Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Strip comments during metadata import 
Includes manual tests.

See ukf/ukf-meta#200
Alex Stuart committed Sep 1, 2020
1 parent 53c119d commit 4c3110f
Showing 4 changed files with 333 additions and 3 deletions.
13 changes: 10 additions & 3 deletions mdx/uk/import.xsl
View file
@@ -9,6 +9,14 @@
adjusts it towards the standard used for a UK federation
metadata repository fragment file.
Warning:
* the XSLT template is unusual compared with what you see in
so many other files, since it does not copy across comments
from the input file to the output. This has the effect that
all comments from the incoming file are strippped, but comments
generated within the transform itself are unaffected.
Assumptions:
* the output will have oXygen's "format and indent" applied
@@ -19,7 +27,6 @@
* the metadata most likely represents a Shibboleth 2.x entity
Author: Ian A. Young <ian@iay.org.uk>
-->
@@ -325,8 +332,8 @@
-->


<!--By default, copy text blocks, comments and attributes unchanged.-->
<xsl:template match="text()|comment()|@*">
<!--By default, copy text blocks and attributes unchanged.-->
<xsl:template match="text()|@*">
<xsl:copy/>
</xsl:template>

15 changes: 15 additions & 0 deletions tests/manual/ukf-meta-200/README.md
View file
@@ -0,0 +1,15 @@
# README

Some test files:
- sp.xml looks like a Shibboleth SP's automatically-generated metadata
- idp.xml looks like a Shibboleth IdP's metadata

How to test
- copy the test file to `${UKF-DATA}/entities/import.xml`
- run `import.metadata` ant target

The comments should not be copied into `imported.xml`

I have not included examples of the output
because that would break when we update the
content of `import.xsl`
220 changes: 220 additions & 0 deletions tests/manual/ukf-meta-200/idp.xml
View file
@@ -0,0 +1,220 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
This is example metadata only. Do *NOT* supply it as is without review,
and do *NOT* provide it in real time to your partners.
This metadata is not dynamic - it will not change as your configuration changes.
-->
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:xml="http://www.w3.org/XML/1998/namespace" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" entityID="https://test-idp.ukfederation.org.uk/idp/shibboleth">

<IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">

<Extensions>
<shibmd:Scope regexp="false">test.ukfederation.org.uk</shibmd:Scope>
<!--
Fill in the details for your IdP here
<mdui:UIInfo>
<mdui:DisplayName xml:lang="en">A Name for the IdP at test-idp.ukfederation.org.uk</mdui:DisplayName>
<mdui:Description xml:lang="en">Enter a description of your IdP at test-idp.ukfederation.org.uk</mdui:Description>
<mdui:Logo height="80" width="80">https://test-idp.ukfederation.org.uk/Path/To/Logo.png</mdui:Logo>
</mdui:UIInfo>
-->
</Extensions>

<KeyDescriptor use="signing">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIDXDCCAkSgAwIBAgIVAKMdq76ICtGOUPeE1oS5vZ2/J8pjMA0GCSqGSIb3DQEB
CwUAMCcxJTAjBgNVBAMMHHRlc3QtaWRwLnVrZmVkZXJhdGlvbi5vcmcudWswHhcN
MTYwNjAyMTYyNzU4WhcNMzYwNjAyMTYyNzU4WjAnMSUwIwYDVQQDDBx0ZXN0LWlk
cC51a2ZlZGVyYXRpb24ub3JnLnVrMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp6PVhKcs4wDoMuVSWn73E2L+WgZipw4rAIluvgvdu97zpbjjerbL1OWL
Px3BNz6tP+IU8ivXDY8sDDTeGOquxW5E3JZKOvTkPTd+V0dFpX1ogb342w/UMgwd
n4wMjLtZQvdJbWhtdxRFdd4YTv2ooeFWmr2Nc1qrBS9As1HdZnD0CvP0R1gxjAij
Vu6/Kg4rJcVjOGka3dGKqdCwUfFm0KuEp8GrHkyTdQ1qDwa181FdlNA5qW6djLlj
xGuLI9gKOzt1EgCi4RKsRgHEn3RMRx29TMusOAwQTMz/w0PX7B4LnoYxO/Z+njwX
GVtc/Vpr9paIBgXn3Dv16DmfmpDt5QIDAQABo38wfTAdBgNVHQ4EFgQUea1/62BW
cTima/4+VczPTQQPZjQwXAYDVR0RBFUwU4IcdGVzdC1pZHAudWtmZWRlcmF0aW9u
Lm9yZy51a4YzaHR0cHM6Ly90ZXN0LWlkcC51a2ZlZGVyYXRpb24ub3JnLnVrL2lk
cC9zaGliYm9sZXRoMA0GCSqGSIb3DQEBCwUAA4IBAQA0JLH2MA22gwQMdsK1mI+g
Jr2CYIEts7ry3oi6SyD8tTFCmypTKzvKz2s0bOpHvYyTbEDVs9ffCrJUVdvVwHF0
sX4YsnJuOKQLr5Sl3YZPvPg7AsOMW+Tn+JL5l2Xnvfz77Ki3FiS4rQH32REFGccl
Gs7fJunyxZzB3Jvv9Cly5vfdKGJfyCviDSMWX5W1slUkg1fWUsppZy9Ifiygb+Au
IaP69qz6dqVwZJldG3Wn/x5WpI1x7Meax2Wa9bIbqWXCeNfhrhAnL//dbKPfA0EB
AlxhhLIxWxf/Um12z22EJyuH3EYWyTlVaGlOcHzg2r1Mn/1LNXpBMVhOPZouksPx
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>

