diff --git a/.env.example b/.env.example index 6426ac140..591b9a98e 100644 --- a/.env.example +++ b/.env.example @@ -8,9 +8,9 @@ REDIS_PORT=put_the_azure_redis_port_here REDIS_PASSWORD=put_the_azure_redis_password_here TOKEN_DURATION_IN_SECONDS=3600 SAML_CALLBACK_URL="https://italia-backend/assertionConsumerService" -SAML_ISSUER="http://italia-backend" +SAML_ISSUER="https://spid.agid.gov.it/cd" SAML_ACCEPTED_CLOCK_SKEW_MS=0 -SAML_ATTRIBUTE_CONSUMING_SERVICE_INDEX=1 +SAML_ATTRIBUTE_CONSUMING_SERVICE_INDEX=0 PRE_SHARED_KEY="12345" ALLOW_NOTIFY_IP_SOURCE_RANGE="::ffff:ac13:1/112" AZURE_NH_HUB_NAME=put_nh_hub_name_here @@ -19,3 +19,5 @@ ALLOW_PAGOPA_IP_SOURCE_RANGE="::ffff:ac13:1/112" AUTHENTICATION_BASE_PATH="" API_BASE_PATH="/api/v1" PAGOPA_BASE_PATH="/pagopa/api/v1" +SPID_AUTOLOGIN=lussoluca +SPID_TESTENV_URL=https://spid-testenv2:8088 diff --git a/README.md b/README.md index d25254801..f4de75519 100644 --- a/README.md +++ b/README.md @@ -84,9 +84,8 @@ The code that manage this flow are in the `src/strategies/bearerSessionTokenStra * [Docker](https://www.docker.com/) and [Docker Compose](https://github.com/docker/compose) -To fully simulate the SPID authentication process we use the images provided by -[spid-testenv-backoffice](https://github.com/italia/spid-testenv-backoffice) and -[spid-testenv-identityserver](https://github.com/italia/spid-testenv-identityserver) projects. +To fully simulate the SPID authentication process we use the images provided by the +[spid-testenv2](https://github.com/italia/spid-testenv2) project. A Linux/macOS environment is required at the moment. @@ -105,14 +104,12 @@ A Linux/macOS environment is required at the moment. 11. edit your `/etc/hosts` file by adding: ``` - localhost spid-testenv-identityserver + localhost spid-testenv2 localhost italia-backend ``` -12. wait a couple of minutes to let the IDP start (or monitor the process with `$ tail -f logs/idp/wso2carbon.log`) -13. run `scripts/import-spid-data.sh` to configure the local IDP -14. copy `app/.env.example` to `app/.env` and fill the variables with your values -15. point your browser to [https://italia-backend](https://italia-backend) +12. copy `app/.env.example` to `app/.env` and fill the variables with your values +13. point your browser to [https://italia-backend](https://italia-backend) If you are using Docker with a Docker Machine replace `localhost` with the IP of the Docker Machine ([More details here](https://docs.docker.com/machine/reference/ip/)). @@ -120,12 +117,10 @@ If you are using Docker with a Docker Machine replace `localhost` with the IP of ### Container description * `backend`: the backend Node application that serves the web and mobile applications -* `spid-testenv-identityserver`: the test IDP server -* `spid-testenv-backoffice`: simple configuration interface to manage the test IDP server +* `spid-testenv2`: the test IDP server Nginx is reachable at [https://italia-backend:80]() \ -IDP is reachable at [https://spid-testenv-identityserver:9443]() (user: `admin`, password: `admin`) \ -IDP simple backoffice is reachable at [https://spid-testenv-identityserver:8080]() +IDP is reachable at [https://spid-testenv2:8088]() \ ### Environment variables @@ -147,6 +142,11 @@ Those are all Environment variables needed by the application: | ALLOW_NOTIFY_IP_SOURCE_RANGE | The range in CIDR form of allowed IPs for the webhook notifications | string | | AZURE_NH_HUB_NAME | The hub name configured in the Azure Notification HUB | string | | AZURE_NH_ENDPOINT | The endpoint URL configured in the Azure Notification HUB | string | +| ALLOW_PAGOPA_IP_SOURCE_RANGE | The range in CIDR form of allowed IPs for the PagoPA API | string | +| AUTHENTICATION_BASE_PATH | The root path for the authentication endpoints | string | +| API_BASE_PATH | The root path for the api endpoints | string | +| PAGOPA_BASE_PATH | The root path for the PagoPA endpoints | string | +| SPID_AUTOLOGIN | The user used in the autologin feature, omit this to disable autologin | string | ### Logs @@ -155,8 +155,8 @@ Application logs are saved into the logs folder. ### SPID user management The setup procedure adds some test users to the test IDP server, the full list could be retrieved in -`spid-batch-import/spid-users.json`. To add more users connect to [https://spid-testenv-identityserver:8080]() and -navigate to: *service provider > Servizi registrati* and click on *Utenti*. +`testenv2/conf/users.json`. To add more users simply add more items to this file and restart the `spid-testenv2` +container. --- @@ -249,11 +249,5 @@ This problem seems to be dependent on how Docker for Mac (doesn't) manage well t Docker Toolbox it works fine (and can [coexist](https://docs.docker.com/docker-for-mac/docker-toolbox/#setting-up-to-run-docker-for-mac)) (Read more at [https://medium.com/@itseranga/set-hosts-in-docker-for-mac-2029276fd448](https://medium.com/@itseranga/set-hosts-in-docker-for-mac-2029276fd448)) -**When i run the scripts/import-spid-data.sh file, after the first entries the script display a lot of errors like -`# users imported: -- Error [object Object]`** - -Have you waited the IDP to start successfully? Wait a minute and retry. - - ## License [![FOSSA Status](https://app.fossa.io/api/projects/git%2Bgithub.com%2Fteamdigitale%2Fitalia-backend.svg?type=large)](https://app.fossa.io/projects/git%2Bgithub.com%2Fteamdigitale%2Fitalia-backend?ref=badge_large) diff --git a/docker-compose.yml b/docker-compose.yml index 7fb205c18..c81be3451 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -16,26 +16,13 @@ services: - "./certs:/usr/src/app/certs:delegated" working_dir: "/usr/src/app" - spid-testenv-identityserver: - container_name: spid-testenv-identityserver - image: italia/spid-testenv-identityserver:docker-compose + spid-testenv2: + container_name: spid-testenv2 + image: italia/spid-testenv2:latest ports: - - "9443:9443" + - "8088:8088" volumes: - - "./logs/idp:/spid-testenvironment/is/identity-server/repository/logs:delegated" - - spid-testenv-backoffice: - container_name: spid-testenv-backoffice - depends_on: - - spid-testenv-identityserver - environment: - - NODE_ENV=development - - NODE_TLS_REJECT_UNAUTHORIZED=0 - image: italia/spid-testenv-backoffice:latest - ports: - - "8080:8080" - volumes: - - "./docker/spid/config.js:/spid-testenvironment/bo/backoffice/server/wso2/config.js:delegated" + - "./testenv2/conf:/app/conf" redis: container_name: redis diff --git a/package.json b/package.json index 1503c1bae..bfce02cf8 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "italia-backend", - "version": "0.0.54", + "version": "0.0.55", "description": "Italia app and web backend", "main": "index.js", "engines": { diff --git a/patches/spid-passport+1.0.0.patch b/patches/spid-passport+1.0.0.patch new file mode 100644 index 000000000..cf5e0834e --- /dev/null +++ b/patches/spid-passport+1.0.0.patch @@ -0,0 +1,13 @@ +patch-package +--- a/node_modules/spid-passport/index.js ++++ b/node_modules/spid-passport/index.js +@@ -371,8 +371,7 @@ const generateAuthorizeRequest = function(req, samlClient, callback) { + if (samlClient.options.identifierFormat) { + request["samlp:AuthnRequest"]["samlp:NameIDPolicy"] = { + "@xmlns:samlp": "urn:oasis:names:tc:SAML:2.0:protocol", +- "@Format": samlClient.options.identifierFormat, +- "@AllowCreate": "true" ++ "@Format": samlClient.options.identifierFormat + }; + } + diff --git a/patches/xml-crypto+0.10.1.patch b/patches/xml-crypto+0.10.1.patch new file mode 100644 index 000000000..5b66582dd --- /dev/null +++ b/patches/xml-crypto+0.10.1.patch @@ -0,0 +1,13 @@ +patch-package +--- a/node_modules/xml-crypto/lib/signed-xml.js ++++ b/node_modules/xml-crypto/lib/signed-xml.js +@@ -345,7 +345,8 @@ SignedXml.prototype.validateReferences = function(doc) { + var hash = this.findHashAlgorithm(ref.digestAlgorithm) + var digest = hash.getHash(canonXml) + +- if (digest!=ref.digestValue) { ++ var digestValueWithoutLineBreaks = ref.digestValue.replace(/\r\n|\r|\n/g, '') ++ if (digest!=digestValueWithoutLineBreaks) { + this.validationErrors.push("invalid signature: for uri " + ref.uri + + " calculated digest is " + digest + + " but the xml to validate supplies digest " + ref.digestValue) diff --git a/public/idp_list.html b/public/idp_list.html index 47e8058cf..b687f1441 100644 --- a/public/idp_list.html +++ b/public/idp_list.html @@ -17,8 +17,8 @@

