rack-saml 0.0.3 → 0.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/bin/conv_metadata.rb +3 -2
- data/lib/rack-saml/version.rb +1 -1
- data/rack-saml.gemspec +2 -1
- data/spec/fixtures/config_idp.yml +13 -0
- data/spec/fixtures/config_sp.yml +13 -0
- data/spec/fixtures/conv_metadata_test.rb +20 -0
- data/spec/fixtures/idp_cert.pem +22 -0
- data/spec/fixtures/idp_key.pem +27 -0
- data/spec/fixtures/metadata-with-newline.xml +169 -0
- data/spec/fixtures/metadata-without-newline.xml +112 -0
- data/spec/fixtures/metadata.xml +109 -0
- data/spec/fixtures/sp_cert.pem +22 -0
- data/spec/fixtures/sp_key.pem +27 -0
- data/spec/fixtures/test.pem +3 -0
- data/spec/fixtures/test.yml +18 -0
- data/spec/fixtures/test2.pem +20 -0
- metadata +43 -6
data/bin/conv_metadata.rb
CHANGED
|
@@ -32,7 +32,8 @@ def create_entity_hash(elem, list_type)
|
|
|
32
32
|
puts "specified metadata has an IdP without certificate!"
|
|
33
33
|
exit 1
|
|
34
34
|
end
|
|
35
|
-
|
|
35
|
+
# Cert must be split to 64 char lines (else OpenSSL gives "nested asn1" error)
|
|
36
|
+
certificate = "-----BEGIN CERTIFICATE-----\n#{cert_elem.text.gsub(/\s+/, "").scan(/.{1,64}/).join("\n")}\n-----END CERTIFICATE-----"
|
|
36
37
|
saml2_http_redirect = nil
|
|
37
38
|
idp_elem.elements.find_all {|el| el.has_name?("SingleSignOnService")}.each do |e|
|
|
38
39
|
if e.attributes["Binding"] == "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
|
|
@@ -47,7 +48,7 @@ def create_entity_hash(elem, list_type)
|
|
|
47
48
|
# the first certificate is used
|
|
48
49
|
# permit a SP without a certificate
|
|
49
50
|
cert_elem = REXML::XPath.first(sp_elem, './/ds:X509Certificate', 'ds' => DS)
|
|
50
|
-
certificate = cert_elem.nil? ? "" : "-----BEGIN CERTIFICATE-----\n#{cert_elem.text.gsub(/\s
|
|
51
|
+
certificate = cert_elem.nil? ? "" : "-----BEGIN CERTIFICATE-----\n#{cert_elem.text.gsub(/\s+/, "").scan(/.{1,64}/).join("\n")}\n-----END CERTIFICATE-----"
|
|
51
52
|
saml2_http_post = nil
|
|
52
53
|
sp_elem.elements.find_all {|el| el.has_name?("AssertionConsumerService")}.each do |e|
|
|
53
54
|
if e.attributes["Binding"] == "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
|
data/lib/rack-saml/version.rb
CHANGED
data/rack-saml.gemspec
CHANGED
|
@@ -2,7 +2,8 @@
|
|
|
2
2
|
require File.expand_path('../lib/rack-saml/version', __FILE__)
|
|
3
3
|
|
|
4
4
|
Gem::Specification.new do |gem|
|
|
5
|
-
gem.add_dependency 'ruby-saml', '~> 0.
|
|
5
|
+
gem.add_dependency 'ruby-saml', '~> 0.5.2'
|
|
6
|
+
gem.add_development_dependency 'rspec'
|
|
6
7
|
|
|
7
8
|
gem.authors = ["Toyokazu Akiyama"]
|
|
8
9
|
gem.email = ["toyokazu@gmail.com"]
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
#!/usr/bin/env ruby
|
|
2
|
+
|
|
3
|
+
require 'yaml'
|
|
4
|
+
require 'openssl'
|
|
5
|
+
|
|
6
|
+
path = File.expand_path("../", __FILE__)
|
|
7
|
+
system("/usr/bin/env ruby #{ENV["HOME"]}/.rvm/gems/ruby-1.9.3-p125@rack-saml/gems/rack-saml-0.0.3/bin/conv_metadata.rb #{path}/metadata-without-newline.xml > test.yml")
|
|
8
|
+
#system("/usr/bin/env ruby #{ENV["HOME"]}/Documents/devel/projects/rack-saml/bin/conv_metadata.rb #{path}/metadata-without-newline.xml > test.yml")
|
|
9
|
+
#system("/usr/bin/env ruby #{ENV["HOME"]}/Documents/devel/projects/rack-saml/bin/conv_metadata.rb #{path}/metadata-with-newline.xml > test.yml")
|
|
10
|
+
yaml = YAML.load_file("test.yml")
|
|
11
|
+
f = open("test.pem", "w")
|
|
12
|
+
f.puts yaml["idp_lists"]["https://idp.example.com/idp/shibboleth"]["certificate"]
|
|
13
|
+
f.close
|
|
14
|
+
exit 1
|
|
15
|
+
#begin
|
|
16
|
+
puts OpenSSL::X509::Certificate.new(yaml["idp_lists"]["https://idp.example.com/idp/shibboleth"]["certificate"])
|
|
17
|
+
puts OpenSSL::X509::Certificate.new(yaml["sp_lists"]["https://sp.example.com/shibboleth"]["certificate"])
|
|
18
|
+
#rescue OpenSSL::X509::CertificateError => error
|
|
19
|
+
# puts error.class, "#{error.message}", error.backtrace
|
|
20
|
+
#end
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
|
2
|
+
MIIDozCCAougAwIBAgIJAMbCieMzcImnMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNV
|
|
3
|
+
BAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZp
|
|
4
|
+
Y2F0ZTERMA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNv
|
|
5
|
+
bTAeFw0xMjA0MTQxNjA2NDZaFw0yMjA0MTIxNjA2NDZaMGgxCzAJBgNVBAYTAkpQ
|
|
6
|
+
MREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZpY2F0ZTER
|
|
7
|
+
MA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNvbTCCASIw
|
|
8
|
+
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJreMenBePWcMDu9f6uWunv7q2pK
|
|
9
|
+
G52ieHpcI8E8ZVgfFXd6IYpfMH9fKSqhWBBMZNTU6bnVGsUZPyVZIrjsGqTmwS8Y
|
|
10
|
+
5LC5tcssyW6t/uN2o5tdI2Glpn6agKrezFWWLUUW+k1KugwbUwiXaDY/krVmbZ6R
|
|
11
|
+
keDfxuJA0mlr4kFtKHcGxMCUccH7vm8KhW6527ysfNIUtsUl9Xgv4rCs1kgjxfr3
|
|
12
|
+
I7Qg9YVnIKXjgOf0ftjiQxkjsIZlQoxJLin/51/SK0pES+G5JBIvCoV2e2bKjGsV
|
|
13
|
+
jUOUydz1k1wl6ML+E/RC6AYlffcwEVTJbM/9uh5K0/rE1fvf+qYxf7j/EPECAwEA
|
|
14
|
+
AaNQME4wHQYDVR0OBBYEFAZC1/xzhUSDNwKsGx+9lxJwlN2+MB8GA1UdIwQYMBaA
|
|
15
|
+
FAZC1/xzhUSDNwKsGx+9lxJwlN2+MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF
|
|
16
|
+
BQADggEBAA5ltSOo4jVR+clk0ih0D1u9DKUQ7CTXkb6bwEv0ZE0UCOG5eNhRtK3U
|
|
17
|
+
t3GKne14cg3XzD92s1vBlMe54GG0MjW3WFRqyF6cypasun1RohL5gJ0I27Kk2hyU
|
|
18
|
+
jSq2HFtHFDqZ/B1fFiTbJiegMxDh1jw2cfMMGqXI2tsiehUaiN+XUEzJd1tMEexV
|
|
19
|
+
qNyFxwM0nJf9hyBFT8OMT/z6peYOndZuV2pSkBzhJTmQwwG86BFPCaXrfbMHQtjS
|
|
20
|
+
hVwA6C/o0oKqRuldxaeaocXzTWsg4hgEQoqb9INtvfWYMvi/UAxsG0U4O3RmkOv+
|
|
21
|
+
cG33bFZvTYFsna0pcxr5GPetpd4cFXQ=
|
|
22
|
+
-----END CERTIFICATE-----
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
-----BEGIN RSA PRIVATE KEY-----
|
|
2
|
+
MIIEpAIBAAKCAQEAmt4x6cF49ZwwO71/q5a6e/urakobnaJ4elwjwTxlWB8Vd3oh
|
|
3
|
+
il8wf18pKqFYEExk1NTpudUaxRk/JVkiuOwapObBLxjksLm1yyzJbq3+43ajm10j
|
|
4
|
+
YaWmfpqAqt7MVZYtRRb6TUq6DBtTCJdoNj+StWZtnpGR4N/G4kDSaWviQW0odwbE
