diff --git a/Sources/SIS/shib-idp/bin/init-idp.sh b/Sources/SIS/shib-idp/bin/init-idp.sh new file mode 100644 index 0000000..aa6305e --- /dev/null +++ b/Sources/SIS/shib-idp/bin/init-idp.sh @@ -0,0 +1,31 @@ +#!/bin/bash + +export JAVA_HOME=/opt/jre-home +export PATH=$PATH:$JAVA_HOME/bin + +cd /opt/shibboleth-idp/bin + +# Remove existing config to build starts with an empty config +rm -r ../conf/ + +echo "Please complete the following for your IdP environment:" +./build.sh -Didp.target.dir=/opt/shibboleth-idp init gethostname askscope metadata-gen + +mkdir -p /ext-mount/customized-shibboleth-idp/conf/ + +# Copy the essential and routinely customized config to out Docker mount. +cd .. +cp -r credentials/ /ext-mount/customized-shibboleth-idp/ +cp -r metadata/ /ext-mount/customized-shibboleth-idp/ +cp conf/{attribute-resolver.xml,attribute-filter.xml,cas-protocol.xml,idp.properties,ldap.properties,metadata-providers.xml,relying-party.xml,saml-nameid.xml} /ext-mount/customized-shibboleth-idp/conf/ + +# Copy the basic UI components, which are routinely customized +cp -r views/ /ext-mount/customized-shibboleth-idp/ +mkdir /ext-mount/customized-shibboleth-idp/webapp/ +cp -r webapp/css/ /ext-mount/customized-shibboleth-idp/webapp/ +cp -r webapp/images/ /ext-mount/customized-shibboleth-idp/webapp/ +cp -r webapp/js/ /ext-mount/customized-shibboleth-idp/webapp/ +rm -r /ext-mount/customized-shibboleth-idp/views/user-prefs.js + +echo "A basic Shibboleth IdP config and UI has been copied to ./customized-shibboleth-idp/ (assuming the default volume mapping was used)." +echo "Most files, if not being customized can be removed from what was exported/the local Docker image and baseline files will be used." diff --git a/Sources/SIS/shib-idp/bin/run-jetty.sh b/Sources/SIS/shib-idp/bin/run-jetty.sh new file mode 100644 index 0000000..05a9174 --- /dev/null +++ b/Sources/SIS/shib-idp/bin/run-jetty.sh @@ -0,0 +1,16 @@ +#!/bin/sh + +#set -x + +export JAVA_HOME=/opt/jre-home +export PATH=$PATH:$JAVA_HOME/bin + +if [ -e "/opt/shibboleth-idp/ext-conf/idp-secrets.properties" ]; then + export JETTY_BACKCHANNEL_SSL_KEYSTORE_PASSWORD=`gawk 'match($0,/^jetty.backchannel.sslContext.keyStorePassword=\s?(.*)\s?$/, a) {print a[1]}' /opt/shibboleth-idp/ext-conf/idp-secrets.properties` + export JETTY_BROWSER_SSL_KEYSTORE_PASSWORD=`gawk 'match($0,/^jetty\.sslContext\.keyStorePassword=\s?(.*)\s?$/, a) {print a[1]}' /opt/shibboleth-idp/ext-conf/idp-secrets.properties` +fi + +export JETTY_ARGS="jetty.sslContext.keyStorePassword=$JETTY_BROWSER_SSL_KEYSTORE_PASSWORD jetty.backchannel.sslContext.keyStorePassword=$JETTY_BACKCHANNEL_SSL_KEYSTORE_PASSWORD" +sed -i "s/^-Xmx.*$/-Xmx$JETTY_MAX_HEAP/g" /opt/shib-jetty-base/start.ini + +exec /etc/init.d/jetty run diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/attribute-filter.xml b/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/attribute-filter.xml new file mode 100644 index 0000000..0df6a7b --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/attribute-filter.xml @@ -0,0 +1,55 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/attribute-resolver.xml b/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/attribute-resolver.xml new file mode 100644 index 0000000..14cf67d --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/attribute-resolver.xml @@ -0,0 +1,187 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + member + + + urn:mace:example.edu:demoservice:demo-user + + + + + + + + + + + MyDataSource + 0) + SELECT DISTINCT grouper_memberships_lw_v.group_name + FROM grouper.grouper_aval_asn_group_v + JOIN grouper.grouper_memberships_lw_v + USING (group_id) + WHERE subject_id='$uid.get(0)' + AND grouper_aval_asn_group_v.attribute_def_name_name='etc:attribute:ShibEntityId:ShibEntityId' + AND (value_string = '$requestContext.getPeerEntityId()' OR value_string='DEFAULT') + AND grouper_aval_asn_group_v.enabled='T' + ORDER BY group_name ASC; + #else + SELECT 1 + #end + ]]> + + + + + + + + MyDataSource + 0) + select givenname, surname, fullName, email from myapp_development.users where uid='$uid.get(0)' + #else + SELECT 1 + #end + ]]> + + + + + + diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/cas-protocol.xml b/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/cas-protocol.xml new file mode 100644 index 0000000..d0b3d55 --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/cas-protocol.xml @@ -0,0 +1,84 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/global.xml b/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/global.xml new file mode 100644 index 0000000..3f709bd --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/global.xml @@ -0,0 +1,28 @@ + + + + + + + diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/ldap.properties b/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/ldap.properties new file mode 100644 index 0000000..2f4d905 --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/ldap.properties @@ -0,0 +1,63 @@ +# LDAP authentication configuration, see authn/ldap-authn-config.xml +# Note, this doesn't apply to the use of JAAS + +## Authenticator strategy, either anonSearchAuthenticator, bindSearchAuthenticator, directAuthenticator, adAuthenticator +idp.authn.LDAP.authenticator = bindSearchAuthenticator + +## Connection properties ## +idp.authn.LDAP.ldapURL = ldap://tier-demo-ldap:389 +idp.authn.LDAP.useStartTLS = false +idp.authn.LDAP.useSSL = false +# Time in milliseconds that connects will block +#idp.authn.LDAP.connectTimeout = PT3S +# Time in milliseconds to wait for responses +#idp.authn.LDAP.responseTimeout = PT3S + +## SSL configuration, either jvmTrust, certificateTrust, or keyStoreTrust +#idp.authn.LDAP.sslConfig = certificateTrust +## If using certificateTrust above, set to the trusted certificate's path +idp.authn.LDAP.trustCertificates = %{idp.home}/credentials/ldap-server.crt +## If using keyStoreTrust above, set to the truststore path +idp.authn.LDAP.trustStore = %{idp.home}/credentials/ldap-server.truststore + +## Return attributes during authentication +idp.authn.LDAP.returnAttributes = passwordExpirationTime,loginGraceRemaining + +## DN resolution properties ## + +# Search DN resolution, used by anonSearchAuthenticator, bindSearchAuthenticator +# for AD: CN=Users,DC=example,DC=org +idp.authn.LDAP.baseDN = ou=people,dc=example,dc=edu +#idp.authn.LDAP.subtreeSearch = false +idp.authn.LDAP.userFilter = (uid={user}) +# bind search configuration +# for AD: idp.authn.LDAP.bindDN=adminuser@domain.com +idp.authn.LDAP.bindDN = cn=admin,dc=example,dc=edu +idp.authn.LDAP.bindDNCredential = password + +# Format DN resolution, used by directAuthenticator, adAuthenticator +# for AD use idp.authn.LDAP.dnFormat=%s@domain.com +idp.authn.LDAP.dnFormat = uid=%s,ou=people,dc=example,dc=edu + +# LDAP attribute configuration, see attribute-resolver.xml +# Note, this likely won't apply to the use of legacy V2 resolver configurations +idp.attribute.resolver.LDAP.ldapURL = %{idp.authn.LDAP.ldapURL} +idp.attribute.resolver.LDAP.connectTimeout = %{idp.authn.LDAP.connectTimeout:PT3S} +idp.attribute.resolver.LDAP.responseTimeout = %{idp.authn.LDAP.responseTimeout:PT3S} +idp.attribute.resolver.LDAP.baseDN = %{idp.authn.LDAP.baseDN:undefined} +idp.attribute.resolver.LDAP.bindDN = %{idp.authn.LDAP.bindDN:undefined} +idp.attribute.resolver.LDAP.bindDNCredential = %{idp.authn.LDAP.bindDNCredential:undefined} +idp.attribute.resolver.LDAP.useStartTLS = %{idp.authn.LDAP.useStartTLS:true} +idp.attribute.resolver.LDAP.trustCertificates = %{idp.authn.LDAP.trustCertificates:undefined} +idp.attribute.resolver.LDAP.searchFilter = (uid=$resolutionContext.principal) + +# LDAP pool configuration, used for both authn and DN resolution +#idp.pool.LDAP.minSize = 3 +#idp.pool.LDAP.maxSize = 10 +#idp.pool.LDAP.validateOnCheckout = false +#idp.pool.LDAP.validatePeriodically = true +#idp.pool.LDAP.validatePeriod = PT5M +#idp.pool.LDAP.prunePeriod = PT5M +#idp.pool.LDAP.idleTime = PT10M +#idp.pool.LDAP.blockWaitTime = PT3S +#idp.pool.LDAP.failFastInitialize = false diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/metadata-providers.xml b/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/metadata-providers.xml new file mode 100644 index 0000000..fbd2a6d --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/metadata-providers.xml @@ -0,0 +1,82 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/saml-nameid.xml b/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/saml-nameid.xml new file mode 100644 index 0000000..ea97448 --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/conf/saml-nameid.xml @@ -0,0 +1,62 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-backchannel.crt b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-backchannel.crt new file mode 100644 index 0000000..ef29ec6 --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-backchannel.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDDzCCAfegAwIBAgIUNhoGlKP7mWuGizduv8qofntjgygwDQYJKoZIhvcNAQEL +BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTE3MDQxMzIxMTk1M1oXDTM3MDQx +MzIxMTk1M1owFDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAks/QokbcrFosPTXL+i2iMFQMfZvoFxgqIXH+xxrpljrL +sglonsbmHGuinnSeywRzfcBB6mEf3BnYzyezP0aB1GJYzItRSd4AoWAx8WblFfgM +ununMmDpfF1dyTxZxRg/vmhN9EttVugsAoynA17RbiF4vVxx3zhNGS0u3MbaYtH1 +kYIdY9xZMR2wvDo584CQc0/20/FooPnlL0I1s2FD6LFEgvl1sux5owL0ELITSTUF +KEkQVxpYoFZhsq6qhWQJfVvT98W4CMVpXgggQilAWAK1QgLxJtyx54Y3YruFkXsy +Yahi04wwaQXmSHDfQbOzy8yzO65on2VjEPGid6PQvQIDAQABo1kwVzAdBgNVHQ4E +FgQUDkHIVBHNiAcr6vQv/P+5PlKjeAcwNgYDVR0RBC8wLYIJbG9jYWxob3N0hiBo +dHRwczovL2xvY2FsaG9zdC9pZHAvc2hpYmJvbGV0aDANBgkqhkiG9w0BAQsFAAOC +AQEAioMgLmAx1nQwFRuiKe9zhHyl9QClOZ/qI1A/pV3QQfItxpnkjecElvpN0MLX +ugmT0kb0tgyIUxOjHd78kSJOkFKmWPv+iSLouaU4/Y3yOW0uUWOwlExKJNegczBC +t1OCtSAyStnYWSMUHk/Lgq4LcNKwjeaVczEbBoJO8nC/Zx0VMvLEsiCeWR+1acpT +BHcQbEkiSJg2WS3krKt0Wq4iL+WjQhkva6zugM0Lxfkyeeg/imcn6A93zr7e6N+/ +SeKGUN2EpNRAAgEVQMVuMuKo7uFzxl2KxmkKckBG4dnDIvco/OE7khgnbNgszaqX +xDkRFm7ZnBhVnGde7W9xjmw+eA== +-----END CERTIFICATE----- diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-backchannel.p12 b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-backchannel.p12 new file mode 100644 index 0000000..6e4487a Binary files /dev/null and b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-backchannel.p12 differ diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-browser.p12 b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-browser.p12 new file mode 100644 index 0000000..7c0df53 Binary files /dev/null and b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-browser.p12 differ diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-encryption.crt b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-encryption.crt new file mode 100644 index 0000000..2f3e4a4 --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-encryption.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDEDCCAfigAwIBAgIVAK/i6INNo2HZzO676jmYDSMUL8pyMA0GCSqGSIb3DQEB +CwUAMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xNzA0MTMyMTE5NTBaFw0zNzA0 +MTMyMTE5NTBaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBAJbpEl+MgBuKc4gzGni76gcQO/sa/IupoK2RRsnGEKPS +x7q93ZCe4/TTIR8ZArk7aoTtOrV3s7xhOlvwwlUmQEhIupHtk0EDyWxXV4xK8i99 +3rqNkYcHM/C1iZfoKcoEhwQ5pBVukEgxtSIAfsN7UCE88oTRPhTHV8XJkNjw66Vl +P1MBsO5KQaoKW/Ap86nuhDUHMNFAt/jJ2UFGhEVle4ubckBTltrZDV98m6hHYUws +nCuRGEXusGDsqgEt93C8zRjAVhyNBNp+jQUHCBPy/6TG7AZ0TkPuQ3AxhDt34y6A +dgSaCDmy5sI14oa1S1UagSKt8AXpzC0ao8pwqz+t8usCAwEAAaNZMFcwHQYDVR0O +BBYEFMDqVDwUdJ6wzRLBR0jb3QdW1CFpMDYGA1UdEQQvMC2CCWxvY2FsaG9zdIYg +aHR0cHM6Ly9sb2NhbGhvc3QvaWRwL3NoaWJib2xldGgwDQYJKoZIhvcNAQELBQAD +ggEBAFk6YtMiqkuJXY10aeUhabGgkBdpj6RgHreBvhSmn9UTq/4EGgEWNGNYBVn6 +i9i55GzGCtp7RUAuVUTqH5V3Mbp6drUlNbVex05ypYnYM/wIq5W8EENClugPHepZ +OX0gVUVOeayVUMRHPntNI7HicUDYVvXI/Wjhko/GLqwArNKyenmKlRo1yyedkEKF +fhy9QowXYTvG82i3nu0JS9v/103WApXjIr3eP8LZpGpurOxyG3D+8vW3oML6C1eV +FsLdhy3a5kOvGXbzXHn4tFdVCE3oa72FkrsDHZ8YGHb+s2JFHFRsRzDRSmBRV+LA +3ffQkUP9K+ZGyGQijt6gAEJXcsw= +-----END CERTIFICATE----- diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-encryption.key b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-encryption.key new file mode 100644 index 0000000..5240e81 --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-encryption.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAlukSX4yAG4pziDMaeLvqBxA7+xr8i6mgrZFGycYQo9LHur3d +kJ7j9NMhHxkCuTtqhO06tXezvGE6W/DCVSZASEi6ke2TQQPJbFdXjEryL33euo2R +hwcz8LWJl+gpygSHBDmkFW6QSDG1IgB+w3tQITzyhNE+FMdXxcmQ2PDrpWU/UwGw +7kpBqgpb8Cnzqe6ENQcw0UC3+MnZQUaERWV7i5tyQFOW2tkNX3ybqEdhTCycK5EY +Re6wYOyqAS33cLzNGMBWHI0E2n6NBQcIE/L/pMbsBnROQ+5DcDGEO3fjLoB2BJoI +ObLmwjXihrVLVRqBIq3wBenMLRqjynCrP63y6wIDAQABAoIBABemmXGOFHm8fhTH +ZYusb6YBvlTBSvkccYkiLoTq3KrAGvtCTFog/Lre5972zX14OV5xy3SrOOj6F+pW +1i4AG6z4cPzzzdMvo76uBZOAH2qgAGseSsNtto8v9EtxYDM/+GUKH5QYStZ1q9yT +VUqPpeQ/qAZ2wJMDFtdxmpjVUSkPcnSW5yGQ0kZ82gNCUC4matqwN9glyhNenYKq +y9h+5Rj+JjP3Xyf7lzJqzyKel9qJ/aSyMpzpA4JeyVbHdAAFL4GihaBnmSBkNrX4 +DuHghMLS+WOk4EeGLRaZIatwKvSBMqeb2gyI6vPyPRxzaQd2OevGvATOsltqjmow +5ocwAgECgYEAytEE5jKjDMRVvEC42aH2dg6QUXWirz8DmlWaF8C5FJjaJISdUmny +pxhLZ/GyD1XwaH/RQawBYSq+HPyaUO0xIIzduxyLaZmlu/bLuA/+riLtfvdp3k3z +j1NlPzer4MnrJ8yZfHehNDm+6tv2PcySxZyXXvW8joQZ52FymqqIsesCgYEAvnuf +bnnA+4nH2mE+0WOziZ+yDhUQqBB4PCWdjlvHWw/iv1yCxSreS2jD8acJgbBmhOhl +Di4pncoG4NM0182EW6VVGjEaHnTUwFoCEIjEbCSc+oo8dnsqK2gwb0XNGKI+I/OY +uAOyP8iqYqae6cUQyHWlg5cmdRCKpc9TI6XOgwECgYEAg+VChmHP33GfP/nnPMEz +grsd55vU3JriQPACcggHVPnCg5Uqqnn0L+6Au2xXG9oLqinVcBvoGcSuNjOgN5jJ +Jh315MU/dMFTItXwzha4zY4xXSyRUNzo1ACsC1ytDlbB8vP/rQ4va8NSAXJixPXR +TWn0lvDAWv5Vyj95RFQ66VkCgYA5OFupTSvapAYEJOhA8ElTk0RilJNfWSs1LjuJ +MyrMwRXlVD34SqtiTcNmyT3C1qHFVSZePyHDQ5gTW37pQNR8z0qkRpHJCmGKsr8i +BmOy9MCvRm1pThBZ37+E/ZvhxYMTO67pwDqAjKAaaGEealNjVGv2/qXPzrtHmeMo +tzs1AQKBgE4zeVwa9ZzHjgAz+mkHtxdXvM1pEYa3drTqyME3eGvttwHj5JoF9P4k +N9/BMeQqXMa5lS8Y7iL4LkTxxGS8Rld6L3WkY8XwvaMgGxsrPP8GQJp++Nt89dhB +fd86T52Rs5vBmin6QVTmAfjleqnlk1/DIysc4vNugFTy2PWM5jB5 +-----END RSA PRIVATE KEY----- diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-signing.crt b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-signing.crt new file mode 100644 index 0000000..7318637 --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-signing.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDEDCCAfigAwIBAgIVAI427wUmgnuo//BnofLWvDbJ5LFZMA0GCSqGSIb3DQEB +CwUAMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xNzA0MTMyMTE5NDlaFw0zNzA0 +MTMyMTE5NDlaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBANrbeJysRIIfnV4NCBkglD7TnnsBiAP8rmYMlKNzB/8P +lh8T8A/m3ZcSfK5XOooV9HYrJ4zkPYWQfmMTc7gPohtEnVvU2T0BhqXVGItRNPq0 +W8PPyJiaf5cPTej2UU0mvEj6RXzswPmpdabti+hFMK1rwKDGAgyNz7O+ODbtUeEu +84B4OVehjgc0DOeeIMOpCa0ZZURtGcmWa2J/2D8ONtsT6YLzrBHSjea8ahu2MnC0 +3TmQ008yWlXztWiNkccVstQ7WwT1aEon6ni608OtRLZ64UHRmaM6MZHft2DcyYgd +bE7wArKpauLscEzAXRaSdJ4lvtgAdjneACbPbTXpvgUCAwEAAaNZMFcwHQYDVR0O +BBYEFGIsJ7ChRjGGKOTuK+Gf79XdnhazMDYGA1UdEQQvMC2CCWxvY2FsaG9zdIYg +aHR0cHM6Ly9sb2NhbGhvc3QvaWRwL3NoaWJib2xldGgwDQYJKoZIhvcNAQELBQAD +ggEBACzq9+IaRqb44oWy3cX+oQUxBozCOd0dn3cAHn/7U2EAt47YLucaT66K5LYq +VpfqYUYP7FXq9lqpYXQgUNn8DuSDroBzQIOx0YVsS4sRKMv+pTBr6WqrIcbDB9Np +VHqdIxIDD9kxwy8eTEKmeDmjl6ZjGnxa8WjwP6PFXBWJI/vQvxNACqnThIsoKLGv +KPta+ROPrtMMbphsVyHClHlLWp/r015B545FBiasFW+jHzS0/pc8eknNafQ2+chX +GPNfHvJXgg3kDHtW6bydWnWIcCKqaTHFSObgEivuMoCJ0cZVjVEFIpzB3J71qMkc +SJ5zygjKVMFLsbAkzGUFYG1DbBM= +-----END CERTIFICATE----- diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-signing.key b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-signing.key new file mode 100644 index 0000000..ebc8880 --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/idp-signing.