Skip to content

Commit

Permalink
Merge pull request #1262 from GSA/saml-cert-rotation-2024
Browse files Browse the repository at this point in the history 
update metadata2024 for login sandbox and production
  • Loading branch information
@FuhuXia
FuhuXia authored Mar 6, 2024
2 parents f9b0a3b + 9e3f492 commit 7904e0c
Show file tree
Hide file tree
Showing 3 changed files with 30 additions and 30 deletions.
20 changes: 10 additions & 10 deletions ckan/saml2/idp.xml
View file
Original file line number Diff line number Diff line change
@@ -1,47 +1,47 @@
<EntityDescriptor ID="_9677ef4f-3645-4a8c-9183-42be9eeb9d1a"
<EntityDescriptor ID="_e476abad-9e72-4c04-b2a6-ca4adfd96305"
xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://idp.int.identitysandbox.gov/api/saml">
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"></ds:SignatureMethod>
<ds:Reference URI="#_9677ef4f-3645-4a8c-9183-42be9eeb9d1a">
<ds:Reference URI="#_e476abad-9e72-4c04-b2a6-ca4adfd96305">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></ds:Transform>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></ds:DigestMethod>
<ds:DigestValue>ehfhDuMuHpvnWcJt1Za2qeqwMLx8kl/SnB+5HtfRkRo=</ds:DigestValue>
<ds:DigestValue>lueHEVMBJFpFx61XPyeIy9OqQZt/FnY34BjceSJhdEg=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>dB9/9cdnnC7h4Ezy3GzlsexKxPyGZlZ6haJwzRo0P58tIqqDvqCp6ucGLDAgzhK2egaI47e+5vayZHcJ5q8L1mosRKPyMfZAhggrCSRYl4fkl8vZeoUezHQXu0VnTKhjL3cSADsKiU0+XSX6LfN6wcfeSgOrG17PYL4eLxDHSL9dAZe7mI8FG4a3ShoJJtm6b/G3REstG4kcEKdCpe3Quh7djSvj0qxA2QW/lGhY7rJq7D9qKKOgps1HgecWGYKD4vwWuYGra3uCLuGcK+GX95dQxoWdRwxCu8CSUMovJQssNh4S92j3bvqKQvZqF5TK9TdzX2aLU1ctMsTHv7t9LQ==</ds:SignatureValue>
<ds:SignatureValue>fggtNDXqdKVDn8WR2sKC0HPwJ1JLEOcvBcDvx9t0wVecxVMrVPfX0Wm8xhme8s2oCy9WIxPSvyxdT3PG89n/XYgy8IlDtRP9S0jP2+q8YVW+5NhIFBXPfomc7RWovQwNKVPFJ9lMvkpFhhyNL8gNnS6xaHaqBtyiRDXDlvGJRqC7dM+Mc7WqU9p6xOas06Y3K6phTByWLSUITjoz/suXic64w9gBl31rg29rkpjs3o9S5t4sAfyDenhBjIBHBGB0nhLgOQgT3h3t9a8tDe2XRh3KsK/Mw4GcHK47rrTPRwO5G8hDG96JmafhMxZ6WE0XbqATyU2rJAosnXrvY+xOtw==</ds:SignatureValue>