|
|
5
|
+
wJRxwfu+bwqFbrnbvKx80hS2xSX1eC/isKzWSCPF+vcjtCD1hWcgpeOA5/R+2OJD
|
|
6
|
+
GSOwhmVCjEkuKf/nX9IrSkRL4bkkEi8KhXZ7ZsqMaxWNQ5TJ3PWTXCXowv4T9ELo
|
|
7
|
+
BiV99zARVMlsz/26HkrT+sTV+9/6pjF/uP8Q8QIDAQABAoIBAAq0ZRrVRrkjbKoU
|
|
8
|
+
dSi1KHq9cKHOMY551n4OtGH8/LxUmbVCeeMIpV+Igl3x/RZTUXzsoqM3ubv5/MVm
|
|
9
|
+
HeJOX6EaWiwZOmWE0K4UkG/YExBB+RkaHQH440NJBq/I6rLXyJVH+1EwYx/HG7wy
|
|
10
|
+
Sv/E8S0cwWL+iOjUTvkApgqnbGI9P9A1kT8+YL8v+xa7hd9C+5MMrgrI3/vDRy9S
|
|
11
|
+
CyzogGKU1t+x3RnUw8HoU7t7sjmieFFjyXr27QZmcwpmd5DCe6+mazgZkgHpQdtI
|
|
12
|
+
51bRa/ijifjn/U2pP2l3Zi+dgo/eNPfxB4FzWjcaiVSnz0ijA7t3ZP7sIXOJ4oEK
|
|
13
|
+
xZ7q4IkCgYEAy7PXymkHoJDj9koscoqcLkKzKIUsQqrzf5d7LbUSDEEBv6HplKAq
|
|
14
|
+
PDcffUOwTZpdvarhgMNnPW4j5VpPUanEFlHD+foyI5CCmBsCuwRLcRk5mfEPOF+9
|
|
15
|
+
fyxuWHIuB1qzPogZOsc9omBO9IbyJtdoQuHQpOC4fvHaTonWXRa2Dy8CgYEAwqC/
|
|
16
|
+
AGZDsOQx/OLTpDIq2q8xqq5lajuxrBh4b98HGzsq/AhP2/Ole455DNiRl5fraZgD
|
|
17
|
+
iRomPawe7FlWF1E2erJjBlWQgzfS/EfxRtFCZERTbWwDCsQMzfvBru67g/ixo3UX
|
|
18
|
+
gtWhsEZ6AoPbzDf5Ps9YXRWwiwyL1Gh2VjDH2d8CgYAnWynYC47TsOq6TP5lau5d
|
|
19
|
+
6bkfnQs+HjVJc4TzAcbo4y5pTekJNCC03ZmR5CAN/kMaQAetjxNFRSBeUaJ9jqU6
|
|
20
|
+
ArYwd+xz/pmctatDYsMIqOz+Fxrvs1+zUGxJXlYSSa3T6Qum1ZPM6XqXt/LVGk0k
|
|
21
|
+
juh20owSyrt47Ryjg53NNQKBgQCOZWd5VljeOgbsu9QWxPGfsCBJfXELqYMTo4+y
|
|
22
|
+
Yd3kKYUIgthS189SN+oO4QCchfUh+6tSiwRBiQXS7IXVZ4DRgmR7BO1HY/eExuob
|
|
23
|
+
Yw0NKQRVAXq0TL4FktWhNF+TbcgiDJBYFA9JVjb8UhblMmq0bqV67VyOT26ayJcT
|
|
24
|
+
9nqxxwKBgQC1otwxHZzhUwskLyOGU4H3mQ2tRNtxoUp92M29a1p9kyUHMMIrBRRW
|
|
25
|
+
Dn+m3BoiBpvMW6gA3mEIJtW0eeyDyj3PStEuPxZ9V5CKS+Dm0MdSx8elQwRTMcWA
|
|
26
|
+
KUpaH4KB1ZKF0EbgAeDBK0XfGAO5t41wpYC3JfA0V2sOFf0j5c082g==
|
|
27
|
+
-----END RSA PRIVATE KEY-----
|
|
@@ -0,0 +1,169 @@
|
|
|
1
|
+
<EntitiesDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" Name="Test">
|
|
2
|
+
<EntityDescriptor ID="PI0030JP" xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" entityID="https://idp.example.com/idp/shibboleth">
|
|
3
|
+
<IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
|
|
4
|
+
|
|
5
|
+
<Extensions>
|
|
6
|
+
<shibmd:Scope regexp="false">example.com</shibmd:Scope>
|
|
7
|
+
</Extensions>
|
|
8
|
+
|
|
9
|
+
<KeyDescriptor>
|
|
10
|
+
<ds:KeyInfo>
|
|
11
|
+
<ds:X509Data>
|
|
12
|
+
<ds:X509Certificate>
|
|
13
|
+
MIIDozCCAougAwIBAgIJAM4RrKvcNVYiMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNV
|
|
14
|
+
BAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZp
|
|
15
|
+
Y2F0ZTERMA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNv
|
|
16
|
+
bTAeFw0xMjA0MTMwMzMxMjNaFw0xMjA1MTMwMzMxMjNaMGgxCzAJBgNVBAYTAkpQ
|
|
17
|
+
MREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZpY2F0ZTER
|
|
18
|
+
MA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNvbTCCASIw
|
|
19
|
+
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPQTaONZxbLElsl5wr7UdV6YpsV2
|
|
20
|
+
1wTe5GOUja7D+mcct8TJLcFu7m/OaK3qlsGYL0IdrTOHbhjgJlWzb03eIbFxFDuo
|
|
21
|
+
rDBnDVSoi2k917DJyBx4lUng+28EAqCUhuXv41XbX30ILL7CO1DxQ6UBhOYgGTx0
|
|
22
|
+
SbNhOQsdWojJlDuRA9IG2s2dg9KWkT9j9t29OftR8Y6OVmui6MdLOgXHT3NARFN9
|
|
23
|
+
sHYFbOntFZjRbp70c+wzIOZVF0bmq4UFyLp8xQVdKlNz6oo/QAVgTA9NMG3hhrY3
|
|
24
|
+
6hsFuAHBCbAadKhQMIit3KWbBSb1TyprO3iW/lftIti9XAaX/L+RSH4FvqsCAwEA
|
|
25
|
+
AaNQME4wHQYDVR0OBBYEFAQBsI28WO2nZomTF4wO183+mJ13MB8GA1UdIwQYMBaA
|
|
26
|
+
FAQBsI28WO2nZomTF4wO183+mJ13MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF
|
|
27
|
+
BQADggEBAEkmE0x1kqejIDD/f/xc17hnqw3NnrO++gmV2qI32dXRD/fwuf4mP4DS
|
|
28
|
+
Cin1B/8+OYLyJqMYR4eYPFlusM4FnbsETzcdjXWBBzYqdyNAyj1VLeDarAIM2oFr
|
|
29
|
+
c3p4EMzciK45e4tj7Td5Od//5LOQZPn3uFaFcEiK8fT8Zv9QZMJhw2ZuY7+dGhJu
|
|
30
|
+
IU1ECYI3U2UM0o70uuAsI4vLleB40t/CfL0c2l6/dCkouNa5I1r9P1kgIIrAUMtj
|
|
31
|
+
xBgAziCRHiU9WXEYXW6lKEFD5O2ZaElQPQf1CCCRCxPIgk8VupTE00cUTD6LzaNg
|
|
32
|
+
ugi1RlXP1NCK8NmORZQLEg7n38vHCiI=
|
|
33
|
+
</ds:X509Certificate>
|
|
34
|
+
</ds:X509Data>
|
|
35
|
+
</ds:KeyInfo>
|
|
36
|
+
</KeyDescriptor>
|
|
37
|
+
|
|
38
|
+
<ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.example.com:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
|
|
39
|
+
|
|
40
|
+
<ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.example.com:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
|
|
41
|
+
|
|
42
|
+
<NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
|
|
43
|
+
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
|
|
44
|
+
|
|
45
|
+
<SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.example.com/idp/profile/Shibboleth/SSO"/>
|
|
46
|
+
|
|
47
|
+
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.example.com/idp/profile/SAML2/POST/SSO"/>
|
|
48
|
+
|
|
49
|
+
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.example.com/idp/profile/SAML2/POST-SimpleSign/SSO"/>
|
|
50
|
+
|
|
51
|
+
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.example.com/idp/profile/SAML2/Redirect/SSO"/>
|
|
52
|
+
</IDPSSODescriptor>
|
|
53
|
+
|
|
54
|
+
<AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
|
|
55
|
+
|
|
56
|
+
<Extensions>
|
|
57
|
+
<shibmd:Scope regexp="false">ac.jp</shibmd:Scope>
|
|
58
|
+
</Extensions>
|
|
59
|
+
|
|
60
|
+
<KeyDescriptor>
|
|
61
|
+
<ds:KeyInfo>
|
|
62
|
+
<ds:X509Data>
|
|
63
|
+
<ds:X509Certificate>
|
|
64
|
+
MIIDozCCAougAwIBAgIJAM4RrKvcNVYiMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNV
|
|
65
|
+
BAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZp
|
|
66
|
+
Y2F0ZTERMA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNv
|
|
67
|
+
bTAeFw0xMjA0MTMwMzMxMjNaFw0xMjA1MTMwMzMxMjNaMGgxCzAJBgNVBAYTAkpQ
|
|
68
|
+
MREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZpY2F0ZTER
|
|
69
|
+
MA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNvbTCCASIw
|
|
70
|
+
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPQTaONZxbLElsl5wr7UdV6YpsV2
|
|
71
|
+
1wTe5GOUja7D+mcct8TJLcFu7m/OaK3qlsGYL0IdrTOHbhjgJlWzb03eIbFxFDuo