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpQIBAAKCAQEA2tt4nKxEgh+dXg0IGSCUPtOeewGIA/yuZgyUo3MH/w+WHxPw +D+bdlxJ8rlc6ihX0disnjOQ9hZB+YxNzuA+iG0SdW9TZPQGGpdUYi1E0+rRbw8/I +mJp/lw9N6PZRTSa8SPpFfOzA+al1pu2L6EUwrWvAoMYCDI3Ps744Nu1R4S7zgHg5 +V6GOBzQM554gw6kJrRllRG0ZyZZrYn/YPw422xPpgvOsEdKN5rxqG7YycLTdOZDT +TzJaVfO1aI2RxxWy1DtbBPVoSifqeLrTw61EtnrhQdGZozoxkd+3YNzJiB1sTvAC +sqlq4uxwTMBdFpJ0niW+2AB2Od4AJs9tNem+BQIDAQABAoIBAQDFNE949S0CB1S4 +g4uRgK6z8eFyuw2BcjT/VUS2Bxfkd3nw5PlCiueOkiTwvz7LYD8YH4iSxrK84FdS +FRwHdWa/pVMZhTB+bRqT4PEtz+2qHcw2I8t/3m8rganVSeY2W7n7FDB7AaZdEJon +4RJZJ8dV7Kr085azEzFdqABlVfCasxX8SdG6XyTiSRBla1SHhw7DB1OYphWTHob5 +1NOM3GYefgI+hcMnCFDNyXJcdyYoHAMqt6dVbJjMFO5yu0AcSI5gxtNpU6bG7E36 +Bm/hGUG1WYdl1EkWFfogo0Fw0Sm9h4hZDyYgm0j/ZCdGh8PI6JSR2Dbs41aPpzHu +9IFDnFqBAoGBAPTSKSLqDMiEQxyTFhkxnvZE6p7z27UW6sf9wwncEkM8bB9FmnZs +/5x/HRnBjsQMxoYeKX+5w7XRo2qlAmAwo4wGAipkEswzqYmKIxXZaL1VquJ9zQWa +G5nY6ybARLW2JEtod3rnqXYqL7/OkS5QN4JRkm/KWxOYWlXpYUwNOzohAoGBAOTZ +zt1BjfXCWK3I1HmJRo2qLgJMqLlM9umOLFQ734xYbA7V9f5oMzjAUBSwT8v/Ls1F +DTVdDOKroBpivhRkk5S3SRpuoNQhIJXIsqv91NPSDF3hXQyTU4F+ar5T19BWU5oz +wS+LbIjHgY00517fwd4662c0Ib54RXZtI+lvZ+9lAoGBAIftg595+Zz/Kk/cLoHQ +diTfwLB+TrctwS9G6po30P/5tUJrn8Yu4IDgZqTdPcoGGddvObVLy6jQe34Dnd0Q +RE3DLEKjC3jLGk9eHfrMmgW9YcKc/E8m8DosIOuEBuIo/d/MYcIgi4srAxXot9zR +9u/pIHfnD0hC560Zhcb29bJhAoGAYGw5EdZWFu9M5+QPSioB1RyYCBX+nRyFiECE +AvW7KenzlYim/gsvUcENvLnQ1VXuhUSL3SkYjcTcT2G9TuBVojpbjcyA7QAMN6/5 +QChR7PG6ji+vQeYtMAlwtkKjUr+cuAMIaZzoHPVaa4GX3syOZbETkEdR1GvecJhp +oihzdVUCgYEAqkMNBgZuVKaQA0WbrQvVfOp657kGFObvVu/lzCVHhGw83MN6kCUP +cIMhZGxaBpSdXY4LqYnqP5A/NYMbpB+SHve5kMxTd5bGqmZRjleR2z5sH/nlGucP +YTo0H8nFFUzK5h5Xi4X/uYMlv1o/7TqdCUfPCfVLRN0ZKv28N1C/11o= +-----END RSA PRIVATE KEY----- diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/jetty.crt b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/jetty.crt new file mode 100644 index 0000000..7a58283 --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/jetty.crt @@ -0,0 +1,28 @@ +-----BEGIN CERTIFICATE----- +MIIErTCCA5WgAwIBAgIJAOSlrj6xJUHHMA0GCSqGSIb3DQEBCwUAMIGVMQswCQYD +VQQGEwJVUzELMAkGA1UECBMCV0kxEDAOBgNVBAcTB01hZGlzb24xGDAWBgNVBAoT +D1RJRVIgVW5pdmVyc2l0eTESMBAGA1UECxMJSW50ZXJuZXQyMRIwEAYDVQQDEwls +b2NhbGhvc3QxJTAjBgkqhkiG9w0BCQEWFnRpZXItYXBpQGludGVybmV0Mi5lZHUw +HhcNMTcwNDEzMjE0MzA5WhcNMTcwNTEzMjE0MzA5WjCBlTELMAkGA1UEBhMCVVMx +CzAJBgNVBAgTAldJMRAwDgYDVQQHEwdNYWRpc29uMRgwFgYDVQQKEw9USUVSIFVu +aXZlcnNpdHkxEjAQBgNVBAsTCUludGVybmV0MjESMBAGA1UEAxMJbG9jYWxob3N0 +MSUwIwYJKoZIhvcNAQkBFhZ0aWVyLWFwaUBpbnRlcm5ldDIuZWR1MIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwTB3FgmlPOh/aw3wgD3xWxbVxLdsEQ5 +2py0IjLVEfFZyzXMIVjtzhS+9m3U5ER9L9XnXlHZTT46rb3M3f74o8/46xr7KGOb +CVRqhjqWErjiYgGwbVoq1UuC1+AvRXX4adqTuIFaUL4ITMHxlm5v/bhPO9RKdUmK +P9PRNdHeZLpMzo5uKINQUFt3DDI+Xf52fiLj7MbLvrVaabZBNRcwm+atSNai8RGn +6bKC2L5dX9QxQ6JQ/uIUYawHETPEeoPsNkCcxq6VLJKNEpR7Dlt78mpty/N0M3y9 +3h8qODjI6XbL30Ug1iBOI4sum688YhePY/t3VCrWOwkEvffZcDAbRwIDAQABo4H9 +MIH6MB0GA1UdDgQWBBTXvg4SGbM+edkQP4ejVF3T2EPPpTCBygYDVR0jBIHCMIG/ +gBTXvg4SGbM+edkQP4ejVF3T2EPPpaGBm6SBmDCBlTELMAkGA1UEBhMCVVMxCzAJ +BgNVBAgTAldJMRAwDgYDVQQHEwdNYWRpc29uMRgwFgYDVQQKEw9USUVSIFVuaXZl +cnNpdHkxEjAQBgNVBAsTCUludGVybmV0MjESMBAGA1UEAxMJbG9jYWxob3N0MSUw +IwYJKoZIhvcNAQkBFhZ0aWVyLWFwaUBpbnRlcm5ldDIuZWR1ggkA5KWuPrElQccw +DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAZUN0cEMk61Okf8n+R4W1 +hpVgs7q7cpn77OfCG0d8X5mP+NMzrBCFTwHGpTK2FJAM4/B87Im81F9ydPXPCoVN +dkldZddDU6ZcSwlxQQda/lwoosPu2xX3gE6dkrSV8lNvUAHq3b/RyFG3glU17NUB +EtWP8iDpu2d6LuoBmlhSmA+6TsHxynU1wduNOIkDXisGJF19hExiR9ypEDCITvp3 +rfhiXaakPLTLcuVlwTpc1HUwmFQ4yWTH1pxid7ykjN1QRV2rP98RYCubrDpkd7bY +ApwKcoTbcMmfabl13RvDlrrw9srBk4BDVsBTF2TQtFwBlMl1ZzXW1mkKJ/S22/7t +JQ== +-----END CERTIFICATE----- diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/jetty.key b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/jetty.key new file mode 100644 index 0000000..e6448e8 --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/jetty.key @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3-CBC,69574AB259C87F77 + +rViCFIARC3FSSYAyrxeTvbow6OcpiWBs/aPJulxYsuJ0FE8QKwFSeBYkt+fP+5bs +x/9OXImLaOgmcDc72URhlhqDF2bNGQJA/dorkUhe4v7co8kV/o1lGoCnF2irBOD7 +3IDv5SJUzveeocW9GCc5mng1YIHNmHh7rCQScAc17mVUEBWwvx46tQP2BNMA6VoP +dVyfCJ/3UoCPCFwel74EMmh9dC7HyTgt/KweBZIEE17jxLFirS1VwKuZ4idDvXKL +5ZvHkXV73OL8UVgWzgCfyKtKlaiZDq4L9/zgjfPK0+35thihzvOum0fB/m4hVDV9 +8iqcLBScRjWLJKfSANWsj/pQC6waXB2oXq/ulOT221EnUDRkITRp/RdkfDSPMNxj +1X7/tVQhFF+Dle+909FRWHt43jK4edRJnMp982lF9YXGcZVe6D30tOomhTR8ABO/ +ANR0SmoR+M8oBTZOPGeTlE5UjzN24QSGFsLwj6ucuARfZU++NppYYe6TwKivxQow +YmoK6QUsLHQthHUYwPB8ohZgP7YXrFZGxZvQFGehrl4JLdAgsQfm4QhcXBjkIrLA +geaZZT9eopy+36adYlsAII4vVpl5YM1wDTF44IsofJYJj67OYF4qbCUmOe4pls9g +lg8vq2C/fJRfWTb+F7q55/VbsHhvEvQtYnXLIlR8pzpDq9UxYOL6coxpBGvjJ8hh +rmeEMqIpbFs5KjxbLN+AK6ZMi7V2q9neI7mHM98WpGuifdVltTa//qt3IwJl8xA2 +PxqYAZ0Mu87o5yKvKg/yoPHKAjx/OleUUckSH0IZ3Bh+xiaQi9TmcR3ohzFgBxgK +TLXw//WjQZlVyIe/FS1JmeCnxT0WMAG/YZFxfrzFDRjYSRgMAAEHl26fFqODBjGF +nnVM2jWwihWCt3gCOmbg+XuoXuWdWEYq2g0rvgn4J2YUmUQe5MEk/yzx+eBBtoZd +4M/ji3GbxShvvPyerkC0GajrWKfr9uJaomFzAvwP2PVsbeLppDLz6px9hu0wdpeD +ECVIPh85QH6/8prvSLsH9amaURhDHxhbI1XXAFqF4HpaAsQ5y2ZY6Y8O29I0onYR +5qisReWIp/NB5cc8aRcyrOPCyxKGEKmsZk09nINwPMl4Kr6RWMQDIV+8F8AGSc/n +bY8gPZYB5yZfZgPkd5J235JxsF6gJuoM4fV6S3WPeqPCabhTJ1ES5N6ZMynDalQh +2jTYqGhLAKGPqHxNsok+Lr3+u4F+Y7AhK5MW6qIYWx4Gw0upon1PZCCUfyASUn5Z +5EyicZvpRLY4UNnRFDjnsB5xdEay9GwJq9qLGicnfCE1Wf5gQEoU7Sk/7hDcEMVk +6X4Z0XC549r6x8B/+IqVgPMbvdJRl8mYuNUluNQmKgsp4Qv7T3GiJGSISyN3GKlW +AjXKAQ3ucBwfXo0ZRt86/Vdtd8hhMfXqoGLWELiLHDP+ey7nTcSQkTvQrpuergi3 +yx5qs65b3Z2+pxpGltos8YSyJGpgbKkD1n5bWf5TWbv3q1cZ/TyY7fD/aHdK/cGK +CKmojrQ65VT6MALnmjoqftRvgq0bpvfhWiQCG8EFD99kv1toh1gDGQ== +-----END RSA PRIVATE KEY----- diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/sealer.jks b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/sealer.jks new file mode 100644 index 0000000..b015c5e Binary files /dev/null and b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/sealer.jks differ diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/sealer.kver b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/sealer.kver new file mode 100644 index 0000000..189c664 --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/credentials/sealer.kver @@ -0,0 +1,2 @@ +#Thu Apr 13 21:19:57 UTC 2017 +CurrentVersion=1 diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/metadata/idp-metadata.xml b/Sources/SIS/shib-idp/customized-shibboleth-idp/metadata/idp-metadata.xml new file mode 100644 index 0000000..746ba46 --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/metadata/idp-metadata.xml @@ -0,0 +1,213 @@ + + + + + + + + example.edu + + + + + + + +MIIDDzCCAfegAwIBAgIUNhoGlKP7mWuGizduv8qofntjgygwDQYJKoZIhvcNAQEL +BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTE3MDQxMzIxMTk1M1oXDTM3MDQx +MzIxMTk1M1owFDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAks/QokbcrFosPTXL+i2iMFQMfZvoFxgqIXH+xxrpljrL +sglonsbmHGuinnSeywRzfcBB6mEf3BnYzyezP0aB1GJYzItRSd4AoWAx8WblFfgM +ununMmDpfF1dyTxZxRg/vmhN9EttVugsAoynA17RbiF4vVxx3zhNGS0u3MbaYtH1 +kYIdY9xZMR2wvDo584CQc0/20/FooPnlL0I1s2FD6LFEgvl1sux5owL0ELITSTUF +KEkQVxpYoFZhsq6qhWQJfVvT98W4CMVpXgggQilAWAK1QgLxJtyx54Y3YruFkXsy +Yahi04wwaQXmSHDfQbOzy8yzO65on2VjEPGid6PQvQIDAQABo1kwVzAdBgNVHQ4E +FgQUDkHIVBHNiAcr6vQv/P+5PlKjeAcwNgYDVR0RBC8wLYIJbG9jYWxob3N0hiBo +dHRwczovL2xvY2FsaG9zdC9pZHAvc2hpYmJvbGV0aDANBgkqhkiG9w0BAQsFAAOC +AQEAioMgLmAx1nQwFRuiKe9zhHyl9QClOZ/qI1A/pV3QQfItxpnkjecElvpN0MLX +ugmT0kb0tgyIUxOjHd78kSJOkFKmWPv+iSLouaU4/Y3yOW0uUWOwlExKJNegczBC +t1OCtSAyStnYWSMUHk/Lgq4LcNKwjeaVczEbBoJO8nC/Zx0VMvLEsiCeWR+1acpT +BHcQbEkiSJg2WS3krKt0Wq4iL+WjQhkva6zugM0Lxfkyeeg/imcn6A93zr7e6N+/ +SeKGUN2EpNRAAgEVQMVuMuKo7uFzxl2KxmkKckBG4dnDIvco/OE7khgnbNgszaqX +xDkRFm7ZnBhVnGde7W9xjmw+eA== + + + + + + + + + +MIIDEDCCAfigAwIBAgIVAI427wUmgnuo//BnofLWvDbJ5LFZMA0GCSqGSIb3DQEB +CwUAMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xNzA0MTMyMTE5NDlaFw0zNzA0 +MTMyMTE5NDlaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBANrbeJysRIIfnV4NCBkglD7TnnsBiAP8rmYMlKNzB/8P +lh8T8A/m3ZcSfK5XOooV9HYrJ4zkPYWQfmMTc7gPohtEnVvU2T0BhqXVGItRNPq0 +W8PPyJiaf5cPTej2UU0mvEj6RXzswPmpdabti+hFMK1rwKDGAgyNz7O+ODbtUeEu +84B4OVehjgc0DOeeIMOpCa0ZZURtGcmWa2J/2D8ONtsT6YLzrBHSjea8ahu2MnC0 +3TmQ008yWlXztWiNkccVstQ7WwT1aEon6ni608OtRLZ64UHRmaM6MZHft2DcyYgd +bE7wArKpauLscEzAXRaSdJ4lvtgAdjneACbPbTXpvgUCAwEAAaNZMFcwHQYDVR0O +BBYEFGIsJ7ChRjGGKOTuK+Gf79XdnhazMDYGA1UdEQQvMC2CCWxvY2FsaG9zdIYg +aHR0cHM6Ly9sb2NhbGhvc3QvaWRwL3NoaWJib2xldGgwDQYJKoZIhvcNAQELBQAD +ggEBACzq9+IaRqb44oWy3cX+oQUxBozCOd0dn3cAHn/7U2EAt47YLucaT66K5LYq +VpfqYUYP7FXq9lqpYXQgUNn8DuSDroBzQIOx0YVsS4sRKMv+pTBr6WqrIcbDB9Np +VHqdIxIDD9kxwy8eTEKmeDmjl6ZjGnxa8WjwP6PFXBWJI/vQvxNACqnThIsoKLGv +KPta+ROPrtMMbphsVyHClHlLWp/r015B545FBiasFW+jHzS0/pc8eknNafQ2+chX +GPNfHvJXgg3kDHtW6bydWnWIcCKqaTHFSObgEivuMoCJ0cZVjVEFIpzB3J71qMkc +SJ5zygjKVMFLsbAkzGUFYG1DbBM= + + + + + + + + + +MIIDEDCCAfigAwIBAgIVAK/i6INNo2HZzO676jmYDSMUL8pyMA0GCSqGSIb3DQEB +CwUAMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xNzA0MTMyMTE5NTBaFw0zNzA0 +MTMyMTE5NTBaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBAJbpEl+MgBuKc4gzGni76gcQO/sa/IupoK2RRsnGEKPS +x7q93ZCe4/TTIR8ZArk7aoTtOrV3s7xhOlvwwlUmQEhIupHtk0EDyWxXV4xK8i99 +3rqNkYcHM/C1iZfoKcoEhwQ5pBVukEgxtSIAfsN7UCE88oTRPhTHV8XJkNjw66Vl +P1MBsO5KQaoKW/Ap86nuhDUHMNFAt/jJ2UFGhEVle4ubckBTltrZDV98m6hHYUws +nCuRGEXusGDsqgEt93C8zRjAVhyNBNp+jQUHCBPy/6TG7AZ0TkPuQ3AxhDt34y6A +dgSaCDmy5sI14oa1S1UagSKt8AXpzC0ao8pwqz+t8usCAwEAAaNZMFcwHQYDVR0O +BBYEFMDqVDwUdJ6wzRLBR0jb3QdW1CFpMDYGA1UdEQQvMC2CCWxvY2FsaG9zdIYg +aHR0cHM6Ly9sb2NhbGhvc3QvaWRwL3NoaWJib2xldGgwDQYJKoZIhvcNAQELBQAD +ggEBAFk6YtMiqkuJXY10aeUhabGgkBdpj6RgHreBvhSmn9UTq/4EGgEWNGNYBVn6 +i9i55GzGCtp7RUAuVUTqH5V3Mbp6drUlNbVex05ypYnYM/wIq5W8EENClugPHepZ +OX0gVUVOeayVUMRHPntNI7HicUDYVvXI/Wjhko/GLqwArNKyenmKlRo1yyedkEKF +fhy9QowXYTvG82i3nu0JS9v/103WApXjIr3eP8LZpGpurOxyG3D+8vW3oML6C1eV +FsLdhy3a5kOvGXbzXHn4tFdVCE3oa72FkrsDHZ8YGHb+s2JFHFRsRzDRSmBRV+LA +3ffQkUP9K+ZGyGQijt6gAEJXcsw= + + + + + + + + + + + + + + + + + + + + + + + example.edu + + + + + + +MIIDDzCCAfegAwIBAgIUNhoGlKP7mWuGizduv8qofntjgygwDQYJKoZIhvcNAQEL +BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTE3MDQxMzIxMTk1M1oXDTM3MDQx +MzIxMTk1M1owFDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAks/QokbcrFosPTXL+i2iMFQMfZvoFxgqIXH+xxrpljrL +sglonsbmHGuinnSeywRzfcBB6mEf3BnYzyezP0aB1GJYzItRSd4AoWAx8WblFfgM +ununMmDpfF1dyTxZxRg/vmhN9EttVugsAoynA17RbiF4vVxx3zhNGS0u3MbaYtH1 +kYIdY9xZMR2wvDo584CQc0/20/FooPnlL0I1s2FD6LFEgvl1sux5owL0ELITSTUF +KEkQVxpYoFZhsq6qhWQJfVvT98W4CMVpXgggQilAWAK1QgLxJtyx54Y3YruFkXsy +Yahi04wwaQXmSHDfQbOzy8yzO65on2VjEPGid6PQvQIDAQABo1kwVzAdBgNVHQ4E +FgQUDkHIVBHNiAcr6vQv/P+5PlKjeAcwNgYDVR0RBC8wLYIJbG9jYWxob3N0hiBo +dHRwczovL2xvY2FsaG9zdC9pZHAvc2hpYmJvbGV0aDANBgkqhkiG9w0BAQsFAAOC +AQEAioMgLmAx1nQwFRuiKe9zhHyl9QClOZ/qI1A/pV3QQfItxpnkjecElvpN0MLX +ugmT0kb0tgyIUxOjHd78kSJOkFKmWPv+iSLouaU4/Y3yOW0uUWOwlExKJNegczBC +t1OCtSAyStnYWSMUHk/Lgq4LcNKwjeaVczEbBoJO8nC/Zx0VMvLEsiCeWR+1acpT +BHcQbEkiSJg2WS3krKt0Wq4iL+WjQhkva6zugM0Lxfkyeeg/imcn6A93zr7e6N+/ +SeKGUN2EpNRAAgEVQMVuMuKo7uFzxl2KxmkKckBG4dnDIvco/OE7khgnbNgszaqX +xDkRFm7ZnBhVnGde7W9xjmw+eA== + + + + + + + + + +MIIDEDCCAfigAwIBAgIVAI427wUmgnuo//BnofLWvDbJ5LFZMA0GCSqGSIb3DQEB +CwUAMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xNzA0MTMyMTE5NDlaFw0zNzA0 +MTMyMTE5NDlaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBANrbeJysRIIfnV4NCBkglD7TnnsBiAP8rmYMlKNzB/8P +lh8T8A/m3ZcSfK5XOooV9HYrJ4zkPYWQfmMTc7gPohtEnVvU2T0BhqXVGItRNPq0 +W8PPyJiaf5cPTej2UU0mvEj6RXzswPmpdabti+hFMK1rwKDGAgyNz7O+ODbtUeEu +84B4OVehjgc0DOeeIMOpCa0ZZURtGcmWa2J/2D8ONtsT6YLzrBHSjea8ahu2MnC0 +3TmQ008yWlXztWiNkccVstQ7WwT1aEon6ni608OtRLZ64UHRmaM6MZHft2DcyYgd +bE7wArKpauLscEzAXRaSdJ4lvtgAdjneACbPbTXpvgUCAwEAAaNZMFcwHQYDVR0O +BBYEFGIsJ7ChRjGGKOTuK+Gf79XdnhazMDYGA1UdEQQvMC2CCWxvY2FsaG9zdIYg +aHR0cHM6Ly9sb2NhbGhvc3QvaWRwL3NoaWJib2xldGgwDQYJKoZIhvcNAQELBQAD +ggEBACzq9+IaRqb44oWy3cX+oQUxBozCOd0dn3cAHn/7U2EAt47YLucaT66K5LYq +VpfqYUYP7FXq9lqpYXQgUNn8DuSDroBzQIOx0YVsS4sRKMv+pTBr6WqrIcbDB9Np +VHqdIxIDD9kxwy8eTEKmeDmjl6ZjGnxa8WjwP6PFXBWJI/vQvxNACqnThIsoKLGv +KPta+ROPrtMMbphsVyHClHlLWp/r015B545FBiasFW+jHzS0/pc8eknNafQ2+chX +GPNfHvJXgg3kDHtW6bydWnWIcCKqaTHFSObgEivuMoCJ0cZVjVEFIpzB3J71qMkc +SJ5zygjKVMFLsbAkzGUFYG1DbBM= + + + + + + + + + +MIIDEDCCAfigAwIBAgIVAK/i6INNo2HZzO676jmYDSMUL8pyMA0GCSqGSIb3DQEB +CwUAMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xNzA0MTMyMTE5NTBaFw0zNzA0 +MTMyMTE5NTBaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBAJbpEl+MgBuKc4gzGni76gcQO/sa/IupoK2RRsnGEKPS +x7q93ZCe4/TTIR8ZArk7aoTtOrV3s7xhOlvwwlUmQEhIupHtk0EDyWxXV4xK8i99 +3rqNkYcHM/C1iZfoKcoEhwQ5pBVukEgxtSIAfsN7UCE88oTRPhTHV8XJkNjw66Vl +P1MBsO5KQaoKW/Ap86nuhDUHMNFAt/jJ2UFGhEVle4ubckBTltrZDV98m6hHYUws +nCuRGEXusGDsqgEt93C8zRjAVhyNBNp+jQUHCBPy/6TG7AZ0TkPuQ3AxhDt34y6A +dgSaCDmy5sI14oa1S1UagSKt8AXpzC0ao8pwqz+t8usCAwEAAaNZMFcwHQYDVR0O +BBYEFMDqVDwUdJ6wzRLBR0jb3QdW1CFpMDYGA1UdEQQvMC2CCWxvY2FsaG9zdIYg +aHR0cHM6Ly9sb2NhbGhvc3QvaWRwL3NoaWJib2xldGgwDQYJKoZIhvcNAQELBQAD +ggEBAFk6YtMiqkuJXY10aeUhabGgkBdpj6RgHreBvhSmn9UTq/4EGgEWNGNYBVn6 +i9i55GzGCtp7RUAuVUTqH5V3Mbp6drUlNbVex05ypYnYM/wIq5W8EENClugPHepZ +OX0gVUVOeayVUMRHPntNI7HicUDYVvXI/Wjhko/GLqwArNKyenmKlRo1yyedkEKF +fhy9QowXYTvG82i3nu0JS9v/103WApXjIr3eP8LZpGpurOxyG3D+8vW3oML6C1eV +FsLdhy3a5kOvGXbzXHn4tFdVCE3oa72FkrsDHZ8YGHb+s2JFHFRsRzDRSmBRV+LA +3ffQkUP9K+ZGyGQijt6gAEJXcsw= + + + + + + + + + + + + + diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/metadata/web-app.xml b/Sources/SIS/shib-idp/customized-shibboleth-idp/metadata/web-app.xml new file mode 100644 index 0000000..0aeeee1 --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/metadata/web-app.xml @@ -0,0 +1,58 @@ + + + + + + + + + + + + + + + + + + + + + + + + MIID6zCCAlOgAwIBAgIJAPytI1UztGxDMA0GCSqGSIb3DQEBCwUAMBcxFTATBgNV BAMTDGY4NWM1NTNjMTQ5NjAeFw0xNzA0MTUyMjMwMDBaFw0yNzA0MTMyMjMwMDBa MBcxFTATBgNVBAMTDGY4NWM1NTNjMTQ5NjCCAaIwDQYJKoZIhvcNAQEBBQADggGP ADCCAYoCggGBAMffMetKpvMjTIDwDvztGCCMiY7od0QMwbmAKuMhIiU/eyqc1/2Z VFlwlABAq7s6fGZ+fbqbGNaP471K+KFme8gpFKWeAJ3ITGp2mIHHMqvgQXLantvE yF2fQadJtJW/10r5xvkgJBndOkNANJSbMq2vJuptU3wOYkyflxjRPfRjQmuy+1zS sPyW+cM1svjqq5/GO8Q70hRgko7Z/Y9KIdbT7/ULgGd7OoAhYBjJvSTTLZM0Y3FJ pSZXODEN0g2ZBBDqBXl9q1obQejVuzsFROZC7BN6t0WcIeacCIha3VgebbfRO5Cv FBGvUprqj9w/kkq5VkHDAwMxqdJ03GKq9T42wybuF86++1rQd95D+qhxUz79fnCJ JlW0TAHEJ86Wj04mb981xfIvztW2oyyj77hUljhddS6SL1UbunRa3f5ciOm4pdjK n/fw5unfs0YvLNPrHwcXUakf4ldCRuwNGJhqGVlcwp89Dou5VhWijEL4xz6kBPWU ECZD/JvWY2zL0wIDAQABozowODAXBgNVHREEEDAOggxmODVjNTUzYzE0OTYwHQYD VR0OBBYEFF1CDIxF0OQoxdFdJGjhqccMfJQkMA0GCSqGSIb3DQEBCwUAA4IBgQBE ofEja+2tqIAnTd2gGhA2oyGoC1uyxZIRtKyrakhuhpWpmQ4xgfTEcUGnACxZfjhD j4CvxwnJpEIqdVS3c0Bje2sep3Flr87jPJh5OWvmssoDNqQ+QANLBxV8MhmKsM8Z ZgVO+Fm83OciaKnxD0a9MJ7qtZPA1g8V7NGoeGzg9IwowuVg/wC1frCw4Pw5OD4K /GcgJVQGhkPxvn8z3MoDLv6y2BilQB0WCoxJ/rvVbVmPWU79srCwot74RFkPHRqj UhoUIht1wd3F+wTKHJ0cT2lQ1YRBOirOX43Nzc1K2fM0DQtlH/X42F4K+6qJQ8Cx FeuyEki6GgwLQ7xTblkmHCtMmRLBjjTlfqFSGFPy+MBE8UQzI08RRMyYtwR9/Z3T Rr+2DYvzBFoBQtsJhYb318Pjvs1Pr4uNzM5cuDwUQ6FQLRaCRAzSYLwUqCP0gVge jC3D/ZtBqA7uP5DQGPh8SXEH8Ivax4pmVSKX8wbTQBeUirVoOSw7/FMuC56bv48= + + + + + + + MIID6zCCAlOgAwIBAgIJAPytI1UztGxDMA0GCSqGSIb3DQEBCwUAMBcxFTATBgNV BAMTDGY4NWM1NTNjMTQ5NjAeFw0xNzA0MTUyMjMwMDBaFw0yNzA0MTMyMjMwMDBa MBcxFTATBgNVBAMTDGY4NWM1NTNjMTQ5NjCCAaIwDQYJKoZIhvcNAQEBBQADggGP ADCCAYoCggGBAMffMetKpvMjTIDwDvztGCCMiY7od0QMwbmAKuMhIiU/eyqc1/2Z VFlwlABAq7s6fGZ+fbqbGNaP471K+KFme8gpFKWeAJ3ITGp2mIHHMqvgQXLantvE yF2fQadJtJW/10r5xvkgJBndOkNANJSbMq2vJuptU3wOYkyflxjRPfRjQmuy+1zS sPyW+cM1svjqq5/GO8Q70hRgko7Z/Y9KIdbT7/ULgGd7OoAhYBjJvSTTLZM0Y3FJ pSZXODEN0g2ZBBDqBXl9q1obQejVuzsFROZC7BN6t0WcIeacCIha3VgebbfRO5Cv FBGvUprqj9w/kkq5VkHDAwMxqdJ03GKq9T42wybuF86++1rQd95D+qhxUz79fnCJ JlW0TAHEJ86Wj04mb981xfIvztW2oyyj77hUljhddS6SL1UbunRa3f5ciOm4pdjK n/fw5unfs0YvLNPrHwcXUakf4ldCRuwNGJhqGVlcwp89Dou5VhWijEL4xz6kBPWU ECZD/JvWY2zL0wIDAQABozowODAXBgNVHREEEDAOggxmODVjNTUzYzE0OTYwHQYD VR0OBBYEFF1CDIxF0OQoxdFdJGjhqccMfJQkMA0GCSqGSIb3DQEBCwUAA4IBgQBE ofEja+2tqIAnTd2gGhA2oyGoC1uyxZIRtKyrakhuhpWpmQ4xgfTEcUGnACxZfjhD j4CvxwnJpEIqdVS3c0Bje2sep3Flr87jPJh5OWvmssoDNqQ+QANLBxV8MhmKsM8Z ZgVO+Fm83OciaKnxD0a9MJ7qtZPA1g8V7NGoeGzg9IwowuVg/wC1frCw4Pw5OD4K /GcgJVQGhkPxvn8z3MoDLv6y2BilQB0WCoxJ/rvVbVmPWU79srCwot74RFkPHRqj UhoUIht1wd3F+wTKHJ0cT2lQ1YRBOirOX43Nzc1K2fM0DQtlH/X42F4K+6qJQ8Cx FeuyEki6GgwLQ7xTblkmHCtMmRLBjjTlfqFSGFPy+MBE8UQzI08RRMyYtwR9/Z3T Rr+2DYvzBFoBQtsJhYb318Pjvs1Pr4uNzM5cuDwUQ6FQLRaCRAzSYLwUqCP0gVge jC3D/ZtBqA7uP5DQGPh8SXEH8Ivax4pmVSKX8wbTQBeUirVoOSw7/FMuC56bv48= + + + + + + + + + + + + + + + + + + + + + TIER API and Ent Reg Working Group + tier-api@internet2.edu + + diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/views/client-storage/client-storage-read.vm b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/client-storage/client-storage-read.vm new file mode 100644 index 0000000..1993c14 --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/client-storage/client-storage-read.vm @@ -0,0 +1,53 @@ +## +## Velocity template to read from local storage. +## +## Velocity context will contain the following properties +## flowExecutionUrl - the form action location +## flowRequestContext - the Spring Web Flow RequestContext +## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl) +## profileRequestContext - root of context tree +## loadContext - context with details about the storage keys to load +## encoder - HTMLEncoder class +## request - HttpServletRequest +## response - HttpServletResponse +## environment - Spring Environment object for property resolution +#set ($title = $springMacroRequestContext.getMessage("idp.title", "Web Login Service")) +#set ($titleSuffix = $springMacroRequestContext.getMessage("idp.client-storage-read.suffix", "Loading Session Information")) +## + + + + + + $title - $titleSuffix + + + + +
+
+
+