</KeyDescriptor>
<KeyDescriptor use="signing">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIDWzCCAkOgAwIBAgIUOMCC6dkddEwkgPACu9HJ3SaiMjkwDQYJKoZIhvcNAQEL
BQAwJzElMCMGA1UEAwwcdGVzdC1pZHAudWtmZWRlcmF0aW9uLm9yZy51azAeFw0x
NjA2MDIxNjI3NTZaFw0zNjA2MDIxNjI3NTZaMCcxJTAjBgNVBAMMHHRlc3QtaWRw
LnVrZmVkZXJhdGlvbi5vcmcudWswggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCYrePj+6qI0agRWDNXr2N0pvxdBA9fzXUiNkFPv1syUcY40LGtYUvyEyrn
VZ9OkvLswTYArvOGwHGGseKy1lDxt/O37hcXTTd6bAg6nIqdD08Y044pMpXfms2n
BwUHq/sGUUyIVV+xP00lfyFxwQNRI9D0L4W8OSx0vMoPM4hp+gsZrzTklUgjhRU/
5n5XGSseS9tb60wz4URx306HxuEkZpF7pWhJRAgfeyone9vYMAotXBfxrvssuyYw
rabGvfWRIJiXXmLjm2hllAF2Tj25xlzjAwDhLbvKjZZa5afx3EYMYSf53uOGYJG/
zGebYZpvKZB+bLjNwaA41LzeskMdAgMBAAGjfzB9MB0GA1UdDgQWBBQUUMcdr4uu
bY7bn88mdk67e20UDzBcBgNVHREEVTBTghx0ZXN0LWlkcC51a2ZlZGVyYXRpb24u
b3JnLnVrhjNodHRwczovL3Rlc3QtaWRwLnVrZmVkZXJhdGlvbi5vcmcudWsvaWRw
L3NoaWJib2xldGgwDQYJKoZIhvcNAQELBQADggEBAJMjdRtSlf9IYMIUqvGQxn/v
u8CixcHcimK2WBp/Dv4lAphOTzmF+zF7cB2CMalAcgJnoP4BJNq/7bwDOHDFbpbN
cKh4FWRzURChBbZ2Xa1C2vrm0+oPQl8WsChxQgqUPDTleg2k3/PEi2dDymJlu8Cg
0kqWwQ1G0tal6B0lDf+3PKdwdp5LAnB8TUFCTrfuI5DiHOce8r5+AjfkhJsSYu39
NpJGsdn/IzQE4RsAFbz1UEb1sz9+vtTFMvC2mr82TcYWC3PDqyHpvqCHAwQqAzQW
thDEbFnZ8ckGnGLfkn+Lqt8/A3D85vsoQvvYZ+6UOKzBnl2SeVyGcFykoSoZcGA=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>

