1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
<EntityDescriptor entityID="https://fed-interop-wg.ligo.org/shibboleth-sp"
                  xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
                  xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
                  xmlns:shibmd="urn:mace:shibboleth:metadata:1.0"
                  xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
                  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

    <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <Extensions>
            <idpdisc:DiscoveryResponse index="1" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://fed-interop-wg/Shibboleth.sso/Login" />
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">I2 Fed Op WG GitLab hosted by LIGO</mdui:DisplayName>
                <mdui:Description xml:lang="en">GitLab service for the Internet2 Federation Interoperability Working Group hosted by LIGO</mdui:Description>
                <mdui:InformationURL xml:lang="en">https://fed-interop-wg.ligo.org</mdui:InformationURL>
                <mdui:PrivacyStatementURL xml:lang="en">https://dcc.ligo.org/cgi-bin/DocDB/ShowDocument?docid=89243</mdui:PrivacyStatementURL>
                <mdui:Logo height="60" width="80" xml:lang="en">https://login.ligo.org/SAML2/metadata/ui/ligologo80x60.png</mdui:Logo>
            </mdui:UIInfo>
        </Extensions>

        <KeyDescriptor>
            <ds:KeyInfo>
                <ds:X509Data>
                    <ds:X509Certificate>
MIIDODCCAiCgAwIBAgIJAO4GMlBzog5QMA0GCSqGSIb3DQEBBQUAMCIxIDAeBgNV
BAMTF2ZlZC1pbnRlcm9wLXdnLmxpZ28ub3JnMB4XDTE1MDgyOTE4NTYzOFoXDTE4
MDgyODE4NTYzOFowIjEgMB4GA1UEAxMXZmVkLWludGVyb3Atd2cubGlnby5vcmcw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAnD0Eot/XtlRZv1dgabn5
1suiIcnCJyli3NF6Lnm8pm+QxuRfJxGQTyJcmaSuUixU3K9OorRVGVo0+La0liSK
3yncmHZQ0SC7PKsuavwupM7QoEHuJXq2dj+cfz2+r7KtfUprE1GsdoYQe1lG0Q78
mIFfZEoz+PPyIWJQbMk3P3W45mnYvYNWcxOFfoEGG3sEFJMnV8rI2cpLLbDRmY2l
ywwF9pvgP5ndDGaDwC+mEVW2+LLGc+g1MZfzuTUM/1jdduGgBrbH2VkunFDpaE7q
JmKmeNEipvu46jQRqB+k5OAC++rJ0U3GtdGh6kF+6wleNwmKB98RBZZnrkwTTbbr
AgMBAAGjcTBvME4GA1UdEQRHMEWCF2ZlZC1pbnRlcm9wLXdnLmxpZ28ub3Jnhipo
dHRwczovL2ZlZC1pbnRlcm9wLXdnLmxpZ28ub3JnL3NoaWJib2xldGgwHQYDVR0O
BBYEFBQ8hmlK6r1tTukMs96IGob5xMl+MA0GCSqGSIb3DQEBBQUAA4IBAQBCfGPD
1SEjl3E/XtQ/9tv1NrCCOHib29BoFDIIjTejcyehwX0/lDW9Ryra6t+qlkofAuV9
PUVL3dBQQFka0adUPonvs5Q9chisVj1hT4mhUz1C72m9wIDsIP9QQkuOqgK/3SFg
J0wsttMzP2uirZRnkg9DHKfym64D8sCpI8qWtHJbf40qxH9Zk90BKQWNR6e3qnLC
ncePo7O6V1anNgFJD78E+bNjd9KlY/YJkzOyL/M52HhM6IjDvBRgfhwUxf9HkdEb
APc4VR5gYD4DBiUTINX+Ex3yinxQ4AHx09FlvKXu2MKGmiCH3AozhjvR4vNFivqi
dD7nKurLpav8RpR+
                    </ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </KeyDescriptor>

        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>

        <AssertionConsumerService
            Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
            Location="https://fed-interop-wg.ligo.org/Shibboleth.sso/SAML2/POST" index="1"/>

        <AssertionConsumerService
            Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign"
            Location="https://fed-interop-wg.ligo.org/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>

        <AssertionConsumerService
            Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
            Location="https://fed-interop-wg.ligo.org/Shibboleth.sso/SAML2/Artifact" index="3"/>

        <AssertionConsumerService
            Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS"
            Location="https://fed-interop-wg.ligo.org/Shibboleth.sso/SAML2/ECP" index="4"/>

        <AttributeConsumingService xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" index="1">
            <ServiceName xml:lang="en">I2 Fed Op WG GitLab hosted by LIGO</ServiceName>
            <ServiceDescription xml:lang="en">GitLab service for the Internet2 Federation Interoperability Working Group hosted by LIGO</ServiceDescription>
            <RequestedAttribute FriendlyName="eduPersonPrincipalName" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true" />
            <RequestedAttribute FriendlyName="mail" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true" />
            <RequestedAttribute FriendlyName="displayName" Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false" />
        </AttributeConsumingService>

    </SPSSODescriptor>

    <Organization>
        <OrganizationName xml:lang="en">Laser Interferometer Gravitational-Wave Observatory</OrganizationName>
        <OrganizationDisplayName xml:lang="en">LIGO</OrganizationDisplayName>
        <OrganizationURL xml:lang="en">http://www.ligo.org</OrganizationURL>
    </Organization>

    <ContactPerson contactType="technical">
        <GivenName>Scott</GivenName>
        <SurName>Koranda</SurName>
        <EmailAddress>scott.koranda@ligo.org</EmailAddress>
    </ContactPerson>

</EntityDescriptor>