$title - $titleSuffix

+
+
+ $springMacroRequestContext.getMessage("idp.client-storage-read.text", "Loading login session information from the browser...") +
+ + #parse( "client-storage/read.vm" ) +
+
+
+

#springMessageText("idp.footer", "Insert your footer text here.")

+
+
+
+ + diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/views/client-storage/client-storage-write.vm b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/client-storage/client-storage-write.vm new file mode 100644 index 0000000..4b92d6b --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/client-storage/client-storage-write.vm @@ -0,0 +1,53 @@ +## +## Velocity template to write to local storage. +## +## Velocity context will contain the following properties +## flowExecutionUrl - the form action location +## flowRequestContext - the Spring Web Flow RequestContext +## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl) +## profileRequestContext - root of context tree +## saveContext - context with details about the storage data to save +## encoder - HTMLEncoder class +## request - HttpServletRequest +## response - HttpServletResponse +## environment - Spring Environment object for property resolution +#set ($title = $springMacroRequestContext.getMessage("idp.title", "Web Login Service")) +#set ($titleSuffix = $springMacroRequestContext.getMessage("idp.client-storage-write.suffix", "Saving Session Information...")) +## + + + + + + $title - $titleSuffix + + + + +
+
+
+

$title - $titleSuffix

+
+
+ $springMacroRequestContext.getMessage("idp.client-storage-write.text", "Saving login session information to the browser...") +
+ + #parse( "client-storage/write.vm" ) +
+
+
+

#springMessageText("idp.footer", "Insert your footer text here.")