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>MIIDiDCCAnACCQCEAEZwjX7ZlzANBgkqhkiG9w0BAQsFADCBhTELMAkGA1UEBhMCVVMxHTAbBgNVBAgMFERpc3RyaWN0IG9mIENvbHVtYmlhMRMwEQYDVQQHDApXYXNoaW5ndG9uMQwwCgYDVQQKDANHU0ExEjAQBgNVBAsMCUxvZ2luLmdvdjEgMB4GA1UEAwwXaW50LmlkZW50aXR5c2FuZGJveC5nb3YwHhcNMjMwMjE4MDAxMzQzWhcNMjQwNDAyMDAxMzQzWjCBhTELMAkGA1UEBhMCVVMxHTAbBgNVBAgMFERpc3RyaWN0IG9mIENvbHVtYmlhMRMwEQYDVQQHDApXYXNoaW5ndG9uMQwwCgYDVQQKDANHU0ExEjAQBgNVBAsMCUxvZ2luLmdvdjEgMB4GA1UEAwwXaW50LmlkZW50aXR5c2FuZGJveC5nb3YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk/TQMCt+F9wUaxXYVFJg3g8Vdoe08yu/VzPJ8rWKt8ltzcjaxjmicEsOjnqU9CbAW2Mj/0u0OQ82224Sf5gqIG+dKYRjhjnBv5tg8FCTSkqYQ9xZStOuT0spN+mGdTszod89TmVorWLGUOuctvd67tyMEfCzZeQxCNNh/xK0BHOb0uJd3wFRrt+v2H74s71EkcVR2Yib/SX5+5JuVVPfv9W60doYTURiDTG8verPFTL9Rv/ML2LvlOxo2ZpCSINKq7Q+kjPQkn2M1x9oliwOHU87yzc8s4Wehl+VDumqR41HrCy4ptUvSYdWu6+qpT/+MgTp+4c7cpIEtMyFSLHLfAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIhammcpqCEaFqxZPGbGGoCdeq8sjkO0S6jLMpOATFmfejN1UUSd0iHR/wBFppahXivOmklUAT4rukNGipTa6wdeZUv4DJ74ROl9Rdiz0MrI6DfUdAx65gOMn5X+A9DjQQVB4V2ZJ7Fn/94OIZGPNufD5UIHGTxLYY1XuUjUvj3XLD04PlrgqovEq4EzokaFX+2Kni8zGTE2C+cItQsQiF69ZwPvd4/x4mtGK5vuFJYdLxrTAZDPAlHL1DzpLtVJ8rAs6axmQ6yS3juYNH50VwZOD3SNzA97oWiKbuB80QEg/YJULOUJ/fOtTwVxKucjPJVvn0ZCmVg+/FnnbxnQ/q4=</ds:X509Certificate>
<ds:X509Certificate>MIID7TCCAtWgAwIBAgIUYePi2i1UjRg3fIK0FG15rZaSOvAwDQYJKoZIhvcNAQELBQAwgYUxCzAJBgNVBAYTAlVTMR0wGwYDVQQIDBREaXN0cmljdCBvZiBDb2x1bWJpYTETMBEGA1UEBwwKV2FzaGluZ3RvbjEMMAoGA1UECgwDR1NBMRIwEAYDVQQLDAlMb2dpbi5nb3YxIDAeBgNVBAMMF2ludC5pZGVudGl0eXNhbmRib3guZ292MB4XDTI0MDExNjIwMTEyMloXDTI1MDQwMTIwMTEyMlowgYUxCzAJBgNVBAYTAlVTMR0wGwYDVQQIDBREaXN0cmljdCBvZiBDb2x1bWJpYTETMBEGA1UEBwwKV2FzaGluZ3RvbjEMMAoGA1UECgwDR1NBMRIwEAYDVQQLDAlMb2dpbi5nb3YxIDAeBgNVBAMMF2ludC5pZGVudGl0eXNhbmRib3guZ292MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0K9gJdCDRwndI+Gd44cugWK3VWKgPV/oZU74KqYxJOomJUgLLYMHskS3RDlOla+k25SvBLWFlT9Y10RAnWo6ZDquY+/BaedyoTaoLf/5K/JxXz8th00aIll4ym3CLE/ac9B7s/apACdpH63XwAlaRC3A4Hbq1DWXd2Hcuw0B9pRpMKFd6i/kVvAsNH7tNn5gBL9hckiPxR4FD8/VysnVmXpNNFyKNEUQi6iqKVbUhzB+4WZMB/qBnnIEeSuUpHfQCUJR3SjRYzBLR+iVAXKeNCg7CENZbu02AY32kyO6QStQnGItTi355p4VFumA4dQS2MZsXYAPo+QP+qe6rguXaQIDAQABo1MwUTAdBgNVHQ4EFgQUGbZYf4tPIbZxRYwemr7iRXcS8jUwHwYDVR0jBBgwFoAUGbZYf4tPIbZxRYwemr7iRXcS8jUwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAtPlcy1eToYc2B0+zg4DdGQDZQA897Z7oLX0nfpf4Bsx1sQzqhEd1iBPh4/g0wO45T4c0aOdH+bdv8UC9NWupKdIrz9VGY3XD5ef8ydTWAzcN9k+gTZmPQ506SRqI6GlWy8QDuPX+sK7apOkd/TUILAeoA9on+v8qg52jU1E4e8La8Kd8PPNWbAbLew2lp/ANRYbtcPmVbJYOlY8nBOZadzL3LPwWkPJII78hmSc2eV4UqyTVbJ/k15i+tx+8GALx1LHMri11fvcFhJUx/qfGU6X7xnI32eZtmOH7Y+Xi9dxh560ohSgP3m4xv2YKsVjm2tPZGfZvpOGNEYTvdaXaAA==</ds:X509Certificate>