Choose an IDP

diff --git a/scripts/import-spid-data.sh b/scripts/import-spid-data.sh deleted file mode 100755 index cf89b545a..000000000 --- a/scripts/import-spid-data.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/usr/bin/env bash - -docker run --rm --network="italia-backend_default" -v "$PWD/spid-batch-import:/usr/src/app" -v "$PWD/certs:/certs" -e "NODE_ENV=development" -w "/usr/src/app" node:8.9.4-alpine /usr/src/app/import.sh diff --git a/spid-batch-import/.env b/spid-batch-import/.env deleted file mode 100644 index f2c975e21..000000000 --- a/spid-batch-import/.env +++ /dev/null @@ -1,5 +0,0 @@ -{ - "wso2_url" : "https://spid-testenv-identityserver:9443", - "wso2_user" : "admin", - "wso2_pass" : "admin" -} diff --git a/spid-batch-import/import.sh b/spid-batch-import/import.sh deleted file mode 100755 index b1c96468d..000000000 --- a/spid-batch-import/import.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh - -yarn install - -node spid-idp-userimport.js - -node spid-idp-spimport.js diff --git a/spid-batch-import/package.json b/spid-batch-import/package.json deleted file mode 100644 index 65809f31d..000000000 --- a/spid-batch-import/package.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "name": "spid-idp-userimport", - "version": "1.0.0", - "description": "Batch for import users data into WSO2 IS", - "scripts": { - "test": "echo \"Error: no test specified\" && exit 1" - }, - "author": "", - "license": "ISC", - "dependencies": { - "soap": "^0.21.0" - }, - "devDependencies": {} -} diff --git a/spid-batch-import/spid-idp-spimport.js b/spid-batch-import/spid-idp-spimport.js deleted file mode 100644 index 78476f960..000000000 --- a/spid-batch-import/spid-idp-spimport.js +++ /dev/null @@ -1,513 +0,0 @@ -const soap = require('soap'); -const fs = require('fs'); -process.env['NODE_TLS_REJECT_UNAUTHORIZED'] = '0'; - -let config = { - "wso2_url": "https://spid-testenv-identityserver:9443", - "wso2_user": "admin", - "wso2_pass": "admin" -}; - -let data = []; - -process.stdout.write("\n\n== SPID Spervice Provider import == \n"); -process.stdout.write("Loading configuration... \n"); - -readConfig(); - -process.stdout.write("Ok\n\n"); -process.stdout.write("wso2_url: " + config.wso2_url + "\n"); -process.stdout.write("wso2_user: " + config.wso2_user + "\n"); -process.stdout.write("wso2_pass: " + config.wso2_pass + "\n\n"); - -let basicAuthSecurity = new soap.BasicAuthSecurity(config.wso2_user, config.wso2_pass); - -importSp(data, (result) => { - if (result.code === 200) { - process.stdout.write("Service Provider successfully imported\n"); - } else { - process.stdout.write("Error\n"); - process.stdout.write(JSON.stringify(result) + "\n"); - } -}); - -// ----------------------------------------------------------------------------------------------------------- - -function readConfig() { - try { - data = JSON.parse(fs.readFileSync("spid-sp.json")); - config = JSON.parse(fs.readFileSync(".env")); - } - catch (e) { - process.stdout.write("ERROR\n"); - process.stdout.write(e + "\n"); - process.exit(); - } - -} - -function importSp(user, callback) { - let entityId = data.EntityId; - - let applicationName = ""; - if (entityId.substring(0, 8) === "https://") { - applicationName = entityId.substring(8).replace(/\s+/g, '').toLowerCase(); - } else if (entityId.substring(0, 7) === "http://") { - applicationName = entityId.substring(7).replace(/\s+/g, '').toLowerCase(); - } else { - callback({ - code: 400, - message: "Entity ID must start with https:// or http://" - }); - return; - } - - let applicationDescription = data.Organization.DisplayName + ' (' + data.Organization.Url + ')'; - let certificateAlias = entityId.substring(8).replace(/\s+/g, '').toLowerCase() + ".crt"; - let certificateFile = fs.readFileSync("/certs/cert.pem", "utf-8"); - - certificateFile = certificateFile.replace(/-+BEGIN CERTIFICATE-+\r?\n?/, ''); - certificateFile = certificateFile.replace(/-+END CERTIFICATE-+\r?\n?/, ''); - certificateFile = certificateFile.replace(/\r\n/g, '\n'); - - createApplication({ - - "applicationName": applicationName, - "description": applicationDescription - - }, () => { - - importCertToStore({ - - "fileName": certificateAlias, - "fileData": certificateFile - - }, () => { - - addRPServiceProvider({ - - "assertionConsumerServices": data.AssertionConsumerServices, - "singleLogoutServices": data.SingleLogoutServices, - "entityId": entityId, - "certificateAlias": certificateAlias - - }, () => { - - getApplication({ - - "applicationName": applicationName - - }, (app) => { - - updateApplication({ - - "applicationID": app.applicationID, - "applicationName": applicationName, - "description": applicationDescription, - "entityId": entityId, - "claims": data.AttributeConsumingServices[0].RequestedAttribute - - }, (soapRes) => { - - callback({ - code: 200, - message: "Ok" - }); - - }, (errString) => { - - callback({ - code: 400, - message: errString - }); - }); - - }, (errString) => { - - callback({ - code: 400, - message: errString - }); - }); - - }, (errString) => { - - callback({ - code: 400, - message: errString - }); - }); - - }, (errString) => { - - callback({ - code: 400, - message: errString - }); - }); - - }, (errString) => { - - callback({ - code: 400, - message: errString - }); - } - ); -} - -function createApplication(data, next, nexterr) { - let url = config.wso2_url + '/services/IdentityApplicationManagementService?wsdl'; - soap.createClient(url, function(err, client, raw) { - if (client == null) { - nexterr("Identity Server not available"); - return; - } - if (raw != null && (raw.indexOf("") > -1)) { - nexterr(parseFaultString(raw)); - return; - } - else { - client.setSecurity(basicAuthSecurity); - - let args = { - 'serviceProvider': { - 'applicationName': data.applicationName, - 'description': data.description - } - }; - client.createApplication(args, function(err, result, raw) { - if (raw != null && (raw.indexOf("") > -1)) { - nexterr(parseFaultString(raw)); - return; - } - else { - next(); - } - }); - } - }); -} - -function importCertToStore(data, next, nexterr) { - let url = config.wso2_url + '/services/KeyStoreAdminService?wsdl'; - soap.createClient(url, function(err, client, raw) { - if (client == null) { - nexterr("Identity Server not available"); - return; - } - if (raw != null && (raw.indexOf("") > -1)) { - nexterr(parseFaultString(raw)); - return; - } - else { - client.setSecurity(basicAuthSecurity); - - let args = { - 'fileName': data.fileName, - 'fileData': data.fileData, - 'keyStoreName': 'wso2carbon.jks' - }; - client.importCertToStore(args, function(err, result, raw) { - if (raw != null && (raw.indexOf("") > -1)) { - nexterr(parseFaultString(raw)); - return; - } - else { - next(); - } - }); - } - }); -} - -function addRPServiceProvider(data, next, nexterr) { - let url = config.wso2_url + '/services/IdentitySAMLSSOConfigService?wsdl'; - soap.createClient(url, function(err, client, raw) { - if (client == null) { - nexterr("Identity Server not available"); - return; - } - if (raw != null && (raw.indexOf("") > -1)) { - nexterr(parseFaultString(raw)); - return; - } - else { - client.setSecurity(basicAuthSecurity); - - let assertionConsumerUrls = []; - let defaultAssertionConsumerUrl = ''; - - for (assertion in data.assertionConsumerServices) { - item = data.assertionConsumerServices[assertion]; - assertionConsumerUrls.push(item.Location); - if (item.IsDefault === true) { - defaultAssertionConsumerUrl = item.Location; - } - } - - let args = { - 'spDto': { - 'assertionConsumerUrl': data.assertionConsumerServices[0].Location, - 'assertionConsumerUrls': assertionConsumerUrls, - 'attributeConsumingServiceIndex': 