diff options
-rw-r--r-- | Makefile | 1 | ||||
-rwxr-xr-x | scripts/get-metadata.sh | 8 | ||||
-rw-r--r-- | swamid-2.0/gihidentity01.ihs.se-idp-shibboleth.xml | 93 | ||||
-rw-r--r-- | swamid-2.0/pingpong.ki.se-shibboleth.xml | 51 | ||||
-rw-r--r-- | swamid-sp-2.0.mxml | 1 | ||||
-rw-r--r-- | swamid-testing-idp-1.0.mxml | 2 |
6 files changed, 153 insertions, 3 deletions
@@ -147,6 +147,7 @@ tidy: @for x in `find $(SRCDIRS) -name \*.xml`; do xsltproc xslt/clean-entitydescriptor.xsl $$x > $$x.c && mv $$x.c $$x; done commit: tidy test + @git diff @echo ; echo -n "Run 'git commit -a'? [Y/n/s] " ; read x ; case $$x in "Y"|"y"|"") git commit -a ;; s) ;; *) exit 1 ;; esac @git status -u @echo "Checking for not committed files in swamid-2.0/" ; if git status --porcelain --ignored | awk '{print $$2}' | grep "^swamid-2.0/" | sed 's/^/ /' | grep . ; then echo "Not committed files in swamid-2.0/, aborting" ; exit 1 ; fi diff --git a/scripts/get-metadata.sh b/scripts/get-metadata.sh index d47acfa5..78e68514 100755 --- a/scripts/get-metadata.sh +++ b/scripts/get-metadata.sh @@ -15,12 +15,16 @@ if [ -z "$metadataurl" ] ; then Usage: `basename $0` <metadataurl> Ex: `basename $0` https://shibsp.mysite.com/Shibboleth.sso/Metadata `basename $0` https://shibidp.mysite.com/idp/profile/Metadata/SAML - `basename $0` file://some-downloaded-metadata.xml + `basename $0` some-downloaded-metadata.xml EOF exit 1 fi -metadata=`curl -s -k -f $metadataurl` +if echo "$metadataurl" | grep -qE '^http://|^https://' ; then + metadata=`curl -s -k -f $metadataurl` +else + metadata=`cat $metadataurl` +fi [ -n "$metadata" ] || error "Failed to fetch metadata from $metadataurl" entityid=`echo "$metadata" | sed -n 's/.*entityID=['\''"]\([^"]*\)['\''"].*/\1/p'` diff --git a/swamid-2.0/gihidentity01.ihs.se-idp-shibboleth.xml b/swamid-2.0/gihidentity01.ihs.se-idp-shibboleth.xml new file mode 100644 index 00000000..286e8b20 --- /dev/null +++ b/swamid-2.0/gihidentity01.ihs.se-idp-shibboleth.xml @@ -0,0 +1,93 @@ +<?xml version="1.0" encoding="UTF-8"?> +<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" entityID="https://gihidentity01.ihs.se/idp/shibboleth"> + <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol"> + <Extensions> + <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> + <mdui:DisplayName xml:lang="sv">Gymnastik- och Idrottshögskolan</mdui:DisplayName> + <mdui:DisplayName xml:lang="en">School of sport and health sciences</mdui:DisplayName> + <mdui:Description xml:lang="sv">Identity Provider för Gymnastik- och Idrottshögskolan</mdui:Description> + <mdui:Description xml:lang="en">Identity Provider for the Royal Swedish Academy of Sciences</mdui:Description> + </mdui:UIInfo> + <shibmd:Scope