</ds:X509Data>
</KeyInfo>
</ds:Signature>
<IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<KeyDescriptor use="signing">
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<X509Data>
<X509Certificate>MIIDiDCCAnACCQCEAEZwjX7ZlzANBgkqhkiG9w0BAQsFADCBhTELMAkGA1UEBhMCVVMxHTAbBgNVBAgMFERpc3RyaWN0IG9mIENvbHVtYmlhMRMwEQYDVQQHDApXYXNoaW5ndG9uMQwwCgYDVQQKDANHU0ExEjAQBgNVBAsMCUxvZ2luLmdvdjEgMB4GA1UEAwwXaW50LmlkZW50aXR5c2FuZGJveC5nb3YwHhcNMjMwMjE4MDAxMzQzWhcNMjQwNDAyMDAxMzQzWjCBhTELMAkGA1UEBhMCVVMxHTAbBgNVBAgMFERpc3RyaWN0IG9mIENvbHVtYmlhMRMwEQYDVQQHDApXYXNoaW5ndG9uMQwwCgYDVQQKDANHU0ExEjAQBgNVBAsMCUxvZ2luLmdvdjEgMB4GA1UEAwwXaW50LmlkZW50aXR5c2FuZGJveC5nb3YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk/TQMCt+F9wUaxXYVFJg3g8Vdoe08yu/VzPJ8rWKt8ltzcjaxjmicEsOjnqU9CbAW2Mj/0u0OQ82224Sf5gqIG+dKYRjhjnBv5tg8FCTSkqYQ9xZStOuT0spN+mGdTszod89TmVorWLGUOuctvd67tyMEfCzZeQxCNNh/xK0BHOb0uJd3wFRrt+v2H74s71EkcVR2Yib/SX5+5JuVVPfv9W60doYTURiDTG8verPFTL9Rv/ML2LvlOxo2ZpCSINKq7Q+kjPQkn2M1x9oliwOHU87yzc8s4Wehl+VDumqR41HrCy4ptUvSYdWu6+qpT/+MgTp+4c7cpIEtMyFSLHLfAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIhammcpqCEaFqxZPGbGGoCdeq8sjkO0S6jLMpOATFmfejN1UUSd0iHR/wBFppahXivOmklUAT4rukNGipTa6wdeZUv4DJ74ROl9Rdiz0MrI6DfUdAx65gOMn5X+A9DjQQVB4V2ZJ7Fn/94OIZGPNufD5UIHGTxLYY1XuUjUvj3XLD04PlrgqovEq4EzokaFX+2Kni8zGTE2C+cItQsQiF69ZwPvd4/x4mtGK5vuFJYdLxrTAZDPAlHL1DzpLtVJ8rAs6axmQ6yS3juYNH50VwZOD3SNzA97oWiKbuB80QEg/YJULOUJ/fOtTwVxKucjPJVvn0ZCmVg+/FnnbxnQ/q4=</X509Certificate>
<X509Certificate>MIID7TCCAtWgAwIBAgIUYePi2i1UjRg3fIK0FG15rZaSOvAwDQYJKoZIhvcNAQELBQAwgYUxCzAJBgNVBAYTAlVTMR0wGwYDVQQIDBREaXN0cmljdCBvZiBDb2x1bWJpYTETMBEGA1UEBwwKV2FzaGluZ3RvbjEMMAoGA1UECgwDR1NBMRIwEAYDVQQLDAlMb2dpbi5nb3YxIDAeBgNVBAMMF2ludC5pZGVudGl0eXNhbmRib3guZ292MB4XDTI0MDExNjIwMTEyMloXDTI1MDQwMTIwMTEyMlowgYUxCzAJBgNVBAYTAlVTMR0wGwYDVQQIDBREaXN0cmljdCBvZiBDb2x1bWJpYTETMBEGA1UEBwwKV2FzaGluZ3RvbjEMMAoGA1UECgwDR1NBMRIwEAYDVQQLDAlMb2dpbi5nb3YxIDAeBgNVBAMMF2ludC5pZGVudGl0eXNhbmRib3guZ292MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0K9gJdCDRwndI+Gd44cugWK3VWKgPV/oZU74KqYxJOomJUgLLYMHskS3RDlOla+