</KeyDescriptor>
<KeyDescriptor use="encryption">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIDXDCCAkSgAwIBAgIVAN/3uTodbwagOO8HxJ/wK9pD9F6DMA0GCSqGSIb3DQEB
CwUAMCcxJTAjBgNVBAMMHHRlc3QtaWRwLnVrZmVkZXJhdGlvbi5vcmcudWswHhcN
MTYwNjAyMTYyNzU3WhcNMzYwNjAyMTYyNzU3WjAnMSUwIwYDVQQDDBx0ZXN0LWlk
cC51a2ZlZGVyYXRpb24ub3JnLnVrMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAl5mKiHP7qGWRM2IkPvh5RuVJaOJkBRFhDdX1FInSYtyPRDxQ6Fl9g5Pt
3C65HA9YVMjhijph50DZJRAroyU17WdaSfTUrqK7LqdVk7rVHRekJIH+J3hh/UVq
2Q0N1tlyBOblR6DA4na3kNYwTZh+jYrp6cbNqyqcvtFLCezDOkNnLbXxSK6vqqJN
dRTLUoN6PmRlj5DBZNpOkSGdI32WIhNczUHkBZzHVRlvfF4uQKH+0ASYWpI+WJGs
Mrdg1eSkQkKLYo/6LmLj/L4kiJzWEC1V1pod1r54wgMsfFRPeoLC1kYU3Q8OFgX8
WdUodwaRtFrpmURBEQgMK1uDLGJhkwIDAQABo38wfTAdBgNVHQ4EFgQUdsJMwfkG
pPHTByrcDXj2+cm+G2AwXAYDVR0RBFUwU4IcdGVzdC1pZHAudWtmZWRlcmF0aW9u
Lm9yZy51a4YzaHR0cHM6Ly90ZXN0LWlkcC51a2ZlZGVyYXRpb24ub3JnLnVrL2lk
cC9zaGliYm9sZXRoMA0GCSqGSIb3DQEBCwUAA4IBAQBOVDjHi2Mrj3nDb/pTZ9Lz
/OizJNEZ+uklJbX//W9Jr1VE2NND96R/D2T/lvR/rKbXh0HJl7VYLRHkPJPQ6X+T
7TzZW9MKhX6nLzhXdtOZb4AEQn0mpOtZSfpY9eUc13xRw1jGl6y09WVnO/IP/0HX
U7uWTDt0jgAC4VR3hpFOevxU3nXu5XLtgBcnASeoeJbNfAr+MhrHCt4nAYFmf/+S
MLg/0bPQDCVJ0j4yvSCCFkrWeFEkzqQ2QF/VFSA47VfRDALiMzTpFFgTxyj1p4T7
Ycbh0vb/OVKx+DN9cvlWlzf2e2JXGg8/gP7hpwVV6ndskANQ67NUOZ5jXWsK5GnD
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>

</KeyDescriptor>

<ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://test-idp.ukfederation.org.uk:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
<ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://test-idp.ukfederation.org.uk:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>

<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://test-idp.ukfederation.org.uk/idp/profile/SAML2/Redirect/SLO"/>
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test-idp.ukfederation.org.uk/idp/profile/SAML2/POST/SLO"/>
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://test-idp.ukfederation.org.uk/idp/profile/SAML2/POST-SimpleSign/SLO"/>
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://test-idp.ukfederation.org.uk:8443/idp/profile/SAML2/SOAP/SLO"/>

<NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>

<SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://test-idp.ukfederation.org.uk/idp/profile/Shibboleth/SSO"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test-idp.ukfederation.org.uk/idp/profile/SAML2/POST/SSO"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://test-idp.ukfederation.org.uk/idp/profile/SAML2/POST-SimpleSign/SSO"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://test-idp.ukfederation.org.uk/idp/profile/SAML2/Redirect/SSO"/>

</IDPSSODescriptor>


<AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">

<Extensions>
<shibmd:Scope regexp="false">test.ukfederation.org.uk</shibmd:Scope>
</Extensions>