|
|
72
|
+
rDBnDVSoi2k917DJyBx4lUng+28EAqCUhuXv41XbX30ILL7CO1DxQ6UBhOYgGTx0
|
|
73
|
+
SbNhOQsdWojJlDuRA9IG2s2dg9KWkT9j9t29OftR8Y6OVmui6MdLOgXHT3NARFN9
|
|
74
|
+
sHYFbOntFZjRbp70c+wzIOZVF0bmq4UFyLp8xQVdKlNz6oo/QAVgTA9NMG3hhrY3
|
|
75
|
+
6hsFuAHBCbAadKhQMIit3KWbBSb1TyprO3iW/lftIti9XAaX/L+RSH4FvqsCAwEA
|
|
76
|
+
AaNQME4wHQYDVR0OBBYEFAQBsI28WO2nZomTF4wO183+mJ13MB8GA1UdIwQYMBaA
|
|
77
|
+
FAQBsI28WO2nZomTF4wO183+mJ13MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF
|
|
78
|
+
BQADggEBAEkmE0x1kqejIDD/f/xc17hnqw3NnrO++gmV2qI32dXRD/fwuf4mP4DS
|
|
79
|
+
Cin1B/8+OYLyJqMYR4eYPFlusM4FnbsETzcdjXWBBzYqdyNAyj1VLeDarAIM2oFr
|
|
80
|
+
c3p4EMzciK45e4tj7Td5Od//5LOQZPn3uFaFcEiK8fT8Zv9QZMJhw2ZuY7+dGhJu
|
|
81
|
+
IU1ECYI3U2UM0o70uuAsI4vLleB40t/CfL0c2l6/dCkouNa5I1r9P1kgIIrAUMtj
|
|
82
|
+
xBgAziCRHiU9WXEYXW6lKEFD5O2ZaElQPQf1CCCRCxPIgk8VupTE00cUTD6LzaNg
|
|
83
|
+
ugi1RlXP1NCK8NmORZQLEg7n38vHCiI=
|
|
84
|
+
</ds:X509Certificate>
|
|
85
|
+
</ds:X509Data>
|
|
86
|
+
</ds:KeyInfo>
|
|
87
|
+
</KeyDescriptor>
|
|
88
|
+
|
|
89
|
+
<AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.example.com:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
|
|
90
|
+
|
|
91
|
+
<AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.example.com:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
|
|
92
|
+
|
|
93
|
+
<NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
|
|
94
|
+
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
|
|
95
|
+
|
|
96
|
+
</AttributeAuthorityDescriptor>
|
|
97
|
+
<Organization>
|
|
98
|
+
<OrganizationName xml:lang="en">Local IdP</OrganizationName>
|
|
99
|
+
<OrganizationName xml:lang="ja">ローカルIdP</OrganizationName>
|
|
100
|
+
<OrganizationDisplayName xml:lang="en">Local IdP</OrganizationDisplayName>
|
|
101
|
+
<OrganizationDisplayName xml:lang="ja">ローカルIdP</OrganizationDisplayName>
|
|
102
|
+
<OrganizationURL xml:lang="en">http://www.example.com/</OrganizationURL>
|
|
103
|
+
</Organization>
|
|
104
|
+
<ContactPerson contactType="technical">
|
|
105
|
+
<GivenName>User</GivenName>
|
|
106
|
+
<SurName>Test</SurName>
|
|
107
|
+
<EmailAddress>test@example.com</EmailAddress>
|
|
108
|
+
</ContactPerson>
|
|
109
|
+
|
|
110
|
+
</EntityDescriptor>
|
|
111
|
+
|
|
112
|
+
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="_cebe60aa72b70c850c1ecc6caca16d74ed0bc858" entityID="https://sp.example.com/shibboleth">
|
|
113
|
+
|
|
114
|
+
<md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
|
|
115
|
+
<md:Extensions>
|
|
116
|
+
<init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://sp.example.com/Shibboleth.sso/Login"/>
|
|
117
|
+
<init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://sp.example.com/Shibboleth.sso/DS"/>
|
|
118
|
+
<idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://sp.example.com/Shibboleth.sso/DS" index="1"/>
|
|
119
|
+
</md:Extensions>
|
|
120
|
+
<md:KeyDescriptor>
|
|
121
|
+
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
|
122
|
+
<ds:KeyName>sp.example.com</ds:KeyName>
|
|
123
|
+
<ds:X509Data>
|
|
124
|
+
<ds:X509SubjectName>CN=sp.example.com,OU=Test SP,O=Test Certificate</ds:X509SubjectName>
|
|
125
|
+
<ds:X509Certificate>
|
|
126
|
+
MIIDnzCCAoegAwIBAgIJAOibZtWndr86MA0GCSqGSIb3DQEBBQUAMGYxCzAJBgNV
|
|
127
|
+
BAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZp
|
|
128
|
+
Y2F0ZTEQMA4GA1UECwwHVGVzdCBTUDEXMBUGA1UEAwwOc3AuZXhhbXBsZS5jb20w
|
|
129
|
+
HhcNMTIwNDEzMDMzMjI1WhcNMTIwNTEzMDMzMjI1WjBmMQswCQYDVQQGEwJKUDER
|
|
130
|
+
MA8GA1UEBwwIQWNhZGVtZTIxGTAXBgNVBAoMEFRlc3QgQ2VydGlmaWNhdGUxEDAO
|
|
131
|
+
BgNVBAsMB1Rlc3QgU1AxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIIBIjANBgkq
|
|
132
|
+
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA34MFSNC1wGMrBp/OyzoNFwiDIpmri3BS
|
|
133
|
+
NbPbmeFKhJfukwAwyYRxhGAz/OQAxruS0DriQ73RcSe6f0WEW+URKkdgx+MiUHgh
|
|
134
|
+
yqNtVjlhNhRSL19kVdddBkFtNSh0/2iA384x0PcXIpfEB9jonX25LGQN9GJWPHam
|
|
135
|
+
ievkj4MwI0cwU4mC9Su8kD2BSccoNpb68pwEI+JizFXTSe9IcA1tJvvxmkecVCTZ
|
|
136
|
+
hS2ztbSm24PUlu7igWruVH/jqtj3YeJMZvKgj6NiwdXOL6+hVuJKO/eNB96yztH3
|
|
137
|
+
v4KSb3JEE2/2w6K5FSX8qsKDZ/VAq7FRXOwRKYdaX2pNMgWtvr0T/wIDAQABo1Aw
|
|
138
|
+
TjAdBgNVHQ4EFgQUhxf8wd5vCyK8bdWCB2ZkmJwW5F4wHwYDVR0jBBgwFoAUhxf8
|
|
139
|
+
wd5vCyK8bdWCB2ZkmJwW5F4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOC
|
|
140
|
+
AQEAzdQxcUNXP4izy2Yoz2yUlmt5jjQX89uRxrGv6Hf11D3vxiZz4Srxzi8v2Pz7
|
|
141
|
+
7A3Q7qqrIlV6uXj0WvojnalNl2ExY/a1WRz4tO8aI6WsQ7T97UZ2tlJEvR65htIb
|
|
142
|
+
M27x3j7Ui6xlNcGsm6hlMsm7jUF9oPC2xrSc+sk1ggANkKTpZ/Ui2dkKutLTPMa5
|
|
143
|
+
KUGkZGOUMrv0xxkUC6zp4bQb6t++4YL4pkY7s+PVOYjZmM1ARM2QP/O6ZeSLe4LQ
|
|
144
|
+
NQS8WfRq0dmNk/QKOqTLIH7ppDar6i7oc1m+sJ+zskhTZnYWzUk6STa6uAfWJ3Z7
|
|
145
|
+
ILRuorZXobhI0ENI4hv2yYEsWQ==
|
|
146
|
+
</ds:X509Certificate>
|
|
147
|
+
</ds:X509Data>
|
|
148
|
+
</ds:KeyInfo>
|
|
149
|
+
</md:KeyDescriptor>
|
|
150
|
+
<md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.example.com/Shibboleth.sso/Artifact/SOAP" index="1"/>
|
|
151
|
+
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.example.com/Shibboleth.sso/SLO/SOAP"/>
|
|
152
|
+
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sp.example.com/Shibboleth.sso/SLO/Redirect"/>
|
|
153
|
+
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.example.com/Shibboleth.sso/SLO/POST"/>
|
|
154
|
+
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.example.com/Shibboleth.sso/SLO/Artifact"/>
|
|
155
|
+
<md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.example.com/Shibboleth.sso/NIM/SOAP"/>
|
|
156
|
+
<md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sp.example.com/Shibboleth.sso/NIM/Redirect"/>
|
|
157
|
+
<md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.example.com/Shibboleth.sso/NIM/POST"/>
|
|
158
|
+
<md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.example.com/Shibboleth.sso/NIM/Artifact"/>
|
|
159