1, - 'certAlias': data.certificateAlias, - 'defaultAssertionConsumerUrl': defaultAssertionConsumerUrl, - 'digestAlgorithmURI': 'http://www.w3.org/2001/04/xmlenc#sha256', - 'doEnableEncryptedAssertion': 'false', - 'doSignAssertions': 'true', - 'doSignResponse': 'true', - 'doSingleLogout': 'true', - 'doValidateSignatureInRequests': 'true', - 'enableAttributeProfile': 'true', - 'enableAttributesByDefault': 'false', - 'idPInitSLOEnabled': 'false', - 'idPInitSSOEnabled': 'false', - 'issuer': data.entityId, - 'loginPageURL': '', - 'nameIDFormat': 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient', - 'signingAlgorithmURI': 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256', - 'sloRequestURL': data.singleLogoutServices[0].Location, - 'sloResponseURL': data.singleLogoutServices[0].Location, - } - }; - - client.addRPServiceProvider(args, function(err, result, raw) { - if (raw != null && (raw.indexOf("") > -1)) { - nexterr(parseFaultString(raw)); - return; - } - else { - next(); - } - }); - } - }); -} - -function getApplication(data, next, nexterr) { - let url = config.wso2_url + '/services/IdentityApplicationManagementService?wsdl'; - soap.createClient(url, function(err, client, raw) { - if (client == null) { - nexterr("Identity Server not available"); - return; - } - if (raw != null && (raw.indexOf("") > -1)) { - nexterr(parseFaultString(raw)); - return; - } - else { - client.setSecurity(basicAuthSecurity); - - let args = { - 'applicationName': data.applicationName - }; - client.getApplication(args, function(err, result, raw) { - if (result != null - && result.IdentityApplicationManagementServiceIdentityApplicationManagementException != null - && result.IdentityApplicationManagementServiceIdentityApplicationManagementException.IdentityApplicationManagementException != null) { - nexterr(result.IdentityApplicationManagementServiceIdentityApplicationManagementException.IdentityApplicationManagementException.message); - } else { - if (result.getApplicationResponse != null && result.getApplicationResponse.return != null) { - next({ - applicationID: result.getApplicationResponse.return.applicationID, - applicationName: result.getApplicationResponse.return.applicationName, - description: result.getApplicationResponse.return.description - }); - } - } - }); - } - }); -} - -function updateApplication(data, next, nexterr) { - let url = config.wso2_url + '/services/IdentityApplicationManagementService?wsdl'; - soap.createClient(url, function(err, client, raw) { - if (client == null) { - nexterr("Identity Server not available"); - return; - } - if (raw != null && (raw.indexOf("") > -1)) { - nexterr(parseFaultString(raw)); - return; - } - else { - client.setSecurity(basicAuthSecurity); - - let claimMappings = []; - for (attribute in data.claims) { - let localUri = ""; - if (data.claims[attribute] === "spidCode") { - localUri = "http://wso2.org/claims/userid"; - } - if (data.claims[attribute] === "name") { - localUri = "http://wso2.org/claims/givenname"; - } - if (data.claims[attribute] === "familyName") { - localUri = "http://wso2.org/claims/lastname"; - } - if (data.claims[attribute] === "placeOfBirth") { - localUri = "http://wso2.org/claims/locality"; - } - if (data.claims[attribute] === "countyOfBirth") { - localUri = "http://wso2.org/claims/stateorprovince"; - } - if (data.claims[attribute] === "dateOfBirth") { - localUri = "http://wso2.org/claims/dob"; - } - if (data.claims[attribute] === "gender") { - localUri = "http://wso2.org/claims/gender"; - } - if (data.claims[attribute] === "companyName") { - localUri = "http://wso2.org/claims/organization"; - } - if (data.claims[attribute] === "registeredOffice") { - localUri = "http://wso2.org/claims/registeredOffice"; - } - if (data.claims[attribute] === "fiscalNumber") { - localUri = "http://wso2.org/claims/nickname"; - } - if (data.claims[attribute] === "ivaCode") { - localUri = "http://wso2.org/claims/im"; - } - if (data.claims[attribute] === "idCard") { - localUri = "http://wso2.org/claims/privatePersonalIdentifier"; - } - if (data.claims[attribute] === "mobilePhone") { - localUri = "http://wso2.org/claims/mobile"; - } - if (data.claims[attribute] === "email") { - localUri = "http://wso2.org/claims/emailaddress"; - } - if (data.claims[attribute] === "address") { - localUri = "http://wso2.org/claims/addresses"; - } - if (data.claims[attribute] === "expirationDate") { - localUri = "http://wso2.org/claims/expirationdate"; - } - if (data.claims[attribute] === "digitalAddress") { - localUri = "http://wso2.org/claims/otheremail"; - } - - let claim = { - 'requested': true, - 'localClaim': { - 'claimId': 0, - 'claimUri': localUri, - }, - 'remoteClaim': { - 'claimId': 0, - 'claimUri': data.claims[attribute] - } - }; - - claimMappings.push(claim); - } - - let args = { - 'serviceProvider': { - 'applicationID': data.applicationID, - 'applicationName': data.applicationName, - 'claimConfig': { - 'localClaimDialect': 'false', - 'alwaysSendMappedLocalSubjectId': 'false', - 'claimMappings': claimMappings, - 'roleClaimURI': '', - 'userClaimURI': 'true' - }, - - 'description': data.description, - 'saasApp': true, - 'inboundAuthenticationConfig': { - 'inboundAuthenticationRequestConfigs': { - 'friendlyName': '', - 'inboundAuthKey': data.entityId, - 'inboundAuthType': 'samlsso', - 'inboundConfigType': 'standardAPP', - 'properties': { - 'displayOrder': '0', - 'name': 'attrConsumServiceIndex', - 'value': '1' - } - }, - }, - 'inboundProvisioningConfig': { - 'provisioningEnabled': 'false', - 'provisioningUserStore': 'PRIMARY' - }, - 'localAndOutBoundAuthenticationConfig': { - 'alwaysSendBackAuthenticatedListOfIdPs': 'false', - 'authenticationSteps': [ - { - 'stepOrder': 1, - 'subjectStep': false, - 'attributeStep': false, - 'localAuthenticatorConfigs': { - 'displayName': 'basic', - 'enabled': 'false', - 'name': 'BasicAuthenticator', - 'valid': true - }, - }, - { - 'stepOrder': 2, - 'subjectStep': false, - 'attributeStep': false, - 'federatedIdentityProviders': { - 'defaultAuthenticatorConfig': { - 'displayName': 'Email', - 'enabled': false, - 'name': 'EmailOTP', - 'valid': true - }, - 'enable': false, - 'federatedAuthenticatorConfigs': { - 'displayName': 'Email', - 'enabled': false, - 'name': 'EmailOTP', - 'valid': true - }, - 'federationHub': false, - 'identityProviderName': 'EmailOTP Provider', - 'primary': false, - } - } - ], - 'authenticationType': 'flow', - 'enableAuthorization': false, - 'useTenantDomainInLocalSubjectIdentifier': false, - 'useUserstoreDomainInLocalSubjectIdentifier': false - }, - 'outboundProvisioningConfig': '', - 'owner': { - 'tenantDomain': 'carbon.super', - 'userName': 'admin', - 'userStoreDomain': 'PRIMARY' - }, - 'permissionAndRoleConfig': '' - } - }; - - client.updateApplication(args, function(err, result, raw) { - if (raw != null && (raw.indexOf("") > -1)) { - nexterr(parseFaultString(raw)); - return; - } - else { - next(); - } - }); - } - }); -} - -function parseFaultString(s) { - if (s != null) { - s = s.replace("", ""); - s = s.replace("", ""); - } else { - s = ""; - } - return s; -} diff --git a/spid-batch-import/spid-idp-userimport.js b/spid-batch-import/spid-idp-userimport.js deleted file mode 100644 index d5919b38e..000000000 --- a/spid-batch-import/spid-idp-userimport.js +++ /dev/null @@ -1,305 +0,0 @@ -const soap = require('soap'); -const fs = require('fs'); -process.env['NODE_TLS_REJECT_UNAUTHORIZED'] = '0'; - -let config = { - "wso2_url": "https://spid-testenv-identityserver:9443", - "wso2_user": "admin", - "wso2_pass": "admin" -}; - -let users = []; - -process.stdout.write("\n\n== SPID User import ==\n"); -process.stdout.write("Loading configuration...