From 1e380b0434d87a5316833711a56b08dc5f78c8c8 Mon Sep 17 00:00:00 2001
From: Björn Mattsson <Bjorn.Mattsson@bth.se>
Date: Fri, 29 Jan 2021 10:38:44 +0100
Subject: Resolves SWAMID-23

---
 .../stipendier-test.its.uu.se-stipendium.xml       | 10 +++++++-
 swamid-2.0/stipendier-utv.its.uu.se-stipendium.xml | 10 +++++++-
 swamid-2.0/stipendier.uu.se-stipendium.xml         | 30 ++++++++++++++--------
 3 files changed, 37 insertions(+), 13 deletions(-)

diff --git a/swamid-2.0/stipendier-test.its.uu.se-stipendium.xml b/swamid-2.0/stipendier-test.its.uu.se-stipendium.xml
index 0b8c9cae..7f7e78a4 100644
--- a/swamid-2.0/stipendier-test.its.uu.se-stipendium.xml
+++ b/swamid-2.0/stipendier-test.its.uu.se-stipendium.xml
@@ -4,6 +4,11 @@
     <mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/">
       <mdrpi:RegistrationPolicy xml:lang="en">https://www.sunet.se/wp-content/uploads/2016/08/SWAMID-Metadata-Registration-Practice-Statement-v2.pdf</mdrpi:RegistrationPolicy>
     </mdrpi:RegistrationInfo>
+    <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+      <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+        <samla:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</samla:AttributeValue>
+      </samla:Attribute>
+    </mdattr:EntityAttributes>
   </md:Extensions>
   <md:SPSSODescriptor AuthnRequestsSigned="true" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
     <md:Extensions>
@@ -12,9 +17,12 @@
         <mdui:DisplayName xml:lang="en">Scholarship (TEST)</mdui:DisplayName>
         <mdui:Description xml:lang="sv">System (TEST) som hanterar stipendium vid Uppsala universitet</mdui:Description>
         <mdui:Description xml:lang="en">Scholarship (TEST) management system at Uppsala University</mdui:Description>
-        <mdui:Logo height="125" width="125">https://stipendier-test.its.uu.se/stipendium/img/UU-logga_125x125.png</mdui:Logo>
+        <mdui:Logo xml:lang="en" height="125" width="125">https://stipendier-test.its.uu.se/stipendium/img/UU-logga_125x125.png</mdui:Logo>
+        <mdui:Logo xml:lang="sv" height="125" width="125">https://stipendier-test.its.uu.se/stipendium/img/UU-logga_125x125.png</mdui:Logo>
         <mdui:InformationURL xml:lang="sv">http://stipendier-test.its.uu.se/stipendium/stipac/login</mdui:InformationURL>
         <mdui:InformationURL xml:lang="en">http://stipendier-test.its.uu.se/stipendium/stipac/login?lang=en</mdui:InformationURL>
+        <mdui:PrivacyStatementURL xml:lang="sv">https://uu.se/hittastipendier/behandling-av-personuppgifter</mdui:PrivacyStatementURL>
+        <mdui:PrivacyStatementURL xml:lang="en">https://uu.se/en/findscholarships/processing-of-personal-data</mdui:PrivacyStatementURL>
       </mdui:UIInfo>
     </md:Extensions>
     <md:KeyDescriptor>
diff --git a/swamid-2.0/stipendier-utv.its.uu.se-stipendium.xml b/swamid-2.0/stipendier-utv.its.uu.se-stipendium.xml
index f2cc7d3d..6d6929d9 100644
--- a/swamid-2.0/stipendier-utv.its.uu.se-stipendium.xml
+++ b/swamid-2.0/stipendier-utv.its.uu.se-stipendium.xml
@@ -4,6 +4,11 @@
     <mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/">
       <mdrpi:RegistrationPolicy xml:lang="en">https://www.sunet.se/wp-content/uploads/2016/08/SWAMID-Metadata-Registration-Practice-Statement-v2.pdf</mdrpi:RegistrationPolicy>
     </mdrpi:RegistrationInfo>
+    <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+      <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+        <samla:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</samla:AttributeValue>
+      </samla:Attribute>
+    </mdattr:EntityAttributes>
   </md:Extensions>
   <md:SPSSODescriptor AuthnRequestsSigned="true" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
     <md:Extensions>
@@ -12,9 +17,12 @@
         <mdui:DisplayName xml:lang="en">Scholarship (DEV)</mdui:DisplayName>
         <mdui:Description xml:lang="sv">System (UTV) för att söka och hantera stipendium vid Uppsala universitet</mdui:Description>
         <mdui:Description xml:lang="en">Scholarship (DEV) management system at Uppsala University</mdui:Description>
-        <mdui:Logo height="125" width="125">https://stipendier-utv.its.uu.se/stipendium/img/UU-logga_125x125.png</mdui:Logo>
+        <mdui:Logo xml:lang="en" height="125" width="125">https://stipendier-utv.its.uu.se/stipendium/img/UU-logga_125x125.png</mdui:Logo>
+        <mdui:Logo xml:lang="sv" height="125" width="125">https://stipendier-utv.its.uu.se/stipendium/img/UU-logga_125x125.png</mdui:Logo>
         <mdui:InformationURL xml:lang="sv">http://stipendier-utv.its.uu.se/stipendium/stipac/login</mdui:InformationURL>
         <mdui:InformationURL xml:lang="en">http://stipendier-utv.its.uu.se/stipendium/stipac/login?lang=en</mdui:InformationURL>
+        <mdui:PrivacyStatementURL xml:lang="sv">https://uu.se/hittastipendier/behandling-av-personuppgifter</mdui:PrivacyStatementURL>
+        <mdui:PrivacyStatementURL xml:lang="en">https://uu.se/en/findscholarships/processing-of-personal-data</mdui:PrivacyStatementURL>
       </mdui:UIInfo>
     </md:Extensions>
     <md:KeyDescriptor>