k25SvBLWFlT9Y10RAnWo6ZDquY+/BaedyoTaoLf/5K/JxXz8th00aIll4ym3CLE/ac9B7s/apACdpH63XwAlaRC3A4Hbq1DWXd2Hcuw0B9pRpMKFd6i/kVvAsNH7tNn5gBL9hckiPxR4FD8/VysnVmXpNNFyKNEUQi6iqKVbUhzB+4WZMB/qBnnIEeSuUpHfQCUJR3SjRYzBLR+iVAXKeNCg7CENZbu02AY32kyO6QStQnGItTi355p4VFumA4dQS2MZsXYAPo+QP+qe6rguXaQIDAQABo1MwUTAdBgNVHQ4EFgQUGbZYf4tPIbZxRYwemr7iRXcS8jUwHwYDVR0jBBgwFoAUGbZYf4tPIbZxRYwemr7iRXcS8jUwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAtPlcy1eToYc2B0+zg4DdGQDZQA897Z7oLX0nfpf4Bsx1sQzqhEd1iBPh4/g0wO45T4c0aOdH+bdv8UC9NWupKdIrz9VGY3XD5ef8ydTWAzcN9k+gTZmPQ506SRqI6GlWy8QDuPX+sK7apOkd/TUILAeoA9on+v8qg52jU1E4e8La8Kd8PPNWbAbLew2lp/ANRYbtcPmVbJYOlY8nBOZadzL3LPwWkPJII78hmSc2eV4UqyTVbJ/k15i+tx+8GALx1LHMri11fvcFhJUx/qfGU6X7xnI32eZtmOH7Y+Xi9dxh560ohSgP3m4xv2YKsVjm2tPZGfZvpOGNEYTvdaXaAA==</X509Certificate>
</X509Data>
</KeyInfo>
</KeyDescriptor>
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
<NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.int.identitysandbox.gov/api/saml/auth2023"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.int.identitysandbox.gov/api/saml/auth2023"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.int.identitysandbox.gov/api/saml/auth2024"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.int.identitysandbox.gov/api/saml/auth2024"/>
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location=""/>
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location=""/>
</IDPSSODescriptor>
<AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<KeyDescriptor use="signing">
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<X509Data>
<X509Certificate>MIIDiDCCAnACCQCEAEZwjX7ZlzANBgkqhkiG9w0BAQsFADCBhTELMAkGA1UEBhMCVVMxHTAbBgNVBAgMFERpc3RyaWN0IG9mIENvbHVtYmlhMRMwEQYDVQQHDApXYXNoaW5ndG9uMQwwCgYDVQQKDANHU0ExEjAQBgNVBAsMCUxvZ2luLmdvdjEgMB4GA1UEAwwXaW50LmlkZW50aXR5c2FuZGJveC5nb3YwHhcNMjMwMjE4MDAxMzQzWhcNMjQwNDAyMDAxMzQzWjCBhTELMAkGA1UEBhMCVVMxHTAbBgNVBAgMFERpc3RyaWN0IG9mIENvbHVtYmlhMRMwEQYDVQQHDApXYXNoaW5ndG9uMQwwCgYDVQQKDANHU0ExEjAQBgNVBAsMCUxvZ2luLmdvdjEgMB4GA1UEAwwXaW50LmlkZW50aXR5c2FuZGJveC5nb3YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk/TQMCt+F9wUaxXYVFJg3g8Vdoe08yu/VzPJ8rWKt8ltzcjaxjmicEsOjnqU9CbAW2Mj/0u0OQ82224Sf5gqIG+dKYRjhjnBv5tg8FCTSkqYQ9xZStOuT0spN+mGdTszod89TmVorWLGUOuctvd67tyMEfCzZeQxCNNh/xK0BHOb0uJd3wFRrt+v2