+
+
+
+ + \ No newline at end of file diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/views/duo.vm b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/duo.vm new file mode 100644 index 0000000..cf4f96a --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/duo.vm @@ -0,0 +1,83 @@ +## +## Velocity Template for Duo login view-state +## +## Velocity context will contain the following properties +## flowExecutionUrl - the form action location +## flowRequestContext - the Spring Web Flow RequestContext +## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl) +## profileRequestContext - root of context tree +## authenticationContext - context with authentication request information +## rpUIContext - the context with SP UI information from the metadata +## canonicalUsername - name of user passed to Duo +## duoHost - API hostname for Duo frame +## duoRequest - signed Duo request message +## duoScriptPath - path to Duo JavaScript source +## encoder - HTMLEncoder class +## request - HttpServletRequest +## response - HttpServletResponse +## environment - Spring Environment object for property resolution +## custom - arbitrary object injected by deployer +## + + + + + + + #springMessageText("idp.title", "Web Login Service") + + + + +
+
+
+ #springMessageText( +
+ +
+
+ +

#springMessageText("idp.login.duoRequired", "Authentication with Duo is required for the requested service.")

+ + + + +
+ + +
+ +

+ #springMessageText("idp.login.duoCancel", "Cancel this Request") +

+
+
+ +
+
+
+ +
+
+

#springMessageText("idp.footer", "Insert your footer text here.")

+
+
+
+ + diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/views/error.vm b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/error.vm new file mode 100644 index 0000000..dcb8e2b --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/error.vm @@ -0,0 +1,73 @@ +## +## Velocity Template for error end-state +## +## Velocity context will contain the following properties +## flowRequestContext - the Spring Web Flow RequestContext +## profileRequestContext - root of context tree +## encoder - HTMLEncoder class +## request - HttpServletRequest +## response - HttpServletResponse +## environment - Spring Environment object for property resolution +## custom - arbitrary object injected by deployer +## +#set ($title = $springMacroRequestContext.getMessage("idp.title", "Web Login Service")) +#set ($defaultTitleSuffix = $springMacroRequestContext.getMessage("idp.title.suffix", "Error")) +## +#if ($flowRequestContext) + ## This handles flow events, the most common case. + #set ($eventId = $flowRequestContext.getCurrentEvent().getId()) + #set ($eventKey = $springMacroRequestContext.getMessage("$eventId", "error")) + #set ($titleSuffix = $springMacroRequestContext.getMessage("${eventKey}.title", "$defaultTitleSuffix")) + #set ($message = $springMacroRequestContext.getMessage("${eventKey}.message", "$defaultTitleSuffix: $eventId")) + #if ($eventId == "AccessDenied" or $eventId == "ContextCheckDenied") + $response.setStatus(403) + #elseif ($eventId == "AttributeReleaseRejected" || $eventId == "TermsRejected") + $response.setStatus(200) + #elseif ($eventKey == "unexpected" || $eventKey == "runtime-error" || $eventKey == "error") + $response.setStatus(500) + #else + $response.setStatus(400) + #end +#elseif ($exception) + ## This handles exceptions that reach the Spring-MVC exception handler. + #set ($eventId = $exception.getClass().getSimpleName()) + #set ($eventKey = $springMacroRequestContext.getMessage("$eventId", "error")) + #set ($titleSuffix = $springMacroRequestContext.getMessage("${eventKey}.title", "$defaultTitleSuffix")) + #set ($message = $springMacroRequestContext.getMessage("${eventKey}.message", "$defaultTitleSuffix: $eventId")) +#else + ## This is a catch-all that theoretically shouldn't happen? + #set ($titleSuffix = $defaultTitleSuffix) + #set ($message = $springMacroRequestContext.getMessage("idp.message", "An unidentified error occurred.")) +#end +## + + + + + + $title - $titleSuffix + + + + +
+
+
+ #springMessageText( +

$title - $titleSuffix

+
+ +
+ #evaluate($message) +
+
+ +
+
+

#springMessageText("idp.footer", "Insert your footer text here.")

+
+
+ +
+ + \ No newline at end of file diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/views/intercept/attribute-release.vm b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/intercept/attribute-release.vm new file mode 100644 index 0000000..0b74551 --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/intercept/attribute-release.vm @@ -0,0 +1,158 @@ +## +## Velocity Template for DisplayAttributeReleasePage view-state +## +## Velocity context will contain the following properties : +## +## attributeReleaseContext - context holding consentable attributes +## attributeReleaseFlowDescriptor - attribute consent flow descriptor +## attributeDisplayNameFunction - function to display attribute name +## consentContext - context representing the state of a consent flow +## encoder - HTMLEncoder class +## flowExecutionKey - SWF execution key (this is built into the flowExecutionUrl) +## flowExecutionUrl - form action location +## flowRequestContext - Spring Web Flow RequestContext +## profileRequestContext - OpenSAML profile request context +## request - HttpServletRequest +## response - HttpServletResponse +## rpUIContext - context with SP UI information from the metadata +## environment - Spring Environment object for property resolution +#set ($serviceName = $rpUIContext.serviceName) +#set ($serviceDescription = $rpUIContext.serviceDescription) +#set ($informationURL = $rpUIContext.informationURL) +#set ($privacyStatementURL = $rpUIContext.privacyStatementURL) +#set ($rpOrganizationLogo = $rpUIContext.getLogo()) +#set ($rpOrganizationName = $rpUIContext.organizationName) +#set ($replaceDollarWithNewline = true) +## + + + + + + + #springMessageText("idp.attribute-release.title", "Information Release") + + +
+
+
+ + #if ($rpOrganizationLogo) + + #end +
+ #if ($serviceName) +

+ #springMessageText("idp.attribute-release.serviceNameLabel", "You are about to access the service:")
+ $serviceName + #if ($rpOrganizationName) + #springMessageText("idp.attribute-release.of", "of") $encoder.encodeForHTML($rpOrganizationName) + #end +

+ #end + #if ($serviceDescription) +

+ #springMessageText("idp.attribute-release.serviceDescriptionLabel", "Description as provided by this service:")
+ $encoder.encodeForHTML($serviceDescription) +
+

+ #end + #if ($informationURL) +

+ #springMessageText("idp.attribute-release.informationURLLabel", "Additional information about the service") +

+ #end +
+ + + + + + + + #foreach ($attribute in $attributeReleaseContext.getConsentableAttributes().values()) + + + + + + #end + +
+ #springMessageText("idp.attribute-release.attributesHeader", "Information to be Provided to Service") +
$encoder.encodeForHTML($attributeDisplayNameFunction.apply($attribute)) + #foreach ($value in $attribute.values) + #if ($replaceDollarWithNewline) + #set ($encodedValue = $encoder.encodeForHTML($value.getDisplayValue()).replaceAll($encoder.encodeForHTML("$"),"
")) + #else + #set ($encodedValue = $encoder.encodeForHTML($value.getDisplayValue())) + #end + #if ($attributeReleaseFlowDescriptor.perAttributeConsentEnabled) + + #else + $encodedValue + #end +
+ #end + 		+ #if ($attributeReleaseFlowDescriptor.perAttributeConsentEnabled) + #set ($inputType = "checkbox") + #else + #set ($inputType = "hidden") + #end + +
+
+ #if ($privacyStatementURL) +

+ #springMessageText("idp.attribute-release.privacyStatementURLLabel", "Data privacy information of the service") +

+ #end +
+

+ #springMessageText("idp.attribute-release.confirmationQuestion", "The information above would be shared with the service if you proceed. Do you agree to release this information to the service every time you access it?") +

+ #if ($attributeReleaseFlowDescriptor.doNotRememberConsentAllowed || $attributeReleaseFlowDescriptor.globalConsentAllowed) +
+ #springMessageText("idp.attribute-release.consentMethod", "Select an information release consent duration:") + #end + #if ($attributeReleaseFlowDescriptor.doNotRememberConsentAllowed) +

+ + +

    +
  • #springMessageText("idp.attribute-release.doNotRememberConsentItem", "I agree to send my information this time.")
    • +
+

+ #end + #if ($attributeReleaseFlowDescriptor.doNotRememberConsentAllowed || $attributeReleaseFlowDescriptor.globalConsentAllowed) +

+ + +

    +
  • #springMessageText("idp.attribute-release.rememberConsentItem", "I agree that the same information will be sent automatically to this service in the future.")
    • +
+

+ #end + #if ($attributeReleaseFlowDescriptor.globalConsentAllowed) +

+ + +

    +
  • #springMessageText("idp.attribute-release.globalConsentItem", "I agree that all of my information will be released to any service.")
    • +
+

+ #end + #if ($attributeReleaseFlowDescriptor.doNotRememberConsentAllowed || $attributeReleaseFlowDescriptor.globalConsentAllowed) + #springMessageText("idp.attribute-release.consentMethodRevoke", "This setting can be revoked at any time with the checkbox on the login page.") +
+ #end +

+ + +

+
+
+
+ + diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/views/intercept/expiring-password.vm b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/intercept/expiring-password.vm new file mode 100644 index 0000000..4395844 --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/intercept/expiring-password.vm @@ -0,0 +1,54 @@ +## +## Velocity Template for expiring password view +## +## Velocity context will contain the following properties +## flowExecutionUrl - the form action location +## flowRequestContext - the Spring Web Flow RequestContext +## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl) +## profileRequestContext - root of context tree +## authenticationContext - context with authentication request information +## authenticationErrorContext - context with login error state +## authenticationWarningContext - context with login warning state +## ldapResponseContext - context with LDAP state (if using native LDAP) +## encoder - HTMLEncoder class +## request - HttpServletRequest +## response - HttpServletResponse +## environment - Spring Environment object for property resolution +## custom - arbitrary object injected by deployer +## + + + + + + #springMessageText("idp.title", "Web Login Service") + + + + + +
+
+
+ #springMessageText( +

#springMessageText("idp.login.expiringSoon", "Your password will be expiring soon!")

+
+ +
+

#springMessageText("idp.login.changePassword", "To create a new password now, go to") + #.

+

#springMessageText("idp.login.proceedBegin", "Your login will proceed in 20 seconds or you may click") + #springMessageText("idp.login.proceedHere", "here") + #springMessageText("idp.login.proceedEnd", "to continue").

+
+
+ +
+
+

#springMessageText("idp.footer", "Insert your footer text here.")

+
+
+ +
+ + \ No newline at end of file diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/views/intercept/terms-of-use.vm b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/intercept/terms-of-use.vm new file mode 100644 index 0000000..1bf12c7 --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/intercept/terms-of-use.vm @@ -0,0 +1,67 @@ +## +## Velocity Template for DisplayTermsOfUsePage view-state +## +## Velocity context will contain the following properties : +## +## encoder - HTMLEncoder class +## flowExecutionKey - SWF execution key (this is built into the flowExecutionUrl) +## flowExecutionUrl - form action location +## flowRequestContext - Spring Web Flow RequestContext +## request - HttpServletRequest +## response - HttpServletResponse +## rpUIContext - context with SP UI information from the metadata +## termsOfUseId - terms of use ID to lookup message strings +## environment - Spring Environment object for property resolution +#set ($serviceName = $rpUIContext.serviceName) +#set ($rpOrganizationLogo = $rpUIContext.getLogo()) +## + + + + + + + #springMessageText("${termsOfUseId}.title", "Terms of Use") + + +
+
+ + #if ($rpOrganizationLogo) + + #end +
+ #if ($rpOrganizationLogo) +
+

#springMessageText("${termsOfUseId}.title", "Terms of Use")

+
+ #end +
+ #springMessageText("${termsOfUseId}.text", "Terms of Use Text...") +
+
+
+
+ +
+
+
+
+ + + #if ($requireCheckbox) +

#springMessageText("idp.terms-of-use.required", "Please check this box if you want to proceed.")

+ #end + +
+
+
+
+
+
+

#springMessageText("idp.footer", "Insert your footer text here.")

+
+
+
+ + diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/views/login-error.vm b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/login-error.vm new file mode 100644 index 0000000..44676b3 --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/login-error.vm @@ -0,0 +1,24 @@ +## Velocity Template for login error message production, included by login.vm +## +## authenticationErrorContext - context containing error data, if available +## +#if ($authenticationErrorContext && $authenticationErrorContext.getClassifiedErrors().size() > 0 && $authenticationErrorContext.getClassifiedErrors().iterator().next() != "ReselectFlow") + ## This handles errors that are classified by the message maps in the authentication config. + #set ($eventId = $authenticationErrorContext.getClassifiedErrors().iterator().next()) + #set ($eventKey = $springMacroRequestContext.getMessage("$eventId", "login")) + #set ($message = $springMacroRequestContext.getMessage("${eventKey}.message", "Login Failure: $eventId")) +#elseif ($authenticationErrorContext && $authenticationErrorContext.getExceptions().size() > 0) + ## This handles login exceptions that are left unclassified. + #set ($loginException = $authenticationErrorContext.getExceptions().get(0)) + #if ($loginException.getMessage()) + #set ($message = "Login Failure: $loginException.getMessage()") + #else + #set ($message = $loginException.toString()) + #end +#end + +#if ($message) +
+

$encoder.encodeForHTML($message)

+
+#end diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/views/login.vm b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/login.vm new file mode 100644 index 0000000..c421a99 --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/login.vm @@ -0,0 +1,140 @@ +## +## Velocity Template for DisplayUsernamePasswordPage view-state +## +## Velocity context will contain the following properties +## flowExecutionUrl - the form action location +## flowRequestContext - the Spring Web Flow RequestContext +## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl) +## profileRequestContext - root of context tree +## authenticationContext - context with authentication request information +## authenticationErrorContext - context with login error state +## authenticationWarningContext - context with login warning state +## ldapResponseContext - context with LDAP state (if using native LDAP) +## rpUIContext - the context with SP UI information from the metadata +## extendedAuthenticationFlows - collection of "extended" AuthenticationFlowDescriptor objects +## passwordPrincipals - contents of the shibboleth.authn.Password.PrincipalOverride bean +## encoder - HTMLEncoder class +## request - HttpServletRequest +## response - HttpServletResponse +## environment - Spring Environment object for property resolution +## custom - arbitrary object injected by deployer +## +#set ($rpContext = $profileRequestContext.getSubcontext('net.shibboleth.idp.profile.context.RelyingPartyContext')) +#set ($username = $authenticationContext.getSubcontext('net.shibboleth.idp.authn.context.UsernamePasswordContext', true).getUsername()) +#set ($passwordEnabled = false) +#if (!$passwordPrincipals or $passwordPrincipals.isEmpty() or $authenticationContext.isAcceptable($passwordPrincipals)) + #set ($passwordEnabled = true) +#end +## + + + + + + #springMessageText("idp.title", "Web Login Service") + + + +
+
+
+ #springMessageText( +
+ +
+
+ #parse("login-error.vm") + +
+ + #set ($serviceName = $rpUIContext.serviceName) + #if ($serviceName && !$rpContext.getRelyingPartyId().contains($serviceName)) + + #springMessageText("idp.login.loginTo", "Login to") $encoder.encodeForHTML($serviceName) + + #end + + #if ($passwordEnabled) +
+ + +
+ +
+ + +
+ +
+ + +
+ #end + +
+ + +
+ + #if ($passwordEnabled) +
+ +
+ #end + + #foreach ($extFlow in $extendedAuthenticationFlows) + #if ($authenticationContext.isAcceptable($extFlow) and $extFlow.apply(profileRequestContext)) +
+ +
+ #end + #end +
+ + #* + // + // SP Description & Logo (optional) + // These idpui lines will display added information (if available + // in the metadata) about the Service Provider (SP) that requested + // authentication. These idpui lines are "active" in this example + // (not commented out) - this extra SP info will be displayed. + // Remove or comment out these lines to stop the display of the + // added SP information. + // + *# + #set ($logo = $rpUIContext.getLogo()) + #if ($logo) + $encoder.encodeForHTMLAttribute($serviceName) + #end + #set ($desc = $rpUIContext.getServiceDescription()) + #if ($desc) + $encoder.encodeForHTML($desc) + #end + +
+
+ +
+
+
+ +
+
+

#springMessageText("idp.footer", "Insert your footer text here.")

+
+
+
+ + + \ No newline at end of file diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/views/logout-complete.vm b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/logout-complete.vm new file mode 100644 index 0000000..d780252 --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/logout-complete.vm @@ -0,0 +1,59 @@ +## +## Velocity Template for logout flow's concluding view-state (no propagation) +## +## Velocity context will contain the following properties +## flowExecutionUrl - the form action location +## flowRequestContext - the Spring Web Flow RequestContext +## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl) +## profileRequestContext - root of context tree +## logoutContext - context with SPSession details for logout operation +## multiRPContext - context with RelyingPartyContexts and possibly SP UI information from the metadata +## encoder - HTMLEncoder class +## request - HttpServletRequest +## response - HttpServletResponse +## environment - Spring Environment object for property resolution +## custom - arbitrary object injected by deployer +## + + + + + + #springMessageText("idp.title", "Web Login Service") + + + + +
+
+
+ #springMessageText( +
+ +
+
+

#springMessageText("idp.logout.local", "You elected not to log out of all the applications accessed during your session.")

+
+
+ +
+
+
+ + + #if ( $profileRequestContext.getProfileId().contains("saml2/logout") ) + + #end + +
+
+

#springMessageText("idp.footer", "Insert your footer text here.")

+
+
+
+ + + \ No newline at end of file diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/views/logout-propagate.vm b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/logout-propagate.vm new file mode 100644 index 0000000..86b3fa1 --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/logout-propagate.vm @@ -0,0 +1,58 @@ +## +## Velocity Template for logout flow's concluding view-state (with propagation) +## +## Velocity context will contain the following properties +## flowExecutionUrl - the form action location +## flowRequestContext - the Spring Web Flow RequestContext +## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl) +## profileRequestContext - root of context tree +## logoutContext - context with SPSession details for logout operation +## multiRPContext - context with RelyingPartyContexts and possibly SP UI information from the metadata +## htmlEncoder - HTMLEncoder class +## urlEncoder - urlEncoder class +## codecUtil - CodecUtil class +## request - HttpServletRequest +## response - HttpServletResponse +## environment - Spring Environment object for property resolution +## custom - arbitrary object injected by deployer +## + + + + + + #springMessageText("idp.title", "Web Login Service") + + + + + +
+
+
+ #springMessageText( +
+ +
+
+

#springMessageText("idp.logout.attempt", "Attempting to log out of the following services:")

+ #parse("logout/propagate.vm") +
+
+ +
+
+
+ +
+
+

#springMessageText("idp.footer", "Insert your footer text here.")

