Extensions>
-    <md:KeyDescriptor>
+    <md:KeyDescriptor use="signing">
       <ds:KeyInfo>
         <ds:X509Data>
           <ds:X509Certificate>
-MIIENjCCAp6gAwIBAgIJAJQvqB6/7/hSMA0GCSqGSIb3DQEBCwUAMCExHzAdBgNV
-BAMTFnYyLmFwaS5zdG80LnNhZmVkYy5uZXQwIBcNMjAxMjAxMTIwMjM2WhgPMjA1
-MDExMjQxMjAyMzZaMCExHzAdBgNVBAMTFnYyLmFwaS5zdG80LnNhZmVkYy5uZXQw
-ggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCzTrMnvOPERqWLvIZIlVON
-dCnMOXsdQQsQkpMKwPT73Ct/fkx55NMxQON+yC+1fJ7dga3ovWKNm+EZOKR37sDB
-GcQA1/9z0Gv+3VQ1g5Txm3Y1VYRwV8jkLcPyr/qpnSwiyMD+Bz0kAlgm1n1HxVaH
-L/ewpkzpsFbTKfGqEuU2NQEH7OpbVwp/8nQb6771Sk01VKUeQ79HS2rbMa9FuvR+
-yVjAtKW3cU0hfFYDelCsaeM1DWWUfypfFLbAbY+pbWLqr1npMO4eu/jR6TKvykyd
-6+rAgPtV9JrW5Jp+crjUcxvJFEAY4XXC5hvS3GV+F81r+wv08eWZeMp0nKK63Lgy
-sUMxLwqOVn7R14ifA4/s7LMWDhs3SrU/2DYEmAgcCFTRNg2CpZxXHB1KufrdtFk4
-S7hkdU1CPLDXx/ExP2MEQa8MVgmO633LRS8Xk8m1lUEQGvmcYVhjdTF2m5/ifQZU
-9+gS6DFN8UV1S+KRD6jJIo4q8YbKJSVDYDiOp2MffKsCAwEAAaNvMG0wTAYDVR0R
-BEUwQ4IWdjIuYXBpLnN0bzQuc2FmZWRjLm5ldIYpaHR0cHM6Ly92Mi5hcGkuc3Rv
-NC5zYWZlZGMubmV0L3NoaWJib2xldGgwHQYDVR0OBBYEFFPXcSnL02pP6ZbLOGQp
-Uh+Y1p8UMA0GCSqGSIb3DQEBCwUAA4IBgQCBWhHz+NJesbt0GaZE72lZDiYLSg+O
-ijBbbpmgCs4PaCXeaG7HlY07XwXtfbPQNUIPKEkLj2EZXddI9a0KO1Kgn0wed7cB
-A1OittZ9JdpE9hcrEXukpRWSeRUcDj2B24Vy0iysfl0rkQStcMkjgdPt1mTLH5cA
-DKG4UMuEKi6wTGzuwJbQHwlImR2bezNcq/14B/mOtwtKmWhtloun42E+ZZ7RrXXh
-bVnA8OidD3EaqkinVTl1WKzJFS7g8SV/1/gAcZB0Z57F4rQFaMP6L1mzlPo5Ltp3
-PNWJQVV19dAxetHf25yB/msJ1inx8e+cfLG2WnR6DfB6KL2yaFf/uTK04kIRJSjS
-pWF03q85fN6qxG4ItyFKbApuJzlgEPqOna1c5XGh9/51Jv6daOiiLFgwFjCxsCjd
-kGA+PIXVzHT09LFm2cq62L4liLzAp6JDCmucaRxqisGIthGbhQpIO0zjgRzh4Vo0
-/SokNCR8kWnzQPxO2BBsEdRZzXaxOAPuWlA=
+            MIIENjCCAp6gAwIBAgIJAI9vexAmJuGFMA0GCSqGSIb3DQEBCwUAMCExHzAdBgNV
+            BAMTFnYyLmFwaS5zdG80LnNhZmVkYy5uZXQwIBcNMjAxMjAxMTIwMTQ3WhgPMjA1
+            MDExMjQxMjAxNDdaMCExHzAdBgNVBAMTFnYyLmFwaS5zdG80LnNhZmVkYy5uZXQw
+            ggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCzHjESgcYBfFXt2oCi62YH
+            ECBc/vtqavqBGu9TL7nNgtptR75Pr8PwTbe6ymHWGlCyJ/kFgWYaewacLd93Ren5
+            yy82WmYcJlE6hfM0zybZqfSbbTDpVkK5ADSpiOV8zea54P8fJ0nzlJWwLlfQOGRy
+            3Mr2iahHYX4tuzuuEzVa5KUJDPypfwA5r1WjBmVyYNTOCU7sZvDDF7qY8GaUnGHQ
+            PWfxB0Q5jakY+KBdjnu1wj/lnf6tTjz0dj93Xb3R8uMdLws1MRlqoOB3PlwsEeQU
+            9i5Xwsnf37PV5OLxIfftCqpV7QCTLw5PAjz68kyviXgGYaDTK271XLtF3dHlTaVL
+            pDNXwhU1dJ58DTR/F6C+bMSr7YIIHlXlvyHXAErgU1On9dCkMz7Zq1pCqopGcCkP
+            3W+3eKFhq75TOj13AqFi/h5f9gLDchZ0BDJ0g5d6SSeAAQ3COxZ01MRtZGdiW8ZX
+            g+Ort1SFRtTAXG8ue69J7ioAflaccSxuAGMhcKk72/kCAwEAAaNvMG0wTAYDVR0R
+            BEUwQ4IWdjIuYXBpLnN0bzQuc2FmZWRjLm5ldIYpaHR0cHM6Ly92Mi5hcGkuc3Rv
+            NC5zYWZlZGMubmV0L3NoaWJib2xldGgwHQYDVR0OBBYEFEqbSfjt3GM67x0u8b56