|
+
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.example.com/Shibboleth.sso/SAML2/POST" index="1"/>
|
|
160
|
+
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://sp.example.com/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
|
|
161
|
+
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.example.com/Shibboleth.sso/SAML2/Artifact" index="3"/>
|
|
162
|
+
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://sp.example.com/Shibboleth.sso/SAML2/ECP" index="4"/>
|
|
163
|
+
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sp.example.com/Shibboleth.sso/SAML/POST" index="5"/>
|
|
164
|
+
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://sp.example.com/Shibboleth.sso/SAML/Artifact" index="6"/>
|
|
165
|
+
</md:SPSSODescriptor>
|
|
166
|
+
|
|
167
|
+
</md:EntityDescriptor>
|
|
168
|
+
|
|
169
|
+
</EntitiesDescriptor>
|
|
@@ -0,0 +1,112 @@
|
|
|
1
|
+
<EntitiesDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" Name="Test">
|
|
2
|
+
<EntityDescriptor ID="PI0030JP" xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" entityID="https://idp.example.com/idp/shibboleth">
|
|
3
|
+
<IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
|
|
4
|
+
|
|
5
|
+
<Extensions>
|
|
6
|
+
<shibmd:Scope regexp="false">example.com</shibmd:Scope>
|
|
7
|
+
</Extensions>
|
|
8
|
+
|
|
9
|
+
<KeyDescriptor>
|
|
10
|
+
<ds:KeyInfo>
|
|
11
|
+
<ds:X509Data>
|
|
12
|
+
<ds:X509Certificate>
|
|
13
|
+
MIIDozCCAougAwIBAgIJAM4RrKvcNVYiMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNVBAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZpY2F0ZTERMA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNvbTAeFw0xMjA0MTMwMzMxMjNaFw0xMjA1MTMwMzMxMjNaMGgxCzAJBgNVBAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZpY2F0ZTERMA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPQTaONZxbLElsl5wr7UdV6YpsV21wTe5GOUja7D+mcct8TJLcFu7m/OaK3qlsGYL0IdrTOHbhjgJlWzb03eIbFxFDuorDBnDVSoi2k917DJyBx4lUng+28EAqCUhuXv41XbX30ILL7CO1DxQ6UBhOYgGTx0SbNhOQsdWojJlDuRA9IG2s2dg9KWkT9j9t29OftR8Y6OVmui6MdLOgXHT3NARFN9sHYFbOntFZjRbp70c+wzIOZVF0bmq4UFyLp8xQVdKlNz6oo/QAVgTA9NMG3hhrY36hsFuAHBCbAadKhQMIit3KWbBSb1TyprO3iW/lftIti9XAaX/L+RSH4FvqsCAwEAAaNQME4wHQYDVR0OBBYEFAQBsI28WO2nZomTF4wO183+mJ13MB8GA1UdIwQYMBaAFAQBsI28WO2nZomTF4wO183+mJ13MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAEkmE0x1kqejIDD/f/xc17hnqw3NnrO++gmV2qI32dXRD/fwuf4mP4DSCin1B/8+OYLyJqMYR4eYPFlusM4FnbsETzcdjXWBBzYqdyNAyj1VLeDarAIM2oFrc3p4EMzciK45e4tj7Td5Od//5LOQZPn3uFaFcEiK8fT8Zv9QZMJhw2ZuY7+dGhJuIU1ECYI3U2UM0o70uuAsI4vLleB40t/CfL0c2l6/dCkouNa5I1r9P1kgIIrAUMtjxBgAziCRHiU9WXEYXW6lKEFD5O2ZaElQPQf1CCCRCxPIgk8VupTE00cUTD6LzaNgugi1RlXP1NCK8NmORZQLEg7n38vHCiI=
|
|
14
|
+
</ds:X509Certificate>
|
|
15
|
+
</ds:X509Data>
|
|
16
|
+
</ds:KeyInfo>
|
|
17
|
+
</KeyDescriptor>
|
|
18
|
+
|
|
19
|
+
<ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.example.com:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
|
|
20
|
+
|
|
21
|
+
<ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.example.com:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
|
|
22
|
+
|
|
23
|
+
<NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
|
|
24
|
+
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
|
|
25
|
+
|
|
26
|
+
<SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.example.com/idp/profile/Shibboleth/SSO"/>
|
|
27
|
+
|
|
28
|
+
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.example.com/idp/profile/SAML2/POST/SSO"/>
|
|
29
|
+
|
|
30
|
+
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.example.com/idp/profile/SAML2/POST-SimpleSign/SSO"/>
|
|
31
|
+
|
|
32
|
+
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.example.com/idp/profile/SAML2/Redirect/SSO"/>
|
|
33
|
+
</IDPSSODescriptor>
|
|
34
|
+
|
|
35
|
+
<AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
|
|
36
|
+
|
|
37
|
+
<Extensions>
|
|
38
|
+
<shibmd:Scope regexp="false">example.com</shibmd:Scope>
|
|
39
|
+
</Extensions>
|
|
40
|
+
|
|
41
|
+
<KeyDescriptor>
|
|
42
|
+
<ds:KeyInfo>
|
|
43
|
+
<ds:X509Data>
|
|
44
|
+
<ds:X509Certificate>
|
|
45
|
+
MIIDozCCAougAwIBAgIJAM4RrKvcNVYiMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNVBAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZpY2F0ZTERMA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNvbTAeFw0xMjA0MTMwMzMxMjNaFw0xMjA1MTMwMzMxMjNaMGgxCzAJBgNVBAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZpY2F0ZTERMA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPQTaONZxbLElsl5wr7UdV6YpsV21wTe5GOUja7D+mcct8TJLcFu7m/OaK3qlsGYL0IdrTOHbhjgJlWzb03eIbFxFDuorDBnDVSoi2k917DJyBx4lUng+28EAqCUhuXv41XbX30ILL7CO1DxQ6UBhOYgGTx0SbNhOQsdWojJlDuRA9IG2s2dg9KWkT9j9t29OftR8Y6OVmui6MdLOgXHT3NARFN9sHYFbOntFZjRbp70c+wzIOZVF0bmq4UFyLp8xQVdKlNz6oo/QAVgTA9NMG3hhrY36hsFuAHBCbAadKhQMIit3KWbBSb1TyprO3iW/lftIti9XAaX/L+RSH4FvqsCAwEAAaNQME4wHQYDVR0OBBYEFAQBsI28WO2nZomTF4wO183+mJ13MB8GA1UdIwQYMBaAFAQBsI28WO2nZomTF4wO183+mJ13MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAEkmE0x1kqejIDD/f/xc17hnqw3NnrO++gmV2qI32dXRD/fwuf4mP4DSCin1B/8+OYLyJqMYR4eYPFlusM4FnbsETzcdjXWBBzYqdyNAyj1VLeDarAIM2oFrc3p4EMzciK45e4tj7Td5Od//5LOQZPn3uFaFcEiK8fT8Zv9QZMJhw2ZuY7+dGhJuIU1ECYI3U2UM0o70uuAsI4vLleB40t/CfL0c2l6/dCkouNa5I1r9P1kgIIrAUMtjxBgAziCRHiU9WXEYXW6lKEFD5O2ZaElQPQf1CCCRCxPIgk8VupTE00cUTD6LzaNgugi1RlXP1NCK8NmORZQLEg7n38vHCiI=
|
|
46
|
+
</ds:X509Certificate>
|
|
47
|
+
</ds:X509Data>
|
|
48
|
+
</ds:KeyInfo>
|
|
49
|
+
</KeyDescriptor>
|
|
50
|
+
|
|
51
|
+
<AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.example.com:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
|
|
52
|
+
|
|
53
|
+
<AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.example.com:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
|
|
54
|
+
|
|
55
|
+
<NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
|
|
56
|
+
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
|
|
57
|
+
|
|
58
|
+
