diff options
author | Björn Mattsson <Bjorn.Mattsson@bth.se> | 2019-10-21 09:26:35 +0200 |
---|---|---|
committer | Björn Mattsson <Bjorn.Mattsson@bth.se> | 2019-10-21 09:26:35 +0200 |
commit | edbd9da0c3cf4c2a70c8824e2dc80347e7dc9612 (patch) | |
tree | 9940811713fd433ddaa444bb6283c4ae919b62ca /swamid-2.0 | |
parent | 391dae4632c85a2a220b2a799ae5cbcfa4787aef (diff) |
Added tests for release-check.swamid.se
Diffstat (limited to 'swamid-2.0')
-rw-r--r-- | swamid-2.0/test1.release-check.swamid.se-shibboleth.xml | 130 | ||||
-rw-r--r-- | swamid-2.0/test2.release-check.swamid.se-shibboleth.xml | 135 | ||||
-rw-r--r-- | swamid-2.0/test3.release-check.swamid.se-shibboleth.xml | 153 | ||||
-rw-r--r-- | swamid-2.0/test4.release-check.swamid.se-shibboleth.xml | 144 |
4 files changed, 562 insertions, 0 deletions
diff --git a/swamid-2.0/test1.release-check.swamid.se-shibboleth.xml b/swamid-2.0/test1.release-check.swamid.se-shibboleth.xml new file mode 100644 index 00000000..2ddc8756 --- /dev/null +++ b/swamid-2.0/test1.release-check.swamid.se-shibboleth.xml @@ -0,0 +1,130 @@ +<?xml version="1.0" encoding="UTF-8"?> +<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://test1.release-check.swamid.se/shibboleth"> + <!-- Test with SP without any EC --> + <md:Extensions> + <mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/"> + <mdrpi:RegistrationPolicy xml:lang="en">https://www.sunet.se/wp-content/uploads/2016/08/SWAMID-Metadata-Registration-Practice-Statement-v2.pdf</mdrpi:RegistrationPolicy> + </mdrpi:RegistrationInfo> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> + </md:Extensions> + <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> + <md:Extensions> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://test1.release-check.swamid.se/Shibboleth.sso/Login"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://test1.release-check.swamid.se/Shibboleth.sso/Login" index="1"/> + <mdui:UIInfo> + <mdui:DisplayName xml:lang="sv">SWAMID Test SP</mdui:DisplayName> + <mdui:DisplayName xml:lang="fr">SWAMID Test SP</mdui:DisplayName> + <mdui:DisplayName xml:lang="en">SWAMID Test SP</mdui:DisplayName> + <mdui:Description xml:lang="sv">Detta är en applikation som låter dig testa federerad inloggning.</mdui:Description> + <mdui:Description xml:lang="en">This is an application for testing federated authentication.</mdui:Description> + <mdui:Description xml:lang="fr">Il s'agit d'une application pour tester l'authentification fédérée.</mdui:Description> + <mdui:InformationURL xml:lang="sv">http://www.swamid.se/</mdui:InformationURL> + <mdui:InformationURL xml:lang="en">http://www.swamid.se/</mdui:InformationURL> + <mdui:InformationURL xml:lang="fr">http://www.swamid.se/</mdui:InformationURL> + </mdui:UIInfo> + </md:Extensions> + <md:KeyDescriptor use="signing"> + <ds:KeyInfo> + <ds:KeyName>3b2548e9acf6</ds:KeyName> + <ds:X509Data> + <ds:X509SubjectName>CN=3b2548e9acf6</ds:X509SubjectName> + <ds:X509Certificate>MIID9jCCAl6gAwIBAgIUVLubTApZL2saWYLEDnANQ2IlVZwwDQYJKoZIhvcNAQEL +BQAwFzEVMBMGA1UEAxMMM2IyNTQ4ZTlhY2Y2MB4XDTE5MTAxNzIwMjczMVoXDTI5 +MTAxNDIwMjczMVowFzEVMBMGA1UEAxMMM2IyNTQ4ZTlhY2Y2MIIBojANBgkqhkiG +9w0BAQEFAAOCAY8AMIIBigKCAYEAqjbqLKcx/P9wAjFXioquaT/+Xc49fEXzKKe/ +/mpulp7/PLgPGlhh7xoELq3bDG0MKr1P6rI+LGyhuUEN7GJaQL6AoYklOB6Vzss4 +Q6L599oo67mSrtIofJuVxhC1xZBUwaTXE0nBrnSWaoXRqxuBrdK9jkcb46tDLSYW +2ZLEjyi6VZKIa9GfE/VY0houKBUDbBZ6tIfGgghdN8LwP6bqt7aYM8pLzunT5Lzc +qtmTxeIXAxTv0pXtn8FEeiL7VWaVahbGftM+caZdgeSOAROfRd9bY9m8p947WLQi +95GOiVZi67Q1DPGN7RVFcqf4p/XG3JbL9gbHp2iUg+ZpiHoPceAlgJ2mLX1Dd5bg +fhhakatd4n/iGbyJ11/1DLIHs4ZnamKJmBfm3HSeKqm/NypHB3yEH9Hmb8YFiI6t ++z+xV9BPO1V4wjf4eWZ2qHoh+LTM3ACaBRGXfnhPZ9+NHXOdTw21ISRD/IT1B2wU +X5XjWPoiJEcbgtl70RE75jmtKTuJAgMBAAGjOjA4MBcGA1UdEQQQMA6CDDNiMjU0 +OGU5YWNmNjAdBgNVHQ4EFgQUSNJ0a4YZc9dSPseR3mwnyDI+MwEwDQYJKoZIhvcN +AQELBQADggGBAEUacJEitgrF/UH670StEcRkKE0bccxzUZOy/TPRyjaJwhuFYbTZ +fbLK9JB/7QTdI0S4XNNyVIFS+v1089C33GaFzHqIdnTwlPtuaTL5V9h0ew9W8B5i +l/uyi7WM+Ij3wrm2JEbpUgLNDKRu87wl4TuCU+SqJafsC2t9z1Q8molPUh2sQ7ci +6QaLvHBSehU2sVChYonq3rlkP37KPrzHUza/ZH8U6SWRkJC8zb4jzw0i1RWZnMyT +l7TbjEQN53ES6jlX+Rj/wLFRpCURcJRcoEIrBqVMmyyM+RegscFCbSqO1PVHCDbM +lHGqMElLpJ1KSAA4y+4zfU4WbSno850PQlZ2KDEHbEsb/k7NI59D+0hUhNBfP2fc +Ccma1I451Mf1ANzrFCniqUXbre5nqNGQHuVrtk7cMUYyt4bv8rCkYQP0J6a+HYw8 +LoEDqj2cS1ZW7uhbCJrHuAkGGgBrd+l6OCiMVpqBC+AJT/zTeFHLSKXl/TuR/v1e +KK/Bciw51EZ7Ew== +</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </md:KeyDescriptor> + <md:KeyDescriptor use="encryption"> + <ds:KeyInfo> + <ds:KeyName>3b2548e9acf6</ds:KeyName> + <ds:X509Data> + <ds:X509SubjectName>CN=3b2548e9acf6</ds:X509SubjectName> + <ds:X509Certificate>MIID9jCCAl6gAwIBAgIUAQvlKdIv0wTBgd8wnoQ4DMBVuv4wDQYJKoZIhvcNAQEL +BQAwFzEVMBMGA1UEAxMMM2IyNTQ4ZTlhY2Y2MB4XDTE5MTAxNzIwMjczMloXDTI5 +MTAxNDIwMjczMlowFzEVMBMGA1UEAxMMM2IyNTQ4ZTlhY2Y2MIIBojANBgkqhkiG +9w0BAQEFAAOCAY8AMIIBigKCAYEArkGRHvmLAaHApuzIaKg9tXjyDuBBC6dtGPvf +iOCuGSO7FcfwWBmmeQ3qQdIOj++ecAfIIsArWtFmH4CX6o7EbJfKPfPCjeyLwSAP +TRLJQ0sj8FTPdVIXeKMK6KdOiLyI2cLHvVIJ2Ct63SbWuoHqMMT5BnGl5ZUYpbwm +yFcb2WkadRzfulrDy6UqsoZrXawzCmnFJtmwBuh+TbM1VWS290bDLL3raAKSl7KY +aGk7rcfe8cXAEX1Ou8nBxWe9OFoki1HytqK20Tc8vACGVqkbRA7QXtYS5uj0Ym5J +nj3BFYfkTLkElw1vLRthCjQ2/4p3R/CJQdvQ7CVLAQJYempX/r+TL/rH2OjIMS8I +wt2niE+XxfuMs9EsAUHlG4FU2smdHGdTQ6FD5INUB6OWOuFtCcHCZewkqomXh/DQ +GkHfKwuM8mExYMV9aROTY0lc73E/pPeQiOfaZQAFWnCdRtGBMzHEMRgyVyTzT0ZM +fy6M7Z7ZMSrX9AzAhwGPul5JdlI3AgMBAAGjOjA4MBcGA1UdEQQQMA6CDDNiMjU0 +OGU5YWNmNjAdBgNVHQ4EFgQUBrd0LadG54fHunxCfaqmNsUQrhowDQYJKoZIhvcN +AQELBQADggGBAJH1qvbnXW3CTfJSwt3rdK7iu7wtnTTUltTtQWZO7JNos5QEYltW +/XlvqoEk/0a7oeWjv8lQ2I3wtL3Hk93nxzjAWKavKEFKfw/12ryhgF1wRYtdmiLO +8NTV+y21z3sdGjkDzDr61dLYO2k6DRgVkEDkkC6SzV7CnxB4xQlfH7ZbUiIPLcnO +PXuUkV962ifnenos/XAICroOg8MSe8HJOzisngnbfVLrV59JCXBFkjTMVdtfj2oY +RgIJCBe+ZTO5ZyjP5SA/WA+R7/PTDJkcPnUEpXU3RrPkvxeO2i5ED+FDKn/qwTUi +CJgz70bIWAPKvqbylF2/PGxnQplF4k5MOOPxgBQi7SN76TfwCj8yGDL9jHHLyeNC +b/uFMt24uGhuR2Lj6EQSTjXr3MwyN8OI0mTMUsc4CZsWiKRUsAGZ+H9/2feChOUO +2xgD+4RpO5RQYVqnCOalXlyxlo1YvEc3KahBPwCwnXcWjdU7VJ7pcXfaQFb/uA8v +rtSd5rXgy930PQ== +</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> + </md:KeyDescriptor> + <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://test1.release-check.swamid.se/Shibboleth.sso/Artifact/SOAP" index="1"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://test1.release-check.swamid.se/Shibboleth.sso/SLO/SOAP"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://test1.release-check.swamid.se/Shibboleth.sso/SLO/Redirect"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test1.release-check.swamid.se/Shibboleth.sso/SLO/POST"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://test1.release-check.swamid.se/Shibboleth.sso/SLO/Artifact"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test1.release-check.swamid.se/Shibboleth.sso/SAML2/POST" index="1"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://test1.release-check.swamid.se/Shibboleth.sso/SAML2/Artifact" index="3"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://test1.release-check.swamid.se/Shibboleth.sso/SAML2/ECP" index="4"/> + </md:SPSSODescriptor> + <md:Organization> + <md:OrganizationName xml:lang="en">SWAMID</md:OrganizationName> + <md:OrganizationDisplayName xml:lang="en">Swedish Academic Identity Federation (SWAMID)</md:OrganizationDisplayName> + <md:OrganizationURL xml:lang="en">http://www.swamid.se</md:OrganizationURL> + </md:Organization> + <md:ContactPerson contactType="technical"> + <md:Company>SWAMID</md:Company> + <md:EmailAddress>mailto:operations@swamid.se</md:EmailAddress> + </md:ContactPerson> +</md:EntityDescriptor> diff --git a/swamid-2.0/test2.release-check.swamid.se-shibboleth.xml b/swamid-2.0/test2.release-check.swamid.se-shibboleth.xml new file mode 100644 index 00000000..cf7cbf30 --- /dev/null +++ b/swamid-2.0/test2.release-check.swamid.se-shibboleth.xml @@ -0,0 +1,135 @@ +<?xml version="1.0" encoding="UTF-8"?> +<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://test2.release-check.swamid.se/shibboleth"> + <!