diff --git a/swamid-2.0/stipendier.uu.se-stipendium.xml b/swamid-2.0/stipendier.uu.se-stipendium.xml
index 5306cdcd..b8684053 100644
--- a/swamid-2.0/stipendier.uu.se-stipendium.xml
+++ b/swamid-2.0/stipendier.uu.se-stipendium.xml
@@ -6,6 +6,7 @@
     </mdrpi:RegistrationInfo>
     <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
       <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+        <samla:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</samla:AttributeValue>
         <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
         <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
         <samla:AttributeValue>http://www.swamid.se/category/sfs-1993-1153</samla:AttributeValue>
@@ -19,9 +20,12 @@
         <mdui:DisplayName xml:lang="sv">Stipendiehantering</mdui:DisplayName>
         <mdui:Description xml:lang="sv">System för att söka och hantera stipendium vid Uppsala universitet</mdui:Description>
         <mdui:Description xml:lang="en">Scholarship management system at Uppsala university</mdui:Description>
-        <mdui:Logo height="125" width="125">https://stipendier.uu.se/stipendium/img/UU-logga_125x125.png</mdui:Logo>
+        <mdui:Logo xml:lang="en" height="125" width="125">https://stipendier.uu.se/stipendium/img/UU-logga_125x125.png</mdui:Logo>
+        <mdui:Logo xml:lang="sv" height="125" width="125">https://stipendier.uu.se/stipendium/img/UU-logga_125x125.png</mdui:Logo>
         <mdui:InformationURL xml:lang="en">http://stipendier.uu.se/stipendium/stipac/login?lang=en</mdui:InformationURL>
         <mdui:InformationURL xml:lang="sv">http://stipendier.uu.se/stipendium/stipac/login</mdui:InformationURL>
+        <mdui:PrivacyStatementURL xml:lang="sv">https://uu.se/hittastipendier/behandling-av-personuppgifter</mdui:PrivacyStatementURL>
+        <mdui:PrivacyStatementURL xml:lang="en">https://uu.se/en/findscholarships/processing-of-personal-data</mdui:PrivacyStatementURL>
       </mdui:UIInfo>
     </md:Extensions>
     <md:KeyDescriptor>
@@ -49,21 +53,25 @@
     </md:KeyDescriptor>
     <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://stipendier.uu.se:443/stipendium/saml/SingleLogout/alias/defaultAlias"/>
     <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://stipendier.uu.se:443/stipendium/saml/SingleLogout/alias/defaultAlias"/>
-    <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
-		</md:NameIDFormat>
-    <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient
-		</md:NameIDFormat>
-    <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
-		</md:NameIDFormat>
-    <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
-		</md:NameIDFormat>
-    <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName
-		</md:NameIDFormat>
+    <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>
+    <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
+    <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
+    <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>
+    <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName</md:NameIDFormat>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://stipendier.uu.se:443/stipendium/saml/SSO/alias/defaultAlias" index="0"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://stipendier.uu.se:443/stipendium/saml/SSO/alias/defaultAlias" index="1" isDefault="true"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://stipendier.uu.se:443/stipendium/saml/SSO/alias/defaultAlias" index="2"/>
     <md:AssertionConsumerService xmlns:hoksso="urn:oasis:names:tc:SAML:2.0:profiles:holder-of-key:SSO:browser" Binding="urn:oasis:names:tc:SAML:2.0:profiles:holder-of-key:SSO:browser" Location="https://stipendier.uu.se:443/stipendium/saml/HoKSSO/alias/defaultAlias" hoksso:ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" index="3"/>
     <md:AssertionConsumerService xmlns:hoksso="urn:oasis:names:tc:SAML:2.0:profiles:holder-of-key:SSO:browser" Binding="urn:oasis:names:tc:SAML:2.0:profiles:holder-of-key:SSO:browser" Location="https://stipendier.uu.se:443/stipendium/saml/HoKSSO/alias/defaultAlias" hoksso:ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" index="4"/>
+    <md:AttributeConsumingService index="0" isDefault="true">
+      <md:ServiceName xml:lang="sv">Stipendiehantering</md:ServiceName>
+      <md:ServiceName xml:lang="en">Scholarship</md:ServiceName>
+      <md:RequestedAttribute FriendlyName="eduPersonPrincipalName" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
+      <md:RequestedAttribute FriendlyName="givenName" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
+      <md:RequestedAttribute FriendlyName="mail" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
+      <md:RequestedAttribute FriendlyName="norEduPersonNIN" Name="urn:oid:1.3.6.1.4.1.2428.90.1.5" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
+      <md:RequestedAttribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
+    </md:AttributeConsumingService>
   </md:SPSSODescriptor>
   <md:Organization>
     <md:OrganizationName xml:lang="sv">Uppsala universitet</md:OrganizationName>
-- 
cgit v1.2.3