openstack
/
charm-keystone-saml-mellon
Code Issues Proposed changes
charm-keystone-saml-mellon/src/templates/mellon-sp-metadata.xml

26 lines
1.5 KiB
XML
Raw Blame History

<EntityDescriptor
entityID="{{ keystone_fid_service_provider.base_url }}{{ options.sp_auth_path }}"
xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<SPSSODescriptor
protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"
AuthnRequestsSigned="{{ options.authn_requests_signed|lower }}"
WantAssertionsSigned="{{ options.want_assertions_signed|lower }}">
<KeyDescriptor use="signing">
{{ options.sp_signing_keyinfo }}
</KeyDescriptor>
{% if options.saml_encryption %}
<KeyDescriptor use="encryption">
{{ options.sp_signing_keyinfo }}
</KeyDescriptor>
{% endif %}
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="{{ keystone_fid_service_provider.base_url }}{{ options.sp_logout_path }}"/>
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="{{ keystone_fid_service_provider.base_url }}{{ options.sp_logout_path }}"/>
{% for format in options.supported_nameid_formats -%}
<NameIDFormat>{{ format }}</NameIDFormat>
{% endfor -%}
<AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="{{ keystone_fid_service_provider.base_url }}{{ options.sp_post_response_path }}" isDefault="true" index="0"/>
<AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="{{ keystone_fid_service_provider.base_url }}{{ options.sp_paos_response_path }}" index="1"/>
</SPSSODescriptor>
</EntityDescriptor>
View Git Blame Copy Permalink