-- Test with SP with EC = Research and Scholarship--> + <md:Extensions> + <mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/"> + <mdrpi:RegistrationPolicy xml:lang="en">https://www.sunet.se/wp-content/uploads/2016/08/SWAMID-Metadata-Registration-Practice-Statement-v2.pdf</mdrpi:RegistrationPolicy> + </mdrpi:RegistrationInfo> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> + <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> + <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category"> + <samla:AttributeValue>http://refeds.org/category/research-and-scholarship</samla:AttributeValue> + </samla:Attribute> + </mdattr:EntityAttributes> + </md:Extensions> + <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> + <md:Extensions> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://test2.release-check.swamid.se/Shibboleth.sso/Login"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://test2.release-check.swamid.se/Shibboleth.sso/Login" index="1"/> + <mdui:UIInfo> + <mdui:DisplayName xml:lang="sv">SWAMID Test SP</mdui:DisplayName> + <mdui:DisplayName xml:lang="fr">SWAMID Test SP</mdui:DisplayName> + <mdui:DisplayName xml:lang="en">SWAMID Test SP</mdui:DisplayName> + <mdui:Description xml:lang="sv">Detta är en applikation som låter dig testa federerad inloggning.</mdui:Description> + <mdui:Description xml:lang="en">This is an application for testing federated authentication.</mdui:Description> + <mdui:Description xml:lang="fr">Il s'agit d'une application pour tester l'authentification fédérée.</mdui:Description> + <mdui:InformationURL xml:lang="sv">http://www.swamid.se/</mdui:InformationURL> + <mdui:InformationURL xml:lang="en">http://www.swamid.se/</mdui:InformationURL> + <mdui:InformationURL xml:lang="fr">http://www.swamid.se/</mdui:InformationURL> + </mdui:UIInfo> + </md:Extensions> + <md:KeyDescriptor use="signing"> + <ds:KeyInfo> + <ds:KeyName>3b2548e9acf6</ds:KeyName> + <ds:X509Data> + <ds:X509SubjectName>CN=3b2548e9acf6</ds:X509SubjectName> + <ds:X509Certificate>MIID9jCCAl6gAwIBAgIUVLubTApZL2saWYLEDnANQ2IlVZwwDQYJKoZIhvcNAQEL +BQAwFzEVMBMGA1UEAxMMM2IyNTQ4ZTlhY2Y2MB4XDTE5MTAxNzIwMjczMVoXDTI5 +MTAxNDIwMjczMVowFzEVMBMGA1UEAxMMM2IyNTQ4ZTlhY2Y2MIIBojANBgkqhkiG +9w0BAQEFAAOCAY8AMIIBigKCAYEAqjbqLKcx/P9wAjFXioquaT/+Xc49fEXzKKe/ +/mpulp7/PLgPGlhh7xoELq3bDG0MKr1P6rI+LGyhuUEN7GJaQL6AoYklOB6Vzss4 +Q6L599oo67mSrtIofJuVxhC1xZBUwaTXE0nBrnSWaoXRqxuBrdK9jkcb46tDLSYW +2ZLEjyi6VZKIa9GfE/VY0houKBUDbBZ6tIfGgghdN8LwP6bqt7aYM8pLzunT5Lzc +qtmTxeIXAxTv0pXtn8FEeiL7VWaVahbGftM+caZdgeSOAROfRd9bY9m8p947WLQi +95GOiVZi67Q1DPGN7RVFcqf4p/XG3JbL9gbHp2iUg+ZpiHoPceAlgJ2mLX1Dd5bg +fhhakatd4n/iGbyJ11/1DLIHs4ZnamKJmBfm3HSeKqm/NypHB3yEH9Hmb8YFiI6t ++z+xV9BPO1V4wjf4eWZ2qHoh+LTM3ACaBRGXfnhPZ9+NHXOdTw21ISRD/IT1B2wU +X5XjWPoiJEcbgtl70RE75jmtKTuJAgMBAAGjOjA4MBcGA1UdEQQQMA6CDDNiMjU0 +OGU5YWNmNjAdBgNVHQ4EFgQUSNJ0a4YZc9dSPseR3mwnyDI+MwEwDQYJKoZIhvcN +AQELBQADggGBAEUacJEitgrF/UH670StEcRkKE0bccxzUZOy/TPRyjaJwhuFYbTZ +fbLK9JB/7QTdI0S4XNNyVIFS+v1089C33GaFzHqIdnTwlPtuaTL5V9h0ew9W8B5i +l/uyi7WM+Ij3wrm2JEbpUgLNDKRu87wl4TuCU+SqJafsC2t9z1Q8molPUh2sQ7ci +6QaLvHBSehU2sVChYonq3rlkP37KPrzHUza/ZH8U6SWRkJC8zb4jzw0i1RWZnMyT +l7TbjEQN53ES6jlX+Rj/wLFRpCURcJRcoEIrBqVMmyyM+RegscFCbSqO1PVHCDbM +lHGqMElLpJ1KSAA4y+4zfU4WbSno850PQlZ2KDEHbEsb/k7NI59D+0hUhNBfP2fc +Ccma1I451Mf1ANzrFCniqUXbre5nqNGQHuVrtk7cMUYyt4bv8rCkYQP0J6a+HYw8 +LoEDqj2cS1ZW7uhbCJrHuAkGGgBrd+l6OCiMVpqBC+AJT/zTeFHLSKXl/TuR/v1e +KK/Bciw51EZ7Ew== +</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </md:KeyDescriptor> + <md:KeyDescriptor use="encryption"> + <ds:KeyInfo> + <ds:KeyName>3b2548e9acf6</ds:KeyName> + <ds:X509Data> + <ds:X509SubjectName>CN=3b2548e9acf6</ds:X509SubjectName> + <ds:X509Certificate>MIID9jCCAl6gAwIBAgIUAQvlKdIv0wTBgd8wnoQ4DMBVuv4wDQYJKoZIhvcNAQEL +BQAwFzEVMBMGA1UEAxMMM2IyNTQ4ZTlhY2Y2MB4XDTE5MTAxNzIwMjczMloXDTI5 +MTAxNDIwMjczMlowFzEVMBMGA1UEAxMMM2IyNTQ4ZTlhY2Y2MIIBojANBgkqhkiG +9w0BAQEFAAOCAY8AMIIBigKCAYEArkGRHvmLAaHApuzIaKg9tXjyDuBBC6dtGPvf +iOCuGSO7FcfwWBmmeQ3qQdIOj++ecAfIIsArWtFmH4CX6o7EbJfKPfPCjeyLwSAP +TRLJQ0sj8FTPdVIXeKMK6KdOiLyI2cLHvVIJ2Ct63SbWuoHqMMT5BnGl5ZUYpbwm +yFcb2WkadRzfulrDy6UqsoZrXawzCmnFJtmwBuh+TbM1VWS290bDLL3raAKSl7KY +aGk7rcfe8cXAEX1Ou8nBxWe9OFoki1HytqK20Tc8vACGVqkbRA7QXtYS5uj0Ym5J +nj3BFYfkTLkElw1vLRthCjQ2/4p3R/CJQdvQ7CVLAQJYempX/r+TL/rH2OjIMS8I +wt2niE+XxfuMs9EsAUHlG4FU2smdHGdTQ6FD5INUB6OWOuFtCcHCZewkqomXh/DQ +GkHfKwuM8mExYMV9aROTY0lc73E/pPeQiOfaZQAFWnCdRtGBMzHEMRgyVyTzT0ZM +fy6M7Z7ZMSrX9AzAhwGPul5JdlI3AgMBAAGjOjA4MBcGA1UdEQQQMA6CDDNiMjU0 +OGU5YWNmNjAdBgNVHQ4EFgQUBrd0LadG54fHunxCfaqmNsUQrhowDQYJKoZIhvcN +AQELBQADggGBAJH1qvbnXW3CTfJSwt3rdK7iu7wtnTTUltTtQWZO7JNos5QEYltW +/XlvqoEk/0a7oeWjv8lQ2I3wtL3Hk93nxzjAWKavKEFKfw/12ryhgF1wRYtdmiLO +8NTV+y21z3sdGjkDzDr61dLYO2k6DRgVkEDkkC6SzV7CnxB4xQlfH7ZbUiIPLcnO +PXuUkV962ifnenos/XAICroOg8MSe8HJOzisngnbfVLrV59JCXBFkjTMVdtfj2oY +RgIJCBe+ZTO5ZyjP5SA/WA+R7/PTDJkcPnUEpXU3RrPkvxeO2i5ED+FDKn/qwTUi +CJgz70bIWAPKvqbylF2/PGxnQplF4k5MOOPxgBQi7SN76TfwCj8yGDL9jHHLyeNC +b/uFMt24uGhuR2Lj6EQSTjXr3MwyN8OI0mTMUsc4CZsWiKRUsAGZ+H9/2feChOUO +2xgD+4RpO5RQYVqnCOalXlyxlo1YvEc3KahBPwCwnXcWjdU7VJ7pcXfaQFb/uA8v +rtSd5rXgy930PQ== +</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> + </md:KeyDescriptor> + <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://test2.release-check.swamid.se/Shibboleth.sso/Artifact/SOAP" index="1"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://test2.release-check.swamid.se/Shibboleth.sso/SLO/SOAP"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://test2.release-check.swamid.se/Shibboleth.sso/SLO/Redirect"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test2.release-check.swamid.se/Shibboleth.sso/SLO/POST"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://test2.release-check.swamid.se/Shibboleth.sso/SLO/Artifact"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test2.release-check.swamid.se/Shibboleth.sso/SAML2/POST" index="1"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://test2.release-check.swamid.se/Shibboleth.sso/SAML2/Artifact" index="3"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://test2.release-check.swamid.se/Shibboleth.sso/SAML2/ECP" index="4"/> + </md:SPSSODescriptor> + <md:Organization> + <md:OrganizationName xml:lang="en">SWAMID</md:OrganizationName> + <md:OrganizationDisplayName xml:lang="en">Swedish Academic Identity Federation (SWAMID)</md:OrganizationDisplayName> + <md:OrganizationURL xml:lang="en">http://www.swamid.se</md:OrganizationURL> + </md:Organization> + <md:ContactPerson contactType="technical"> + <md:Company>SWAMID</md:Company> + <md:EmailAddress>mailto:operations@swamid.se</md:EmailAddress> + </md:ContactPerson> +</md:EntityDescriptor> diff --git a/swamid-2.0/test3.release-check.swamid.se-shibboleth.xml b/swamid-2.0/test3.release-check.swamid.se-shibboleth.xml new file mode 100644 index 00000000..adb93b46 --- /dev/null +++ b/swamid-2.0/test3.release-check.swamid.se-shibboleth.xml @@ -0,0 +1,153 @@ +<?xml version="1.0" encoding="UTF-8"?> +<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://test3.release-check.swamid.se/shibboleth"> + <!-- Test with SP with EC = Code of Conduct from SWAMID IdP, part 1--> + <md:Extensions> + <mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/"> + <mdrpi:RegistrationPolicy xml:lang="en">https://www.sunet.se/wp-content/uploads/2016/08/SWAMID-Metadata-Registration-Practice-Statement-v2.pdf</mdrpi:RegistrationPolicy> + </mdrpi:RegistrationInfo> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> + <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> + <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category"> + <samla:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</samla:AttributeValue> + </samla:Attribute> + </mdattr:EntityAttributes> + </md:Extensions> + <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> + <md:Extensions> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://test3.release-check.swamid.se/Shibboleth.sso/Login"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://test3.release-check.swamid.se/Shibboleth.sso/Login" index="1"/> + <mdui:UIInfo> + <mdui:DisplayName xml:lang="sv">SWAMID Test SP</mdui:DisplayName> + <mdui:DisplayName xml:lang="fr">SWAMID Test SP</mdui:DisplayName> + <mdui:DisplayName xml:lang="en">SWAMID Test SP</mdui:DisplayName> + <mdui:Description xml:lang="sv">Detta är en applikation som låter dig testa federerad inloggning.