</AttributeAuthorityDescriptor>
|
|
59
|
+
<Organization>
|
|
60
|
+
<OrganizationName xml:lang="en">Local IdP</OrganizationName>
|
|
61
|
+
<OrganizationName xml:lang="ja">ローカルIdP</OrganizationName>
|
|
62
|
+
<OrganizationDisplayName xml:lang="en">Local IdP</OrganizationDisplayName>
|
|
63
|
+
<OrganizationDisplayName xml:lang="ja">ローカルIdP</OrganizationDisplayName>
|
|
64
|
+
<OrganizationURL xml:lang="en">http://www.example.com/</OrganizationURL>
|
|
65
|
+
</Organization>
|
|
66
|
+
<ContactPerson contactType="technical">
|
|
67
|
+
<GivenName>User</GivenName>
|
|
68
|
+
<SurName>Test</SurName>
|
|
69
|
+
<EmailAddress>test@example.com</EmailAddress>
|
|
70
|
+
</ContactPerson>
|
|
71
|
+
|
|
72
|
+
</EntityDescriptor>
|
|
73
|
+
|
|
74
|
+
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="_cebe60aa72b70c850c1ecc6caca16d74ed0bc858" entityID="https://sp.example.com/shibboleth">
|
|
75
|
+
|
|
76
|
+
<md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
|
|
77
|
+
<md:Extensions>
|
|
78
|
+
<init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://sp.example.com/Shibboleth.sso/Login"/>
|
|
79
|
+
<init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://sp.example.com/Shibboleth.sso/DS"/>
|
|
80
|
+
<idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://sp.example.com/Shibboleth.sso/DS" index="1"/>
|
|
81
|
+
</md:Extensions>
|
|
82
|
+
<md:KeyDescriptor>
|
|
83
|
+
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
|
84
|
+
<ds:KeyName>sp.example.com</ds:KeyName>
|
|
85
|
+
<ds:X509Data>
|
|
86
|
+
<ds:X509SubjectName>CN=sp.example.com,OU=Test SP,O=Test Certificate</ds:X509SubjectName>
|
|
87
|
+
<ds:X509Certificate>
|
|
88
|
+
MIIDnzCCAoegAwIBAgIJAOibZtWndr86MA0GCSqGSIb3DQEBBQUAMGYxCzAJBgNVBAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZpY2F0ZTEQMA4GA1UECwwHVGVzdCBTUDEXMBUGA1UEAwwOc3AuZXhhbXBsZS5jb20wHhcNMTIwNDEzMDMzMjI1WhcNMTIwNTEzMDMzMjI1WjBmMQswCQYDVQQGEwJKUDERMA8GA1UEBwwIQWNhZGVtZTIxGTAXBgNVBAoMEFRlc3QgQ2VydGlmaWNhdGUxEDAOBgNVBAsMB1Rlc3QgU1AxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA34MFSNC1wGMrBp/OyzoNFwiDIpmri3BSNbPbmeFKhJfukwAwyYRxhGAz/OQAxruS0DriQ73RcSe6f0WEW+URKkdgx+MiUHghyqNtVjlhNhRSL19kVdddBkFtNSh0/2iA384x0PcXIpfEB9jonX25LGQN9GJWPHamievkj4MwI0cwU4mC9Su8kD2BSccoNpb68pwEI+JizFXTSe9IcA1tJvvxmkecVCTZhS2ztbSm24PUlu7igWruVH/jqtj3YeJMZvKgj6NiwdXOL6+hVuJKO/eNB96yztH3v4KSb3JEE2/2w6K5FSX8qsKDZ/VAq7FRXOwRKYdaX2pNMgWtvr0T/wIDAQABo1AwTjAdBgNVHQ4EFgQUhxf8wd5vCyK8bdWCB2ZkmJwW5F4wHwYDVR0jBBgwFoAUhxf8wd5vCyK8bdWCB2ZkmJwW5F4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAzdQxcUNXP4izy2Yoz2yUlmt5jjQX89uRxrGv6Hf11D3vxiZz4Srxzi8v2Pz77A3Q7qqrIlV6uXj0WvojnalNl2ExY/a1WRz4tO8aI6WsQ7T97UZ2tlJEvR65htIbM27x3j7Ui6xlNcGsm6hlMsm7jUF9oPC2xrSc+sk1ggANkKTpZ/Ui2dkKutLTPMa5KUGkZGOUMrv0xxkUC6zp4bQb6t++4YL4pkY7s+PVOYjZmM1ARM2QP/O6ZeSLe4LQNQS8WfRq0dmNk/QKOqTLIH7ppDar6i7oc1m+sJ+zskhTZnYWzUk6STa6uAfWJ3Z7ILRuorZXobhI0ENI4hv2yYEsWQ==
|
|
89
|
+
</ds:X509Certificate>
|
|
90
|
+
</ds:X509Data>
|
|
91
|
+
</ds:KeyInfo>
|
|
92
|
+
</md:KeyDescriptor>
|
|
93
|
+
<md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.example.com/Shibboleth.sso/Artifact/SOAP" index="1"/>
|
|
94
|
+
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.example.com/Shibboleth.sso/SLO/SOAP"/>
|
|
95
|
+
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sp.example.com/Shibboleth.sso/SLO/Redirect"/>
|
|
96
|
+
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.example.com/Shibboleth.sso/SLO/POST"/>
|
|
97
|
+
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.example.com/Shibboleth.sso/SLO/Artifact"/>
|
|
98
|
+
<md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.example.com/Shibboleth.sso/NIM/SOAP"/>
|
|
99
|
+
<md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sp.example.com/Shibboleth.sso/NIM/Redirect"/>
|
|
100
|
+
<md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.example.com/Shibboleth.sso/NIM/POST"/>
|
|
101
|
+
<md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.example.com/Shibboleth.sso/NIM/Artifact"/>
|
|
102
|
+
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.example.com/Shibboleth.sso/SAML2/POST" index="1"/>
|
|
103
|
+
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://sp.example.com/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
|
|
104
|
+
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.example.com/Shibboleth.sso/SAML2/Artifact" index="3"/>
|
|
105
|
+
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://sp.example.com/Shibboleth.sso/SAML2/ECP" index="4"/>
|
|
106
|
+
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sp.example.com/Shibboleth.sso/SAML/POST" index="5"/>
|
|
107
|
+
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://sp.example.com/Shibboleth.sso/SAML/Artifact" index="6"/>
|
|
108
|
+
</md:SPSSODescriptor>
|
|
109
|
+
|
|
110
|
+
</md:EntityDescriptor>
|
|
111
|
+
|
|
112
|
+
</EntitiesDescriptor>
|
|
@@ -0,0 +1,109 @@
|
|
|
1
|
+
<EntitiesDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" Name="Test">
|
|
2
|
+
<EntityDescriptor ID="PI0030JP" xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" entityID="https://idp.example.com/idp/shibboleth">
|
|
3
|
+
<IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
|
|
4
|
+
|
|
5
|
+
<Extensions>
|
|
6
|
+
<shibmd:Scope regexp="false">example.com</shibmd:Scope>
|
|
7
|
+
</Extensions>
|
|
8
|
+
|
|
9
|
+
<KeyDescriptor>
|
|
10
|
+
<ds:KeyInfo>
|
|
11
|
+
<ds:X509Data>
|
|
12
|
+
<ds:X509Certificate>
|
|
13
|
+
</ds:X509Certificate>
|
|
14
|
+
</ds:X509Data>
|
|
15
|
+
</ds:KeyInfo>
|
|
16
|
+
</KeyDescriptor>
|
|
17
|
+
|
|
18
|
+
<ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.example.com:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
|
|
19
|
+
|
|
20
|
+
<ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.example.com:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
|
|
21