\n"); - -readConfig(); - -process.stdout.write("Ok\n\n"); -process.stdout.write("wso2_url: " + config.wso2_url + "\n"); -process.stdout.write("wso2_user: " + config.wso2_user + "\n"); -process.stdout.write("wso2_pass: " + config.wso2_pass + "\n\n"); - -let basicAuthSecurity = new soap.BasicAuthSecurity(config.wso2_user, config.wso2_pass); - -process.stdout.write("# users imported: --" + "\n"); -importUser(users, (result) => { - if (result.code === 200) { - process.stdout.write("\b\b" + ("00" + (+i + 1)).slice(-2) + "\n"); - } else { - process.stdout.write("Error\n"); - process.stdout.write(JSON.stringify(result) + "\n"); - } -}); - -// ----------------------------------------------------------------------------------------------------------- - -function readConfig() { - try { - users = JSON.parse(fs.readFileSync("spid-users.json")); - config = JSON.parse(fs.readFileSync(".env")); - } - catch (e) { - process.stdout.write("ERROR\n"); - process.stdout.write(e + "\n"); - process.exit(); - } -} - -function importUser(user, callback) { - getRoleNames({}, - (roles) => { - if (roles.indexOf("PUBLIC") !== -1) { - addUsers(users, callback); - } else { - addRole( - { roleName: "PUBLIC" }, - () => { - addUsers(users, callback) - }, - () => { - callback({ - code: 400, - message: "Error while creating role PUBLIC on WSO2" - }) - } - ) - } - }, - () => { - callback({ - code: 400, - message: "Error while retrieving roles from WSO2" - }) - } - ); -} - -function addUsers(users, callback) { - if (users.length > 0) { - let n = 0; - for (i in users) { - _importUser(users[i], (result) => { - if (++n === users.length) { - if (result.code === 200) { - callback({ - code: 200, - message: result.message - }); - } else { - callback({ - code: 400, - message: result.message - }); - } - } - }); - } - } else { - callback({ - code: 404, - message: "No test users found to import" - }); - } -} - -function _importUser(user, callback) { - let res = false; - - process.stdout.write("Add user: " + user.userName + " with role: " + user.roleList + "\n"); - - addUser({ - "userName": user.userName, - "lastName": user.lastName, - "credential": user.credential, - "roleList": user.roleList - - }, () => { - - let claimsSavedNum = 0; - - claimsSavedNum = checkLasteAddedUserClaimValue(user.userName, "http://wso2.org/claims/privatePersonalIdentifier", user.idCard, claimsSavedNum, callback); - claimsSavedNum = checkLasteAddedUserClaimValue(user.userName, "http://wso2.org/claims/nickname", user.fiscalNumber, claimsSavedNum, callback); - claimsSavedNum = checkLasteAddedUserClaimValue(user.userName, "http://wso2.org/claims/mobile", user.mobilePhone, claimsSavedNum, callback); - claimsSavedNum = checkLasteAddedUserClaimValue(user.userName, "http://wso2.org/claims/dob", user.dateOfBirth, claimsSavedNum, callback); - claimsSavedNum = checkLasteAddedUserClaimValue(user.userName, "http://wso2.org/claims/stateorprovince", user.countyOfBirth, claimsSavedNum, callback); - claimsSavedNum = checkLasteAddedUserClaimValue(user.userName, "http://wso2.org/claims/givenname", user.name, claimsSavedNum, callback); - claimsSavedNum = checkLasteAddedUserClaimValue(user.userName, "http://wso2.org/claims/otheremail", user.digitalAddress, claimsSavedNum, callback); - claimsSavedNum = checkLasteAddedUserClaimValue(user.userName, "http://wso2.org/claims/im", user.ivaCode, claimsSavedNum, callback); - claimsSavedNum = checkLasteAddedUserClaimValue(user.userName, "http://wso2.org/claims/locality", user.placeOfBirth, claimsSavedNum, callback); - claimsSavedNum = checkLasteAddedUserClaimValue(user.userName, "http://wso2.org/claims/expirationdate", user.expirationDate, claimsSavedNum, callback); - claimsSavedNum = checkLasteAddedUserClaimValue(user.userName, "http://wso2.org/claims/gender", user.gender, claimsSavedNum, callback); - claimsSavedNum = checkLasteAddedUserClaimValue(user.userName, "http://wso2.org/claims/registeredOffice", user.registeredOffice, claimsSavedNum, callback); - claimsSavedNum = checkLasteAddedUserClaimValue(user.userName, "http://wso2.org/claims/emailaddress", user.email, claimsSavedNum, callback); - claimsSavedNum = checkLasteAddedUserClaimValue(user.userName, "http://wso2.org/claims/organization", user.companyName, claimsSavedNum, callback); - - res = true; - - }, (errString) => { - - res = false; - }); - - return res; -} - -function checkLasteAddedUserClaimValue( - username, claimURI, remoteClaim, savedNum, callback) { - savedNum++; - - addUserClaimValue({ - userName: username, - claimURI: claimURI, - value: remoteClaim - }, () => { - if (savedNum === 14) { - callback({ - code: 200, - message: "Ok" - }); - } - } - ); - return savedNum; -} - -function getRoleNames(data, next, nexterr) { - let url = config.wso2_url + '/services/RemoteUserStoreManagerService?wsdl'; - soap.createClient(url, function(err, client, raw) { - if (client == null) { - nexterr("Identity Server not available"); - return; - } - if (raw != null && (raw.indexOf("") > -1)) { - nexterr(parseFaultString(raw)); - return; - } - else { - client.setSecurity(basicAuthSecurity); - - let args = {}; - - client.getRoleNames(args, function(err, result, raw) { - if (raw != null && (raw.indexOf("") > -1)) { - nexterr(parseFaultString(raw)); - return; - } - else { - if (result != null && result.getRoleNamesResponse != null) { - next(result.getRoleNamesResponse.return); - } else { - nexterr(); - } - } - }); - } - }); -} - -function addRole(data, next, nexterr) { - let url = config.wso2_url + '/services/RemoteUserStoreManagerService?wsdl'; - soap.createClient(url, function(err, client, raw) { - if (client == null) { - nexterr("Identity Server not available"); - return; - } - if (raw != null && (raw.indexOf("") > -1)) { - nexterr(parseFaultString(raw)); - return; - } - else { - client.setSecurity(basicAuthSecurity); - - let args = { - roleName: data.roleName - }; - - client.addRole(args, function(err, result, raw) { - if (raw != null && (raw.indexOf("") > -1)) { - nexterr(parseFaultString(raw)); - return; - } - else { - next(); - } - }); - } - }); -} - -function addUser(data, next, nexterr) { - let url = config.wso2_url + '/services/RemoteUserStoreManagerService?wsdl'; - soap.createClient(url, function(err, client, raw) { - if (client == null) { - nexterr("Identity Server not available"); - return; - } - if (raw != null && (raw.indexOf("") > -1)) { - nexterr(parseFaultString(raw)); - return; - } - else { - client.setSecurity(basicAuthSecurity); - - let args = { - "userName": data.userName, - "credential": data.credential, - "roleList": data.roleList, - "claims": { - "claimURI": "http://wso2.org/claims/lastname", - "value": data.lastName - }, - "requirePasswordChange": "false" - }; - - client.addUser(args, function(err, result, raw) { - if (raw != null && (raw.indexOf("") > -1)) { - nexterr(parseFaultString(raw)); - process.stdout.write("Error while adding user " + data.userName + "\n"); - process.stdout.write(raw + "\n"); - return; - } - else { - next(); - } - }); - } - }); -} - -function addUserClaimValue(data, next) { - let url = config.wso2_url + '/services/RemoteUserStoreManagerService?wsdl'; - soap.createClient(url, function(err, client) { - if (client == null) { - nexterr("Identity Server not available"); - return; - } - - client.setSecurity(basicAuthSecurity); - - let args = { - "userName": data.userName, - "claimURI": data.claimURI, - "claimValue": data.value - }; - - client.addUserClaimValue(args, function(err, result, raw, soapHeader) { - if (raw != null && (raw.indexOf("") > -1)) { - process.stdout.write("Error while setting claim " + data.claimURI + " for " + data.userName + "\n"); - process.stdout.write(raw + "\n"); - } - - next(); - }); - }); -} - -function parseFaultString(s) { - if (s != null) { - s = s.replace("", ""); - s = s.replace("", ""); - } else { - s = ""; - } - return s; -} diff --git a/spid-batch-import/spid-sp.json b/spid-batch-import/spid-sp.json deleted file mode 100644 index 2f1274310..000000000 --- a/spid-batch-import/spid-sp.json +++ /dev/null @@ -1,28 +0,0 @@ -{ - "EntityId": "http://italia-backend", - "Organization": { - "DisplayName": "Italia backend", - "Url": "http://italia-backend" - }, - "AssertionConsumerServices": [ - { - "Location": "https://italia-backend/assertionConsumerService", - "IsDefault": true - } - ], - "SingleLogoutServices": [ - { - "Location": "https://italia-backend/slo" - } - ], - "AttributeConsumingServices": [ - { - "RequestedAttribute": [ - "name", - "familyName", - "fiscalNumber", - "email" - ] - } - ] -} diff --git a/spid-batch-import/spid-users.json b/spid-batch-import/spid-users.json deleted file mode 100644 index e40c92e70..000000000 --- a/spid-batch-import/spid-users.json +++ /dev/null @@ -1,263 +0,0 @@ -[ - { - "userName": "cesare", - "lastName": "Cesare", - "credential": "password123", - "roleList": "PUBLIC", - "name": "Gaio Giulio", - "gender": "M", - "dateOfBirth": "1944-07-13", - "countyOfBirth": "RM", - "placeOfBirth": "Roma", - "idCard": "cartaIdentita AC137100 comuneRoma 2007-12-22 2018-07-13", - "expirationDate": "2019-04-11", - "fiscalNumber": "CSRGGL44L13H501E", - "mobilePhone": "3331234567", - "email": "gaiogiuliocesare@gmail.com", - "digitalAddress": "", - "ivaCode": "", - "companyName": "", - "registeredOffice": "" - }, - { - "userName": "ada", - "lastName": "Lovelace", - "credential": "password123", - "roleList": "PUBLIC", - "name": "Ada", - "gender": "F", - "dateOfBirth": "1985-12-10", - "countyOfBirth": "PI", - "placeOfBirth": "Pisa", - "idCard": "passaporto KK1234567 questuraLivorno 2016-09-04 2026-09-03", - "expirationDate": "2018-02-02", - "fiscalNumber": "LVLDAA85T50G702B", - "mobilePhone": "3939393939", - "email": "aabyron@hotmail.com", - "digitalAddress": "", - "ivaCode": "", - "companyName": "", - "registeredOffice": "" - }, - { - "userName": "garibaldi", - "lastName": "Garibaldi", - "credential": "password123", - "roleList": "PUBLIC", - "name": "Giuseppe Maria", - "gender": "M", - "dateOfBirth": "1987-07-04", - "countyOfBirth": "CE", - "placeOfBirth": "Teano", - "idCard": "patenteGuida U1U111111U motorizzazioneCaserta 2013-04-03 2023-07-04", - "expirationDate": "2019-03-13", - "fiscalNumber": "GRBGPP87L04L741X", - "mobilePhone": "3310001000", - "email": "eroedei2mondi@yahoo.it", - "digitalAddress": "", - "ivaCode": "", - "companyName": "", - "registeredOffice": "" - }, - { - "userName": "lucrezia", - "lastName": "Borgia", - "credential": "password123", - "roleList": "PUBLIC", - "name": "Lucrezia", - "gender": "F", - "dateOfBirth": "1980-04-18", - "countyOfBirth": "FE", - "placeOfBirth": "Ferrara", - "idCard": "cartaIdentita AK987654 comuneFerrara 2012-11-28 2023-04-18", - "expirationDate": "2019-01-01", - "fiscalNumber": "BRGLRZ80D58H501Q", - "mobilePhone": "3495555555", - "email": "luborgia@msn.com", - "digitalAddress": "", - "ivaCode": "", - "companyName": "", - "registeredOffice": "" - }, - { - "userName": "cristoforocolombo", - "lastName": "Colombo", - "credential": "password123", - "roleList": "PUBLIC", - "name": "Cristoforo", - "gender": "M", - "dateOfBirth": "1942-10-12", - "countyOfBirth": "GE", - "placeOfBirth": "Genova", - "idCard": "patenteNautica 102579 capitaneriaPortoGenova 2014-08-05 2024-10-12", - "expirationDate": "2018-09-15", - "fiscalNumber": "CLMCST42R12D969Z", - "mobilePhone": "3893893893", - "email": "laninalapintaelasantamaria@outlook.com", - "digitalAddress": "", - "ivaCode": "", - "companyName": "", - "registeredOffice": "" - }, - { - "userName": "lapulzella", - "lastName": "D'Arco", - "credential": "password123", - "roleList": "PUBLIC", - "name": "Giovanna", - "gender": "F", - "dateOfBirth": "1912-01-06", - "countyOfBirth": "AO", - "placeOfBirth": "Aosta", - "idCard": "cartaIdentita AA121212 comuneAosta 2010-01-13 2020-01-06", - "expirationDate": "2019-06-04", - "fiscalNumber": "DRCGNN12A46A326K", - "mobilePhone": "3466433463", - "email": "laPulzelladOrleans@yahoo.fr", - "digitalAddress": "", - "ivaCode": "", - "companyName": "", - "registeredOffice": "" - }, - { - "userName": "ettore", - "lastName": "Fieramosca", - "credential": "password123", - "roleList": "PUBLIC", - "name": "Ettore", - "gender": "M", - "dateOfBirth": "1976-08-06", - "countyOfBirth": "BT", - "placeOfBirth": "Barletta", - "idCard": "patente Z1Z111111Z motorizzazioneBarletta 2017-03-09 2027-08-06", - "expirationDate": "2019-08-01", - "fiscalNumber": "FRMTTR76M06B715E", - "mobilePhone": "3323323323", - "email": "trediciitalianicontrotredicifrancesi@hotmail.com", - "digitalAddress": "", - "ivaCode": "", - "companyName": "", - "registeredOffice": "" - }, - { - "userName": "cleopatra", - "lastName": "Filopatore", - "credential": "password123", - "roleList": "PUBLIC", - "name": "Cleopatra Tea", - "gender": "F", - "dateOfBirth": "1969-01-25", - "countyOfBirth": "AI", - "placeOfBirth": "Alessandria", - "idCard": "passaporto SH555555 ambasciataEgitto 2015-05-25 2025-01-25", - "expirationDate": "2019-05-21", - "fiscalNumber": "FLPCPT69A65Z336P", - "mobilePhone": "3805555555", - "email": "ilcobranoneunserpente@gmail.it", - "digitalAddress": "", - "ivaCode": "", - "companyName": "", - "registeredOffice": "" - }, - { - "userName": "marcopolo", - "lastName": "Polo", - "credential": "password123", - "roleList": "PUBLIC", - "name": "Marco", - "gender": "M", - "dateOfBirth": "2001-09-30", - "countyOfBirth": "VE", - "placeOfBirth": "Venezia", - "idCard": "cartaIdentita AZ765432 comuneVenezia 2015-03-12 2025-09-30", - "expirationDate": "2019-10-01", - "fiscalNumber": "PLOMRC01P30L736Y", - "mobilePhone": "3320606060", - "email": "ilmilione@virgilio.it", - "digitalAddress": "", - "ivaCode": "", - "companyName": "", - "registeredOffice": "" - }, - { - "userName": "montessori", - "lastName": "Montessori", - "credential": "password123", - "roleList": "PUBLIC", - "name": "Maria", - "gender": "F", - "dateOfBirth": "2003-08-31", - "countyOfBirth": "AN", - "placeOfBirth": "Ancona", - "idCard": "cartaIdentita ZZ246810 comuneAncona 2017-09-06 2027-08-31", - "expirationDate": "2019-09-09", - "fiscalNumber": "MNTMRA03M71C615V", - "mobilePhone": "3469999999", - "email": "farelecoseconmetodo@alice.it", - "digitalAddress": "", - "ivaCode": "", - "companyName": "", - "registeredOffice": "" - }, - { - "userName": "innominato", - "lastName": "Manzoni", - "credential": "password123", - "roleList": "PUBLIC", - "name": "Alessandro", - "gender": "M", - "dateOfBirth": "1999-05-05", - "countyOfBirth": "MI", - "placeOfBirth": "Milano", - "idCard": "passaporto TT232323 questuraMilano 2017-10-01 2027-10-01", - "expirationDate": "2019-09-01", - "fiscalNumber": "MNZLSN99E05F205J", - "mobilePhone": "3939999999", - "email": "innominato@hotmail.com", - "digitalAddress": "", - "ivaCode": "", - "companyName": "", - "registeredOffice": "" - }, - { - "userName": "lucia.mondella", - "lastName": "Mondella", - "credential": "password123", - "roleList": "PUBLIC", - "name": "Lucia", - "gender": "F", - "dateOfBirth": "1998-12-28", - "countyOfBirth": "CO", - "placeOfBirth": "Como", - "idCard": "cartaIdentita AU888888 comuneComo 2014-02-07 2024-12-28", - "expirationDate": "2019-05-05", - "fiscalNumber": "MNDLCU98T68C933T", - "mobilePhone": "3477433473", - "email": "quelbracciodellagodicomo@hotmail.com", - "digitalAddress": "", - "ivaCode": "", - "companyName": "", - "registeredOffice": "" - }, - { - "userName": "Louis", - "lastName": "Armstrong", - "credential": "password123", - "roleList": "PUBLIC", - "name": "Louis", - "gender": "M", - "dateOfBirth": "1931-08-04", - "countyOfBirth": "BO", - "placeOfBirth": "Bologna", - "idCard": "librettoPensione KK121212 inps 2008-07-03 2018-07-03", - "expirationDate": "2019-11-19", - "fiscalNumber": "RMSLSO31M04Z404R", - "mobilePhone": "3334567890", - "email": "SatchmoTrumpet@gmail.com", - "digitalAddress": "", - "ivaCode": "", - "companyName": "", - "registeredOffice": "" - } - -] diff --git a/spid-batch-import/yarn.lock b/spid-batch-import/yarn.lock deleted file mode 100644 index 5f36d37e7..000000000 --- a/spid-batch-import/yarn.lock +++ /dev/null @@ -1,547 +0,0 @@ -# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. -# yarn lockfile v1 - - -ajv@^5.1.0: - version "5.2.5" - resolved "https://registry.yarnpkg.com/ajv/-/ajv-5.2.5.tgz#b637234d3e2675eb5f79fc652242a853a48cb49f" - dependencies: - co "^4.6.0" - fast-deep-equal "^1.0.0" - json-schema-traverse "^0.3.0" - json-stable-stringify "^1.0.1" - -asn1@~0.2.3: - version "0.2.3" - resolved "https://registry.yarnpkg.com/asn1/-/asn1-0.2.3.tgz#dac8787713c9966849fc8180777ebe9c1ddf3b86" - -assert-plus@1.0.0, assert-plus@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/assert-plus/-/assert-plus-1.0.0.tgz#f12e0f3c5d77b0b1cdd9146942e4e96c1e4dd525" - -asynckit@^0.4.0: - version "0.4.0" - resolved "https://registry.yarnpkg.com/asynckit/-/asynckit-0.4.0.tgz#c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79" - -aws-sign2@~0.7.0: - version "0.7.0" - resolved "https://registry.yarnpkg.com/aws-sign2/-/aws-sign2-0.7.0.tgz#b46e890934a9591f2d2f6f86d7e6a9f1b3fe76a8" - -aws4@^1.6.0: - version "1.6.0" - resolved "https://registry.yarnpkg.com/aws4/-/aws4-1.6.0.tgz#83ef5ca860b2b32e4a0deedee8c771b9db57471e" - -bcrypt-pbkdf@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.1.tgz#63bc5dcb61331b92bc05fd528953c33462a06f8d" - dependencies: - tweetnacl "^0.14.3" - -bluebird@^3.5.0: - version "3.5.1" - resolved "https://registry.yarnpkg.com/bluebird/-/bluebird-3.5.1.tgz#d9551f9de98f1fcda1e683d17ee91a0602ee2eb9" - -boom@4.x.x: - version "4.3.1" - resolved "https://registry.yarnpkg.com/boom/-/boom-4.3.1.tgz#4f8a3005cb4a7e3889f749030fd25b96e01d2e31" - dependencies: - hoek "4.x.x" - -boom@5.x.x: - version "5.2.0" - resolved "https://registry.yarnpkg.com/boom/-/boom-5.2.0.tgz#5dd9da6ee3a5f302077436290cb717d3f4a54e02" - dependencies: - hoek "4.x.x" - -caseless@~0.12.0: - version "0.12.0" - resolved "https://registry.yarnpkg.com/caseless/-/caseless-0.12.0.tgz#1b681c21ff84033c826543090689420d187151dc" - -co@^4.6.0: - version "4.6.0" - resolved "https://registry.yarnpkg.com/co/-/co-4.6.0.tgz#6ea6bdf3d853ae54ccb8e47bfa0bf3f9031fb184" - -combined-stream@^1.0.5, combined-stream@~1.0.5: - version "1.0.5" - resolved "https://registry.yarnpkg.com/combined-stream/-/combined-stream-1.0.5.tgz#938370a57b4a51dea2c77c15d5c5fdf895164009" - dependencies: - delayed-stream "~1.0.0" - -compress@^0.99.0: - version "0.99.0" - resolved "https://registry.yarnpkg.com/compress/-/compress-0.99.0.tgz#97e301c25c4d01f097d85103f65eccb2e7796502" - -concat-stream@^1.5.1: - version "1.6.0" - resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-1.6.0.tgz#0aac662fd52be78964d5532f694784e70110acf7" - dependencies: - inherits "^2.0.3" - readable-stream "^2.2.2" - typedarray "^0.0.6" - -core-util-is@1.0.2, core-util-is@~1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7" - -cryptiles@3.x.x: - version "3.1.2" - resolved "https://registry.yarnpkg.com/cryptiles/-/cryptiles-3.1.2.tgz#a89fbb220f5ce25ec56e8c4aa8a4fd7b5b0d29fe" - dependencies: - boom "5.x.x" - -dashdash@^1.12.0: - version "1.14.1" - resolved "https://registry.yarnpkg.com/dashdash/-/dashdash-1.14.1.tgz#853cfa0f7cbe2fed5de20326b8dd581035f6e2f0" - dependencies: - assert-plus "^1.0.0" - -debug@2.6.9: - version "2.6.9" - resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.9.tgz#5d128515df134ff327e90a4c93f4e077a536341f" - dependencies: - ms "2.0.0" - -debug@~0.7.4: - version "0.7.4" - resolved "https://registry.yarnpkg.com/debug/-/debug-0.7.4.tgz#06e1ea8082c2cb14e39806e22e2f6f757f92af39" - -delayed-stream@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/delayed-stream/-/delayed-stream-1.0.0.tgz#df3ae199acadfb7d440aaae0b29e2272b24ec619" - -depd@1.1.1, depd@~1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/depd/-/depd-1.1.1.tgz#5783b4e1c459f06fa5ca27f991f3d06e7a310359" - -destroy@~1.0.4: - version "1.0.4" - resolved "https://registry.yarnpkg.com/destroy/-/destroy-1.0.4.tgz#978857442c44749e4206613e37946205826abd80" - -ecc-jsbn@~0.1.1: - version "0.1.1" - resolved "https://registry.yarnpkg.com/ecc-jsbn/-/ecc-jsbn-0.1.1.tgz#0fc73a9ed5f0d53c38193398523ef7e543777505" - dependencies: - jsbn "~0.1.0" - -ee-first@1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d" - -ejs@~2.5.5: - version "2.5.7" - resolved "https://registry.yarnpkg.com/ejs/-/ejs-2.5.7.tgz#cc872c168880ae3c7189762fd5ffc00896c9518a" - -encodeurl@~1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/encodeurl/-/encodeurl-1.0.1.tgz#79e3d58655346909fe6f0f45a5de68103b294d20" - -escape-html@~1.0.3: - version "1.0.3" - resolved "https://registry.yarnpkg.com/escape-html/-/escape-html-1.0.3.tgz#0258eae4d3d0c0974de1c169188ef0051d1d1988" - -etag@~1.8.1: - version "1.8.1" - resolved "https://registry.yarnpkg.com/etag/-/etag-1.8.1.tgz#41ae2eeb65efa62268aebfea83ac7d79299b0887" - -extend@~3.0.1: - version "3.0.1" - resolved "https://registry.yarnpkg.com/extend/-/extend-3.0.1.tgz#a755ea7bc1adfcc5a31ce7e762dbaadc5e636444" - -extsprintf@1.3.0, extsprintf@^1.2.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/extsprintf/-/extsprintf-1.3.0.tgz#96918440e3041a7a414f8c52e3c574eb3c3e1e05" - -fast-deep-equal@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/fast-deep-equal/-/fast-deep-equal-1.0.0.tgz#96256a3bc975595eb36d82e9929d060d893439ff" - -finalhandler@^1.0.3: - version "1.1.0" - resolved "https://registry.yarnpkg.com/finalhandler/-/finalhandler-1.1.0.tgz#ce0b6855b45853e791b2fcc680046d88253dd7f5" - dependencies: - debug "2.6.9" - encodeurl "~1.0.1" - escape-html "~1.0.3" - on-finished "~2.3.0" - parseurl "~1.3.2" - statuses "~1.3.1" - unpipe "~1.0.0" - -first-chunk-stream@^0.1.0: - version "0.1.0" - resolved "https://registry.yarnpkg.com/first-chunk-stream/-/first-chunk-stream-0.1.0.tgz#755d3ec14d49a86e3d2fcc08beead5c0ca2b9c0a" - -forever-agent@~0.6.1: - version "0.6.1" - resolved "https://registry.yarnpkg.com/forever-agent/-/forever-agent-0.6.1.tgz#fbc71f0c41adeb37f96c577ad1ed42d8fdacca91" - -form-data@~2.3.1: - version "2.3.1" - resolved "https://registry.yarnpkg.com/form-data/-/form-data-2.3.1.tgz#6fb94fbd71885306d73d15cc497fe4cc4ecd44bf" - dependencies: - asynckit "^0.4.0" - combined-stream "^1.0.5" - mime-types "^2.1.12" - -fresh@0.5.2: - version "0.5.2" - resolved "https://registry.yarnpkg.com/fresh/-/fresh-0.5.2.tgz#3d8cadd90d976569fa835ab1f8e4b23a105605a7" - -getpass@^0.1.1: - version "0.1.7" - resolved "https://registry.yarnpkg.com/getpass/-/getpass-0.1.7.tgz#5eff8e3e684d569ae4cb2b1282604e8ba62149fa" - dependencies: - assert-plus "^1.0.0" - -har-schema@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/har-schema/-/har-schema-2.0.0.tgz#a94c2224ebcac04782a0d9035521f24735b7ec92" - -har-validator@~5.0.3: - version "5.0.3" - resolved "https://registry.yarnpkg.com/har-validator/-/har-validator-5.0.3.tgz#ba402c266194f15956ef15e0fcf242993f6a7dfd" - dependencies: - ajv "^5.1.0" - har-schema "^2.0.0" - -hawk@~6.0.2: - version "6.0.2" - resolved "https://registry.yarnpkg.com/hawk/-/hawk-6.0.2.tgz#af4d914eb065f9b5ce4d9d11c1cb2126eecc3038" - dependencies: - boom "4.x.x" - cryptiles "3.x.x" - hoek "4.x.x" - sntp "2.x.x" - -hoek@4.x.x: - version "4.2.0" - resolved "https://registry.yarnpkg.com/hoek/-/hoek-4.2.0.tgz#72d9d0754f7fe25ca2d01ad8f8f9a9449a89526d" - -http-errors@~1.6.2: - version "1.6.2" - resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-1.6.2.tgz#0a002cc85707192a7e7946ceedc11155f60ec736" - dependencies: - depd "1.1.1" - inherits "2.0.3" - setprototypeof "1.0.3" - statuses ">= 1.3.1 < 2" - -http-signature@~1.2.