<KeyDescriptor use="signing">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIDXDCCAkSgAwIBAgIVAKMdq76ICtGOUPeE1oS5vZ2/J8pjMA0GCSqGSIb3DQEB
CwUAMCcxJTAjBgNVBAMMHHRlc3QtaWRwLnVrZmVkZXJhdGlvbi5vcmcudWswHhcN
MTYwNjAyMTYyNzU4WhcNMzYwNjAyMTYyNzU4WjAnMSUwIwYDVQQDDBx0ZXN0LWlk
cC51a2ZlZGVyYXRpb24ub3JnLnVrMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp6PVhKcs4wDoMuVSWn73E2L+WgZipw4rAIluvgvdu97zpbjjerbL1OWL
Px3BNz6tP+IU8ivXDY8sDDTeGOquxW5E3JZKOvTkPTd+V0dFpX1ogb342w/UMgwd
n4wMjLtZQvdJbWhtdxRFdd4YTv2ooeFWmr2Nc1qrBS9As1HdZnD0CvP0R1gxjAij
Vu6/Kg4rJcVjOGka3dGKqdCwUfFm0KuEp8GrHkyTdQ1qDwa181FdlNA5qW6djLlj
xGuLI9gKOzt1EgCi4RKsRgHEn3RMRx29TMusOAwQTMz/w0PX7B4LnoYxO/Z+njwX
GVtc/Vpr9paIBgXn3Dv16DmfmpDt5QIDAQABo38wfTAdBgNVHQ4EFgQUea1/62BW
cTima/4+VczPTQQPZjQwXAYDVR0RBFUwU4IcdGVzdC1pZHAudWtmZWRlcmF0aW9u
Lm9yZy51a4YzaHR0cHM6Ly90ZXN0LWlkcC51a2ZlZGVyYXRpb24ub3JnLnVrL2lk
cC9zaGliYm9sZXRoMA0GCSqGSIb3DQEBCwUAA4IBAQA0JLH2MA22gwQMdsK1mI+g
Jr2CYIEts7ry3oi6SyD8tTFCmypTKzvKz2s0bOpHvYyTbEDVs9ffCrJUVdvVwHF0
sX4YsnJuOKQLr5Sl3YZPvPg7AsOMW+Tn+JL5l2Xnvfz77Ki3FiS4rQH32REFGccl
Gs7fJunyxZzB3Jvv9Cly5vfdKGJfyCviDSMWX5W1slUkg1fWUsppZy9Ifiygb+Au
IaP69qz6dqVwZJldG3Wn/x5WpI1x7Meax2Wa9bIbqWXCeNfhrhAnL//dbKPfA0EB
AlxhhLIxWxf/Um12z22EJyuH3EYWyTlVaGlOcHzg2r1Mn/1LNXpBMVhOPZouksPx
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>

</KeyDescriptor>
<KeyDescriptor use="signing">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIDWzCCAkOgAwIBAgIUOMCC6dkddEwkgPACu9HJ3SaiMjkwDQYJKoZIhvcNAQEL
BQAwJzElMCMGA1UEAwwcdGVzdC1pZHAudWtmZWRlcmF0aW9uLm9yZy51azAeFw0x
NjA2MDIxNjI3NTZaFw0zNjA2MDIxNjI3NTZaMCcxJTAjBgNVBAMMHHRlc3QtaWRw
LnVrZmVkZXJhdGlvbi5vcmcudWswggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCYrePj+6qI0agRWDNXr2N0pvxdBA9fzXUiNkFPv1syUcY40LGtYUvyEyrn
VZ9OkvLswTYArvOGwHGGseKy1lDxt/O37hcXTTd6bAg6nIqdD08Y044pMpXfms2n
BwUHq/sGUUyIVV+xP00lfyFxwQNRI9D0L4W8OSx0vMoPM4hp+gsZrzTklUgjhRU/
5n5XGSseS9tb60wz4URx306HxuEkZpF7pWhJRAgfeyone9vYMAotXBfxrvssuyYw
rabGvfWRIJiXXmLjm2hllAF2Tj25xlzjAwDhLbvKjZZa5afx3EYMYSf53uOGYJG/
zGebYZpvKZB+bLjNwaA41LzeskMdAgMBAAGjfzB9MB0GA1UdDgQWBBQUUMcdr4uu
bY7bn88mdk67e20UDzBcBgNVHREEVTBTghx0ZXN0LWlkcC51a2ZlZGVyYXRpb24u
b3JnLnVrhjNodHRwczovL3Rlc3QtaWRwLnVrZmVkZXJhdGlvbi5vcmcudWsvaWRw
L3NoaWJib2xldGgwDQYJKoZIhvcNAQELBQADggEBAJMjdRtSlf9IYMIUqvGQxn/v
u8CixcHcimK2WBp/Dv4lAphOTzmF+zF7cB2CMalAcgJnoP4BJNq/7bwDOHDFbpbN
cKh4FWRzURChBbZ2Xa1C2vrm0+oPQl8WsChxQgqUPDTleg2k3/PEi2dDymJlu8Cg
0kqWwQ1G0tal6B0lDf+3PKdwdp5LAnB8TUFCTrfuI5DiHOce8r5+AjfkhJsSYu39
NpJGsdn/IzQE4RsAFbz1UEb1sz9+vtTFMvC2mr82TcYWC3PDqyHpvqCHAwQqAzQW
thDEbFnZ8ckGnGLfkn+Lqt8/A3D85vsoQvvYZ+6UOKzBnl2SeVyGcFykoSoZcGA=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>