|
+
|
|
22
|
+
<NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
|
|
23
|
+
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
|
|
24
|
+
|
|
25
|
+
<SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.example.com/idp/profile/Shibboleth/SSO"/>
|
|
26
|
+
|
|
27
|
+
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.example.com/idp/profile/SAML2/POST/SSO"/>
|
|
28
|
+
|
|
29
|
+
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.example.com/idp/profile/SAML2/POST-SimpleSign/SSO"/>
|
|
30
|
+
|
|
31
|
+
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.example.com/idp/profile/SAML2/Redirect/SSO"/>
|
|
32
|
+
</IDPSSODescriptor>
|
|
33
|
+
|
|
34
|
+
<AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
|
|
35
|
+
|
|
36
|
+
<Extensions>
|
|
37
|
+
<shibmd:Scope regexp="false">ac.jp</shibmd:Scope>
|
|
38
|
+
</Extensions>
|
|
39
|
+
|
|
40
|
+
<KeyDescriptor>
|
|
41
|
+
<ds:KeyInfo>
|
|
42
|
+
<ds:X509Data>
|
|
43
|
+
<ds:X509Certificate>
|
|
44
|
+
</ds:X509Certificate>
|
|
45
|
+
</ds:X509Data>
|
|
46
|
+
</ds:KeyInfo>
|
|
47
|
+
</KeyDescriptor>
|
|
48
|
+
|
|
49
|
+
<AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.example.com:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
|
|
50
|
+
|
|
51
|
+
<AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.example.com:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
|
|
52
|
+
|
|
53
|
+
<NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
|
|
54
|
+
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
|
|
55
|
+
|
|
56
|
+
</AttributeAuthorityDescriptor>
|
|
57
|
+
<Organization>
|
|
58
|
+
<OrganizationName xml:lang="en">Local IdP</OrganizationName>
|
|
59
|
+
<OrganizationName xml:lang="ja">ローカルIdP</OrganizationName>
|
|
60
|
+
<OrganizationDisplayName xml:lang="en">Local IdP</OrganizationDisplayName>
|
|
61
|
+
<OrganizationDisplayName xml:lang="ja">ローカルIdP</OrganizationDisplayName>
|
|
62
|
+
<OrganizationURL xml:lang="en">http://www.example.com/</OrganizationURL>
|
|
63
|
+
</Organization>
|
|
64
|
+
<ContactPerson contactType="technical">
|
|
65
|
+
<GivenName>User</GivenName>
|
|
66
|
+
<SurName>Test</SurName>
|
|
67
|
+
<EmailAddress>test@example.com</EmailAddress>
|
|
68
|
+
</ContactPerson>
|
|
69
|
+
|
|
70
|
+
</EntityDescriptor>
|
|
71
|
+
|
|
72
|
+
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="_cebe60aa72b70c850c1ecc6caca16d74ed0bc858" entityID="https://sp.example.com/shibboleth">
|
|
73
|
+
|
|
74
|
+
<md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
|
|
75
|
+
<md:Extensions>
|
|
76
|
+
<init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://sp.example.com/Shibboleth.sso/Login"/>
|
|
77
|
+
<init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://sp.example.com/Shibboleth.sso/DS"/>
|
|
78
|
+
<idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://sp.example.com/Shibboleth.sso/DS" index="1"/>
|
|
79
|
+
</md:Extensions>
|
|
80
|
+
<md:KeyDescriptor>
|
|
81
|
+
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
|
82
|
+
<ds:KeyName>sp.example.com</ds:KeyName>
|
|
83
|
+
<ds:X509Data>
|
|
84
|
+
<ds:X509SubjectName>CN=sp.example.com,OU=Test SP,O=Test Certificate</ds:X509SubjectName>
|
|
85
|
+
<ds:X509Certificate>
|
|
86
|
+
</ds:X509Certificate>
|
|
87
|
+
</ds:X509Data>
|
|
88
|
+
</ds:KeyInfo>
|
|
89
|
+
</md:KeyDescriptor>
|
|
90
|
+
<md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.example.com/Shibboleth.sso/Artifact/SOAP" index="1"/>
|
|
91
|
+
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.example.com/Shibboleth.sso/SLO/SOAP"/>
|
|
92
|
+
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sp.example.com/Shibboleth.sso/SLO/Redirect"/>
|
|
93
|
+
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.example.com/Shibboleth.sso/SLO/POST"/>
|
|
94
|
+
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.example.com/Shibboleth.sso/SLO/Artifact"/>
|
|
95
|
+
<md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.example.com/Shibboleth.sso/NIM/SOAP"/>
|
|
96
|
+
<md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sp.example.com/Shibboleth.sso/NIM/Redirect"/>
|
|
97
|
+
<md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.example.com/Shibboleth.sso/NIM/POST"/>
|
|
98
|
+
<md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.example.com/Shibboleth.sso/NIM/Artifact"/>
|
|
99
|
+
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.example.com/Shibboleth.sso/SAML2/POST" index="1"/>
|
|
100
|
+
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://sp.example.com/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
|
|
101
|
+
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.example.com/Shibboleth.sso/SAML2/Artifact" index="3"/>
|
|
102
|
+
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://sp.example.com/Shibboleth.sso/SAML2/ECP" index="4"/>
|
|
103
|
+
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sp.example.com/Shibboleth.sso/SAML/POST" index="5"/>
|
|
104
|
+
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://sp.example.com/Shibboleth.sso/SAML/Artifact" index="6"/>
|
|
105
|
+
</md:SPSSODescriptor>
|
|
106
|
+
|
|
107
|
+
</md:EntityDescriptor>
|
|
108
|
+
|
|
109
|
+
</EntitiesDescriptor>
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
|
2
|
+
MIIDnzCCAoegAwIBAgIJAJmro3l2xdbPMA0GCSqGSIb3DQEBBQUAMGYxCzAJBgNV
|
|
3
|
+
BAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZp
|
|
4
|
+
Y2F0ZTEQMA4GA1UECwwHVGVzdCBTUDEXMBUGA1UEAwwOc3AuZXhhbXBsZS5jb20w
|
|
5
|
+
HhcNMTIwNDE0MTYwNjUzWhcNMjIwNDEyMTYwNjUzWjBmMQswCQYDVQQGEwJKUDER
|
|
6
|
+
MA8GA1UEBwwIQWNhZGVtZTIxGTAXBgNVBAoMEFRlc3QgQ2VydGlmaWNhdGUxEDAO
|
|
7
|
+
BgNVBAsMB1Rlc3QgU1AxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIIBIjANBgkq
|
|
8
|
+
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpIelPUN3Z4PdCZDkVuxCx4KviNJtEdU
|
|
9
|
+
N4sBG3HxSPydDO5rxUoPDB1QDKaSAaLs9Xtum3f01iDM+3zHYceu4B/o+2qR3ekL