regexp="false">ihs.se</shibmd:Scope> + </Extensions> + <KeyDescriptor> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate> + +MIIDOzCCAiOgAwIBAgIUX4LM+yBFUKdFziHUCVyiPPGiL8YwDQYJKoZIhvcNAQEF +BQAwHzEdMBsGA1UEAxMUZ2loaWRlbnRpdHkwMS5paHMuc2UwHhcNMTMwOTIwMTA1 +NTIzWhcNMzMwOTIwMTA1NTIzWjAfMR0wGwYDVQQDExRnaWhpZGVudGl0eTAxLmlo +cy5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKjZBXC3TcY47KYX +t3n4IH6X8Jszyeinq+Zo6mtsJgzu9JPikIiG9jDJj+ylQiTDSSTBMSAUZ3p6ola/ ++/IlDu0q5oLFCMEe3m9AdJIwyT6CjIJOiLSzeaTOqQNtXowLFCxj+PPrVRaqJiYc ++7f3+5SMwn2iOLkr6/ZFW5cuhw9flzR/Qp7m9ByTIcs73XK1JcQPP1UoPgo8mUXj +/IHbxB/+P0NzjMXbKZEFEnZQzDoxNYDbARh6T/hJreIKBr+B0KnKogZnM9WgdJof +O6GKR1lETrGgmCITblP7dbrRIL2VxMmXQEMhdS78Y5GNRPnGxp00kT2h/tTA1Reb +52sROA0CAwEAAaNvMG0wTAYDVR0RBEUwQ4IUZ2loaWRlbnRpdHkwMS5paHMuc2WG +K2h0dHBzOi8vZ2loaWRlbnRpdHkwMS5paHMuc2UvaWRwL3NoaWJib2xldGgwHQYD +VR0OBBYEFIzCrjaWTfLensnYqTm/G3CNWsbNMA0GCSqGSIb3DQEBBQUAA4IBAQB7 +pVQO0Su0rB9WHWpitL0kNNfFQgapWHHZ8hYUDFWxiON7IGG6GlVsqgvwGCQwYgci +E+WrKirES8+tE/EWhNfSvydlBuHwkvBP2WqsjUVbG0U4xbguE3C1ZrcfKcjBkSDH +YmMuoYqX6RkHuwExl0xLr1ApVz8l2D9HVXdVi3aG31gMpo4/G1GukY8Pny8ZSbNP +cb9+7g88/LLBLc5cx1iccfK4h0Er5QAFjNd3uKD3p0sxQYKPGs5X2ZwOxJlmeAiU +3Ujhy7jzfaV7bFtz+GL8WTHoi2OfI1YqES5Jr3sQnlArhemcYUxnpBN4yvDF2QK1 +icptKTpDxrRjfCXibBT1 + + </ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </KeyDescriptor> + <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://gihidentity01.ihs.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/> + <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://gihidentity01.ihs.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/> + <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat> + <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> + <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://gihidentity01.ihs.se/idp/profile/Shibboleth/SSO"/> + <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://gihidentity01.ihs.se/idp/profile/SAML2/POST/SSO"/> + <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://gihidentity01.ihs.se/idp/profile/SAML2/POST-SimpleSign/SSO"/> + <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://gihidentity01.ihs.se/idp/profile/SAML2/Redirect/SSO"/> + </IDPSSODescriptor> + <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol"> + <Extensions> + <shibmd:Scope regexp="false">ihs.se</shibmd:Scope> + </Extensions> + <KeyDescriptor> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate> + +MIIDOzCCAiOgAwIBAgIUX4LM+yBFUKdFziHUCVyiPPGiL8YwDQYJKoZIhvcNAQEF +BQAwHzEdMBsGA1UEAxMUZ2loaWRlbnRpdHkwMS5paHMuc2UwHhcNMTMwOTIwMTA1 +NTIzWhcNMzMwOTIwMTA1NTIzWjAfMR0wGwYDVQQDExRnaWhpZGVudGl0eTAxLmlo +cy5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKjZBXC3TcY47KYX +t3n4IH6X8Jszyeinq+Zo6mtsJgzu9JPikIiG9jDJj+ylQiTDSSTBMSAUZ3p6ola/ ++/IlDu0q5oLFCMEe3m9AdJIwyT6CjIJOiLSzeaTOqQNtXowLFCxj+PPrVRaqJiYc ++7f3+5SMwn2iOLkr6/ZFW5cuhw9flzR/Qp7m9ByTIcs73XK1JcQPP1UoPgo8mUXj +/IHbxB/+P0NzjMXbKZEFEnZQzDoxNYDbARh6T/hJreIKBr+B0KnKogZnM9WgdJof +O6GKR1lETrGgmCITblP7dbrRIL2VxMmXQEMhdS78Y5GNRPnGxp00kT2h/tTA1Reb +52sROA0CAwEAAaNvMG0wTAYDVR0RBEUwQ4IUZ2loaWRlbnRpdHkwMS5paHMuc2WG +K2h0dHBzOi8vZ2loaWRlbnRpdHkwMS5paHMuc2UvaWRwL3NoaWJib2xldGgwHQYD +VR0OBBYEFIzCrjaWTfLensnYqTm/G3CNWsbNMA0GCSqGSIb3DQEBBQUAA4IBAQB7 +pVQO0Su0rB9WHWpitL0kNNfFQgapWHHZ8hYUDFWxiON7IGG6GlVsqgvwGCQwYgci +E+WrKirES8+tE/EWhNfSvydlBuHwkvBP2WqsjUVbG0U4xbguE3C1ZrcfKcjBkSDH +YmMuoYqX6RkHuwExl0xLr1ApVz8l2D9HVXdVi3aG31gMpo4/G1GukY8Pny8ZSbNP +cb9+7g88/LLBLc5cx1iccfK4h0Er5QAFjNd3uKD3p0sxQYKPGs5X2ZwOxJlmeAiU +3Ujhy7jzfaV7bFtz+GL8WTHoi2OfI1YqES5Jr3sQnlArhemcYUxnpBN4yvDF2QK1 +icptKTpDxrRjfCXibBT1 + + </ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </KeyDescriptor> + <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://gihidentity01.ihs.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/> + <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://gihidentity01.ihs.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/> + <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat> + <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> + </AttributeAuthorityDescriptor> + <Organization> + <OrganizationName xml:lang="en">School of sport and health sciences</OrganizationName> + <OrganizationDisplayName xml:lang="sv">Gymnastik- och Idrottshögskolan</OrganizationDisplayName> + <OrganizationDisplayName xml:lang="en">School of sport and health sciences</OrganizationDisplayName> + <OrganizationURL xml:lang="en">http://www.gih.se</OrganizationURL> + </Organization> +</EntityDescriptor> diff --git a/swamid-2.0/pingpong.ki.se-shibboleth.xml b/swamid-2.0/pingpong.ki.se-shibboleth.xml new file mode 100644 index 00000000..2c8e572e --- /dev/null +++ b/swamid-2.0/pingpong.ki.se-shibboleth.xml @@ -0,0 +1,51 @@ +<?xml version="1.0" encoding="UTF-8"?> +<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://pingpong.ki.se/shibboleth"> + <md:Extensions> + <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> + <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category"> + <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue> + <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue> + </samla:Attribute> + </mdattr:EntityAttributes> + </md:Extensions> + <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> + <md:Extensions> + <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> + <mdui:DisplayName xml:lang="sv">Ping Pong för Karaolinska Institutet</mdui:DisplayName> + <mdui:DisplayName xml:lang="en">Ping Pong at Karolinska Institutet</mdui:DisplayName> + <mdui:Description xml:lang="sv">Ping Pong för Karaolinska Institutet</mdui:Description> + <mdui:Description xml:lang="en">Ping Pong at Karolinska