+
+
+
+ + + \ No newline at end of file diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/views/logout.vm b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/logout.vm new file mode 100644 index 0000000..2342855 --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/logout.vm @@ -0,0 +1,91 @@ +## +## Velocity Template for logout flow's starting view-state +## +## Velocity context will contain the following properties +## flowExecutionUrl - the form action location +## flowRequestContext - the Spring Web Flow RequestContext +## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl) +## profileRequestContext - root of context tree +## logoutContext - context with SPSession details for logout operation +## multiRPContext - context with RelyingPartyContexts and possibly SP UI information from the metadata +## encoder - HTMLEncoder class +## request - HttpServletRequest +## response - HttpServletResponse +## environment - Spring Environment object for property resolution +## custom - arbitrary object injected by deployer +## + + + + + + #if ( $logoutContext and !$logoutContext.getSessionMap().isEmpty() ) + + #end + #springMessageText("idp.title", "Web Login Service") + + + + +
+
+
+ #springMessageText( +
+ +
+
+

This page is displayed when a logout operation at the Identity Provider completes. This page is an example + and should be customized. It is not fully internationalized because the presentation will be a highly localized + decision, and we don't have a good suggestion for a default.

+
+ + #if ( $logoutContext and !$logoutContext.getSessionMap().isEmpty() ) +

#springMessageText("idp.logout.ask", "Would you like to attempt to log out of all services accessed during your session? Please select Yes or No to ensure the logout operation completes, or wait a few seconds for Yes.")

+
+ +
+ + +
+ +
+

#springMessageText("idp.logout.contactServices", "If you proceed, the system will attempt to contact the following services:")

+
    + #foreach ($sp in $logoutContext.getSessionMap().keySet()) + #set ($rpCtx = $multiRPContext.getRelyingPartyContextById($sp)) + #if ($rpCtx) + #set ($rpUIContext = $rpCtx.getSubcontext("net.shibboleth.idp.ui.context.RelyingPartyUIContext")) + #end + #if ($rpUIContext and $rpUIContext.getServiceName()) +
  1. $encoder.encodeForHTML($rpUIContext.getServiceName())
    2. + #else +
  2. $encoder.encodeForHTML($sp)
    3. + #end + #end +
+ #else +

#springMessageText("idp.logout.complete", "The logout operation is complete, and no other services appear to have been accessed during this session.")

+ + + #end + +
+
+ +
+
+
+ +
+
+

#springMessageText("idp.footer", "Insert your footer text here.")

+
+
+
+ + + \ No newline at end of file diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/views/spnego-unavailable.vm b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/spnego-unavailable.vm new file mode 100644 index 0000000..3673f02 --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/spnego-unavailable.vm @@ -0,0 +1,49 @@ +## +## Velocity Template for SPNEGO unauthorized page +## +## This is not a Spring Webflow view, but a special view internal to the +## SPNEGO login flow, so it doesn't contain all of the usual SWF variables. +## +## Velocity context will contain the following properties +## encoder - HTMLEncoder class +## request - HttpServletRequest +## response - HttpServletResponse +## profileRequestContext - root of context tree +## errorUrl - URL to call to indicate error and return back to the login flow +## +#set ($eventKey = $springMacroRequestContext.getMessage("SPNEGOUnavailable", "spnego-unavailable")) + + + + + + #springMessageText("idp.title", "Web Login Sevice") - #springMessageText("${eventKey}.title", "Error") + + + + +
+
+
+ #springMessageText( +

#springMessageText("idp.title", "Web Login Sevice") - #springMessage("idp.title.suffix", "Error")

+
+ +
+ #springMessageText("${eventKey}.message", "Your web browser doesn't support authentication with your desktop login credentials.") + +
+
+ +
+
+

#springMessageText("idp.footer", "Insert your footer text here.")

+
+
+
+ + diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/views/user-prefs.vm b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/user-prefs.vm new file mode 100644 index 0000000..8de0503 --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/views/user-prefs.vm @@ -0,0 +1,60 @@ +## +## Velocity Template for user preferences view +## +## Velocity context will contain the following properties +## request - HttpServletRequest +## response - HttpServletResponse +## environment - Spring Environment object for property resolution +## custom - arbitrary object injected by deployer +## + + + + + + #springMessageText("idp.userprefs.title", "Web Login Service") - #springMessageText("idp.userprefs.title.suffix", "Login Preferences") + + + + +
+
+
+ #springMessageText( +

#springMessageText("idp.title", "Web Login Service") - #springMessageText("idp.userprefs.title.suffix", "Login Preferences")

+

+ #springMessage("idp.userprefs.info") +

+
+ + + + +
+ +
+
+

#springMessageText("idp.footer", "Insert your footer text here.")

