summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Makefile1
-rwxr-xr-xscripts/get-metadata.sh8
-rw-r--r--swamid-2.0/gihidentity01.ihs.se-idp-shibboleth.xml93
-rw-r--r--swamid-2.0/pingpong.ki.se-shibboleth.xml51
-rw-r--r--swamid-sp-2.0.mxml1
-rw-r--r--swamid-testing-idp-1.0.mxml2
6 files changed, 153 insertions, 3 deletions
diff --git a/Makefile b/Makefile
index d12e1813..2735e485 100644
--- a/Makefile
+++ b/Makefile
@@ -147,6 +147,7 @@ tidy:
@for x in `find $(SRCDIRS) -name \*.xml`; do xsltproc xslt/clean-entitydescriptor.xsl $$x > $$x.c && mv $$x.c $$x; done
commit: tidy test
+ @git diff
@echo ; echo -n "Run 'git commit -a'? [Y/n/s] " ; read x ; case $$x in "Y"|"y"|"") git commit -a ;; s) ;; *) exit 1 ;; esac
@git status -u
@echo "Checking for not committed files in swamid-2.0/" ; if git status --porcelain --ignored | awk '{print $$2}' | grep "^swamid-2.0/" | sed 's/^/ /' | grep . ; then echo "Not committed files in swamid-2.0/, aborting" ; exit 1 ; fi
diff --git a/scripts/get-metadata.sh b/scripts/get-metadata.sh
index d47acfa5..78e68514 100755
--- a/scripts/get-metadata.sh
+++ b/scripts/get-metadata.sh
@@ -15,12 +15,16 @@ if [ -z "$metadataurl" ] ; then
Usage: `basename $0` <metadataurl>
Ex: `basename $0` https://shibsp.mysite.com/Shibboleth.sso/Metadata
`basename $0` https://shibidp.mysite.com/idp/profile/Metadata/SAML
- `basename $0` file://some-downloaded-metadata.xml
+ `basename $0` some-downloaded-metadata.xml
EOF
exit 1
fi
-metadata=`curl -s -k -f $metadataurl`
+if echo "$metadataurl" | grep -qE '^http://|^https://' ; then
+ metadata=`curl -s -k -f $metadataurl`
+else
+ metadata=`cat $metadataurl`
+fi
[ -n "$metadata" ] || error "Failed to fetch metadata from $metadataurl"
entityid=`echo "$metadata" | sed -n 's/.*entityID=['\''"]\([^"]*\)['\''"].*/\1/p'`
diff --git a/swamid-2.0/gihidentity01.ihs.se-idp-shibboleth.xml b/swamid-2.0/gihidentity01.ihs.se-idp-shibboleth.xml
new file mode 100644
index 00000000..286e8b20
--- /dev/null
+++ b/swamid-2.0/gihidentity01.ihs.se-idp-shibboleth.xml
@@ -0,0 +1,93 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" entityID="https://gihidentity01.ihs.se/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="sv">Gymnastik- och Idrottshögskolan</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">School of sport and health sciences</mdui:DisplayName>
+ <mdui:Description xml:lang="sv">Identity Provider för Gymnastik- och Idrottshögskolan</mdui:Description>
+ <mdui:Description xml:lang="en">Identity Provider for the Royal Swedish Academy of Sciences</mdui:Description>
+ </mdui:UIInfo>
+ <shibmd:Scope regexp="false">ihs.se</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+
+MIIDOzCCAiOgAwIBAgIUX4LM+yBFUKdFziHUCVyiPPGiL8YwDQYJKoZIhvcNAQEF
+BQAwHzEdMBsGA1UEAxMUZ2loaWRlbnRpdHkwMS5paHMuc2UwHhcNMTMwOTIwMTA1
+NTIzWhcNMzMwOTIwMTA1NTIzWjAfMR0wGwYDVQQDExRnaWhpZGVudGl0eTAxLmlo
+cy5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKjZBXC3TcY47KYX
+t3n4IH6X8Jszyeinq+Zo6mtsJgzu9JPikIiG9jDJj+ylQiTDSSTBMSAUZ3p6ola/
++/IlDu0q5oLFCMEe3m9AdJIwyT6CjIJOiLSzeaTOqQNtXowLFCxj+PPrVRaqJiYc
++7f3+5SMwn2iOLkr6/ZFW5cuhw9flzR/Qp7m9ByTIcs73XK1JcQPP1UoPgo8mUXj
+/IHbxB/+P0NzjMXbKZEFEnZQzDoxNYDbARh6T/hJreIKBr+B0KnKogZnM9WgdJof
+O6GKR1lETrGgmCITblP7dbrRIL2VxMmXQEMhdS78Y5GNRPnGxp00kT2h/tTA1Reb