</KeyDescriptor>
<KeyDescriptor use="encryption">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIDXDCCAkSgAwIBAgIVAN/3uTodbwagOO8HxJ/wK9pD9F6DMA0GCSqGSIb3DQEB
CwUAMCcxJTAjBgNVBAMMHHRlc3QtaWRwLnVrZmVkZXJhdGlvbi5vcmcudWswHhcN
MTYwNjAyMTYyNzU3WhcNMzYwNjAyMTYyNzU3WjAnMSUwIwYDVQQDDBx0ZXN0LWlk
cC51a2ZlZGVyYXRpb24ub3JnLnVrMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAl5mKiHP7qGWRM2IkPvh5RuVJaOJkBRFhDdX1FInSYtyPRDxQ6Fl9g5Pt
3C65HA9YVMjhijph50DZJRAroyU17WdaSfTUrqK7LqdVk7rVHRekJIH+J3hh/UVq
2Q0N1tlyBOblR6DA4na3kNYwTZh+jYrp6cbNqyqcvtFLCezDOkNnLbXxSK6vqqJN
dRTLUoN6PmRlj5DBZNpOkSGdI32WIhNczUHkBZzHVRlvfF4uQKH+0ASYWpI+WJGs
Mrdg1eSkQkKLYo/6LmLj/L4kiJzWEC1V1pod1r54wgMsfFRPeoLC1kYU3Q8OFgX8
WdUodwaRtFrpmURBEQgMK1uDLGJhkwIDAQABo38wfTAdBgNVHQ4EFgQUdsJMwfkG
pPHTByrcDXj2+cm+G2AwXAYDVR0RBFUwU4IcdGVzdC1pZHAudWtmZWRlcmF0aW9u
Lm9yZy51a4YzaHR0cHM6Ly90ZXN0LWlkcC51a2ZlZGVyYXRpb24ub3JnLnVrL2lk
cC9zaGliYm9sZXRoMA0GCSqGSIb3DQEBCwUAA4IBAQBOVDjHi2Mrj3nDb/pTZ9Lz
/OizJNEZ+uklJbX//W9Jr1VE2NND96R/D2T/lvR/rKbXh0HJl7VYLRHkPJPQ6X+T
7TzZW9MKhX6nLzhXdtOZb4AEQn0mpOtZSfpY9eUc13xRw1jGl6y09WVnO/IP/0HX
U7uWTDt0jgAC4VR3hpFOevxU3nXu5XLtgBcnASeoeJbNfAr+MhrHCt4nAYFmf/+S
MLg/0bPQDCVJ0j4yvSCCFkrWeFEkzqQ2QF/VFSA47VfRDALiMzTpFFgTxyj1p4T7
Ycbh0vb/OVKx+DN9cvlWlzf2e2JXGg8/gP7hpwVV6ndskANQ67NUOZ5jXWsK5GnD
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>

</KeyDescriptor>

<AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://test-idp.ukfederation.org.uk:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
<!-- <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://test-idp.ukfederation.org.uk:8443/idp/profile/SAML2/SOAP/AttributeQuery"/> -->
<!-- If you uncomment the above you should add urn:oasis:names:tc:SAML:2.0:protocol to the protocolSupportEnumeration above -->

</AttributeAuthorityDescriptor>

</EntityDescriptor>
88 changes: 88 additions & 0 deletions tests/manual/ukf-meta-200/sp.xml
View file
@@ -0,0 +1,88 @@
<!--
This is example metadata only. Do *NOT* supply it as is without review,
and do *NOT* provide it in real time to your partners.
-->
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="_c0045678aa1b1e04e85d412f428ea95d2f627255" entityID="https://test.ukfederation.org.uk/entity">