+
+
+
+ + + diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/css/consent.css b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/css/consent.css new file mode 100644 index 0000000..5daabee --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/css/consent.css @@ -0,0 +1,150 @@ +.box { + width:600px; + margin-left: auto; + margin-right: auto; + margin-top: 50px; + background-color: white; + -webkit-box-shadow: 1px 1px 15px #999999; + -moz-box-shadow: 1px 1px 15px #999999; + box-shadow: 1px 1px 15px #999999; + -webkit-border-radius: 8px; + -moz-border-radius: 8px; + border-radius: 8px; + overflow: auto; + padding: 1.268em; +} + +body { + font-family:Verdana, Geneva, sans-serif; + font-size: 12px; +} + +h1 { + font-size: 13px; + padding-bottom: 12px; +} + +a { + color: #00247D; + text-decoration: underline; +} + +a:visited { + color: #00247D; + text-decoration: underline; +} + +a:focus, a:hover, a:active { + color: #F39800; + text-decoration: underline; +} + +#tou-content { + font-family:monospace; + width: 95%; + border: solid 1px #666; + margin: 4px; + padding: 10px; + overflow: hidden; +} + +#tou-content li{ + margin-bottom:10px; +} + +#tou-acceptance { + width: 95%; + border: solid 1px #666; + background-color: #F0F0F0; + margin: 4px; + padding: 10px; + text-align: left; + overflow: hidden; +} + +.service_name { + font-weight: bold; +} + +.service_description { + font-style: italic; +} + +.organization_name { +} + +#attributeRelease-consent { + width: 95%; + border: solid 1px #666; + background-color: #F0F0F0; + margin: 4px; + overflow: hidden; +} + +#attributeRelease { + width: 95%; + margin: 4px; + border: solid 1px black; + overflow: auto; +} + +#attributeRelease table { + border-collapse: collapse; + border: none 0px white; + width: 100%; +} + +#attributeRelease td { + padding: 3px 7px; + vertical-align: top; +} + +#attributeRelease th { + text-align: left; + font-size: 18px; + padding: 5px 7px; + background-color:#00247D; + color: white; +} + +#attributeRelease tr:nth-of-type(even) { + background-color: #E4E5E3; +} + +.federation_logo +{ + width: 50%; + float: left; + padding-top: 35px; + border: 0; +} +.organization_logo +{ + width: 50%; + float: right; + border: 0; +} + +.form-error { + padding: 0; + color: #B61601; +} + +/* Device specific styles */ +@media only screen and (max-device-width: 721px){ + .box { + width: auto; + box-shadow: none; + border-radius: 0; + -webkit-box-shadow: none; + -webkit-border-radius: 0; + -moz-box-shadow: none; + -moz-border-radius: 0; + padding: 0; + margin-top:0; + } + #tou-content, #tou-acceptance{ + /*width:87%;*/ + width:auto; + } +} diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/css/logout.css b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/css/logout.css new file mode 100644 index 0000000..26f1893 --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/css/logout.css @@ -0,0 +1,12 @@ +/* Success/Failure indicators for logout propagation. */ + +.success { + background: url(../images/success-32x32.png) no-repeat left center; + line-height: 36px; + padding-left: 36px; +} +.failure { + background: url(../images/failure-32x32.png) no-repeat left center; + line-height: 36px; + padding-left: 36px; +} diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/css/main.css b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/css/main.css new file mode 100644 index 0000000..54827ce --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/css/main.css @@ -0,0 +1,165 @@ +* { + margin: 0; + padding: 0; +} +header, footer, section, nav { + display: block; +} +html, body { + height: 100%; +} +body { + font-family:Verdana, Geneva, sans-serif; + font-size: 12px; + line-height: 1.5; + color: #717171; + background: #717171; +} +a:link, +a:visited { + text-decoration: none; + color: #717171; +} +img { + max-width: 100%; + margin-bottom: 12px; +} + +.wrapper { + background: #ffffff; +} + +.container { + position: relative; + left: 34%; + width: 540px; + margin-left: -270px; +} +.container-footer { + padding-top: 12px; +} +@media only screen and (max-width: 1020px) { + .container { + left: 45%; + } +} +@media only screen and (max-width: 650px) { + .container { + position: static; + margin: 0 auto; + width: 280px; + } +} + +header { + padding: 20px 0; +} + +.logo img { + border: none; +} +@media only screen and (max-width: 650px) { + .logo img { + display: none; + } + .logo { + background: url(../images/TIER_logo-249.png) no-repeat top center; + display: block; + height: 115px; + width: 100px; + margin: 0 auto; + } +} + +.content { + padding-bottom: 80px; + overflow: hidden; +} + +.column { + float: left; +} +.column.one { + width: 50%; + margin-right: 48px; +} + +form { + width: 240px; + padding-bottom: 21px; +} +form label { /* labels are hidden */ + font-weight: bold; +} +form legend { + font-size:1.2em; + margin-bottom: 12px; +} +.form-element-wrapper { + margin-bottom: 12px; +} +.form-element { + width: 100%; + padding: 13px 12px; + border: none; + font-size: 14px; + border-radius: 4px; + -webkit-border-radius: 4px; + -moz-border-radius: 4px; +} +.form-field { + color: #B7B7B7; + border: 1px solid #B7B7B7; +} +.form-field-focus, +.form-field:focus, +input[type="text"]:focus { + color: #333333; + border-color: #333; +} +.form-button { + background: #B61601; + box-sizing: content-box; + -moz-box-sizing: content-box; + color: #ffffff; + cursor: pointer; +} +.form-button:hover { + background: #FF6400; +} +.form-error { + padding: 0; + color: #B61601; +} + +.list-help { + margin-top: 40px; /* offset padding on first anchor */ + list-style: none; +} +.list-help-item a { + display: block; + padding: 6px 0; +} +.item-marker { + color: #be0000; +} + +footer { + color: #ffffff; + font-size: 11px; + background: #717171; +} +.footer-text { + margin-bottom: 12px; +} +.footer-links a:link, +.footer-links a:visited { + color: #ffffff; + font-weight: bold; +} +.footer-links a:after { + content: "\00a0\00a0\00a0|\00a0\00a0"; +} +.footer-links a.last:after { + content: ""; +} diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/TIER_logo-249.png b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/TIER_logo-249.png new file mode 100644 index 0000000..b188cc3 Binary files /dev/null and b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/TIER_logo-249.png differ diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/dummylogo-mobile.png b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/dummylogo-mobile.png new file mode 100644 index 0000000..8ba3c95 Binary files /dev/null and b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/dummylogo-mobile.png differ diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/dummylogo.png b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/dummylogo.png new file mode 100644 index 0000000..4f5b4a5 Binary files /dev/null and b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/dummylogo.png differ diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/failure-32x32.png b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/failure-32x32.png new file mode 100644 index 0000000..3c48e46 Binary files /dev/null and b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/failure-32x32.png differ diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/success-32x32.png b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/success-32x32.png new file mode 100644 index 0000000..aa51204 Binary files /dev/null and b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/images/success-32x32.png differ diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/js/Duo-Web-v2.min.js b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/js/Duo-Web-v2.min.js new file mode 100644 index 0000000..393900d --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/js/Duo-Web-v2.min.js @@ -0,0 +1 @@ +window.Duo=function(e,t){var i=/^(?:AUTH|ENROLL)+\|[A-Za-z0-9\+\/=]+\|[A-Za-z0-9\+\/=]+$/;var o=/^ERR\|[\w\s\.\(\)]+$/;var n="duo_iframe",a="",s="sig_response",r,f,u,d,m,c;function h(e,t){throw new Error("Duo Web SDK error: "+e+(t?"\n"+"See "+t+" for more information":""))}function g(e){return e.replace(/([a-z])([A-Z])/,"$1-$2").toLowerCase()}function l(e,t){if("dataset"in e){return e.dataset[t]}else{return e.getAttribute("data-"+g(t))}}function p(e,i,o,n){if("addEventListener"in t){e.addEventListener(i,n,false)}else{e.attachEvent(o,n)}}function w(e,i,o,n){if("removeEventListener"in t){e.removeEventListener(i,n,false)}else{e.detachEvent(o,n)}}function v(t){p(e,"DOMContentLoaded","onreadystatechange",t)}function b(t){w(e,"DOMContentLoaded","onreadystatechange",t)}function E(e){p(t,"message","onmessage",e)}function _(e){w(t,"message","onmessage",e)}function y(e){if(!e){return}if(e.indexOf("ERR|")===0){h(e.split("|")[1])}if(e.indexOf(":")===-1||e.split(":").length!==2){h("Duo was given a bad token. This might indicate a configuration "+"problem with one of Duo's client libraries.","https://www.duosecurity.com/docs/duoweb#first-steps")}var t=e.split(":");f=e;u=t[0];d=t[1];return{sigRequest:e,duoSig:t[0],appSig:t[1]}}function D(){m=e.getElementById(n);if(!m){throw new Error("This page does not contain an iframe for Duo to use."+'Add an element like '+"to this page. "+"See https://www.duosecurity.com/docs/duoweb#3.-show-the-iframe "+"for more information.")}B();b(D)}function A(e){return Boolean(e.origin==="https://"+r&&typeof e.data==="string"&&(e.data.match(i)||e.data.match(o)))}function L(t){if(t){if(t.host){r=t.host}if(t.sig_request){y(t.sig_request)}if(t.post_action){a=t.post_action}if(t.post_argument){s=t.post_argument}if(t.iframe){if("tagName"in t.iframe){m=t.iframe}else if(typeof t.iframe==="string"){n=t.iframe}}if(typeof t.submit_callback==="function"){c=t.submit_callback}}if(m){B()}else{m=e.getElementById(n);if(m){B()}else{v(D)}}b(L)}function q(e){if(A(e)){R(e.data);_(q)}}function B(){if(!r){r=l(m,"host");if(!r){h("No API hostname is given for Duo to use. Be sure to pass "+"a `host` parameter to Duo.init, or through the `data-host` "+"attribute on the iframe element.","https://www.duosecurity.com/docs/duoweb#3.-show-the-iframe")}}if(!u||!d){y(l(m,"sigRequest"));if(!u||!d){h("No valid signed request is given. Be sure to give the "+"`sig_request` parameter to Duo.init, or use the "+"`data-sig-request` attribute on the iframe element.","https://www.duosecurity.com/docs/duoweb#3.-show-the-iframe")}}if(a===""){a=l(m,"postAction")||a}if(s==="sig_response"){s=l(m,"postArgument")||s}m.src=["https://",r,"/frame/web/v1/auth?tx=",u,"&parent=",encodeURIComponent(e.location.href),"&v=2.3"].join("");E(q)}function R(t){var i=e.createElement("input");i.type="hidden";i.name=s;i.value=t+":"+d;var o=e.getElementById("duo_form");if(!o){o=e.createElement("form");m.parentElement.insertBefore(o,m.nextSibling)}o.method="POST";o.action=a;o.appendChild(i);if(typeof c==="function"){c.call(null,o)}else{o.submit()}}v(L);return{init:L,_parseSigRequest:y,_isDuoMessage:A,_doPostBack:R}}(document,window); \ No newline at end of file diff --git a/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/js/jquery-2.1.4.min.js b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/js/jquery-2.1.4.min.js new file mode 100644 index 0000000..49990d6 --- /dev/null +++ b/Sources/SIS/shib-idp/customized-shibboleth-idp/webapp/js/jquery-2.1.4.min.js @@ -0,0 +1,4 @@ +/*! jQuery v2.1.4 | (c) 2005, 2015 jQuery Foundation, Inc. | jquery.org/license */ +!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=c.slice,e=c.concat,f=c.push,g=c.indexOf,h={},i=h.toString,j=h.hasOwnProperty,k={},l=a.document,m="2.1.4",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return d.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:d.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a,b){return n.each(this,a,b)},map:function(a){return this.pushStack(n.map(this,function(b,c){return a.call(b,c,b)}))},slice:function(){return this.pushStack(d.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},eq:function(a){var b=this.length,c=+a+(0>a?b:0);return this.pushStack(c>=0&&b>c?[this[c]]:[])},end:function(){return this.prevObject||this.constructor(null)},push:f,sort:c.sort,splice:c.splice},n.extend=n.fn.extend=function(){var a,b,c,d,e,f,g=arguments[0]||{},h=1,i=arguments.length,j=!1;for("boolean"==typeof g&&(j=g,g=arguments[h]||{},h++),"object"==typeof g||n.isFunction(g)||(g={}),h===i&&(g=this,h--);i>h;h++)if(null!=(a=arguments[h]))for(b in a)c=g[b],d=a[b],g!==d&&(j&&d&&(n.isPlainObject(d)||(e=n.isArray(d)))?(e?(e=!1,f=c&&n.isArray(c)?c:[]):f=c&&n.isPlainObject(c)?c:{},g[b]=n.extend(j,f,d)):void 0!==d&&(g[b]=d));return g},n.extend({expando:"jQuery"+(m+Math.random()).replace(/\D/g,""),isReady:!0,error:function(a){throw new Error(a)},noop:function(){},isFunction:function(a){return"function"===n.type(a)},isArray:Array.isArray,isWindow:function(a){return null!=a&&a===a.window},isNumeric:function(a){return!n.isArray(a)&&a-parseFloat(a)+1>=0},isPlainObject:function(a){return"object"!==n.type(a)||a.nodeType||n.isWindow(a)?!1:a.constructor&&!j.call(a.constructor.prototype,"isPrototypeOf")?!1:!0},isEmptyObject:function(a){var b;for(b in a)return!1;return!0},type:function(a){return null==a?a+"":"object"==typeof a||"function"==typeof a?h[i.call(a)]||"object":typeof a},globalEval:function(a){var b,c=eval;a=n.trim(a),a&&(1===a.indexOf("use strict")?(b=l.createElement("script"),b.text=a,l.head.appendChild(b).parentNode.removeChild(b)):c(a))},camelCase:function(a){return a.replace(p,"ms-").replace(q,r)},nodeName:function(a,b){return a.nodeName&&a.nodeName.toLowerCase()===b.toLowerCase()},each:function(a,b,c){var d,e=0,f=a.length,g=s(a);if(c){if(g){for(;f>e;e++)if(d=b.apply(a[e],c),d===!1)break}else for(e in a)if(d=b.apply(a[e],c),d===!1)break}else if(g){for(;f>e;e++)if(d=b.call(a[e],e,a[e]),d===!1)break}else for(e in a)if(d=b.call(a[e],e,a[e]),d===!1)break;return a},trim:function(a){return null==a?"":(a+"").replace(o,"")},makeArray:function(a,b){var c=b||[];return null!=a&&(s(Object(a))?n.merge(c,"string"==typeof a?[a]:a):f.call(c,a)),c},inArray:function(a,b,c){return null==b?-1:g.call(b,a,c)},merge:function(a,b){for(var c=+b.length,d=0,e=a.length;c>d;d++)a[e++]=b[d];return a.length=e,a},grep:function(a,b,c){for(var d,e=[],f=0,g=a.length,h=!c;g>f;f++)d=!b(a[f],f),d!==h&&e.push(a[f]);return e},map:function(a,b,c){var d,f=0,g=a.length,h=s(a),i=[];if(h)for(;g>f;f++)d=b(a[f],f,c),null!=d&&i.push(d);else for(f in a)d=b(a[f],f,c),null!=d&&i.push(d);return e.apply([],i)},guid:1,proxy:function(a,b){var c,e,f;return"string"==typeof b&&(c=a[b],b=a,a=c),n.isFunction(a)?(e=d.call(arguments,2),f=function(){return a.apply(b||this,e.concat(d.call(arguments)))},f.guid=a.guid=a.guid||n.guid++,f):void 0},now:Date.now,support:k}),n.each("Boolean Number String Function Array Date RegExp Object Error".split(" "),function(a,b){h["[object "+b+"]"]=b.toLowerCase()});function s(a){var b="length"in a&&a.length,c=n.type(a);return"function"===c||n.isWindow(a)?!1:1===a.nodeType&&b?!0:"array"===c||0===b||"number"==typeof b&&b>0&&b-1 in a}var t=function(a){var b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u="sizzle"+1*new Date,v=a.document,w=0,x=0,y=ha(),z=ha(),A=ha(),B=function(a,b){return a===b&&(l=!0),0},C=1<<31,D={}.hasOwnProperty,E=[],F=E.pop,G=E.push,H=E.push,I=E.slice,J=function(a,b){for(var c=0,d=a.length;d>c;c++)if(a[c]===b)return c;return-1},K="checked|selected|async|autofocus|autoplay|controls|defer|disabled|hidden|ismap|loop|multiple|open|readonly|required|scoped",L="[\\x20\\t\\r\\n\\f]",M="(?:\\\\.|[\\w-]|[^\\x00-\\xa0])+",N=M.replace("w","w#"),O="\\["+L+"*("+M+")(?:"+L+"*([*^$|!~]?=)"+L+"*(?:'((?:\\\\.|[^\\\\'])*)'|\"((?:\\\\.|[^\\\\\"])*)\"|("+N+"))|)"+L+"*\\]",P=":("+M+")(?:\\((('((?:\\\\.|[^\\\\'])*)'|\"((?:\\\\.|[^\\\\\"])*)\")|((?:\\\\.|[^\\\\()[\\]]|"+O+")*)|.*)\\)|)",Q=new RegExp(L+"+","g"),R=new RegExp("^"+L+"+|((?:^|[^\\\\])(?:\\\\.)*)"+L+"+$","g"),S=new RegExp("^"+L+"*,"+L+"*"),T=new RegExp("^"+L+"*([>+~]|"+L+")"+L+"*"),U=new RegExp("="+L+"*([^\\]'\"]*?)"+L+"*\\]","g"),V=new RegExp(P),W=new RegExp("^"+N+"$"),X={ID:new RegExp("^#("+M+")"),CLASS:new RegExp("^\\.("+M+")"),TAG:new RegExp("^("+M.replace("w","w*")+")"),ATTR:new RegExp("^"+O),PSEUDO:new RegExp("^"+P),CHILD:new RegExp("^:(only|first|last|nth|nth-last)-(child|of-type)(?:\\("+L+"*(even|odd|(([+-]|)(\\d*)n|)"+L+"*(?:([+-]|)"+L+"*(\\d+)|))"+L+"*\\)|)","i"),bool:new RegExp("^(?:"+K+")$","i"),needsContext:new RegExp("^"+L+"*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\\("+L+"*((?:-\\d)?\\d*)"+L+"*\\)|)(?=[^-]|$)","i")},Y=/^(?:input|select|textarea|button)$/i,Z=/^h\d$/i,$=/^[^{]+\{\s*\[native \w/,_=/^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,aa=/[+~]/,ba=/'|\\/g,ca=new RegExp("\\\\([\\da-f]{1,6}"+L+"?|("+L+")|.)","ig"),da=function(a,b,c){var d="0x"+b-65536;return d!==d||c?b:0>d?String.fromCharCode(d+65536):String.fromCharCode(d>>10|55296,1023&d|56320)},ea=function(){m()};try{H.apply(E=I.call(v.childNodes),v.childNodes),E[v.childNodes.length].nodeType}catch(fa){H={apply:E.length?function(a,b){G.apply(a,I.call(b))}:function(a,b){var c=a.length,d=0;while(a[c++]=b[d++]);a.length=c-1}}}function ga(a,b,d,e){var f,h,j,k,l,o,r,s,w,x;if((b?b.ownerDocument||b:v)!==n&&m(b),b=b||n,d=d||[],k=b.nodeType,"string"!=typeof a||!a||1!==k&&9!==k&&11!==k)return d;if(!e&&p){if(11!==k&&(f=_.exec(a)))if(j=f[1]){if(9===k){if(h=b.getElementById(j),!h||!h.parentNode)return d;if(h.id===j)return d.push(h),d}else if(b.ownerDocument&&(h=b.ownerDocument.getElementById(j))&&t(b,h)&&h.id===j)return d.push(h),d}else{if(f[2])return H.apply(d,b.getElementsByTagName(a)),d;if((j=f[3])&&c.getElementsByClassName)return H.apply(d,b.getElementsByClassName(j)),d}if(c.qsa&&(!q||!q.test(a))){if(s=r=u,w=b,x=1!==k&&a,1===k&&"object"!