</mdui:Description> + <mdui:Description xml:lang="en">This is an application for testing federated authentication.</mdui:Description> + <mdui:Description xml:lang="fr">Il s'agit d'une application pour tester l'authentification fédérée.</mdui:Description> + <mdui:InformationURL xml:lang="sv">http://www.swamid.se/</mdui:InformationURL> + <mdui:InformationURL xml:lang="en">http://www.swamid.se/</mdui:InformationURL> + <mdui:InformationURL xml:lang="fr">http://www.swamid.se/</mdui:InformationURL> + </mdui:UIInfo> + </md:Extensions> + <md:KeyDescriptor use="signing"> + <ds:KeyInfo> + <ds:KeyName>3b2548e9acf6</ds:KeyName> + <ds:X509Data> + <ds:X509SubjectName>CN=3b2548e9acf6</ds:X509SubjectName> + <ds:X509Certificate>MIID9jCCAl6gAwIBAgIUVLubTApZL2saWYLEDnANQ2IlVZwwDQYJKoZIhvcNAQEL +BQAwFzEVMBMGA1UEAxMMM2IyNTQ4ZTlhY2Y2MB4XDTE5MTAxNzIwMjczMVoXDTI5 +MTAxNDIwMjczMVowFzEVMBMGA1UEAxMMM2IyNTQ4ZTlhY2Y2MIIBojANBgkqhkiG +9w0BAQEFAAOCAY8AMIIBigKCAYEAqjbqLKcx/P9wAjFXioquaT/+Xc49fEXzKKe/ +/mpulp7/PLgPGlhh7xoELq3bDG0MKr1P6rI+LGyhuUEN7GJaQL6AoYklOB6Vzss4 +Q6L599oo67mSrtIofJuVxhC1xZBUwaTXE0nBrnSWaoXRqxuBrdK9jkcb46tDLSYW +2ZLEjyi6VZKIa9GfE/VY0houKBUDbBZ6tIfGgghdN8LwP6bqt7aYM8pLzunT5Lzc +qtmTxeIXAxTv0pXtn8FEeiL7VWaVahbGftM+caZdgeSOAROfRd9bY9m8p947WLQi +95GOiVZi67Q1DPGN7RVFcqf4p/XG3JbL9gbHp2iUg+ZpiHoPceAlgJ2mLX1Dd5bg +fhhakatd4n/iGbyJ11/1DLIHs4ZnamKJmBfm3HSeKqm/NypHB3yEH9Hmb8YFiI6t ++z+xV9BPO1V4wjf4eWZ2qHoh+LTM3ACaBRGXfnhPZ9+NHXOdTw21ISRD/IT1B2wU +X5XjWPoiJEcbgtl70RE75jmtKTuJAgMBAAGjOjA4MBcGA1UdEQQQMA6CDDNiMjU0 +OGU5YWNmNjAdBgNVHQ4EFgQUSNJ0a4YZc9dSPseR3mwnyDI+MwEwDQYJKoZIhvcN +AQELBQADggGBAEUacJEitgrF/UH670StEcRkKE0bccxzUZOy/TPRyjaJwhuFYbTZ +fbLK9JB/7QTdI0S4XNNyVIFS+v1089C33GaFzHqIdnTwlPtuaTL5V9h0ew9W8B5i +l/uyi7WM+Ij3wrm2JEbpUgLNDKRu87wl4TuCU+SqJafsC2t9z1Q8molPUh2sQ7ci +6QaLvHBSehU2sVChYonq3rlkP37KPrzHUza/ZH8U6SWRkJC8zb4jzw0i1RWZnMyT +l7TbjEQN53ES6jlX+Rj/wLFRpCURcJRcoEIrBqVMmyyM+RegscFCbSqO1PVHCDbM +lHGqMElLpJ1KSAA4y+4zfU4WbSno850PQlZ2KDEHbEsb/k7NI59D+0hUhNBfP2fc +Ccma1I451Mf1ANzrFCniqUXbre5nqNGQHuVrtk7cMUYyt4bv8rCkYQP0J6a+HYw8 +LoEDqj2cS1ZW7uhbCJrHuAkGGgBrd+l6OCiMVpqBC+AJT/zTeFHLSKXl/TuR/v1e +KK/Bciw51EZ7Ew== +</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </md:KeyDescriptor> + <md:KeyDescriptor use="encryption"> + <ds:KeyInfo> + <ds:KeyName>3b2548e9acf6</ds:KeyName> + <ds:X509Data> + <ds:X509SubjectName>CN=3b2548e9acf6</ds:X509SubjectName> + <ds:X509Certificate>MIID9jCCAl6gAwIBAgIUAQvlKdIv0wTBgd8wnoQ4DMBVuv4wDQYJKoZIhvcNAQEL +BQAwFzEVMBMGA1UEAxMMM2IyNTQ4ZTlhY2Y2MB4XDTE5MTAxNzIwMjczMloXDTI5 +MTAxNDIwMjczMlowFzEVMBMGA1UEAxMMM2IyNTQ4ZTlhY2Y2MIIBojANBgkqhkiG +9w0BAQEFAAOCAY8AMIIBigKCAYEArkGRHvmLAaHApuzIaKg9tXjyDuBBC6dtGPvf +iOCuGSO7FcfwWBmmeQ3qQdIOj++ecAfIIsArWtFmH4CX6o7EbJfKPfPCjeyLwSAP +TRLJQ0sj8FTPdVIXeKMK6KdOiLyI2cLHvVIJ2Ct63SbWuoHqMMT5BnGl5ZUYpbwm +yFcb2WkadRzfulrDy6UqsoZrXawzCmnFJtmwBuh+TbM1VWS290bDLL3raAKSl7KY +aGk7rcfe8cXAEX1Ou8nBxWe9OFoki1HytqK20Tc8vACGVqkbRA7QXtYS5uj0Ym5J +nj3BFYfkTLkElw1vLRthCjQ2/4p3R/CJQdvQ7CVLAQJYempX/r+TL/rH2OjIMS8I +wt2niE+XxfuMs9EsAUHlG4FU2smdHGdTQ6FD5INUB6OWOuFtCcHCZewkqomXh/DQ +GkHfKwuM8mExYMV9aROTY0lc73E/pPeQiOfaZQAFWnCdRtGBMzHEMRgyVyTzT0ZM +fy6M7Z7ZMSrX9AzAhwGPul5JdlI3AgMBAAGjOjA4MBcGA1UdEQQQMA6CDDNiMjU0 +OGU5YWNmNjAdBgNVHQ4EFgQUBrd0LadG54fHunxCfaqmNsUQrhowDQYJKoZIhvcN +AQELBQADggGBAJH1qvbnXW3CTfJSwt3rdK7iu7wtnTTUltTtQWZO7JNos5QEYltW +/XlvqoEk/0a7oeWjv8lQ2I3wtL3Hk93nxzjAWKavKEFKfw/12ryhgF1wRYtdmiLO +8NTV+y21z3sdGjkDzDr61dLYO2k6DRgVkEDkkC6SzV7CnxB4xQlfH7ZbUiIPLcnO +PXuUkV962ifnenos/XAICroOg8MSe8HJOzisngnbfVLrV59JCXBFkjTMVdtfj2oY +RgIJCBe+ZTO5ZyjP5SA/WA+R7/PTDJkcPnUEpXU3RrPkvxeO2i5ED+FDKn/qwTUi +CJgz70bIWAPKvqbylF2/PGxnQplF4k5MOOPxgBQi7SN76TfwCj8yGDL9jHHLyeNC +b/uFMt24uGhuR2Lj6EQSTjXr3MwyN8OI0mTMUsc4CZsWiKRUsAGZ+H9/2feChOUO +2xgD+4RpO5RQYVqnCOalXlyxlo1YvEc3KahBPwCwnXcWjdU7VJ7pcXfaQFb/uA8v +rtSd5rXgy930PQ== +</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> + </md:KeyDescriptor> + <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://test3.release-check.swamid.se/Shibboleth.sso/Artifact/SOAP" index="1"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://test3.release-check.swamid.se/Shibboleth.sso/SLO/SOAP"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://test3.release-check.swamid.se/Shibboleth.sso/SLO/Redirect"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test3.release-check.swamid.se/Shibboleth.sso/SLO/POST"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://test3.release-check.swamid.se/Shibboleth.sso/SLO/Artifact"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test3.release-check.swamid.se/Shibboleth.sso/SAML2/POST" index="1"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://test3.release-check.swamid.se/Shibboleth.sso/SAML2/Artifact" index="3"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://test3.release-check.swamid.se/Shibboleth.sso/SAML2/ECP" index="4"/> + <md:AttributeConsumingService index="1"> + <md:ServiceName xml:lang="en">Release-check for SWAMID</md:ServiceName> + <md:RequestedAttribute FriendlyName="eduPersonPrincipalName" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> + <md:RequestedAttribute FriendlyName="eduPersonUniqueID" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.13" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> + <md:RequestedAttribute FriendlyName="displayName" Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> + <md:RequestedAttribute FriendlyName="cn" Name="urn:oid:2.5.4.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> + <md:RequestedAttribute FriendlyName="givenName" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> + <md:RequestedAttribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> + <md:RequestedAttribute FriendlyName="eduPersonAssurance" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> + <md:RequestedAttribute FriendlyName="eduPersonScopedAffiliation" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> + <md:RequestedAttribute FriendlyName="eduPersonTargetedID" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> + <md:RequestedAttribute FriendlyName="eduPersonOrcid" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.16" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> + <md:RequestedAttribute FriendlyName="norEduPersonNIN" Name="urn:oid:1.3.6.1.4.1.2428.90.1.5" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> + <md:RequestedAttribute FriendlyName="personalIdentityNumber" Name="urn:oid:1.2.752.29.4.13" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> + <md:RequestedAttribute FriendlyName="schacDateOfBirth" Name="urn:oid:1.3.6.1.4.1.25178.1.2.3 " NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> + <md:RequestedAttribute FriendlyName="eduPersonAffiliation" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> + <md:RequestedAttribute FriendlyName="schacHomeOrganizationType" Name="urn:oid:1.3.6.1.4.1.25178.1.2.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> + </md:AttributeConsumingService> + </md:SPSSODescriptor> + <md:Organization> + <md:OrganizationName xml:lang="en">SWAMID</md:OrganizationName> + <md:OrganizationDisplayName xml:lang="en">Swedish Academic Identity Federation (SWAMID)</md:OrganizationDisplayName> + <md:OrganizationURL xml:lang="en">http://www.swamid.se</md:OrganizationURL> + </md:Organization> + <md:ContactPerson contactType="technical"> + <md:Company>SWAMID</md:Company> + <md:EmailAddress>mailto:operations@swamid.se</md:EmailAddress> + </md:ContactPerson> +</md:EntityDescriptor> diff --git a/swamid-2.0/test4.release-check.swamid.se-shibboleth.xml b/swamid-2.0/test4.release-check.swamid.se-shibboleth.xml new file mode 100644 index 00000000..4c32c586 --- /dev/null +++ b/swamid-2.0/test4.release-check.swamid.se-shibboleth.xml @@ -0,0 +1,144 @@ +<?xml version="1.0" encoding="UTF-8"?