+52sROA0CAwEAAaNvMG0wTAYDVR0RBEUwQ4IUZ2loaWRlbnRpdHkwMS5paHMuc2WG
+K2h0dHBzOi8vZ2loaWRlbnRpdHkwMS5paHMuc2UvaWRwL3NoaWJib2xldGgwHQYD
+VR0OBBYEFIzCrjaWTfLensnYqTm/G3CNWsbNMA0GCSqGSIb3DQEBBQUAA4IBAQB7
+pVQO0Su0rB9WHWpitL0kNNfFQgapWHHZ8hYUDFWxiON7IGG6GlVsqgvwGCQwYgci
+E+WrKirES8+tE/EWhNfSvydlBuHwkvBP2WqsjUVbG0U4xbguE3C1ZrcfKcjBkSDH
+YmMuoYqX6RkHuwExl0xLr1ApVz8l2D9HVXdVi3aG31gMpo4/G1GukY8Pny8ZSbNP
+cb9+7g88/LLBLc5cx1iccfK4h0Er5QAFjNd3uKD3p0sxQYKPGs5X2ZwOxJlmeAiU
+3Ujhy7jzfaV7bFtz+GL8WTHoi2OfI1YqES5Jr3sQnlArhemcYUxnpBN4yvDF2QK1
+icptKTpDxrRjfCXibBT1
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://gihidentity01.ihs.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://gihidentity01.ihs.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://gihidentity01.ihs.se/idp/profile/Shibboleth/SSO"/>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://gihidentity01.ihs.se/idp/profile/SAML2/POST/SSO"/>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://gihidentity01.ihs.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://gihidentity01.ihs.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope regexp="false">ihs.se</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+
+MIIDOzCCAiOgAwIBAgIUX4LM+yBFUKdFziHUCVyiPPGiL8YwDQYJKoZIhvcNAQEF
+BQAwHzEdMBsGA1UEAxMUZ2loaWRlbnRpdHkwMS5paHMuc2UwHhcNMTMwOTIwMTA1
+NTIzWhcNMzMwOTIwMTA1NTIzWjAfMR0wGwYDVQQDExRnaWhpZGVudGl0eTAxLmlo
+cy5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKjZBXC3TcY47KYX
+t3n4IH6X8Jszyeinq+Zo6mtsJgzu9JPikIiG9jDJj+ylQiTDSSTBMSAUZ3p6ola/
++/IlDu0q5oLFCMEe3m9AdJIwyT6CjIJOiLSzeaTOqQNtXowLFCxj+PPrVRaqJiYc
++7f3+5SMwn2iOLkr6/ZFW5cuhw9flzR/Qp7m9ByTIcs73XK1JcQPP1UoPgo8mUXj
+/IHbxB/+P0NzjMXbKZEFEnZQzDoxNYDbARh6T/hJreIKBr+B0KnKogZnM9WgdJof
+O6GKR1lETrGgmCITblP7dbrRIL2VxMmXQEMhdS78Y5GNRPnGxp00kT2h/tTA1Reb
+52sROA0CAwEAAaNvMG0wTAYDVR0RBEUwQ4IUZ2loaWRlbnRpdHkwMS5paHMuc2WG
+K2h0dHBzOi8vZ2loaWRlbnRpdHkwMS5paHMuc2UvaWRwL3NoaWJib2xldGgwHQYD
+VR0OBBYEFIzCrjaWTfLensnYqTm/G3CNWsbNMA0GCSqGSIb3DQEBBQUAA4IBAQB7
+pVQO0Su0rB9WHWpitL0kNNfFQgapWHHZ8hYUDFWxiON7IGG6GlVsqgvwGCQwYgci
+E+WrKirES8+tE/EWhNfSvydlBuHwkvBP2WqsjUVbG0U4xbguE3C1ZrcfKcjBkSDH
+YmMuoYqX6RkHuwExl0xLr1ApVz8l2D9HVXdVi3aG31gMpo4/G1GukY8Pny8ZSbNP
+cb9+7g88/LLBLc5cx1iccfK4h0Er5QAFjNd3uKD3p0sxQYKPGs5X2ZwOxJlmeAiU
+3Ujhy7jzfaV7bFtz+GL8WTHoi2OfI1YqES5Jr3sQnlArhemcYUxnpBN4yvDF2QK1
+icptKTpDxrRjfCXibBT1
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://gihidentity01.ihs.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://gihidentity01.ihs.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">School of sport and health sciences</OrganizationName>
+ <OrganizationDisplayName xml:lang="sv">Gymnastik- och Idrottshögskolan</OrganizationDisplayName>
+ <OrganizationDisplayName xml:lang="en">School of sport and health sciences</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.gih.se</OrganizationURL>
+ </Organization>
+</EntityDescriptor>
diff --git a/swamid-2.0/pingpong.ki.se-shibboleth.xml b/swamid-2.0/pingpong.ki.se-shibboleth.xml
new file mode 100644
index 00000000..2c8e572e
--- /dev/null
+++ b/swamid-2.0/pingpong.ki.se-shibboleth.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://pingpong.ki.se/shibboleth">
+ <md:Extensions>