==b.nodeName.toLowerCase()){o=g(a),(r=b.getAttribute("id"))?s=r.replace(ba,"\\$&"):b.setAttribute("id",s),s="[id='"+s+"'] ",l=o.length;while(l--)o[l]=s+ra(o[l]);w=aa.test(a)&&pa(b.parentNode)||b,x=o.join(",")}if(x)try{return H.apply(d,w.querySelectorAll(x)),d}catch(y){}finally{r||b.removeAttribute("id")}}}return i(a.replace(R,"$1"),b,d,e)}function ha(){var a=[];function b(c,e){return a.push(c+" ")>d.cacheLength&&delete b[a.shift()],b[c+" "]=e}return b}function ia(a){return a[u]=!0,a}function ja(a){var b=n.createElement("div");try{return!!a(b)}catch(c){return!1}finally{b.parentNode&&b.parentNode.removeChild(b),b=null}}function ka(a,b){var c=a.split("|"),e=a.length;while(e--)d.attrHandle[c[e]]=b}function la(a,b){var c=b&&a,d=c&&1===a.nodeType&&1===b.nodeType&&(~b.sourceIndex||C)-(~a.sourceIndex||C);if(d)return d;if(c)while(c=c.nextSibling)if(c===b)return-1;return a?1:-1}function ma(a){return function(b){var c=b.nodeName.toLowerCase();return"input"===c&&b.type===a}}function na(a){return function(b){var c=b.nodeName.toLowerCase();return("input"===c||"button"===c)&&b.type===a}}function oa(a){return ia(function(b){return b=+b,ia(function(c,d){var e,f=a([],c.length,b),g=f.length;while(g--)c[e=f[g]]&&(c[e]=!(d[e]=c[e]))})})}function pa(a){return a&&"undefined"!=typeof a.getElementsByTagName&&a}c=ga.support={},f=ga.isXML=function(a){var b=a&&(a.ownerDocument||a).documentElement;return b?"HTML"!==b.nodeName:!1},m=ga.setDocument=function(a){var b,e,g=a?a.ownerDocument||a:v;return g!==n&&9===g.nodeType&&g.documentElement?(n=g,o=g.documentElement,e=g.defaultView,e&&e!==e.top&&(e.addEventListener?e.addEventListener("unload",ea,!1):e.attachEvent&&e.attachEvent("onunload",ea)),p=!f(g),c.attributes=ja(function(a){return a.className="i",!a.getAttribute("className")}),c.getElementsByTagName=ja(function(a){return a.appendChild(g.createComment("")),!a.getElementsByTagName("*").length}),c.getElementsByClassName=$.test(g.getElementsByClassName),c.getById=ja(function(a){return o.appendChild(a).id=u,!g.getElementsByName||!g.getElementsByName(u).length}),c.getById?(d.find.ID=function(a,b){if("undefined"!=typeof b.getElementById&&p){var c=b.getElementById(a);return c&&c.parentNode?[c]:[]}},d.filter.ID=function(a){var b=a.replace(ca,da);return function(a){return a.getAttribute("id")===b}}):(delete d.find.ID,d.filter.ID=function(a){var b=a.replace(ca,da);return function(a){var c="undefined"!=typeof a.getAttributeNode&&a.getAttributeNode("id");return c&&c.value===b}}),d.find.TAG=c.getElementsByTagName?function(a,b){return"undefined"!=typeof b.getElementsByTagName?b.getElementsByTagName(a):c.qsa?b.querySelectorAll(a):void 0}:function(a,b){var c,d=[],e=0,f=b.getElementsByTagName(a);if("*"===a){while(c=f[e++])1===c.nodeType&&d.push(c);return d}return f},d.find.CLASS=c.getElementsByClassName&&function(a,b){return p?b.getElementsByClassName(a):void 0},r=[],q=[],(c.qsa=$.test(g.querySelectorAll))&&(ja(function(a){o.appendChild(a).innerHTML="",a.querySelectorAll("[msallowcapture^='']").length&&q.push("[*^$]="+L+"*(?:''|\"\")"),a.querySelectorAll("[selected]").length||q.push("\\["+L+"*(?:value|"+K+")"),a.querySelectorAll("[id~="+u+"-]").length||q.push("~="),a.querySelectorAll(":checked").length||q.push(":checked"),a.querySelectorAll("a#"+u+"+*").length||q.push(".#.+[+~]")}),ja(function(a){var b=g.createElement("input");b.setAttribute("type","hidden"),a.appendChild(b).setAttribute("name","D"),a.querySelectorAll("[name=d]").length&&q.push("name"+L+"*[*^$|!~]?="),a.querySelectorAll(":enabled").length||q.push(":enabled",":disabled"),a.querySelectorAll("*,:x"),q.push(",.*:")})),(c.matchesSelector=$.test(s=o.matches||o.webkitMatchesSelector||o.mozMatchesSelector||o.oMatchesSelector||o.msMatchesSelector))&&ja(function(a){c.disconnectedMatch=s.call(a,"div"),s.call(a,"[s!='']:x"),r.push("!=",P)}),q=q.length&&new RegExp(q.join("|")),r=r.length&&new RegExp(r.join("|")),b=$.test(o.compareDocumentPosition),t=b||$.test(o.contains)?function(a,b){var c=9===a.nodeType?a.documentElement:a,d=b&&b.parentNode;return a===d||!(!d||1!==d.nodeType||!(c.contains?c.contains(d):a.compareDocumentPosition&&16&a.compareDocumentPosition(d)))}:function(a,b){if(b)while(b=b.parentNode)if(b===a)return!0;return!1},B=b?function(a,b){if(a===b)return l=!0,0;var d=!a.compareDocumentPosition-!b.compareDocumentPosition;return d?d:(d=(a.ownerDocument||a)===(b.ownerDocument||b)?a.compareDocumentPosition(b):1,1&d||!c.sortDetached&&b.compareDocumentPosition(a)===d?a===g||a.ownerDocument===v&&t(v,a)?-1:b===g||b.ownerDocument===v&&t(v,b)?1:k?J(k,a)-J(k,b):0:4&d?-1:1)}:function(a,b){if(a===b)return l=!0,0;var c,d=0,e=a.parentNode,f=b.parentNode,h=[a],i=[b];if(!e||!f)return a===g?-1:b===g?1:e?-1:f?1:k?J(k,a)-J(k,b):0;if(e===f)return la(a,b);c=a;while(c=c.parentNode)h.unshift(c);c=b;while(c=c.parentNode)i.unshift(c);while(h[d]===i[d])d++;return d?la(h[d],i[d]):h[d]===v?-1:i[d]===v?1:0},g):n},ga.matches=function(a,b){return ga(a,null,null,b)},ga.matchesSelector=function(a,b){if((a.ownerDocument||a)!==n&&m(a),b=b.replace(U,"='$1']"),!(!c.matchesSelector||!p||r&&r.test(b)||q&&q.test(b)))try{var d=s.call(a,b);if(d||c.disconnectedMatch||a.document&&11!==a.document.nodeType)return d}catch(e){}return ga(b,n,null,[a]).length>0},ga.contains=function(a,b){return(a.ownerDocument||a)!==n&&m(a),t(a,b)},ga.attr=function(a,b){(a.ownerDocument||a)!==n&&m(a);var e=d.attrHandle[b.toLowerCase()],f=e&&D.call(d.attrHandle,b.toLowerCase())?e(a,b,!p):void 0;return void 0!==f?f:c.attributes||!p?a.getAttribute(b):(f=a.getAttributeNode(b))&&f.specified?f.value:null},ga.error=function(a){throw new Error("Syntax error, unrecognized expression: "+a)},ga.uniqueSort=function(a){var b,d=[],e=0,f=0;if(l=!c.detectDuplicates,k=!c.sortStable&&a.slice(0),a.sort(B),l){while(b=a[f++])b===a[f]&&(e=d.push(f));while(e--)a.splice(d[e],1)}return k=null,a},e=ga.getText=function(a){var b,c="",d=0,f=a.nodeType;if(f){if(1===f||9===f||11===f){if("string"==typeof a.textContent)return a.textContent;for(a=a.firstChild;a;a=a.nextSibling)c+=e(a)}else if(3===f||4===f)return a.nodeValue}else while(b=a[d++])c+=e(b);return c},d=ga.selectors={cacheLength:50,createPseudo:ia,match:X,attrHandle:{},find:{},relative:{">":{dir:"parentNode",first:!0}," ":{dir:"parentNode"},"+":{dir:"previousSibling",first:!0},"~":{dir:"previousSibling"}},preFilter:{ATTR:function(a){return a[1]=a[1].replace(ca,da),a[3]=(a[3]||a[4]||a[5]||"").replace(ca,da),"~="===a[2]&&(a[3]=" "+a[3]+" "),a.slice(0,4)},CHILD:function(a){return a[1]=a[1].toLowerCase(),"nth"===a[1].slice(0,3)?(a[3]||ga.error(a[0]),a[4]=+(a[4]?a[5]+(a[6]||1):2*("even"===a[3]||"odd"===a[3])),a[5]=+(a[7]+a[8]||"odd"===a[3])):a[3]&&ga.error(a[0]),a},PSEUDO:function(a){var b,c=!a[6]&&a[2];return X.CHILD.test(a[0])?null:(a[3]?a[2]=a[4]||a[5]||"":c&&V.test(c)&&(b=g(c,!0))&&(b=c.indexOf(")",c.length-b)-c.length)&&(a[0]=a[0].slice(0,b),a[2]=c.slice(0,b)),a.slice(0,3))}},filter:{TAG:function(a){var b=a.replace(ca,da).toLowerCase();return"*"===a?function(){return!0}:function(a){return a.nodeName&&a.nodeName.toLowerCase()===b}},CLASS:function(a){var b=y[a+" "];return b||(b=new RegExp("(^|"+L+")"+a+"("+L+"|$)"))&&y(a,function(a){return b.test("string"==typeof a.className&&a.className||"undefined"!=typeof a.getAttribute&&a.getAttribute("class")||"")})},ATTR:function(a,b,c){return function(d){var e=ga.attr(d,a);return null==e?"!="===b:b?(e+="","="===b?e===c:"!="===b?e!==c:"^="===b?c&&0===e.indexOf(c):"*="===b?c&&e.indexOf(c)>-1:"$="===b?c&&e.slice(-c.length)===c:"~="===b?(" "+e.replace(Q," ")+" ").indexOf(c)>-1:"|="===b?e===c||e.slice(0,c.length+1)===c+"-":!1):!0}},CHILD:function(a,b,c,d,e){var f="nth"!==a.slice(0,3),g="last"!==a.slice(-4),h="of-type"===b;return 1===d&&0===e?function(a){return!!a.parentNode}:function(b,c,i){var j,k,l,m,n,o,p=f!==g?"nextSibling":"previousSibling",q=b.parentNode,r=h&&b.nodeName.toLowerCase(),s=!i&&!h;if(q){if(f){while(p){l=b;while(l=l[p])if(h?l.nodeName.toLowerCase()===r:1===l.nodeType)return!1;o=p="only"===a&&!o&&"nextSibling"}return!0}if(o=[g?q.firstChild:q.lastChild],g&&s){k=q[u]||(q[u]={}),j=k[a]||[],n=j[0]===w&&j[1],m=j[0]===w&&j[2],l=n&&q.childNodes[n];while(l=++n&&l&&l[p]||(m=n=0)||o.pop())if(1===l.nodeType&&++m&&l===b){k[a]=[w,n,m];break}}else if(s&&(j=(b[u]||(b[u]={}))[a])&&j[0]===w)m=j[1];else while(l=++n&&l&&l[p]||(m=n=0)||o.pop())if((h?l.nodeName.toLowerCase()===r:1===l.nodeType)&&++m&&(s&&((l[u]||(l[u]={}))[a]=[w,m]),l===b))break;return m-=e,m===d||m%d===0&&m/d>=0}}},PSEUDO:function(a,b){var c,e=d.pseudos[a]||d.setFilters[a.toLowerCase()]||ga.error("unsupported pseudo: "+a);return e[u]?e(b):e.length>1?(c=[a,a,"",b],d.setFilters.hasOwnProperty(a.toLowerCase())?ia(function(a,c){var d,f=e(a,b),g=f.length;while(g--)d=J(a,f[g]),a[d]=!(c[d]=f[g])}):function(a){return e(a,0,c)}):e}},pseudos:{not:ia(function(a){var b=[],c=[],d=h(a.replace(R,"$1"));return d[u]?ia(function(a,b,c,e){var f,g=d(a,null,e,[]),h=a.length;while(h--)(f=g[h])&&(a[h]=!(b[h]=f))}):function(a,e,f){return b[0]=a,d(b,null,f,c),b[0]=null,!c.pop()}}),has:ia(function(a){return function(b){return ga(a,b).length>0}}),contains:ia(function(a){return a=a.replace(ca,da),function(b){return(b.textContent||b.innerText||e(b)).indexOf(a)>-1}}),lang:ia(function(a){return W.test(a||"")||ga.error("unsupported lang: "+a),a=a.replace(ca,da).toLowerCase(),function(b){var c;do if(c=p?b.lang:b.getAttribute("xml:lang")||b.getAttribute("lang"))return c=c.toLowerCase(),c===a||0===c.indexOf(a+"-");while((b=b.parentNode)&&1===b.nodeType);return!1}}),target:function(b){var c=a.location&&a.location.hash;return c&&c.slice(1)===b.id},root:function(a){return a===o},focus:function(a){return a===n.activeElement&&(!n.hasFocus||n.hasFocus())&&!!(a.type||a.href||~a.tabIndex)},enabled:function(a){return a.disabled===!1},disabled:function(a){return a.disabled===!0},checked:function(a){var b=a.nodeName.toLowerCase();return"input"===b&&!!a.checked||"option"===b&&!!a.selected},selected:function(a){return a.parentNode&&a.parentNode.selectedIndex,a.selected===!0},empty:function(a){for(a=a.firstChild;a;a=a.nextSibling)if(a.nodeType<6)return!1;return!0},parent:function(a){return!d.pseudos.empty(a)},header:function(a){return Z.test(a.nodeName)},input:function(a){return Y.test(a.nodeName)},button:function(a){var b=a.nodeName.toLowerCase();return"input"===b&&"button"===a.type||"button"===b},text:function(a){var b;return"input"===a.nodeName.toLowerCase()&&"text"===a.type&&(null==(b=a.getAttribute("type"))||"text"===b.toLowerCase())},first:oa(function(){return[0]}),last:oa(function(a,b){return[b-1]}),eq:oa(function(a,b,c){return[0>c?c+b:c]}),even:oa(function(a,b){for(var c=0;b>c;c+=2)a.push(c);return a}),odd:oa(function(a,b){for(var c=1;b>c;c+=2)a.push(c);return a}),lt:oa(function(a,b,c){for(var d=0>c?c+b:c;--d>=0;)a.push(d);return a}),gt:oa(function(a,b,c){for(var d=0>c?c+b:c;++db;b++)d+=a[b].value;return d}function sa(a,b,c){var d=b.dir,e=c&&"parentNode"===d,f=x++;return b.first?function(b,c,f){while(b=b[d])if(1===b.nodeType||e)return a(b,c,f)}:function(b,c,g){var h,i,j=[w,f];if(g){while(b=b[d])if((1===b.nodeType||e)&&a(b,c,g))return!0}else while(b=b[d])if(1===b.nodeType||e){if(i=b[u]||(b[u]={}),(h=i[d])&&h[0]===w&&h[1]===f)return j[2]=h[2];if(i[d]=j,j[2]=a(b,c,g))return!0}}}function ta(a){return a.length>1?function(b,c,d){var e=a.length;while(e--)if(!a[e](b,c,d))return!1;return!0}:a[0]}function ua(a,b,c){for(var d=0,e=b.length;e>d;d++)ga(a,b[d],c);return c}function va(a,b,c,d,e){for(var f,g=[],h=0,i=a.length,j=null!=b;i>h;h++)(f=a[h])&&(!c||c(f,d,e))&&(g.push(f),j&&b.push(h));return g}function wa(a,b,c,d,e,f){return d&&!d[u]&&(d=wa(d)),e&&!e[u]&&(e=wa(e,f)),ia(function(f,g,h,i){var j,k,l,m=[],n=[],o=g.length,p=f||ua(b||"*",h.nodeType?[h]:h,[]),q=!a||!f&&b?p:va(p,m,a,h,i),r=c?e||(f?a:o||d)?[]:g:q;if(c&&c(q,r,h,i),d){j=va(r,n),d(j,[],h,i),k=j.length;while(k--)(l=j[k])&&(r[n[k]]=!(q[n[k]]=l))}if(f){if(e||a){if(e){j=[],k=r.length;while(k--)(l=r[k])&&j.push(q[k]=l);e(null,r=[],j,i)}k=r.length;while(k--)(l=r[k])&&(j=e?J(f,l):m[k])>-1&&(f[j]=!(g[j]=l))}}else r=va(r===g?r.splice(o,r.length):r),e?e(null,g,r,i):H.apply(g,r)})}function xa(a){for(var b,c,e,f=a.length,g=d.relative[a[0].type],h=g||d.relative[" "],i=g?1:0,k=sa(function(a){return a===b},h,!0),l=sa(function(a){return J(b,a)>-1},h,!0),m=[function(a,c,d){var e=!g&&(d||c!==j)||((b=c).nodeType?k(a,c,d):l(a,c,d));return b=null,e}];f>i;i++)if(c=d.relative[a[i].type])m=[sa(ta(m),c)];else{if(c=d.filter[a[i].type].apply(null,a[i].matches),c[u]){for(e=++i;f>e;e++)if(d.relative[a[e].type])break;return wa(i>1&&ta(m),i>1&&ra(a.slice(0,i-1).concat({value:" "===a[i-2].type?"*":""})).replace(R,"$1"),c,e>i&&xa(a.slice(i,e)),f>e&&xa(a=a.slice(e)),f>e&&ra(a))}m.push(c)}return ta(m)}function ya(a,b){var c=b.length>0,e=a.length>0,f=function(f,g,h,i,k){var l,m,o,p=0,q="0",r=f&&[],s=[],t=j,u=f||e&&d.find.TAG("*",k),v=w+=null==t?1:Math.random()||.1,x=u.length;for(k&&(j=g!==n&&g);q!==x&&null!=(l=u[q]);q++){if(e&&l){m=0;while(o=a[m++])if(o(l,g,h)){i.push(l);break}k&&(w=v)}c&&((l=!o&&l)&&p--,f&&r.push(l))}if(p+=q,c&&q!==p){m=0;while(o=b[m++])o(r,s,g,h);if(f){if(p>0)while(q--)r[q]||s[q]||(s[q]=F.call(i));s=va(s)}H.apply(i,s),k&&!f&&s.length>0&&p+b.length>1&&ga.uniqueSort(i)}return k&&(w=v,j=t),r};return c?ia(f):f}return h=ga.compile=function(a,b){var c,d=[],e=[],f=A[a+" "];if(!f){b||(b=g(a)),c=b.length;while(c--)f=xa(b[c]),f[u]?d.push(f):e.push(f);f=A(a,ya(e,d)),f.selector=a}return f},i=ga.select=function(a,b,e,f){var i,j,k,l,m,n="function"==typeof a&&a,o=!f&&g(a=n.selector||a);if(e=e||[],1===o.length){if(j=o[0]=o[0].slice(0),j.length>2&&"ID"===(k=j[0]).type&&c.getById&&9===b.nodeType&&p&&d.relative[j[1].type]){if(b=(d.find.ID(k.matches[0].replace(ca,da),b)||[])[0],!b)return e;n&&(b=b.parentNode),a=a.slice(j.shift().value.length)}i=X.needsContext.test(a)?0:j.length;while(i--){if(k=j[i],d.relative[l=k.type])break;if((m=d.find[l])&&(f=m(k.matches[0].replace(ca,da),aa.test(j[0].type)&&pa(b.parentNode)||b))){if(j.splice(i,1),a=f.length&&ra(j),!a)return H.apply(e,f),e;break}}}return(n||h(a,o))(f,b,!p,e,aa.test(a)&&pa(b.parentNode)||b),e},c.sortStable=u.split("").sort(B).join("")===u,c.detectDuplicates=!!l,m(),c.sortDetached=ja(function(a){return 1&a.compareDocumentPosition(n.createElement("div"))}),ja(function(a){return a.innerHTML="","#"===a.firstChild.getAttribute("href")})||ka("type|href|height|width",function(a,b,c){return c?void 0:a.getAttribute(b,"type"===b.toLowerCase()?1:2)}),c.attributes&&ja(function(a){return a.innerHTML="",a.firstChild.setAttribute("value",""),""===a.firstChild.getAttribute("value")})||ka("value",function(a,b,c){return c||"input"!==a.nodeName.toLowerCase()?void 0:a.defaultValue}),ja(function(a){return null==a.getAttribute("disabled")})||ka(K,function(a,b,c){var d;return c?void 0:a[b]===!0?b.toLowerCase():(d=a.getAttributeNode(b))&&d.specified?d.value:null}),ga}(a);n.find=t,n.expr=t.selectors,n.expr[":"]=n.expr.pseudos,n.unique=t.uniqueSort,n.text=t.getText,n.isXMLDoc=t.isXML,n.contains=t.contains;var u=n.expr.match.needsContext,v=/^<(\w+)\s*\/?>(?:<\/\1>|)$/,w=/^.[^:#\[\.,]*$/;function x(a,b,c){if(n.isFunction(b))return n.grep(a,function(a,d){return!!b.call(a,d,a)!==c});if(b.nodeType)return n.grep(a,function(a){return a===b!==c});if("string"==typeof b){if(w.test(b))return n.filter(b,a,c);b=n.filter(b,a)}return n.grep(a,function(a){return g.call(b,a)>=0!==c})}n.filter=function(a,b,c){var d=b[0];return c&&(a=":not("+a+")"),1===b.length&&1===d.nodeType?n.find.matchesSelector(d,a)?[d]:[]:n.find.matches(a,n.grep(b,function(a){return 1===a.nodeType}))},n.fn.extend({find:function(a){var b,c=this.length,d=[],e=this;if("string"!=typeof a)return this.pushStack(n(a).filter(function(){for(b=0;c>b;b++)if(n.contains(e[b],this))return!0}));for(b=0;c>b;b++)n.find(a,e[b],d);return d=this.pushStack(c>1?n.unique(d):d),d.selector=this.selector?this.selector+" "+a:a,d},filter:function(a){return this.pushStack(x(this,a||[],!1))},not:function(a){return this.pushStack(x(this,a||[],!0))},is:function(a){return!!x(this,"string"==typeof a&&u.test(a)?n(a):a||[],!1).length}});var y,z=/^(?:\s*(<[\w\W]+>)[^>]*|#([\w-]*))$/,A=n.fn.init=function(a,b){var c,d;if(!a)return this;if("string"==typeof a){if(c="<"===a[0]&&">"===a[a.length-1]&&a.length>=3?[null,a,null]:z.exec(a),!c||!c[1]&&b)return!b||b.jquery?(b||y).find(a):this.constructor(b).find(a);if(c[1]){if(b=b instanceof n?b[0]:b,n.merge(this,n.parseHTML(c[1],b&&b.nodeType?b.ownerDocument||b:l,!0)),v.test(c[1])&&n.isPlainObject(b))for(c in b)n.isFunction(this[c])?this[c](b[c]):this.attr(c,b[c]);return this}return d=l.getElementById(c[2]),d&&d.parentNode&&(this.length=1,this[0]=d),this.context=l,this.selector=a,this}return a.nodeType?(this.context=this[0]=a,this.length=1,this):n.isFunction(a)?"undefined"!=typeof y.ready?y.ready(a):a(n):(void 0!==a.selector&&(this.selector=a.selector,this.context=a.context),n.makeArray(a,this))};A.prototype=n.fn,y=n(l);var B=/^(?:parents|prev(?:Until|All))/,C={children:!0,contents:!0,next:!0,prev:!0};n.extend({dir:function(a,b,c){var d=[],e=void 0!==c;while((a=a[b])&&9!==a.nodeType)if(1===a.nodeType){if(e&&n(a).is(c))break;d.push(a)}return d},sibling:function(a,b){for(var c=[];a;a=a.nextSibling)1===a.nodeType&&a!==b&&c.push(a);return c}}),n.fn.extend({has:function(a){var b=n(a,this),c=b.length;return this.filter(function(){for(var a=0;c>a;a++)if(n.contains(this,b[a]))return!0})},closest:function(a,b){for(var c,d=0,e=this.length,f=[],g=u.test(a)||"string"!=typeof a?n(a,b||this.context):0;e>d;d++)for(c=this[d];c&&c!==b;c=c.parentNode)if(c.nodeType<11&&(g?g.index(c)>-1:1===c.nodeType&&n.find.matchesSelector(c,a))){f.push(c);break}return this.pushStack(f.length>1?n.unique(f):f)},index:function(a){return a?"string"==typeof a?g.call(n(a),this[0]):g.call(this,a.jquery?a[0]:a):this[0]&&this[0].parentNode?this.first().prevAll().length:-1},add:function(a,b){return this.pushStack(n.unique(n.merge(this.get(),n(a,b))))},addBack:function(a){return this.add(null==a?this.prevObject:this.prevObject.filter(a))}});function D(a,b){while((a=a[b])&&1!==a.nodeType);return a}n.each({parent:function(a){var b=a.parentNode;return b&&11!