forked from crewjam/saml
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
EAC-34165 Entra compatability for SLO (#6)
- Loading branch information
1 parent
87df125
commit 2a7d918
Showing
3 changed files
with
186 additions
and
6 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,99 @@ | ||
<?xml version="1.0" encoding="UTF-8"?> | ||
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:mdalg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Name="urn:mace:shibboleth:testshib:two" entityID="https://idp.testshib.org/idp/shibboleth"> | ||
<Extensions> | ||
<mdalg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512" /> | ||
<mdalg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384" /> | ||
<mdalg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" /> | ||
<mdalg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> | ||
<mdalg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512" /> | ||
<mdalg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384" /> | ||
<mdalg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" /> | ||
<mdalg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> | ||
</Extensions> | ||
<IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:2.0:protocol"> | ||
<Extensions> | ||
<shibmd:Scope regexp="false">testshib.org</shibmd:Scope> | ||
<mdui:UIInfo> | ||
<mdui:DisplayName xml:lang="en">TestShib Test IdP</mdui:DisplayName> | ||
<mdui:Description xml:lang="en">TestShib IdP. Use this as a source of attributes | ||
for your test SP.</mdui:Description> | ||
<mdui:Logo height="88" width="253">https://www.testshib.org/testshibtwo.jpg</mdui:Logo> | ||
</mdui:UIInfo> | ||
</Extensions> | ||
<KeyDescriptor> | ||
<ds:KeyInfo> | ||
<ds:X509Data> | ||
<ds:X509Certificate>MIIC8DCCAdigAwIBAgIQXzpLPP73pKBCobXFPkIGbDANBgkqhkiG9w0BAQsFADA0MTIwMAYDVQQD | ||
EylNaWNyb3NvZnQgQXp1cmUgRmVkZXJhdGVkIFNTTyBDZXJ0aWZpY2F0ZTAeFw0yNDA0MTYxMzM5 | ||
NTBaFw0yNzA0MTYxMzM5NTBaMDQxMjAwBgNVBAMTKU1pY3Jvc29mdCBBenVyZSBGZWRlcmF0ZWQg | ||
U1NPIENlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXwYN9Nq6tzq | ||
3KmGE6Wb7gvR99ezuCCjqd0VljFtt1B57yiQf7o9JLqGWhRgSqlLgctKdqyISYCr4KsFQOwKDow+ | ||
u/2sJe4129xlI4f1vXC+uGByKvFwn4tRpIyhmYjRT4pnTSbLEJ4y2i34ZhUiic1s057AY78H5gX7 | ||
wCAS9EzWN5GE5vzSaQBlhjH8c7lfMi7NPjh3Y1QwEYhQfgGZ8cpceppYz4uaJ0JqOhz+NzHi7OBd | ||
+Srw8LmgVvaZcoC+CAVDkNCJejfwckTz8Jo5ZK5ngih3ecXkfjoUs9sSArrd7O90EmWj+rx6NFwn | ||
Z5SRLxg/Ek0hDeLL9r/zXGLk1QIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQApGAHsj1+9fV2niS2V | ||
Mhd3IxBbogu/RQ/3eKuZLmmmQFtp/cBxLIT1wNazh5mXMvd4CYITdDJSmDzxdbBOApxwk7VdudQL | ||
0VTzYO9NBrt88Lvmat+7L7M0QRw1y/iYF6oZLLNw6bkY0SwHgmoNQQVnup7kJT54/LzZJ8Fhh8mc | ||
Uc/uLzlTuWY7plmVSM7dicMhcYHGiSn2BPet9Infl0DV2O728G5cosVs0bTFX6s5g24H2ysbQSHF | ||
a3OuYpHdVZTX7fDlYC4otqC+JI1Y2x1PPx7b9wK2ezDl5u3kd+r9QViFXo6vxrVpv3Za9zl1oP8M | ||
YeO8oWPlmQrEpPq2usJ8</ds:X509Certificate> | ||
</ds:X509Data> | ||
</ds:KeyInfo> | ||
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" /> | ||
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc" /> | ||
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" /> | ||
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" /> | ||
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" /> | ||
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" /> | ||
</KeyDescriptor> | ||
<ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.testshib.org:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1" /> | ||
<ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.testshib.org:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2" /> | ||
<NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat> | ||
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> | ||
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.testshib.org/idp/profile/SAML2/POST/SLO" /> | ||
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.testshib.org/idp/profile/SAML2/Redirect/SLO" /> | ||
<SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.testshib.org/idp/profile/Shibboleth/SSO" /> | ||
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.testshib.org/idp/profile/SAML2/POST/SSO" /> | ||
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.testshib.org/idp/profile/SAML2/Redirect/SSO" /> | ||
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.testshib.org/idp/profile/SAML2/SOAP/ECP" /> | ||
</IDPSSODescriptor> | ||
<AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol"> | ||
<KeyDescriptor> | ||
<ds:KeyInfo> | ||
<ds:X509Data> | ||
<ds:X509Certificate>MIIB7zCCAVgCCQDFzbKIp7b3MTANBgkqhkiG9w0BAQUFADA8MQswCQYDVQQGEwJV | ||
UzELMAkGA1UECAwCR0ExDDAKBgNVBAoMA2ZvbzESMBAGA1UEAwwJbG9jYWxob3N0 | ||
MB4XDTEzMTAwMjAwMDg1MVoXDTE0MTAwMjAwMDg1MVowPDELMAkGA1UEBhMCVVMx | ||
CzAJBgNVBAgMAkdBMQwwCgYDVQQKDANmb28xEjAQBgNVBAMMCWxvY2FsaG9zdDCB | ||
nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1PMHYmhZj308kWLhZVT4vOulqx/9 | ||
ibm5B86fPWwUKKQ2i12MYtz07tzukPymisTDhQaqyJ8Kqb/6JjhmeMnEOdTvSPmH | ||
O8m1ZVveJU6NoKRn/mP/BD7FW52WhbrUXLSeHVSKfWkNk6S4hk9MV9TswTvyRIKv | ||
Rsw0X/gfnqkroJcCAwEAATANBgkqhkiG9w0BAQUFAAOBgQCMMlIO+GNcGekevKgk | ||
akpMdAqJfs24maGb90DvTLbRZRD7Xvn1MnVBBS9hzlXiFLYOInXACMW5gcoRFfeT | ||
QLSouMM8o57h0uKjfTmuoWHLQLi6hnF+cvCsEFiJZ4AbF+DgmO6TarJ8O05t8zvn | ||
OwJlNCASPZRH/JmF8tX0hoHuAQ==</ds:X509Certificate> | ||
</ds:X509Data> | ||
</ds:KeyInfo> | ||
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" /> | ||
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc" /> | ||
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" /> | ||
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" /> | ||
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" /> | ||
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" /> | ||
</KeyDescriptor> | ||
<AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.testshib.org:8443/idp/profile/SAML1/SOAP/AttributeQuery" /> | ||
<AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.testshib.org:8443/idp/profile/SAML2/SOAP/AttributeQuery" /> | ||
<NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat> | ||
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> | ||
</AttributeAuthorityDescriptor> | ||
<Organization> | ||
<OrganizationName xml:lang="en">TestShib Two Identity Provider</OrganizationName> | ||
<OrganizationDisplayName xml:lang="en">TestShib Two</OrganizationDisplayName> | ||
<OrganizationURL xml:lang="en">http://www.testshib.org/testshib-two/</OrganizationURL> | ||
</Organization> | ||
<ContactPerson contactType="technical"> | ||
<GivenName>Nate</GivenName> | ||
<SurName>Klingenstein</SurName> | ||
<EmailAddress>[email protected]</EmailAddress> | ||
</ContactPerson> | ||
</EntityDescriptor> |