+ <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+ <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
+ <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
+ </samla:Attribute>
+ </mdattr:EntityAttributes>
+ </md:Extensions>
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="sv">Ping Pong för Karaolinska Institutet</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">Ping Pong at Karolinska Institutet</mdui:DisplayName>
+ <mdui:Description xml:lang="sv">Ping Pong för Karaolinska Institutet</mdui:Description>
+ <mdui:Description xml:lang="en">Ping Pong at Karolinska Institutet</mdui:Description>
+ </mdui:UIInfo>
+ </md:Extensions>
+ <md:KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIC8TCCAdmgAwIBAgIJAJRsfqnb5dadMA0GCSqGSIb3DQEBBQUAMBkxFzAVBgNV
+BAMTDnBpbmdwb25nLmtpLnNlMB4XDTEzMDkxNjEzNDM0N1oXDTIzMDkxNDEzNDM0
+N1owGTEXMBUGA1UEAxMOcGluZ3Bvbmcua2kuc2UwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQDNcTge2C3djDCz0us+maMDKxRHA9p9khcf6XLYjnPYLYQ2
+s4GfGF+rz7FAxHvJoe9792ecpa91/TBoV/wnsyQfXLlAQd7eqNk/MzALugXjeL65
++Frn6Wp6cbcnJasRmcxdiiplHYReln/KYkmC+fQ1PDfe5RpXaxNjB6RKWprJkU83
+iIqVL7aW/tY+hmDIEzYJpH5UjXFdqJwbOOmetuzCZxxLrCq6Er8whneqxEVjvlmf
+QQG8OYsZVjba2iJuiGD9B8bnVvgb6WvzWAtUAxWi5tnjrWUo0Jvo0h0nTsG1uV0L
+lP08Fu7Y12kuphUqKgKZ2q5PgxgzGIt3MDpTrHATAgMBAAGjPDA6MBkGA1UdEQQS
+MBCCDnBpbmdwb25nLmtpLnNlMB0GA1UdDgQWBBS6tjhUSTBnGMltLrTV11n4WyNS
+6TANBgkqhkiG9w0BAQUFAAOCAQEApmdue4DcHojlyrLK4XxSRXSuAQ0vADzZe9pF
+Cs3mMApyUpT3ritm+Pn+QAvbNux3urijNWw/OWJ/sVsc6Jj59aIkRutV+r8AbqFO
+SvTLPxlXLgIU+v90UJ/0WG3YxMLafujRrDs15vJLbJSc4ATgypIUOrNcq5ZhskGN
+nVBA3mrjY5hhQpkl4816R3IYwzsxn1NWtbdg8c964Nm1hLrah1CIeOFlxycV8OF+
+qNmB+qBiK5APim+7qOT6QRnSzX3q2zIb8WYwE6Pvb9aVcM8GBmOvyZvITpBZik04
+ZqAEwFI6mSdqDAH/wGtQLWPtrVSKg/XmB9+G8JohgWpphQElSQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://pingpong.ki.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://pingpong.ki.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pingpong.ki.se/Shibboleth.sso/SLO/POST"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pingpong.ki.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://pingpong.ki.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://pingpong.ki.se/Shibboleth.sso/SAML2/ECP" index="3"/>
+ </md:SPSSODescriptor>
+</md:EntityDescriptor>
diff --git a/swamid-sp-2.0.mxml b/swamid-sp-2.0.mxml
index a0235caa..7ed991fb 100644
--- a/swamid-sp-2.0.mxml
+++ b/swamid-sp-2.0.mxml
@@ -266,4 +266,5 @@
<xi:include href="swamid-1.0/hr.su.se-shibboleth.xml"/>
<xi:include href="swamid-2.0/se.timeedit.net-web-lnu-db1-timeedit-ssoMetadata-lnu_pers_saml2.xml"/>
<xi:include href="swamid-2.0/se.timeedit.net-web-lnu-db1-timeedit-ssoMetadata-lnu_stud_saml2.xml"/>
+ <xi:include href="swamid-2.0/pingpong.ki.se-shibboleth.xml"/>
</md:EntitiesDescriptor>
diff --git a/swamid-testing-idp-1.0.mxml b/swamid-testing-idp-1.0.mxml
index df123d80..100241aa 100644
--- a/swamid-testing-idp-1.0.mxml
+++ b/swamid-testing-idp-1.0.mxml
@@ -147,5 +147,5 @@
<xi:include href="swamid-2.0/idp.esh.se-idp-shibboleth.xml"/>
<xi:include href="swamid-2.0/kitstidp01.tst.ki.se-idp-shibboleth.xml"/>
<xi:include href="swamid-2.0/swamid2.shh.se-idp-shibboleth.xml"/>
+ <xi:include href="swamid-2.0/gihidentity01.ihs.se-idp-shibboleth.xml"/>
</EntitiesDescriptor>
-