==b.nodeType?b:null},parents:function(a){return n.dir(a,"parentNode")},parentsUntil:function(a,b,c){return n.dir(a,"parentNode",c)},next:function(a){return D(a,"nextSibling")},prev:function(a){return D(a,"previousSibling")},nextAll:function(a){return n.dir(a,"nextSibling")},prevAll:function(a){return n.dir(a,"previousSibling")},nextUntil:function(a,b,c){return n.dir(a,"nextSibling",c)},prevUntil:function(a,b,c){return n.dir(a,"previousSibling",c)},siblings:function(a){return n.sibling((a.parentNode||{}).firstChild,a)},children:function(a){return n.sibling(a.firstChild)},contents:function(a){return a.contentDocument||n.merge([],a.childNodes)}},function(a,b){n.fn[a]=function(c,d){var e=n.map(this,b,c);return"Until"!==a.slice(-5)&&(d=c),d&&"string"==typeof d&&(e=n.filter(d,e)),this.length>1&&(C[a]||n.unique(e),B.test(a)&&e.reverse()),this.pushStack(e)}});var E=/\S+/g,F={};function G(a){var b=F[a]={};return n.each(a.match(E)||[],function(a,c){b[c]=!0}),b}n.Callbacks=function(a){a="string"==typeof a?F[a]||G(a):n.extend({},a);var b,c,d,e,f,g,h=[],i=!a.once&&[],j=function(l){for(b=a.memory&&l,c=!0,g=e||0,e=0,f=h.length,d=!0;h&&f>g;g++)if(h[g].apply(l[0],l[1])===!1&&a.stopOnFalse){b=!1;break}d=!1,h&&(i?i.length&&j(i.shift()):b?h=[]:k.disable())},k={add:function(){if(h){var c=h.length;!function g(b){n.each(b,function(b,c){var d=n.type(c);"function"===d?a.unique&&k.has(c)||h.push(c):c&&c.length&&"string"!==d&&g(c)})}(arguments),d?f=h.length:b&&(e=c,j(b))}return this},remove:function(){return h&&n.each(arguments,function(a,b){var c;while((c=n.inArray(b,h,c))>-1)h.splice(c,1),d&&(f>=c&&f--,g>=c&&g--)}),this},has:function(a){return a?n.inArray(a,h)>-1:!(!h||!h.length)},empty:function(){return h=[],f=0,this},disable:function(){return h=i=b=void 0,this},disabled:function(){return!h},lock:function(){return i=void 0,b||k.disable(),this},locked:function(){return!i},fireWith:function(a,b){return!h||c&&!i||(b=b||[],b=[a,b.slice?b.slice():b],d?i.push(b):j(b)),this},fire:function(){return k.fireWith(this,arguments),this},fired:function(){return!!c}};return k},n.extend({Deferred:function(a){var b=[["resolve","done",n.Callbacks("once memory"),"resolved"],["reject","fail",n.Callbacks("once memory"),"rejected"],["notify","progress",n.Callbacks("memory")]],c="pending",d={state:function(){return c},always:function(){return e.done(arguments).fail(arguments),this},then:function(){var a=arguments;return n.Deferred(function(c){n.each(b,function(b,f){var g=n.isFunction(a[b])&&a[b];e[f[1]](function(){var a=g&&g.apply(this,arguments);a&&n.isFunction(a.promise)?a.promise().done(c.resolve).fail(c.reject).progress(c.notify):c[f[0]+"With"](this===d?c.promise():this,g?[a]:arguments)})}),a=null}).promise()},promise:function(a){return null!=a?n.extend(a,d):d}},e={};return d.pipe=d.then,n.each(b,function(a,f){var g=f[2],h=f[3];d[f[1]]=g.add,h&&g.add(function(){c=h},b[1^a][2].disable,b[2][2].lock),e[f[0]]=function(){return e[f[0]+"With"](this===e?d:this,arguments),this},e[f[0]+"With"]=g.fireWith}),d.promise(e),a&&a.call(e,e),e},when:function(a){var b=0,c=d.call(arguments),e=c.length,f=1!==e||a&&n.isFunction(a.promise)?e:0,g=1===f?a:n.Deferred(),h=function(a,b,c){return function(e){b[a]=this,c[a]=arguments.length>1?d.call(arguments):e,c===i?g.notifyWith(b,c):--f||g.resolveWith(b,c)}},i,j,k;if(e>1)for(i=new Array(e),j=new Array(e),k=new Array(e);e>b;b++)c[b]&&n.isFunction(c[b].promise)?c[b].promise().done(h(b,k,c)).fail(g.reject).progress(h(b,j,i)):--f;return f||g.resolveWith(k,c),g.promise()}});var H;n.fn.ready=function(a){return n.ready.promise().done(a),this},n.extend({isReady:!1,readyWait:1,holdReady:function(a){a?n.readyWait++:n.ready(!0)},ready:function(a){(a===!0?--n.readyWait:n.isReady)||(n.isReady=!0,a!==!0&&--n.readyWait>0||(H.resolveWith(l,[n]),n.fn.triggerHandler&&(n(l).triggerHandler("ready"),n(l).off("ready"))))}});function I(){l.removeEventListener("DOMContentLoaded",I,!1),a.removeEventListener("load",I,!1),n.ready()}n.ready.promise=function(b){return H||(H=n.Deferred(),"complete"===l.readyState?setTimeout(n.ready):(l.addEventListener("DOMContentLoaded",I,!1),a.addEventListener("load",I,!1))),H.promise(b)},n.ready.promise();var J=n.access=function(a,b,c,d,e,f,g){var h=0,i=a.length,j=null==c;if("object"===n.type(c)){e=!0;for(h in c)n.access(a,b,h,c[h],!0,f,g)}else if(void 0!==d&&(e=!0,n.isFunction(d)||(g=!0),j&&(g?(b.call(a,d),b=null):(j=b,b=function(a,b,c){return j.call(n(a),c)})),b))for(;i>h;h++)b(a[h],c,g?d:d.call(a[h],h,b(a[h],c)));return e?a:j?b.call(a):i?b(a[0],c):f};n.acceptData=function(a){return 1===a.nodeType||9===a.nodeType||!+a.nodeType};function K(){Object.defineProperty(this.cache={},0,{get:function(){return{}}}),this.expando=n.expando+K.uid++}K.uid=1,K.accepts=n.acceptData,K.prototype={key:function(a){if(!K.accepts(a))return 0;var b={},c=a[this.expando];if(!c){c=K.uid++;try{b[this.expando]={value:c},Object.defineProperties(a,b)}catch(d){b[this.expando]=c,n.extend(a,b)}}return this.cache[c]||(this.cache[c]={}),c},set:function(a,b,c){var d,e=this.key(a),f=this.cache[e];if("string"==typeof b)f[b]=c;else if(n.isEmptyObject(f))n.extend(this.cache[e],b);else for(d in b)f[d]=b[d];return f},get:function(a,b){var c=this.cache[this.key(a)];return void 0===b?c:c[b]},access:function(a,b,c){var d;return void 0===b||b&&"string"==typeof b&&void 0===c?(d=this.get(a,b),void 0!==d?d:this.get(a,n.camelCase(b))):(this.set(a,b,c),void 0!==c?c:b)},remove:function(a,b){var c,d,e,f=this.key(a),g=this.cache[f];if(void 0===b)this.cache[f]={};else{n.isArray(b)?d=b.concat(b.map(n.camelCase)):(e=n.camelCase(b),b in g?d=[b,e]:(d=e,d=d in g?[d]:d.match(E)||[])),c=d.length;while(c--)delete g[d[c]]}},hasData:function(a){return!n.isEmptyObject(this.cache[a[this.expando]]||{})},discard:function(a){a[this.expando]&&delete this.cache[a[this.expando]]}};var L=new K,M=new K,N=/^(?:\{[\w\W]*\}|\[[\w\W]*\])$/,O=/([A-Z])/g;function P(a,b,c){var d;if(void 0===c&&1===a.nodeType)if(d="data-"+b.replace(O,"-$1").toLowerCase(),c=a.getAttribute(d),"string"==typeof c){try{c="true"===c?!0:"false"===c?!1:"null"===c?null:+c+""===c?+c:N.test(c)?n.parseJSON(c):c}catch(e){}M.set(a,b,c)}else c=void 0;return c}n.extend({hasData:function(a){return M.hasData(a)||L.hasData(a)},data:function(a,b,c){ +return M.access(a,b,c)},removeData:function(a,b){M.remove(a,b)},_data:function(a,b,c){return L.access(a,b,c)},_removeData:function(a,b){L.remove(a,b)}}),n.fn.extend({data:function(a,b){var c,d,e,f=this[0],g=f&&f.attributes;if(void 0===a){if(this.length&&(e=M.get(f),1===f.nodeType&&!L.get(f,"hasDataAttrs"))){c=g.length;while(c--)g[c]&&(d=g[c].name,0===d.indexOf("data-")&&(d=n.camelCase(d.slice(5)),P(f,d,e[d])));L.set(f,"hasDataAttrs",!0)}return e}return"object"==typeof a?this.each(function(){M.set(this,a)}):J(this,function(b){var c,d=n.camelCase(a);if(f&&void 0===b){if(c=M.get(f,a),void 0!==c)return c;if(c=M.get(f,d),void 0!==c)return c;if(c=P(f,d,void 0),void 0!==c)return c}else this.each(function(){var c=M.get(this,d);M.set(this,d,b),-1!==a.indexOf("-")&&void 0!==c&&M.set(this,a,b)})},null,b,arguments.length>1,null,!0)},removeData:function(a){return this.each(function(){M.remove(this,a)})}}),n.extend({queue:function(a,b,c){var d;return a?(b=(b||"fx")+"queue",d=L.get(a,b),c&&(!d||n.isArray(c)?d=L.access(a,b,n.makeArray(c)):d.push(c)),d||[]):void 0},dequeue:function(a,b){b=b||"fx";var c=n.queue(a,b),d=c.length,e=c.shift(),f=n._queueHooks(a,b),g=function(){n.dequeue(a,b)};"inprogress"===e&&(e=c.shift(),d--),e&&("fx"===b&&c.unshift("inprogress"),delete f.stop,e.call(a,g,f)),!d&&f&&f.empty.fire()},_queueHooks:function(a,b){var c=b+"queueHooks";return L.get(a,c)||L.access(a,c,{empty:n.Callbacks("once memory").add(function(){L.remove(a,[b+"queue",c])})})}}),n.fn.extend({queue:function(a,b){var c=2;return"string"!=typeof a&&(b=a,a="fx",c--),arguments.lengthx",k.noCloneChecked=!!b.cloneNode(!0).lastChild.defaultValue}();var U="undefined";k.focusinBubbles="onfocusin"in a;var V=/^key/,W=/^(?:mouse|pointer|contextmenu)|click/,X=/^(?:focusinfocus|focusoutblur)$/,Y=/^([^.]*)(?:\.(.+)|)$/;function Z(){return!0}function $(){return!1}function _(){try{return l.activeElement}catch(a){}}n.event={global:{},add:function(a,b,c,d,e){var f,g,h,i,j,k,l,m,o,p,q,r=L.get(a);if(r){c.handler&&(f=c,c=f.handler,e=f.selector),c.guid||(c.guid=n.guid++),(i=r.events)||(i=r.events={}),(g=r.handle)||(g=r.handle=function(b){return typeof n!==U&&n.event.triggered!==b.type?n.event.dispatch.apply(a,arguments):void 0}),b=(b||"").match(E)||[""],j=b.length;while(j--)h=Y.exec(b[j])||[],o=q=h[1],p=(h[2]||"").split(".").sort(),o&&(l=n.event.special[o]||{},o=(e?l.delegateType:l.bindType)||o,l=n.event.special[o]||{},k=n.extend({type:o,origType:q,data:d,handler:c,guid:c.guid,selector:e,needsContext:e&&n.expr.match.needsContext.test(e),namespace:p.join(".")},f),(m=i[o])||(m=i[o]=[],m.delegateCount=0,l.setup&&l.setup.call(a,d,p,g)!==!1||a.addEventListener&&a.addEventListener(o,g,!1)),l.add&&(l.add.call(a,k),k.handler.guid||(k.handler.guid=c.guid)),e?m.splice(m.delegateCount++,0,k):m.push(k),n.event.global[o]=!0)}},remove:function(a,b,c,d,e){var f,g,h,i,j,k,l,m,o,p,q,r=L.hasData(a)&&L.get(a);if(r&&(i=r.events)){b=(b||"").match(E)||[""],j=b.length;while(j--)if(h=Y.exec(b[j])||[],o=q=h[1],p=(h[2]||"").split(".").sort(),o){l=n.event.special[o]||{},o=(d?l.delegateType:l.bindType)||o,m=i[o]||[],h=h[2]&&new RegExp("(^|\\.)"+p.join("\\.(?:.*\\.|)")+"(\\.|$)"),g=f=m.length;while(f--)k=m[f],!e&&q!==k.origType||c&&c.guid!==k.guid||h&&!h.test(k.namespace)||d&&d!==k.selector&&("**"!==d||!k.selector)||(m.splice(f,1),k.selector&&m.delegateCount--,l.remove&&l.remove.call(a,k));g&&!m.length&&(l.teardown&&l.teardown.call(a,p,r.handle)!==!1||n.removeEvent(a,o,r.handle),delete i[o])}else for(o in i)n.event.remove(a,o+b[j],c,d,!0);n.isEmptyObject(i)&&(delete r.handle,L.remove(a,"events"))}},trigger:function(b,c,d,e){var f,g,h,i,k,m,o,p=[d||l],q=j.call(b,"type")?b.type:b,r=j.call(b,"namespace")?b.namespace.split("."):[];if(g=h=d=d||l,3!==d.nodeType&&8!==d.nodeType&&!X.test(q+n.event.triggered)&&(q.indexOf(".")>=0&&(r=q.split("."),q=r.shift(),r.sort()),k=q.indexOf(":")<0&&"on"+q,b=b[n.expando]?b:new n.Event(q,"object"==typeof b&&b),b.isTrigger=e?2:3,b.namespace=r.join("."),b.namespace_re=b.namespace?new RegExp("(^|\\.)"+r.join("\\.(?:.*\\.|)")+"(\\.|$)"):null,b.result=void 0,b.target||(b.target=d),c=null==c?[b]:n.makeArray(c,[b]),o=n.event.special[q]||{},e||!o.trigger||o.trigger.apply(d,c)!==!1)){if(!e&&!o.noBubble&&!n.isWindow(d)){for(i=o.delegateType||q,X.test(i+q)||(g=g.parentNode);g;g=g.parentNode)p.push(g),h=g;h===(d.ownerDocument||l)&&p.push(h.defaultView||h.parentWindow||a)}f=0;while((g=p[f++])&&!b.isPropagationStopped())b.type=f>1?i:o.bindType||q,m=(L.get(g,"events")||{})[b.type]&&L.get(g,"handle"),m&&m.apply(g,c),m=k&&g[k],m&&m.apply&&n.acceptData(g)&&(b.result=m.apply(g,c),b.result===!1&&b.preventDefault());return b.type=q,e||b.isDefaultPrevented()||o._default&&o._default.apply(p.pop(),c)!==!1||!n.acceptData(d)||k&&n.isFunction(d[q])&&!n.isWindow(d)&&(h=d[k],h&&(d[k]=null),n.event.triggered=q,d[q](),n.event.triggered=void 0,h&&(d[k]=h)),b.result}},dispatch:function(a){a=n.event.fix(a);var b,c,e,f,g,h=[],i=d.call(arguments),j=(L.get(this,"events")||{})[a.type]||[],k=n.event.special[a.type]||{};if(i[0]=a,a.delegateTarget=this,!k.preDispatch||k.preDispatch.call(this,a)!==!1){h=n.event.handlers.call(this,a,j),b=0;while((f=h[b++])&&!a.isPropagationStopped()){a.currentTarget=f.elem,c=0;while((g=f.handlers[c++])&&!a.isImmediatePropagationStopped())(!a.namespace_re||a.namespace_re.test(g.namespace))&&(a.handleObj=g,a.data=g.data,e=((n.event.special[g.origType]||{}).handle||g.handler).apply(f.elem,i),void 0!==e&&(a.result=e)===!1&&(a.preventDefault(),a.stopPropagation()))}return k.postDispatch&&k.postDispatch.call(this,a),a.result}},handlers:function(a,b){var c,d,e,f,g=[],h=b.delegateCount,i=a.target;if(h&&i.nodeType&&(!a.button||"click"!==a.type))for(;i!==this;i=i.parentNode||this)if(i.disabled!==!0||"click"!==a.type){for(d=[],c=0;h>c;c++)f=b[c],e=f.selector+" ",void 0===d[e]&&(d[e]=f.needsContext?n(e,this).index(i)>=0:n.find(e,this,null,[i]).length),d[e]&&d.push(f);d.length&&g.push({elem:i,handlers:d})}return h]*)\/>/gi,ba=/<([\w:]+)/,ca=/<|&#?\w+;/,da=/<(?:script|style|link)/i,ea=/checked\s*(?:[^=]|=\s*.checked.)/i,fa=/^$|\/(?:java|ecma)script/i,ga=/^true\/(.*)/,ha=/^\s*\s*$/g,ia={option:[1,""],thead:[1,"","
"],col:[2,"","
"],tr:[2,"","
"],td:[3,"","
"],_default:[0,"",""]};ia.optgroup=ia.option,ia.tbody=ia.tfoot=ia.colgroup=ia.caption=ia.thead,ia.th=ia.td;function ja(a,b){return n.nodeName(a,"table")&&n.nodeName(11!==b.nodeType?b:b.firstChild,"tr")?a.getElementsByTagName("tbody")[0]||a.appendChild(a.ownerDocument.createElement("tbody")):a}function ka(a){return a.type=(null!==a.getAttribute("type"))+"/"+a.type,a}function la(a){var b=ga.exec(a.type);return b?a.type=b[1]:a.removeAttribute("type"),a}function ma(a,b){for(var c=0,d=a.length;d>c;c++)L.set(a[c],"globalEval",!b||L.get(b[c],"globalEval"))}function na(a,b){var c,d,e,f,g,h,i,j;if(1===b.nodeType){if(L.hasData(a)&&(f=L.access(a),g=L.set(b,f),j=f.events)){delete g.handle,g.events={};for(e in j)for(c=0,d=j[e].length;d>c;c++)n.event.add(b,e,j[e][c])}M.hasData(a)&&(h=M.access(a),i=n.extend({},h),M.set(b,i))}}function oa(a,b){var c=a.getElementsByTagName?a.getElementsByTagName(b||"*"):a.querySelectorAll?a.querySelectorAll(b||"*"):[];return void 0===b||b&&n.nodeName(a,b)?n.merge([a],c):c}function pa(a,b){var c=b.nodeName.toLowerCase();"input"===c&&T.test(a.type)?b.checked=a.checked:("input"===c||"textarea"===c)&&(b.defaultValue=a.defaultValue)}n.extend({clone:function(a,b,c){var d,e,f,g,h=a.cloneNode(!0),i=n.contains(a.ownerDocument,a);if(!(k.noCloneChecked||1!==a.nodeType&&11!==a.nodeType||n.isXMLDoc(a)))for(g=oa(h),f=oa(a),d=0,e=f.length;e>d;d++)pa(f[d],g[d]);if(b)if(c)for(f=f||oa(a),g=g||oa(h),d=0,e=f.length;e>d;d++)na(f[d],g[d]);else na(a,h);return g=oa(h,"script"),g.length>0&&ma(g,!i&&oa(a,"script")),h},buildFragment:function(a,b,c,d){for(var e,f,g,h,i,j,k=b.createDocumentFragment(),l=[],m=0,o=a.length;o>m;m++)if(e=a[m],e||0===e)if("object"===n.type(e))n.merge(l,e.nodeType?[e]:e);else if(ca.test(e)){f=f||k.appendChild(b.createElement("div")),g=(ba.exec(e)||["",""])[1].toLowerCase(),h=ia[g]||ia._default,f.innerHTML=h[1]+e.replace(aa,"<$1>")+h[2],j=h[0];while(j--)f=f.lastChild;n.merge(l,f.childNodes),f=k.firstChild,f.textContent=""}else l.push(b.createTextNode(e));k.textContent="",m=0;while(e=l[m++])if((!d||-1===n.inArray(e,d))&&(i=n.contains(e.ownerDocument,e),f=oa(k.appendChild(e),"script"),i&&ma(f),c)){j=0;while(e=f[j++])fa.test(e.type||"")&&c.push(e)}return k},cleanData:function(a){for(var b,c,d,e,f=n.event.special,g=0;void 0!==(c=a[g]);g++){if(n.acceptData(c)&&(e=c[L.expando],e&&(b=L.cache[e]))){if(b.events)for(d in b.events)f[d]?n.event.remove(c,d):n.removeEvent(c,d,b.handle);L.cache[e]&&delete L.cache[e]}delete M.cache[c[M.expando]]}}}),n.fn.extend({text:function(a){return J(this,function(a){return void 0===a?n.text(this):this.empty().each(function(){(1===this.nodeType||11===this.nodeType||9===this.nodeType)&&(this.textContent=a)})},null,a,arguments.length)},append:function(){return this.domManip(arguments,function(a){if(1===this.nodeType||11===this.nodeType||9===this.nodeType){var b=ja(this,a);b.appendChild(a)}})},prepend:function(){return this.domManip(arguments,function(a){if(1===this.nodeType||11===this.nodeType||9===this.nodeType){var b=ja(this,a);b.insertBefore(a,b.firstChild)}})},before:function(){return this.domManip(arguments,function(a){this.parentNode&&this.parentNode.insertBefore(a,this)})},after:function(){return this.domManip(arguments,function(a){this.parentNode&&this.parentNode.insertBefore(a,this.nextSibling)})},remove:function(a,b){for(var c,d=a?n.filter(a,this):this,e=0;null!=(c=d[e]);e++)b||1!==c.nodeType||n.cleanData(oa(c)),c.parentNode&&(b&&n.contains(c.ownerDocument,c)&&ma(oa(c,"script")),c.parentNode.removeChild(c));return this},empty:function(){for(var a,b=0;null!=(a=this[b]);b++)1===a.nodeType&&(n.cleanData(oa(a,!1)),a.textContent="");return this},clone:function(a,b){return a=null==a?!1:a,b=null==b?a:b,this.map(function(){return n.clone(this,a,b)})},html:function(a){return J(this,function(a){var b=this[0]||{},c=0,d=this.length;if(void 0===a&&1===b.nodeType)return b.innerHTML;if("string"==typeof a&&!da.test(a)&&!ia[(ba.exec(a)||["",""])[1].toLowerCase()]){a=a.replace(aa,"<$1>");try{for(;d>c;c++)b=this[c]||{},1===b.nodeType&&(n.cleanData(oa(b,!1)),b.innerHTML=a);b=0}catch(e){}}b&&this.empty().append(a)},null,a,arguments.length)},replaceWith:function(){var a=arguments[0];return this.domManip(arguments,function(b){a=this.parentNode,n.cleanData(oa(this)),a&&a.replaceChild(b,this)}),a&&(a.length||a.nodeType)?this:this.remove()},detach:function(a){return this.remove(a,!0)},domManip:function(a,b){a=e.apply([],a);var c,d,f,g,h,i,j=0,l=this.length,m=this,o=l-1,p=a[0],q=n.isFunction(p);if(q||l>1&&"string"==typeof p&&!k.checkClone&&ea.test(p))return this.each(function(c){var d=m.eq(c);q&&(a[0]=p.call(this,c,d.html())),d.domManip(a,b)});if(l&&(c=n.buildFragment(a,this[0].ownerDocument,!1,this),d=c.firstChild,1===c.childNodes.length&&(c=d),d)){for(f=n.map(oa(c,"script"),ka),g=f.length;l>j;j++)h=c,j!==o&&(h=n.clone(h,!0,!0),g&&n.merge(f,oa(h,"script"))),b.call(this[j],h,j);if(g)for(i=f[f.length-1].ownerDocument,n.map(f,la),j=0;g>j;j++)h=f[j],fa.test(h.type||"")&&!L.access(h,"globalEval")&&n.contains(i,h)&&(h.src?n._evalUrl&&n._evalUrl(h.src):n.globalEval(h.textContent.replace(ha,"")))}return this}}),n.each({appendTo:"append",prependTo:"prepend",insertBefore:"before",insertAfter:"after",replaceAll:"replaceWith"},function(a,b){n.fn[a]=function(a){for(var c,d=[],e=n(a),g=e.length-1,h=0;g>=h;h++)c=h===g?this:this.clone(!0),n(e[h])[b](c),f.apply(d,c.get());return this.pushStack(d)}});var qa,ra={};function sa(b,c){var d,e=n(c.createElement(b)).appendTo(c.body),f=a.getDefaultComputedStyle&&(d=a.getDefaultComputedStyle(e[0]))?d.display:n.css(e[0],"display");return e.detach(),f}function ta(a){var b=l,c=ra[a];return c||(c=sa(a,b),"none"!==c&&c||(qa=(qa||n("