> +<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://test4.release-check.swamid.se/shibboleth"> + <!-- Test with SP with EC = Code of Conduct from SWAMID IdP, part 2--> + <md:Extensions> + <mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/"> + <mdrpi:RegistrationPolicy xml:lang="en">https://www.sunet.se/wp-content/uploads/2016/08/SWAMID-Metadata-Registration-Practice-Statement-v2.pdf</mdrpi:RegistrationPolicy> + </mdrpi:RegistrationInfo> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> + <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> + <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category"> + <samla:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</samla:AttributeValue> + </samla:Attribute> + </mdattr:EntityAttributes> + </md:Extensions> + <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> + <md:Extensions> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://test4.release-check.swamid.se/Shibboleth.sso/Login"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://test4.release-check.swamid.se/Shibboleth.sso/Login" index="1"/> + <mdui:UIInfo> + <mdui:DisplayName xml:lang="sv">SWAMID Test SP</mdui:DisplayName> + <mdui:DisplayName xml:lang="fr">SWAMID Test SP</mdui:DisplayName> + <mdui:DisplayName xml:lang="en">SWAMID Test SP</mdui:DisplayName> + <mdui:Description xml:lang="sv">Detta är en applikation som låter dig testa federerad inloggning.</mdui:Description> + <mdui:Description xml:lang="en">This is an application for testing federated authentication.</mdui:Description> + <mdui:Description xml:lang="fr">Il s'agit d'une application pour tester l'authentification fédérée.</mdui:Description> + <mdui:InformationURL xml:lang="sv">http://www.swamid.se/</mdui:InformationURL> + <mdui:InformationURL xml:lang="en">http://www.swamid.se/</mdui:InformationURL> + <mdui:InformationURL xml:lang="fr">http://www.swamid.se/</mdui:InformationURL> + </mdui:UIInfo> + </md:Extensions> + <md:KeyDescriptor use="signing"> + <ds:KeyInfo> + <ds:KeyName>3b2548e9acf6</ds:KeyName> + <ds:X509Data> + <ds:X509SubjectName>CN=3b2548e9acf6</ds:X509SubjectName> + <ds:X509Certificate>MIID9jCCAl6gAwIBAgIUVLubTApZL2saWYLEDnANQ2IlVZwwDQYJKoZIhvcNAQEL +BQAwFzEVMBMGA1UEAxMMM2IyNTQ4ZTlhY2Y2MB4XDTE5MTAxNzIwMjczMVoXDTI5 +MTAxNDIwMjczMVowFzEVMBMGA1UEAxMMM2IyNTQ4ZTlhY2Y2MIIBojANBgkqhkiG +9w0BAQEFAAOCAY8AMIIBigKCAYEAqjbqLKcx/P9wAjFXioquaT/+Xc49fEXzKKe/ +/mpulp7/PLgPGlhh7xoELq3bDG0MKr1P6rI+LGyhuUEN7GJaQL6AoYklOB6Vzss4 +Q6L599oo67mSrtIofJuVxhC1xZBUwaTXE0nBrnSWaoXRqxuBrdK9jkcb46tDLSYW +2ZLEjyi6VZKIa9GfE/VY0houKBUDbBZ6tIfGgghdN8LwP6bqt7aYM8pLzunT5Lzc +qtmTxeIXAxTv0pXtn8FEeiL7VWaVahbGftM+caZdgeSOAROfRd9bY9m8p947WLQi +95GOiVZi67Q1DPGN7RVFcqf4p/XG3JbL9gbHp2iUg+ZpiHoPceAlgJ2mLX1Dd5bg +fhhakatd4n/iGbyJ11/1DLIHs4ZnamKJmBfm3HSeKqm/NypHB3yEH9Hmb8YFiI6t ++z+xV9BPO1V4wjf4eWZ2qHoh+LTM3ACaBRGXfnhPZ9+NHXOdTw21ISRD/IT1B2wU +X5XjWPoiJEcbgtl70RE75jmtKTuJAgMBAAGjOjA4MBcGA1UdEQQQMA6CDDNiMjU0 +OGU5YWNmNjAdBgNVHQ4EFgQUSNJ0a4YZc9dSPseR3mwnyDI+MwEwDQYJKoZIhvcN +AQELBQADggGBAEUacJEitgrF/UH670StEcRkKE0bccxzUZOy/TPRyjaJwhuFYbTZ +fbLK9JB/7QTdI0S4XNNyVIFS+v1089C33GaFzHqIdnTwlPtuaTL5V9h0ew9W8B5i +l/uyi7WM+Ij3wrm2JEbpUgLNDKRu87wl4TuCU+SqJafsC2t9z1Q8molPUh2sQ7ci +6QaLvHBSehU2sVChYonq3rlkP37KPrzHUza/ZH8U6SWRkJC8zb4jzw0i1RWZnMyT +l7TbjEQN53ES6jlX+Rj/wLFRpCURcJRcoEIrBqVMmyyM+RegscFCbSqO1PVHCDbM +lHGqMElLpJ1KSAA4y+4zfU4WbSno850PQlZ2KDEHbEsb/k7NI59D+0hUhNBfP2fc +Ccma1I451Mf1ANzrFCniqUXbre5nqNGQHuVrtk7cMUYyt4bv8rCkYQP0J6a+HYw8 +LoEDqj2cS1ZW7uhbCJrHuAkGGgBrd+l6OCiMVpqBC+AJT/zTeFHLSKXl/TuR/v1e +KK/Bciw51EZ7Ew== +</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </md:KeyDescriptor> + <md:KeyDescriptor use="encryption"> + <ds:KeyInfo> + <ds:KeyName>3b2548e9acf6</ds:KeyName> + <ds:X509Data> + <ds:X509SubjectName>CN=3b2548e9acf6</ds:X509SubjectName> + <ds:X509Certificate>MIID9jCCAl6gAwIBAgIUAQvlKdIv0wTBgd8wnoQ4DMBVuv4wDQYJKoZIhvcNAQEL +BQAwFzEVMBMGA1UEAxMMM2IyNTQ4ZTlhY2Y2MB4XDTE5MTAxNzIwMjczMloXDTI5 +MTAxNDIwMjczMlowFzEVMBMGA1UEAxMMM2IyNTQ4ZTlhY2Y2MIIBojANBgkqhkiG +9w0BAQEFAAOCAY8AMIIBigKCAYEArkGRHvmLAaHApuzIaKg9tXjyDuBBC6dtGPvf +iOCuGSO7FcfwWBmmeQ3qQdIOj++ecAfIIsArWtFmH4CX6o7EbJfKPfPCjeyLwSAP +TRLJQ0sj8FTPdVIXeKMK6KdOiLyI2cLHvVIJ2Ct63SbWuoHqMMT5BnGl5ZUYpbwm +yFcb2WkadRzfulrDy6UqsoZrXawzCmnFJtmwBuh+TbM1VWS290bDLL3raAKSl7KY +aGk7rcfe8cXAEX1Ou8nBxWe9OFoki1HytqK20Tc8vACGVqkbRA7QXtYS5uj0Ym5J +nj3BFYfkTLkElw1vLRthCjQ2/4p3R/CJQdvQ7CVLAQJYempX/r+TL/rH2OjIMS8I +wt2niE+XxfuMs9EsAUHlG4FU2smdHGdTQ6FD5INUB6OWOuFtCcHCZewkqomXh/DQ +GkHfKwuM8mExYMV9aROTY0lc73E/pPeQiOfaZQAFWnCdRtGBMzHEMRgyVyTzT0ZM +fy6M7Z7ZMSrX9AzAhwGPul5JdlI3AgMBAAGjOjA4MBcGA1UdEQQQMA6CDDNiMjU0 +OGU5YWNmNjAdBgNVHQ4EFgQUBrd0LadG54fHunxCfaqmNsUQrhowDQYJKoZIhvcN +AQELBQADggGBAJH1qvbnXW3CTfJSwt3rdK7iu7wtnTTUltTtQWZO7JNos5QEYltW +/XlvqoEk/0a7oeWjv8lQ2I3wtL3Hk93nxzjAWKavKEFKfw/12ryhgF1wRYtdmiLO +8NTV+y21z3sdGjkDzDr61dLYO2k6DRgVkEDkkC6SzV7CnxB4xQlfH7ZbUiIPLcnO +PXuUkV962ifnenos/XAICroOg8MSe8HJOzisngnbfVLrV59JCXBFkjTMVdtfj2oY +RgIJCBe+ZTO5ZyjP5SA/WA+R7/PTDJkcPnUEpXU3RrPkvxeO2i5ED+FDKn/qwTUi +CJgz70bIWAPKvqbylF2/PGxnQplF4k5MOOPxgBQi7SN76TfwCj8yGDL9jHHLyeNC +b/uFMt24uGhuR2Lj6EQSTjXr3MwyN8OI0mTMUsc4CZsWiKRUsAGZ+H9/2feChOUO +2xgD+4RpO5RQYVqnCOalXlyxlo1YvEc3KahBPwCwnXcWjdU7VJ7pcXfaQFb/uA8v +rtSd5rXgy930PQ== +</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> + </md:KeyDescriptor> + <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://test4.release-check.swamid.se/Shibboleth.sso/Artifact/SOAP" index="1"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://test4.release-check.swamid.se/Shibboleth.sso/SLO/SOAP"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://test4.release-check.swamid.se/Shibboleth.sso/SLO/Redirect"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test4.release-check.swamid.se/Shibboleth.sso/SLO/POST"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://test4.release-check.swamid.se/Shibboleth.sso/SLO/Artifact"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test4.release-check.swamid.se/Shibboleth.sso/SAML2/POST" index="1"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://test4.release-check.swamid.se/Shibboleth.sso/SAML2/Artifact" index="3"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://test4.release-check.swamid.se/Shibboleth.sso/SAML2/ECP" index="4"/> + <md:AttributeConsumingService index="1"> + <md:ServiceName xml:lang="en">Release-check for SWAMID</md:ServiceName> + <md:RequestedAttribute FriendlyName="mail" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> + <md:RequestedAttribute FriendlyName="displayName" Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> + <md:RequestedAttribute FriendlyName="cn" Name="urn:oid:2.5.4.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> + <md:RequestedAttribute FriendlyName="givenName" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> + <md:RequestedAttribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> + <md:RequestedAttribute FriendlyName="o" Name="urn:oid:2.5.4.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> + <md:RequestedAttribute FriendlyName="norEduOrgAcronym" Name="urn:oid:1.3.6.1.4.1.2428.90.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> + <md:RequestedAttribute FriendlyName="c" Name="urn:oid:2.5.4.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> + <md:RequestedAttribute FriendlyName="co" Name="urn:oid:0.9.2342.19200300.100.1.43" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> + <md:RequestedAttribute FriendlyName="schacHomeOrganization" Name="urn:oid:1.3.6.1.4.1.25178.1.2.9" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> + </md:AttributeConsumingService> + </md:SPSSODescriptor> + <md:Organization> + <md:OrganizationName xml:lang="en">SWAMID</md:OrganizationName> + <md:OrganizationDisplayName xml:lang="en">Swedish Academic Identity Federation (SWAMID)</md:OrganizationDisplayName> + <md:OrganizationURL xml:lang="en">http://www.swamid.se</md:OrganizationURL> + </md:Organization> +</md:EntityDescriptor> |