Institutet</mdui:Description> + </mdui:UIInfo> + </md:Extensions> + <md:KeyDescriptor> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate> +MIIC8TCCAdmgAwIBAgIJAJRsfqnb5dadMA0GCSqGSIb3DQEBBQUAMBkxFzAVBgNV +BAMTDnBpbmdwb25nLmtpLnNlMB4XDTEzMDkxNjEzNDM0N1oXDTIzMDkxNDEzNDM0 +N1owGTEXMBUGA1UEAxMOcGluZ3Bvbmcua2kuc2UwggEiMA0GCSqGSIb3DQEBAQUA +A4IBDwAwggEKAoIBAQDNcTge2C3djDCz0us+maMDKxRHA9p9khcf6XLYjnPYLYQ2 +s4GfGF+rz7FAxHvJoe9792ecpa91/TBoV/wnsyQfXLlAQd7eqNk/MzALugXjeL65 ++Frn6Wp6cbcnJasRmcxdiiplHYReln/KYkmC+fQ1PDfe5RpXaxNjB6RKWprJkU83 +iIqVL7aW/tY+hmDIEzYJpH5UjXFdqJwbOOmetuzCZxxLrCq6Er8whneqxEVjvlmf +QQG8OYsZVjba2iJuiGD9B8bnVvgb6WvzWAtUAxWi5tnjrWUo0Jvo0h0nTsG1uV0L +lP08Fu7Y12kuphUqKgKZ2q5PgxgzGIt3MDpTrHATAgMBAAGjPDA6MBkGA1UdEQQS +MBCCDnBpbmdwb25nLmtpLnNlMB0GA1UdDgQWBBS6tjhUSTBnGMltLrTV11n4WyNS +6TANBgkqhkiG9w0BAQUFAAOCAQEApmdue4DcHojlyrLK4XxSRXSuAQ0vADzZe9pF +Cs3mMApyUpT3ritm+Pn+QAvbNux3urijNWw/OWJ/sVsc6Jj59aIkRutV+r8AbqFO +SvTLPxlXLgIU+v90UJ/0WG3YxMLafujRrDs15vJLbJSc4ATgypIUOrNcq5ZhskGN +nVBA3mrjY5hhQpkl4816R3IYwzsxn1NWtbdg8c964Nm1hLrah1CIeOFlxycV8OF+ +qNmB+qBiK5APim+7qOT6QRnSzX3q2zIb8WYwE6Pvb9aVcM8GBmOvyZvITpBZik04 +ZqAEwFI6mSdqDAH/wGtQLWPtrVSKg/XmB9+G8JohgWpphQElSQ== + </ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </md:KeyDescriptor> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://pingpong.ki.se/Shibboleth.sso/SLO/SOAP"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://pingpong.ki.se/Shibboleth.sso/SLO/Redirect"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pingpong.ki.se/Shibboleth.sso/SLO/POST"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pingpong.ki.se/Shibboleth.sso/SAML2/POST" index="1"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://pingpong.ki.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://pingpong.ki.se/Shibboleth.sso/SAML2/ECP" index="3"/> + </md:SPSSODescriptor> +</md:EntityDescriptor> diff --git a/swamid-sp-2.0.mxml b/swamid-sp-2.0.mxml index a0235caa..7ed991fb 100644 --- a/swamid-sp-2.0.mxml +++ b/swamid-sp-2.0.mxml @@ -266,4 +266,5 @@ <xi:include href="swamid-1.0/hr.su.se-shibboleth.xml"/> <xi:include href="swamid-2.0/se.timeedit.net-web-lnu-db1-timeedit-ssoMetadata-lnu_pers_saml2.xml"/> <xi:include href="swamid-2.0/se.timeedit.net-web-lnu-db1-timeedit-ssoMetadata-lnu_stud_saml2.xml"/> + <xi:include href="swamid-2.0/pingpong.ki.se-shibboleth.xml"/> </md:EntitiesDescriptor> diff --git a/swamid-testing-idp-1.0.mxml b/swamid-testing-idp-1.0.mxml index df123d80..100241aa 100644 --- a/swamid-testing-idp-1.0.mxml +++ b/swamid-testing-idp-1.0.mxml @@ -147,5 +147,5 @@ <xi:include href="swamid-2.0/idp.esh.se-idp-shibboleth.xml"/> <xi:include href="swamid-2.0/kitstidp01.tst.ki.se-idp-shibboleth.xml"/> <xi:include href="swamid-2.0/swamid2.shh.se-idp-shibboleth.xml"/> + <xi:include href="swamid-2.0/gihidentity01.ihs.se-idp-shibboleth.xml"/> </EntitiesDescriptor> - |