H74s71EkcVR2Yib/SX5+5JuVVPfv9W60doYTURiDTG8verPFTL9Rv/ML2LvlOxo2ZpCSINKq7Q+kjPQkn2M1x9oliwOHU87yzc8s4Wehl+VDumqR41HrCy4ptUvSYdWu6+qpT/+MgTp+4c7cpIEtMyFSLHLfAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIhammcpqCEaFqxZPGbGGoCdeq8sjkO0S6jLMpOATFmfejN1UUSd0iHR/wBFppahXivOmklUAT4rukNGipTa6wdeZUv4DJ74ROl9Rdiz0MrI6DfUdAx65gOMn5X+A9DjQQVB4V2ZJ7Fn/94OIZGPNufD5UIHGTxLYY1XuUjUvj3XLD04PlrgqovEq4EzokaFX+2Kni8zGTE2C+cItQsQiF69ZwPvd4/x4mtGK5vuFJYdLxrTAZDPAlHL1DzpLtVJ8rAs6axmQ6yS3juYNH50VwZOD3SNzA97oWiKbuB80QEg/YJULOUJ/fOtTwVxKucjPJVvn0ZCmVg+/FnnbxnQ/q4=</X509Certificate>
<X509Certificate>MIID7TCCAtWgAwIBAgIUYePi2i1UjRg3fIK0FG15rZaSOvAwDQYJKoZIhvcNAQELBQAwgYUxCzAJBgNVBAYTAlVTMR0wGwYDVQQIDBREaXN0cmljdCBvZiBDb2x1bWJpYTETMBEGA1UEBwwKV2FzaGluZ3RvbjEMMAoGA1UECgwDR1NBMRIwEAYDVQQLDAlMb2dpbi5nb3YxIDAeBgNVBAMMF2ludC5pZGVudGl0eXNhbmRib3guZ292MB4XDTI0MDExNjIwMTEyMloXDTI1MDQwMTIwMTEyMlowgYUxCzAJBgNVBAYTAlVTMR0wGwYDVQQIDBREaXN0cmljdCBvZiBDb2x1bWJpYTETMBEGA1UEBwwKV2FzaGluZ3RvbjEMMAoGA1UECgwDR1NBMRIwEAYDVQQLDAlMb2dpbi5nb3YxIDAeBgNVBAMMF2ludC5pZGVudGl0eXNhbmRib3guZ292MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0K9gJdCDRwndI+Gd44cugWK3VWKgPV/oZU74KqYxJOomJUgLLYMHskS3RDlOla+k25SvBLWFlT9Y10RAnWo6ZDquY+/BaedyoTaoLf/5K/JxXz8th00aIll4ym3CLE/ac9B7s/apACdpH63XwAlaRC3A4Hbq1DWXd2Hcuw0B9pRpMKFd6i/kVvAsNH7tNn5gBL9hckiPxR4FD8/VysnVmXpNNFyKNEUQi6iqKVbUhzB+4WZMB/qBnnIEeSuUpHfQCUJR3SjRYzBLR+iVAXKeNCg7CENZbu02AY32kyO6QStQnGItTi355p4VFumA4dQS2MZsXYAPo+QP+qe6rguXaQIDAQABo1MwUTAdBgNVHQ4EFgQUGbZYf4tPIbZxRYwemr7iRXcS8jUwHwYDVR0jBBgwFoAUGbZYf4tPIbZxRYwemr7iRXcS8jUwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAtPlcy1eToYc2B0+zg4DdGQDZQA897Z7oLX0nfpf4Bsx1sQzqhEd1iBPh4/g0wO45T4c0aOdH+bdv8UC9NWupKdIrz9VGY3XD5ef8ydTWAzcN9k+gTZmPQ506SRqI6GlWy8QDuPX+sK7apOkd/TUILAeoA9on+v8qg52jU1E4e8La8Kd8PPNWbAbLew2lp/ANRYbtcPmVbJYOlY8nBOZadzL3LPwWkPJII78hmSc2eV4UqyTVbJ/k15i+tx+8GALx1LHMri11fvcFhJUx/qfGU6X7xnI32eZtmOH7Y+Xi9dxh560ohSgP3m4xv2YKsVjm2tPZGfZvpOGNEYTvdaXaAA==</X509Certificate>
</X509Data>
</KeyInfo>
</KeyDescriptor>
Expand All @@ -61,4 +61,4 @@
<OrganizationURL xml:lang="en">https://login.gov</OrganizationURL>
</Organization>
<ContactPerson contactType="technical"></ContactPerson>
</EntityDescriptor>
</EntityDescriptor>
Loading

0 comments on commit 7904e0c

Please sign in to comment.