|
|
10
|
+
aQQuMK/Hcfuq2pNEEQKISBvrS+HbS2KTl4pX36c2pNU/yIhO0Hyj64Jl51TbPM3x
|
|
11
|
+
bfCIcMyiwTm0tZOkcAc3EKvd4cdddvKCPFtkYlk5nimKzrl0iJqwNNs0KDhGU7iU
|
|
12
|
+
cSMZS4kStiXe8etAX7f24PHHEzgIjzlCaFyaSYtlpouc/W8gVxB22g9T47SvQIs8
|
|
13
|
+
NXGvKpPUo9BId+X7PeZZlkf51AWRQBaswbQx1oLxVU9B6aifa2Hq0QIDAQABo1Aw
|
|
14
|
+
TjAdBgNVHQ4EFgQU/d6Ih14tuy33YeULqBdkgW4c4gcwHwYDVR0jBBgwFoAU/d6I
|
|
15
|
+
h14tuy33YeULqBdkgW4c4gcwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOC
|
|
16
|
+
AQEADLjceTxE/7hXdIh8e9Mp02wpu3BHz3BEWoUyDLzJKk0kMsBtBk+hZ8cog/Xa
|
|
17
|
+
ZQxfC5QTIfUkFHwVsbn3T7+JqY7UcsXrXFioA05LbmyelC07UWf9NOBGeYMTegXT
|
|
18
|
+
BSu4hzOqwrT+X9UW1P3WBnGxgXR5he304S6Z9Va0cWgb9pDg6d+F0ewi4rv197wR
|
|
19
|
+
x4YYFmERh/vwkEKGEC5vmi42fS+557zNhFKWlw3lh+h/0wZ4TnHoRna8jo/TQCBB
|
|
20
|
+
eN5g9vNU4hbO/ena003R8kEA5Wu3K/Vct8O6dv1M8KO26hrCwRCsI/W5TuC7xwJL
|
|
21
|
+
oaw/kpczexGvtVhGuMskmcg4dQ==
|
|
22
|
+
-----END CERTIFICATE-----
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
-----BEGIN RSA PRIVATE KEY-----
|
|
2
|
+
MIIEpQIBAAKCAQEAwpIelPUN3Z4PdCZDkVuxCx4KviNJtEdUN4sBG3HxSPydDO5r
|
|
3
|
+
xUoPDB1QDKaSAaLs9Xtum3f01iDM+3zHYceu4B/o+2qR3ekLaQQuMK/Hcfuq2pNE
|
|
4
|
+
EQKISBvrS+HbS2KTl4pX36c2pNU/yIhO0Hyj64Jl51TbPM3xbfCIcMyiwTm0tZOk
|
|
5
|
+
cAc3EKvd4cdddvKCPFtkYlk5nimKzrl0iJqwNNs0KDhGU7iUcSMZS4kStiXe8etA
|
|
6
|
+
X7f24PHHEzgIjzlCaFyaSYtlpouc/W8gVxB22g9T47SvQIs8NXGvKpPUo9BId+X7
|
|
7
|
+
PeZZlkf51AWRQBaswbQx1oLxVU9B6aifa2Hq0QIDAQABAoIBAQCJefkFwshTSHUe
|
|
8
|
+
2lJviFvlwQpSIljXena08BCONcoIigTluCiJs7RCGQwQhDkx0s6e/OHAE9f43CA5
|
|
9
|
+
qYavPgn/7kwOKNR7+UfIod2JJQpFLU8hNWCorCNi3+c3LJRoBXTHZEaGjn17pfl1
|
|
10
|
+
VWpqwUaJBw+9jiWCJvlpdsTQ/qYY49EslHreuEwhO+sJCqD07uQzVD2xSh/PNAR7
|
|
11
|
+
ibp6pRGA8xAtKs2RffHi4LXk2gCH7gwl3iC3Rwk6e9daw0H9dr36zA5v8yAoRlyB
|
|
12
|
+
UetAW5BuQwhGnIrqLdoCmdxA1CFWGnSP0VZsn5v8KiyTx4+IUg+wxoVtPpBpb+kn
|
|
13
|
+
jmlIylnhAoGBAP1vvG+puXpi6w+81Tv3ImmlCOBphMtRuPVEtJZoYw0pzD4ZPj7K
|
|
14
|
+
6O0Bgi4InTygJj5TdLocF1tKHYka/bX+8ChdivD/7wDYABRvj9ecQ4mRhfYz+XFW
|
|
15
|
+
vi1OZ+PFoWM+XvdwxxdfZX2ye3q4YrIXSqDpVEjCDP7jwtnlx8jNC5qVAoGBAMSJ
|
|
16
|
+
8/UDleO5IWK4rb55658V9yWX0VcEOm3kQMjqq92zKgWuPA6b9Aux//AErsAa8BHo
|
|
17
|
+
hTzqhXXX+GYizfMpLRNa+y8hjeL1RkH62LO8llLaUxWycmbXhQ4D8+WsN7PNd4mx
|
|
18
|
+
XTG+NL1wwEZJcbHLK2xBsLaKS0IhaAl1qsP7I7xNAoGAfsY4/aZqCKWYrguootFx
|
|
19
|
+
3mTWtuMxsT8VBWOz7hUTj08cQuf/sgtwTrZVd0+Jz/zQhJbcqghJSrodYislRLfd
|
|
20
|
+
TGPWj82GseZay94ulw0s35Dy8QB4w9A/W4x//XkrzOgzOxWoEbH/o8v3ZqD7hdiO
|
|
21
|
+
1UVCiw6+z3YBT1xY/sJLDq0CgYEAmRNpc1gLkoZKvn1gtY54Ojv9dsY8Qi4E5Dp3
|
|
22
|
+
SwWcPtygyjPeivJkrgdBdEvxX6abfRdBTyTKNfK0gbhx+AYGGaEvKpJT1IV85z7d
|
|
23
|
+
MYCdBIMPW0LVX8xU0Ym6mRP9fol1pUUDdQ7UPQhoeVYSu4umknbHkCU+YI9sXJHN
|
|
24
|
+
Iz+jobECgYEA5hQz1mtl/DIDsOarkmlxqlp6UKPyMdOeLZazyhWOMxbdQyeEl3Cd
|
|
25
|
+
p2dD5X6D065qwtvYQQbfD0FpsPTLG4pO/DwjhozRnMtbiXXti48/F8UWt8s6jUFc
|
|
26
|
+
YUJw8FLSS4cRl8YfVPGOQkaiOHf5FKxUr4Gq44e1eHhpCAI8X7f8dp4=
|
|
27
|
+
-----END RSA PRIVATE KEY-----
|
|
@@ -0,0 +1,3 @@
|
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
|
2
|
+
MIIDozCCAougAwIBAgIJAM4RrKvcNVYiMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNVBAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZpY2F0ZTERMA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNvbTAeFw0xMjA0MTMwMzMxMjNaFw0xMjA1MTMwMzMxMjNaMGgxCzAJBgNVBAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZpY2F0ZTERMA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPQTaONZxbLElsl5wr7UdV6YpsV21wTe5GOUja7D+mcct8TJLcFu7m/OaK3qlsGYL0IdrTOHbhjgJlWzb03eIbFxFDuorDBnDVSoi2k917DJyBx4lUng+28EAqCUhuXv41XbX30ILL7CO1DxQ6UBhOYgGTx0SbNhOQsdWojJlDuRA9IG2s2dg9KWkT9j9t29OftR8Y6OVmui6MdLOgXHT3NARFN9sHYFbOntFZjRbp70c+wzIOZVF0bmq4UFyLp8xQVdKlNz6oo/QAVgTA9NMG3hhrY36hsFuAHBCbAadKhQMIit3KWbBSb1TyprO3iW/lftIti9XAaX/L+RSH4FvqsCAwEAAaNQME4wHQYDVR0OBBYEFAQBsI28WO2nZomTF4wO183+mJ13MB8GA1UdIwQYMBaAFAQBsI28WO2nZomTF4wO183+mJ13MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAEkmE0x1kqejIDD/f/xc17hnqw3NnrO++gmV2qI32dXRD/fwuf4mP4DSCin1B/8+OYLyJqMYR4eYPFlusM4FnbsETzcdjXWBBzYqdyNAyj1VLeDarAIM2oFrc3p4EMzciK45e4tj7Td5Od//5LOQZPn3uFaFcEiK8fT8Zv9QZMJhw2ZuY7+dGhJuIU1ECYI3U2UM0o70uuAsI4vLleB40t/CfL0c2l6/dCkouNa5I1r9P1kgIIrAUMtjxBgAziCRHiU9WXEYXW6lKEFD5O2ZaElQPQf1CCCRCxPIgk8VupTE00cUTD6LzaNgugi1RlXP1NCK8NmORZQLEg7n38vHCiI=
|
|
3
|
+
-----END CERTIFICATE-----
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
---
|
|
2
|
+
idp_lists:
|
|
3
|
+
https://idp.example.com/idp/shibboleth:
|
|
4
|
+
certificate: ! '-----BEGIN CERTIFICATE-----
|
|
5
|
+
|
|
6
|
+
MIIDozCCAougAwIBAgIJAM4RrKvcNVYiMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNVBAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZpY2F0ZTERMA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNvbTAeFw0xMjA0MTMwMzMxMjNaFw0xMjA1MTMwMzMxMjNaMGgxCzAJBgNVBAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZpY2F0ZTERMA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPQTaONZxbLElsl5wr7UdV6YpsV21wTe5GOUja7D+mcct8TJLcFu7m/OaK3qlsGYL0IdrTOHbhjgJlWzb03eIbFxFDuorDBnDVSoi2k917DJyBx4lUng+28EAqCUhuXv41XbX30ILL7CO1DxQ6UBhOYgGTx0SbNhOQsdWojJlDuRA9IG2s2dg9KWkT9j9t29OftR8Y6OVmui6MdLOgXHT3NARFN9sHYFbOntFZjRbp70c+wzIOZVF0bmq4UFyLp8xQVdKlNz6oo/QAVgTA9NMG3hhrY36hsFuAHBCbAadKhQMIit3KWbBSb1TyprO3iW/lftIti9XAaX/L+RSH4FvqsCAwEAAaNQME4wHQYDVR0OBBYEFAQBsI28WO2nZomTF4wO183+mJ13MB8GA1UdIwQYMBaAFAQBsI28WO2nZomTF4wO183+mJ13MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAEkmE0x1kqejIDD/f/xc17hnqw3NnrO++gmV2qI32dXRD/fwuf4mP4DSCin1B/8+OYLyJqMYR4eYPFlusM4FnbsETzcdjXWBBzYqdyNAyj1VLeDarAIM2oFrc3p4EMzciK45e4tj7Td5Od//5LOQZPn3uFaFcEiK8fT8Zv9QZMJhw2ZuY7+dGhJuIU1ECYI3U2UM0o70uuAsI4vLleB40t/CfL0c2l6/dCkouNa5I1r9P1kgIIrAUMtjxBgAziCRHiU9WXEYXW6lKEFD5O2ZaElQPQf1CCCRCxPIgk8VupTE00cUTD6LzaNgugi1RlXP1NCK8NmORZQLEg7n38vHCiI=
|
|
7
|
+
|
|
8
|
+
-----END CERTIFICATE-----'
|
|
9
|
+
saml2_http_redirect: https://idp.example.com/idp/profile/SAML2/Redirect/SSO
