26 lines
1.5 KiB
XML
26 lines
1.5 KiB
XML
<EntityDescriptor
|
|
entityID="{{ keystone_fid_service_provider.base_url }}{{ options.sp_auth_path }}"
|
|
xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
|
|
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
|
<SPSSODescriptor
|
|
protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"
|
|
AuthnRequestsSigned="{{ options.authn_requests_signed|lower }}"
|
|
WantAssertionsSigned="{{ options.want_assertions_signed|lower }}">
|
|
<KeyDescriptor use="signing">
|
|
{{ options.sp_signing_keyinfo }}
|
|
</KeyDescriptor>
|
|
{% if options.saml_encryption %}
|
|
<KeyDescriptor use="encryption">
|
|
{{ options.sp_signing_keyinfo }}
|
|
</KeyDescriptor>
|
|
{% endif %}
|
|
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="{{ keystone_fid_service_provider.base_url }}{{ options.sp_logout_path }}"/>
|
|
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="{{ keystone_fid_service_provider.base_url }}{{ options.sp_logout_path }}"/>
|
|
{% for format in options.supported_nameid_formats -%}
|
|
<NameIDFormat>{{ format }}</NameIDFormat>
|
|
{% endfor -%}
|
|
<AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="{{ keystone_fid_service_provider.base_url }}{{ options.sp_post_response_path }}" isDefault="true" index="0"/>
|
|
<AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="{{ keystone_fid_service_provider.base_url }}{{ options.sp_paos_response_path }}" index="1"/>
|
|
</SPSSODescriptor>
|
|
</EntityDescriptor>
|