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/http-signature/-/http-signature-1.2.0.tgz#9aecd925114772f3d95b65a60abb8f7c18fbace1" - dependencies: - assert-plus "^1.0.0" - jsprim "^1.2.2" - sshpk "^1.7.0" - -inherits@2.0.3, inherits@^2.0.3, inherits@~2.0.3: - version "2.0.3" - resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.3.tgz#633c2c83e3da42a502f52466022480f4208261de" - -is-typedarray@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-typedarray/-/is-typedarray-1.0.0.tgz#e479c80858df0c1b11ddda6940f96011fcda4a9a" - -is-utf8@^0.2.0: - version "0.2.1" - resolved "https://registry.yarnpkg.com/is-utf8/-/is-utf8-0.2.1.tgz#4b0da1442104d1b336340e80797e865cf39f7d72" - -isarray@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/isarray/-/isarray-1.0.0.tgz#bb935d48582cba168c06834957a54a3e07124f11" - -isstream@~0.1.2: - version "0.1.2" - resolved "https://registry.yarnpkg.com/isstream/-/isstream-0.1.2.tgz#47e63f7af55afa6f92e1500e690eb8b8529c099a" - -jsbn@~0.1.0: - version "0.1.1" - resolved "https://registry.yarnpkg.com/jsbn/-/jsbn-0.1.1.tgz#a5e654c2e5a2deb5f201d96cefbca80c0ef2f513" - -json-schema-traverse@^0.3.0: - version "0.3.1" - resolved "https://registry.yarnpkg.com/json-schema-traverse/-/json-schema-traverse-0.3.1.tgz#349a6d44c53a51de89b40805c5d5e59b417d3340" - -json-schema@0.2.3: - version "0.2.3" - resolved "https://registry.yarnpkg.com/json-schema/-/json-schema-0.2.3.tgz#b480c892e59a2f05954ce727bd3f2a4e882f9e13" - -json-stable-stringify@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/json-stable-stringify/-/json-stable-stringify-1.0.1.tgz#9a759d39c5f2ff503fd5300646ed445f88c4f9af" - dependencies: - jsonify "~0.0.0" - -json-stringify-safe@~5.0.1: - version "5.0.1" - resolved "https://registry.yarnpkg.com/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz#1296a2d58fd45f19a0f6ce01d65701e2c735b6eb" - -jsonify@~0.0.0: - version "0.0.0" - resolved "https://registry.yarnpkg.com/jsonify/-/jsonify-0.0.0.tgz#2c74b6ee41d93ca51b7b5aaee8f503631d252a73" - -jsprim@^1.2.2: - version "1.4.1" - resolved "https://registry.yarnpkg.com/jsprim/-/jsprim-1.4.1.tgz#313e66bc1e5cc06e438bc1b7499c2e5c56acb6a2" - dependencies: - assert-plus "1.0.0" - extsprintf "1.3.0" - json-schema "0.2.3" - verror "1.10.0" - -lodash@^3.10.1: - version "3.10.1" - resolved "https://registry.yarnpkg.com/lodash/-/lodash-3.10.1.tgz#5bf45e8e49ba4189e17d482789dfd15bd140b7b6" - -mime-db@~1.30.0: - version "1.30.0" - resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.30.0.tgz#74c643da2dd9d6a45399963465b26d5ca7d71f01" - -mime-types@^2.1.12, mime-types@~2.1.17: - version "2.1.17" - resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.17.tgz#09d7a393f03e995a79f8af857b70a9e0ab16557a" - dependencies: - mime-db "~1.30.0" - -mime@1.4.1: - version "1.4.1" - resolved "https://registry.yarnpkg.com/mime/-/mime-1.4.1.tgz#121f9ebc49e3766f311a76e1fa1c8003c4b03aa6" - -ms@2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/ms/-/ms-2.0.0.tgz#5608aeadfc00be6c2901df5f9861788de0d597c8" - -oauth-sign@~0.8.2: - version "0.8.2" - resolved "https://registry.yarnpkg.com/oauth-sign/-/oauth-sign-0.8.2.tgz#46a6ab7f0aead8deae9ec0565780b7d4efeb9d43" - -on-finished@~2.3.0: - version "2.3.0" - resolved "https://registry.yarnpkg.com/on-finished/-/on-finished-2.3.0.tgz#20f1336481b083cd75337992a16971aa2d906947" - dependencies: - ee-first "1.1.1" - -parseurl@~1.3.2: - version "1.3.2" - resolved "https://registry.yarnpkg.com/parseurl/-/parseurl-1.3.2.tgz#fc289d4ed8993119460c156253262cdc8de65bf3" - -performance-now@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/performance-now/-/performance-now-2.1.0.tgz#6309f4e0e5fa913ec1c69307ae364b4b377c9e7b" - -process-nextick-args@~1.0.6: - version "1.0.7" - resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-1.0.7.tgz#150e20b756590ad3f91093f25a4f2ad8bff30ba3" - -punycode@^1.4.1: - version "1.4.1" - resolved "https://registry.yarnpkg.com/punycode/-/punycode-1.4.1.tgz#c0d5a63b2718800ad8e1eb0fa5269c84dd41845e" - -qs@~6.5.1: - version "6.5.1" - resolved "https://registry.yarnpkg.com/qs/-/qs-6.5.1.tgz#349cdf6eef89ec45c12d7d5eb3fc0c870343a6d8" - -range-parser@~1.2.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/range-parser/-/range-parser-1.2.0.tgz#f49be6b487894ddc40dcc94a322f611092e00d5e" - -readable-stream@^2.2.2: - version "2.3.3" - resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.3.tgz#368f2512d79f9d46fdfc71349ae7878bbc1eb95c" - dependencies: - core-util-is "~1.0.0" - inherits "~2.0.3" - isarray "~1.0.0" - process-nextick-args "~1.0.6" - safe-buffer "~5.1.1" - string_decoder "~1.0.3" - util-deprecate "~1.0.1" - -request@>=2.9.0: - version "2.83.0" - resolved "https://registry.yarnpkg.com/request/-/request-2.83.0.tgz#ca0b65da02ed62935887808e6f510381034e3356" - dependencies: - aws-sign2 "~0.7.0" - aws4 "^1.6.0" - caseless "~0.12.0" - combined-stream "~1.0.5" - extend "~3.0.1" - forever-agent "~0.6.1" - form-data "~2.3.1" - har-validator "~5.0.3" - hawk "~6.0.2" - http-signature "~1.2.0" - is-typedarray "~1.0.0" - isstream "~0.1.2" - json-stringify-safe "~5.0.1" - mime-types "~2.1.17" - oauth-sign "~0.8.2" - performance-now "^2.1.0" - qs "~6.5.1" - safe-buffer "^5.1.1" - stringstream "~0.0.5" - tough-cookie "~2.3.3" - tunnel-agent "^0.6.0" - uuid "^3.1.0" - -safe-buffer@^5.0.1, safe-buffer@^5.1.1, safe-buffer@~5.1.0, safe-buffer@~5.1.1: - version "5.1.1" - resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.1.tgz#893312af69b2123def71f57889001671eeb2c853" - -sax@>=0.6: - version "1.2.4" - resolved "https://registry.yarnpkg.com/sax/-/sax-1.2.4.tgz#2816234e2378bddc4e5354fab5caa895df7100d9" - -selectn@^0.9.6: - version "0.9.6" - resolved "https://registry.yarnpkg.com/selectn/-/selectn-0.9.6.tgz#bd873a556d18f96d8515fc91503ec6ff398ff9a2" - -send@0.16.1: - version "0.16.1" - resolved "https://registry.yarnpkg.com/send/-/send-0.16.1.tgz#a70e1ca21d1382c11d0d9f6231deb281080d7ab3" - dependencies: - debug "2.6.9" - depd "~1.1.1" - destroy "~1.0.4" - encodeurl "~1.0.1" - escape-html "~1.0.3" - etag "~1.8.1" - fresh "0.5.2" - http-errors "~1.6.2" - mime "1.4.1" - ms "2.0.0" - on-finished "~2.3.0" - range-parser "~1.2.0" - statuses "~1.3.1" - -serve-static@^1.11.1: - version "1.13.1" - resolved "https://registry.yarnpkg.com/serve-static/-/serve-static-1.13.1.tgz#4c57d53404a761d8f2e7c1e8a18a47dbf278a719" - dependencies: - encodeurl "~1.0.1" - escape-html "~1.0.3" - parseurl "~1.3.2" - send "0.16.1" - -setprototypeof@1.0.3: - version "1.0.3" - resolved "https://registry.yarnpkg.com/setprototypeof/-/setprototypeof-1.0.3.tgz#66567e37043eeb4f04d91bd658c0cbefb55b8e04" - -sntp@2.x.x: - version "2.0.2" - resolved "https://registry.yarnpkg.com/sntp/-/sntp-2.0.2.tgz#5064110f0af85f7cfdb7d6b67a40028ce52b4b2b" - dependencies: - hoek "4.x.x" - -soap@^0.21.0: - version "0.21.0" - resolved "https://registry.yarnpkg.com/soap/-/soap-0.21.0.tgz#3dce99407172a88584f13f4bc61f6027b335b328" - dependencies: - bluebird "^3.5.0" - compress "^0.99.0" - concat-stream "^1.5.1" - debug "~0.7.4" - ejs "~2.5.5" - finalhandler "^1.0.3" - lodash "^3.10.1" - request ">=2.9.0" - sax ">=0.6" - selectn "^0.9.6" - serve-static "^1.11.1" - strip-bom "~0.3.1" - uuid "^3.1.0" - xml-crypto "~0.8.0" - -sshpk@^1.7.0: - version "1.13.1" - resolved "https://registry.yarnpkg.com/sshpk/-/sshpk-1.13.1.tgz#512df6da6287144316dc4c18fe1cf1d940739be3" - dependencies: - asn1 "~0.2.3" - assert-plus "^1.0.0" - dashdash "^1.12.0" - getpass "^0.1.1" - optionalDependencies: - bcrypt-pbkdf "^1.0.0" - ecc-jsbn "~0.1.1" - jsbn "~0.1.0" - tweetnacl "~0.14.0" - -"statuses@>= 1.3.1 < 2": - version "1.4.0" - resolved "https://registry.yarnpkg.com/statuses/-/statuses-1.4.0.tgz#bb73d446da2796106efcc1b601a253d6c46bd087" - -statuses@~1.3.1: - version "1.3.1" - resolved "https://registry.yarnpkg.com/statuses/-/statuses-1.3.1.tgz#faf51b9eb74aaef3b3acf4ad5f61abf24cb7b93e" - -string_decoder@~1.0.3: - version "1.0.3" - resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.0.3.tgz#0fc67d7c141825de94282dd536bec6b9bce860ab" - dependencies: - safe-buffer "~5.1.0" - -stringstream@~0.0.5: - version "0.0.5" - resolved "https://registry.yarnpkg.com/stringstream/-/stringstream-0.0.5.tgz#4e484cd4de5a0bbbee18e46307710a8a81621878" - -strip-bom@~0.3.1: - version "0.3.1" - resolved "https://registry.yarnpkg.com/strip-bom/-/strip-bom-0.3.1.tgz#9e8a39eff456ff9abc2f059f5f2225bb0f3f7ca5" - dependencies: - first-chunk-stream "^0.1.0" - is-utf8 "^0.2.0" - -tough-cookie@~2.3.3: - version "2.3.3" - resolved "https://registry.yarnpkg.com/tough-cookie/-/tough-cookie-2.3.3.tgz#0b618a5565b6dea90bf3425d04d55edc475a7561" - dependencies: - punycode "^1.4.1" - -tunnel-agent@^0.6.0: - version "0.6.0" - resolved "https://registry.yarnpkg.com/tunnel-agent/-/tunnel-agent-0.6.0.tgz#27a5dea06b36b04a0a9966774b290868f0fc40fd" - dependencies: - safe-buffer "^5.0.1" - -tweetnacl@^0.14.3, tweetnacl@~0.14.0: - version "0.14.5" - resolved "https://registry.yarnpkg.com/tweetnacl/-/tweetnacl-0.14.5.tgz#5ae68177f192d4456269d108afa93ff8743f4f64" - -typedarray@^0.0.6: - version "0.0.6" - resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777" - -unpipe@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/unpipe/-/unpipe-1.0.0.tgz#b2bf4ee8514aae6165b4817829d21b2ef49904ec" - -util-deprecate@~1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf" - -uuid@^3.1.