|
|
10
|
+
sp_lists:
|
|
11
|
+
https://sp.example.com/shibboleth:
|
|
12
|
+
certificate: ! '-----BEGIN CERTIFICATE-----
|
|
13
|
+
|
|
14
|
+
|
|
15
|
+
MIIDnzCCAoegAwIBAgIJAOibZtWndr86MA0GCSqGSIb3DQEBBQUAMGYxCzAJBgNVBAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZpY2F0ZTEQMA4GA1UECwwHVGVzdCBTUDEXMBUGA1UEAwwOc3AuZXhhbXBsZS5jb20wHhcNMTIwNDEzMDMzMjI1WhcNMTIwNTEzMDMzMjI1WjBmMQswCQYDVQQGEwJKUDERMA8GA1UEBwwIQWNhZGVtZTIxGTAXBgNVBAoMEFRlc3QgQ2VydGlmaWNhdGUxEDAOBgNVBAsMB1Rlc3QgU1AxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA34MFSNC1wGMrBp/OyzoNFwiDIpmri3BSNbPbmeFKhJfukwAwyYRxhGAz/OQAxruS0DriQ73RcSe6f0WEW+URKkdgx+MiUHghyqNtVjlhNhRSL19kVdddBkFtNSh0/2iA384x0PcXIpfEB9jonX25LGQN9GJWPHamievkj4MwI0cwU4mC9Su8kD2BSccoNpb68pwEI+JizFXTSe9IcA1tJvvxmkecVCTZhS2ztbSm24PUlu7igWruVH/jqtj3YeJMZvKgj6NiwdXOL6+hVuJKO/eNB96yztH3v4KSb3JEE2/2w6K5FSX8qsKDZ/VAq7FRXOwRKYdaX2pNMgWtvr0T/wIDAQABo1AwTjAdBgNVHQ4EFgQUhxf8wd5vCyK8bdWCB2ZkmJwW5F4wHwYDVR0jBBgwFoAUhxf8wd5vCyK8bdWCB2ZkmJwW5F4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAzdQxcUNXP4izy2Yoz2yUlmt5jjQX89uRxrGv6Hf11D3vxiZz4Srxzi8v2Pz77A3Q7qqrIlV6uXj0WvojnalNl2ExY/a1WRz4tO8aI6WsQ7T97UZ2tlJEvR65htIbM27x3j7Ui6xlNcGsm6hlMsm7jUF9oPC2xrSc+sk1ggANkKTpZ/Ui2dkKutLTPMa5KUGkZGOUMrv0xxkUC6zp4bQb6t++4YL4pkY7s+PVOYjZmM1ARM2QP/O6ZeSLe4LQNQS8WfRq0dmNk/QKOqTLIH7ppDar6i7oc1m+sJ+zskhTZnYWzUk6STa6uAfWJ3Z7ILRuorZXobhI0ENI4hv2yYEsWQ==
|
|
16
|
+
|
|
17
|
+
-----END CERTIFICATE-----'
|
|
18
|
+
saml2_http_post: https://sp.example.com/Shibboleth.sso/SAML2/POST
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
MIIDozCCAougAwIBAgIJAM4RrKvcNVYiMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNV
|
|
2
|
+
BAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZp
|
|
3
|
+
Y2F0ZTERMA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNv
|
|
4
|
+
bTAeFw0xMjA0MTMwMzMxMjNaFw0xMjA1MTMwMzMxMjNaMGgxCzAJBgNVBAYTAkpQ
|
|
5
|
+
MREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZpY2F0ZTER
|
|
6
|
+
MA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNvbTCCASIw
|
|
7
|
+
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPQTaONZxbLElsl5wr7UdV6YpsV2
|
|
8
|
+
1wTe5GOUja7D+mcct8TJLcFu7m/OaK3qlsGYL0IdrTOHbhjgJlWzb03eIbFxFDuo
|
|
9
|
+
rDBnDVSoi2k917DJyBx4lUng+28EAqCUhuXv41XbX30ILL7CO1DxQ6UBhOYgGTx0
|
|
10
|
+
SbNhOQsdWojJlDuRA9IG2s2dg9KWkT9j9t29OftR8Y6OVmui6MdLOgXHT3NARFN9
|
|
11
|
+
sHYFbOntFZjRbp70c+wzIOZVF0bmq4UFyLp8xQVdKlNz6oo/QAVgTA9NMG3hhrY3
|
|
12
|
+
6hsFuAHBCbAadKhQMIit3KWbBSb1TyprO3iW/lftIti9XAaX/L+RSH4FvqsCAwEA
|
|
13
|
+
AaNQME4wHQYDVR0OBBYEFAQBsI28WO2nZomTF4wO183+mJ13MB8GA1UdIwQYMBaA
|
|
14
|
+
FAQBsI28WO2nZomTF4wO183+mJ13MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF
|
|
15
|
+
BQADggEBAEkmE0x1kqejIDD/f/xc17hnqw3NnrO++gmV2qI32dXRD/fwuf4mP4DS
|
|
16
|
+
Cin1B/8+OYLyJqMYR4eYPFlusM4FnbsETzcdjXWBBzYqdyNAyj1VLeDarAIM2oFr
|
|
17
|
+
c3p4EMzciK45e4tj7Td5Od//5LOQZPn3uFaFcEiK8fT8Zv9QZMJhw2ZuY7+dGhJu
|
|
18
|
+
IU1ECYI3U2UM0o70uuAsI4vLleB40t/CfL0c2l6/dCkouNa5I1r9P1kgIIrAUMtj
|
|
19
|
+
xBgAziCRHiU9WXEYXW6lKEFD5O2ZaElQPQf1CCCRCxPIgk8VupTE00cUTD6LzaNg
|
|
20
|
+
ugi1RlXP1NCK8NmORZQLEg7n38vHCiI=
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-saml
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.4
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -9,19 +9,30 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2012-04-
|
|
12
|
+
date: 2012-04-14 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: ruby-saml
|
|
16
|
-
requirement: &
|
|
16
|
+
requirement: &70289036886900 !ruby/object:Gem::Requirement
|
|
17
17
|
none: false
|
|
18
18
|
requirements:
|
|
19
19
|
- - ~>
|
|
20
20
|
- !ruby/object:Gem::Version
|
|
21
|
-
version: 0.
|
|
21
|
+
version: 0.5.2
|
|
22
22
|
type: :runtime
|
|
23
23
|
prerelease: false
|
|
24
|
-
version_requirements: *
|
|
24
|
+
version_requirements: *70289036886900
|
|
25
|
+
- !ruby/object:Gem::Dependency
|
|
26
|
+
name: rspec
|
|
27
|
+
requirement: &70289036886520 !ruby/object:Gem::Requirement
|
|
28
|
+
none: false
|
|
29
|
+
requirements:
|
|
30
|
+
- - ! '>='
|
|
31
|
+
- !ruby/object:Gem::Version
|
|
32
|
+
version: '0'
|
|
33
|
+
type: :development
|
|
34
|
+
prerelease: false
|
|
35
|
+
version_requirements: *70289036886520
|
|
25
36
|
description: SAML middleware for Rack (using ruby-saml)
|
|
26
37
|
email:
|
|
27
38
|
- toyokazu@gmail.com
|
|
@@ -55,6 +66,19 @@ files:
|
|
|
55
66
|
- rack-saml.gemspec
|
|
56
67
|
- Rakefile
|
|
57
68
|
- README.md
|
|
69
|
+
- spec/fixtures/config_idp.yml
|
|
70
|
+
- spec/fixtures/config_sp.yml
|
|
71
|
+
- spec/fixtures/conv_metadata_test.rb
|
|
72
|
+
- spec/fixtures/idp_cert.pem
|
|
73
|
+
- spec/fixtures/idp_key.pem
|
|
74
|
+
- spec/fixtures/metadata-with-newline.xml
|
|
75
|
+
- spec/fixtures/metadata-without-newline.xml
|
|
76
|
+
- spec/fixtures/metadata.xml
|
|
77
|
+
- spec/fixtures/sp_cert.pem
|
|
78
|
+
- spec/fixtures/sp_key.pem
|
|
79
|
+
- spec/fixtures/test.pem
|
|
80
|
+
- spec/fixtures/test.yml
|
|
81
|
+
- spec/fixtures/test2.pem
|
|
58
82
|
homepage: ''
|
|
59
83
|
licenses: []
|
|
60
84
|
post_install_message:
|
|
@@ -79,4 +103,17 @@ rubygems_version: 1.8.17
|
|
|
79
103
|
signing_key:
|
|
80
104
|
specification_version: 3
|
|
81
105
|
summary: SAML middleware for Rack (using ruby-saml)
|
|
82
|
-
test_files:
|
|
106
|
+
test_files:
|
|
107
|
+
- spec/fixtures/config_idp.yml
|
|
108
|
+
- spec/fixtures/config_sp.yml
|
|
109
|
+
- spec/fixtures/conv_metadata_test.rb
|
|
110
|
+
- spec/fixtures/idp_cert.pem
|
|
111
|
+
- spec/fixtures/idp_key.pem
|
|
112
|
+
- spec/fixtures/metadata-with-newline.xml
|
|
113
|
+
- spec/fixtures/metadata-without-newline.xml
|
|
114
|
+
- spec/fixtures/metadata.xml
|
|
115
|
+
- spec/fixtures/sp_cert.pem
|
|
116
|
+
- spec/fixtures/sp_key.pem
|
|
117
|
+
- spec/fixtures/test.pem
|
|
118
|
+
- spec/fixtures/test.yml
|
|
119
|
+
- spec/fixtures/test2.pem
|