+            Ibbsx9/MMA0GCSqGSIb3DQEBCwUAA4IBgQAxbkkgTs25Cf0VQXtBXGHzFrz1zDhw
+            jaUs3oIAwZswOxiNeaMLIloawxqX692dbPxY4ZO1X/M+W2MWH4BDPhC9MkA5fuWB
+            F9n7F8+6vOXdIV2s2npRfUPpC06hLrVKH/sJmQ1BcoQKk+qboYh5vJSGcev7rJPT
+            JrT1ZCPEAPdXibcQlo+kIOM+B/8qtLp3Ah0ddV4yjKvL0ad0h/HPpWVVLx+8uj7c
+            6HOIra8/VzZLQBBIUHxcUOCHWEwoDDL0QiFw9wSxark1XF9wghoYOZxknWPGhGDl
+            KCQy01msNYFKJFxSMki+cydmxF6gkEop68awD4Abrrf351npRQ4dRU4KN24Qbd2J
+            nErOuqr0tGCOXLJAsW56+J8BEec/xtYjb1Xz4c0j7kUNiq4MwSLWNRL9BfXA6ovp
+            SWC+uOUCl5C0ofikNq/g/PLwysLyBS7gKzjOXW5Z69HzjR70UyhLv4Hnq/2ouRoh
+            7PRWIrFOkpZ6wCkrgKqDxm/I1gnXqQ3IHf0=
           </ds:X509Certificate>
         </ds:X509Data>
       </ds:KeyInfo>
     </md:KeyDescriptor>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://v2.api.sto4.safedc.net:5000/identity/v3/auth/OS-FEDERATION/identity_providers/nordunet/protocols/saml2/websso/logout"/>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://v2.api.sto4.safedc.net:5000/identity/v3/auth/OS-FEDERATION/identity_providers/nordunet/protocols/saml2/websso/logout"/>
-    <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
-    <md:AssertionConsumerService index="0" isDefault="true" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://v2.api.sto4.safedc.net:5000/identity/v3/auth/OS-FEDERATION/identity_providers/nordunet/protocols/saml2/websso/postResponse"/>
-    <md:AssertionConsumerService index="1" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://v2.api.sto4.safedc.net:5000/identity/v3/auth/OS-FEDERATION/identity_providers/nordunet/protocols/saml2/websso/artifactResponse"/>
-    <md:AssertionConsumerService index="2" Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://v2.api.sto4.safedc.net:5000/identity/v3/auth/OS-FEDERATION/identity_providers/nordunet/protocols/saml2/websso/paosResponse"/>
-  </SPSSODescriptor>
+    <md:KeyDescriptor use="encryption">
+      <ds:KeyInfo>
+        <ds:X509Data>
+          <ds:X509Certificate>
+            MIIENjCCAp6gAwIBAgIJAJQvqB6/7/hSMA0GCSqGSIb3DQEBCwUAMCExHzAdBgNV
+            BAMTFnYyLmFwaS5zdG80LnNhZmVkYy5uZXQwIBcNMjAxMjAxMTIwMjM2WhgPMjA1
+            MDExMjQxMjAyMzZaMCExHzAdBgNVBAMTFnYyLmFwaS5zdG80LnNhZmVkYy5uZXQw
+            ggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCzTrMnvOPERqWLvIZIlVON
+            dCnMOXsdQQsQkpMKwPT73Ct/fkx55NMxQON+yC+1fJ7dga3ovWKNm+EZOKR37sDB
+            GcQA1/9z0Gv+3VQ1g5Txm3Y1VYRwV8jkLcPyr/qpnSwiyMD+Bz0kAlgm1n1HxVaH
+            L/ewpkzpsFbTKfGqEuU2NQEH7OpbVwp/8nQb6771Sk01VKUeQ79HS2rbMa9FuvR+
+            yVjAtKW3cU0hfFYDelCsaeM1DWWUfypfFLbAbY+pbWLqr1npMO4eu/jR6TKvykyd