<md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
</md:Extensions>

<md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
<md:Extensions>
<init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://test.ukfederation.org.uk/Shibboleth.sso/Login"/>
<idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://test.ukfederation.org.uk/Shibboleth.sso/Login" index="1"/>
<init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://test.ukfederation.org.uk/Shibboleth.sso/Login1"/>
<init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://test.ukfederation.org.uk/Shibboleth.sso/DS"/>
<init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://test.ukfederation.org.uk/Shibboleth.sso/UKfedWAYF"/>
<init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://test.ukfederation.org.uk/Shibboleth.sso/UKfedDS"/>
<idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://test.ukfederation.org.uk/Shibboleth.sso/UKfedDS" index="2"/>
<init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://test.ukfederation.org.uk/Shibboleth.sso/EDS"/>
<idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://test.ukfederation.org.uk/Shibboleth.sso/EDS" index="3"/>
<init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://test.ukfederation.org.uk/Shibboleth.sso/Wayfinder"/>
<idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://test.ukfederation.org.uk/Shibboleth.sso/Wayfinder" index="4"/>
</md:Extensions>
<md:KeyDescriptor>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:KeyName>test-sp</ds:KeyName>
<ds:X509Data>
<ds:X509SubjectName>CN=test-sp</ds:X509SubjectName>
<ds:X509Certificate>MIIC3DCCAcSgAwIBAgIJAN+91XVXF36VMA0GCSqGSIb3DQEBBQUAMBIxEDAOBgNV
BAMTB3Rlc3Qtc3AwHhcNMTYwNTExMTI0MTA3WhcNMjYwNTA5MTI0MTA3WjASMRAw
DgYDVQQDEwd0ZXN0LXNwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
zSnEqqkjqprYaIIiO3NOMHHMtvu3T4OP3lRFRp3arNgQTu6J54dj4Ljh2R6w2oFf
NW/SXKYmHQSv9L/wo57PH47QDvHpt/fSrcG5vr5E0GJFBsKLH21ejK2IaRh58m4k
xTpncRbdLDVntHs0ZOOAzXTyM9kzwNmLHnhkl6MH0q7qiHRsOXUFMJMM8VdEFZ3p
zGrOjZ36sFysjxwBH+2YYixgJCsmDJJI8/0XCFg9KvgHgtUudru4cO2PgU4MFj9V
mV+j3vPhZP3GPMNqLBlAqDTKKw6lRIHF2hHGE1zhqU6A3QGRxhkAonPEyGMvYfFT
tSW5MW2f58B+0+A5nMKqTwIDAQABozUwMzASBgNVHREECzAJggd0ZXN0LXNwMB0G
A1UdDgQWBBQob//Wa5StNlZteESM3e54WsDovzANBgkqhkiG9w0BAQUFAAOCAQEA
iaLcK3+i8w7AzYuaDiu0I4kclZoxz1zKHyI4o7s+iTTR5xJrX+d5WRZT4f72RkDS
gEH4L/f64XUufso8ilt7vCxJOIUAAcZSxHFD/4TvBhNBha9HjzlL11kOr8VNs3OJ
FQwsV8Or5xr2T1wpcT+JN5sDNbAxx7oz/vthnAdvo98vGMMx1VJcNz7B5irg3B5M
gegI3kOm1UfZLWxjfae/uX19d8N0r8AFD3Uuw4UX/07LVZmrtvjI5LB+ju/kv8kP
ENCjwhjjXq7NUW8hgSiqqdMkFA1iH+KMAYtn2xvll1TojluWAwpYjaCjOLyJSBuV
sIV9aK2TFEhoJD6KkXUNqg==
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
</md:KeyDescriptor>
<md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://test.ukfederation.org.uk/Shibboleth.sso/Artifact/SOAP" index="1"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://test.ukfederation.org.uk/Shibboleth.sso/SLO/SOAP"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://test.ukfederation.org.uk/Shibboleth.sso/SLO/Redirect"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test.ukfederation.org.uk/Shibboleth.sso/SLO/POST"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://test.ukfederation.org.uk/Shibboleth.sso/SLO/Artifact"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test.ukfederation.org.uk/Shibboleth.sso/SAML2/POST" index="1"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://test.ukfederation.org.uk/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://test.ukfederation.org.uk/Shibboleth.sso/SAML2/Artifact" index="3"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://test.ukfederation.org.uk/Shibboleth.sso/SAML2/ECP" index="4"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://test.ukfederation.org.uk/Shibboleth.sso/SAML/POST" index="5"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://test.ukfederation.org.uk/Shibboleth.sso/SAML/Artifact" index="6"/>
</md:SPSSODescriptor>

</md:EntityDescriptor>

0 comments on commit 4c3110f

Please sign in to comment.