+            6+rAgPtV9JrW5Jp+crjUcxvJFEAY4XXC5hvS3GV+F81r+wv08eWZeMp0nKK63Lgy
+            sUMxLwqOVn7R14ifA4/s7LMWDhs3SrU/2DYEmAgcCFTRNg2CpZxXHB1KufrdtFk4
+            S7hkdU1CPLDXx/ExP2MEQa8MVgmO633LRS8Xk8m1lUEQGvmcYVhjdTF2m5/ifQZU
+            9+gS6DFN8UV1S+KRD6jJIo4q8YbKJSVDYDiOp2MffKsCAwEAAaNvMG0wTAYDVR0R
+            BEUwQ4IWdjIuYXBpLnN0bzQuc2FmZWRjLm5ldIYpaHR0cHM6Ly92Mi5hcGkuc3Rv
+            NC5zYWZlZGMubmV0L3NoaWJib2xldGgwHQYDVR0OBBYEFFPXcSnL02pP6ZbLOGQp
+            Uh+Y1p8UMA0GCSqGSIb3DQEBCwUAA4IBgQCBWhHz+NJesbt0GaZE72lZDiYLSg+O
+            ijBbbpmgCs4PaCXeaG7HlY07XwXtfbPQNUIPKEkLj2EZXddI9a0KO1Kgn0wed7cB
+            A1OittZ9JdpE9hcrEXukpRWSeRUcDj2B24Vy0iysfl0rkQStcMkjgdPt1mTLH5cA
+            DKG4UMuEKi6wTGzuwJbQHwlImR2bezNcq/14B/mOtwtKmWhtloun42E+ZZ7RrXXh
+            bVnA8OidD3EaqkinVTl1WKzJFS7g8SV/1/gAcZB0Z57F4rQFaMP6L1mzlPo5Ltp3
+            PNWJQVV19dAxetHf25yB/msJ1inx8e+cfLG2WnR6DfB6KL2yaFf/uTK04kIRJSjS
+            pWF03q85fN6qxG4ItyFKbApuJzlgEPqOna1c5XGh9/51Jv6daOiiLFgwFjCxsCjd
+            kGA+PIXVzHT09LFm2cq62L4liLzAp6JDCmucaRxqisGIthGbhQpIO0zjgRzh4Vo0
+            /SokNCR8kWnzQPxO2BBsEdRZzXaxOAPuWlA=
+          </ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+    </md:KeyDescriptor>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://v2.api.sto4.safedc.net:5000/Shibboleth.sso/Logout"/>
+    <md:AssertionConsumerService Location="https://v2.api.sto4.safedc.net:5000/Shibboleth.sso/SAML2/POST" index="1" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"/>
+    <md:AttributeConsumingService index="1">
+      <md:ServiceName xml:lang="en">Safespring OpenStack</md:ServiceName>
+      <md:ServiceName xml:lang="sv">Safespring OpenStack</md:ServiceName>
+      <md:RequestedAttribute FriendlyName="eduPersonPrincipalName" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+      <md:RequestedAttribute FriendlyName="eduPersonEntitlement" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+      <md:RequestedAttribute FriendlyName="mail" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+      <md:RequestedAttribute FriendlyName="displayName" Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    </md:AttributeConsumingService>
+  </md:SPSSODescriptor>
   <md:Organization>
     <md:OrganizationName xml:lang="en">Safespring</md:OrganizationName>
     <md:OrganizationDisplayName xml:lang="sv">Blue Safespring AB</md:OrganizationDisplayName>
author	Paul Scott <paul.scott@kau.se>	2020-12-02 15:54:01 +0000
committer	Paul Scott <paul.scott@kau.se>	2020-12-02 15:54:01 +0000
commit	b2f1cb18f1638d44dce6e182998fddf2f9b73509 (patch)
tree	be53301098b2c2ec8e399e4b90e6298b62d845b3 /swamid-2.0/v2.api.sto4.safedc.net-shibboleth.xml
parent	987e36830faf760b78dcb50de85076968a721e79 (diff)