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.1.0.tgz#3dd3d3e790abc24d7b0d3a034ffababe28ebbc04" - -verror@1.10.0: - version "1.10.0" - resolved "https://registry.yarnpkg.com/verror/-/verror-1.10.0.tgz#3a105ca17053af55d6e270c1f8288682e18da400" - dependencies: - assert-plus "^1.0.0" - core-util-is "1.0.2" - extsprintf "^1.2.0" - -xml-crypto@~0.8.0: - version "0.8.5" - resolved "https://registry.yarnpkg.com/xml-crypto/-/xml-crypto-0.8.5.tgz#2bbcfb3eb33f3a82a218b822bf672b6b1c20e538" - dependencies: - xmldom "=0.1.19" - xpath.js ">=0.0.3" - -xmldom@=0.1.19: - version "0.1.19" - resolved "https://registry.yarnpkg.com/xmldom/-/xmldom-0.1.19.tgz#631fc07776efd84118bf25171b37ed4d075a0abc" - -xpath.js@>=0.0.3: - version "1.0.7" - resolved "https://registry.yarnpkg.com/xpath.js/-/xpath.js-1.0.7.tgz#7e94627f541276cbc6a6b02b5d35e9418565b3e4" diff --git a/src/container.ts b/src/container.ts index 5c260fcb3..b2430ce66 100644 --- a/src/container.ts +++ b/src/container.ts @@ -90,7 +90,7 @@ container.register({ const SAML_CALLBACK_URL = process.env.SAML_CALLBACK_URL || "http://italia-backend/assertionConsumerService"; -const SAML_ISSUER = process.env.SAML_ISSUER || "http://italia-backend"; +const SAML_ISSUER = process.env.SAML_ISSUER || "http://italiabackend.it"; const DEFAULT_SAML_ATTRIBUTE_CONSUMING_SERVICE_INDEX = "1"; const SAML_ATTRIBUTE_CONSUMING_SERVICE_INDEX: number = parseInt( process.env.SAML_ATTRIBUTE_CONSUMING_SERVICE_INDEX || @@ -103,13 +103,20 @@ const SAML_ACCEPTED_CLOCK_SKEW_MS = parseInt( DEFAULT_SAML_ACCEPTED_CLOCK_SKEW_MS, 10 ); +const DEFAULT_SPID_AUTOLOGIN = ""; +const SPID_AUTOLOGIN = process.env.SPID_AUTOLOGIN || DEFAULT_SPID_AUTOLOGIN; +const DEFAULT_SPID_TESTENV_URL = "https://spid-testenv2:8088"; +const SPID_TESTENV_URL = + process.env.SPID_TESTENV_URL || DEFAULT_SPID_TESTENV_URL; container.register({ samlAcceptedClockSkewMs: awilix.asValue(SAML_ACCEPTED_CLOCK_SKEW_MS), samlAttributeConsumingServiceIndex: awilix.asValue( SAML_ATTRIBUTE_CONSUMING_SERVICE_INDEX ), samlCallbackUrl: awilix.asValue(SAML_CALLBACK_URL), - samlIssuer: awilix.asValue(SAML_ISSUER) + samlIssuer: awilix.asValue(SAML_ISSUER), + spidAutologin: awilix.asValue(SPID_AUTOLOGIN), + spidTestEnvUrl: awilix.asValue(SPID_TESTENV_URL) }); // Redirection urls diff --git a/src/controllers/__tests__/authenticationController.test.ts b/src/controllers/__tests__/authenticationController.test.ts index 416e95934..8919d4af6 100644 --- a/src/controllers/__tests__/authenticationController.test.ts +++ b/src/controllers/__tests__/authenticationController.test.ts @@ -76,9 +76,11 @@ nCnxP/vK5rgVHU3nQfq+e/B6FVWZ -----END PRIVATE KEY----- `; const samlCallbackUrl = "http://italia-backend/assertionConsumerService"; -const samlIssuer = "http://italia-backend"; +const samlIssuer = "http://italiabackend.it"; const samlAcceptedClockSkewMs = -1; const samlAttributeConsumingServiceIndex = 0; +const spidAutologin = ""; +const spidTestEnvUrl = "https://localhost:8088"; // user constant const aTimestamp = 1518010929530; @@ -180,7 +182,9 @@ const spidStrategyInstance = spidStrategy( samlCallbackUrl, samlIssuer, samlAcceptedClockSkewMs, - samlAttributeConsumingServiceIndex + samlAttributeConsumingServiceIndex, + spidAutologin, + spidTestEnvUrl ); spidStrategyInstance.logout = jest.fn(); @@ -381,7 +385,7 @@ describe("AuthenticationController#metadata", () => { it("renders the correct metadata", async () => { const res = mockRes(); - const response = ` + const response = ` @@ -429,7 +433,7 @@ IFJiDanROwzoG0YNd8aCWE8ZM2y81Ww= Digital citizenship proxy https://github.com/teamdigitale/italia-backend -Bf2Cp9GHtyquphvca26konsKBCC5ZWZE/Jg/ouPscmg=Xy6T5fn1q2IS0GCXkfOccJv4rF+QrUshbV4hcn/XCfeGSX+C9Kunxx2+BuVMOpuTjtYGUxgCEdMAGOGbaOtCM8pE0XlrCDrAibvSYMvREYSWIWg6ljpUpnPTkM8YNlkot7Gl5Vs7sR3+5vA00SvudJqElttDo3/jrMLGSp4QmX5pcoycmvxummZ4rVktxhQuVdUyODD3Hl+DYJMzkUIBrxz+wR/ysPpi+aBAfNFY+WwTFB/JmVmDHmyoCo02QTaLZqSDRE9JfYU3bmTApqDOwRUAX3MKGx13i/wIw2iqPAakqRM7lHfJBzFS3cTXziCqHB72++pGc/ys9HFoddw+3Is= +6qF1S58q11hbXDJp75CnSktmXYlwXGF7nHbXGRnnvpg=dxOJqaw4apjhxRKuHaLdMcwZWSz0spSbpVtQl5msMbnNHHmSukQBHam66ISr4hTtA1+dgiAfa6OVGYOeYBpkPm0MN5Nm6uds5JTFxg/Py5BHtlqVSfUT5R3T6qQDOmbd1g0oHVa+FIjlUQQ8XanvVpCwLPGfvCcd2VgY5hjIAxif6AbK5ubGd2WEspc+Z934kMAb5GTGaFcE/7FIIycEdsno8TBSaQyTK8RnknO8FOq6zRVCD6V7Q6vxyqXfBPP3XzsPDVyXyFN/xiFtwS36eMCfccNBIc/+hptIMMZts57mNSLpgHSekisyheQfcMGxFUrhZcxkxEQPYh8femL/Ur8= MIIDczCCAlqgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBTMQswCQYDVQQGEwJpdDEN MAsGA1UECAwEUm9tZTEUMBIGA1UECgwLYWdpZC5nb3YuaXQxHzAdBgNVBAMMFmh0 dHBzOi8vaXRhbGlhLWJhY2tlbmQwHhcNMTcxMDI2MTAzNTQwWhcNMTgxMDI2MTAz diff --git a/src/strategies/spidStrategy.ts b/src/strategies/spidStrategy.ts index 544eef8c2..469af4ed9 100644 --- a/src/strategies/spidStrategy.ts +++ b/src/strategies/spidStrategy.ts @@ -12,104 +12,117 @@ const spidStrategy = ( samlCallbackUrl: string, samlIssuer: string, samlAcceptedClockSkewMs: number, - samlAttributeConsumingServiceIndex: number + samlAttributeConsumingServiceIndex: number, + spidAutologin: string, + spidTestEnvUrl: string ) => { - return new SpidStrategy( - { - idp: { - arubaid: { - cert: - "MIIExTCCA62gAwIBAgIQIHtEvEhGM77HwqsuvSbi9zANBgkqhkiG9w0BAQsFADBsMQswCQYDVQQGEwJJVDEYMBYGA1UECgwPQXJ1YmFQRUMgUy5wLkEuMSEwHwYDVQQLDBhDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eUIxIDAeBgNVBAMMF0FydWJhUEVDIFMucC5BLiBORyBDQSAyMB4XDTE3MDEyMzAwMDAwMFoXDTIwMDEyMzIzNTk1OVowgaAxCzAJBgNVBAYTAklUMRYwFAYDVQQKDA1BcnViYSBQRUMgc3BhMREwDwYDVQQLDAhQcm9kb3R0bzEWMBQGA1UEAwwNcGVjLml0IHBlYy5pdDEZMBcGA1UEBRMQWFhYWFhYMDBYMDBYMDAwWDEPMA0GA1UEKgwGcGVjLml0MQ8wDQYDVQQEDAZwZWMuaXQxETAPBgNVBC4TCDE2MzQ1MzgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqt2oHJhcp03l73p+QYpEJ+f3jYYj0W0gos0RItZx/w4vpsiKBygaqDNVWSwfo1aPdVDIX13f62O+lBki29KTt+QWv5K6SGHDUXYPntRdEQlicIBh2Z0HfrM7fDl+xeJrMp1s4dsSQAuB5TJOlFZq7xCQuukytGWBTvjfcN/os5aEsEg+RbtZHJR26SbbUcIqWb27Swgj/9jwK+tvzLnP4w8FNvEOrNfR0XwTMNDFrwbOCuWgthv5jNBsVZaoqNwiA/MxYt+gTOMj/o5PWKk8Wpm6o/7/+lWAoxh0v8x9OkbIi+YaFpIxuCcUqsrJJk63x2gHCc2nr+yclYUhsKD/AwIDAQABo4IBLDCCASgwDgYDVR0PAQH/BAQDAgeAMB0GA1UdDgQWBBTKQ3+NPGcXFk8nX994vMTVpba1EzBHBgNVHSAEQDA+MDwGCysGAQQBgegtAQEBMC0wKwYIKwYBBQUHAgEWH2h0dHBzOi8vY2EuYXJ1YmFwZWMuaXQvY3BzLmh0bWwwWAYDVR0fBFEwTzBNoEugSYZHaHR0cDovL2NybC5hcnViYXBlYy5pdC9BcnViYVBFQ1NwQUNlcnRpZmljYXRpb25BdXRob3JpdHlCL0xhdGVzdENSTC5jcmwwHwYDVR0jBBgwFoAU8v9jQBwRQv3M3/FZ9m7omYcxR3kwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5hcnViYXBlYy5pdDANBgkqhkiG9w0BAQsFAAOCAQEAnEw0NuaspbpDjA5wggwFtfQydU6b3Bw2/KXPRKS2JoqGmx0SYKj+L17A2KUBa2c7gDtKXYz0FLT60Bv0pmBN/oYCgVMEBJKqwRwdki9YjEBwyCZwNEx1kDAyyqFEVU9vw/OQfrAdp7MTbuZGFKknVt7b9wOYy/Op9FiUaTg6SuOy0ep+rqhihltYNAAl4L6fY45mHvqa5vvVG30OvLW/S4uvRYUXYwY6KhWvNdDf5CnFugnuEZtHJrVe4wx9aO5GvFLFZ/mQ35C5mXPQ7nIb0CDdLBJdz82nUoLSA5BUbeXAUkfahW/hLxLdhks68/TK694xVIuiB40pvMmJwxIyDA==", - entryPoint: "https://loginspid.aruba.it/ServiceLoginWelcome", - logoutUrl: "https://loginspid.aruba.it/ServiceLogoutRequest" - }, - infocertid: { - cert: - "MIIGbDCCBVSgAwIBAgIDA+76MA0GCSqGSIb3DQEBCwUAMIGGMQswCQYDVQQGEwJJVDEVMBMGA1UECgwMSU5GT0NFUlQgU1BBMRswGQYDVQQLDBJFbnRlIENlcnRpZmljYXRvcmUxFDASBgNVBAUTCzA3OTQ1MjExMDA2MS0wKwYDVQQDDCRJbmZvQ2VydCBTZXJ2aXppIGRpIENlcnRpZmljYXppb25lIDIwHhcNMTYwMTEyMDkyNDI4WhcNMTkwMTEyMDAwMDAwWjCBsTEUMBIGA1UELhMLMDc5NDUyMTEwMDYxDzANBgkqhkiG9w0BCQEWADEUMBIGA1UEBRMLMDc5NDUyMTEwMDYxHTAbBgNVBAMMFGlkZW50aXR5LmluZm9jZXJ0Lml0MRQwEgYDVQQLDAtJbmZvQ2VydCBJRDEhMB8GA1UECgwYSW5mb0NlcnQgU3BBLzA3OTQ1MjExMDA2MQ0wCwYDVQQHDARSb21hMQswCQYDVQQGEwJJVDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALDysrpnXB+it94LSuAmOgyFDilZ8nuSEVOFl1PX/HtgK3W25B/tqJBsyZwrAIXxg5XHYd3+i7bFoBjuduzfqhvSv9WYCVtggsz5a3sbOpU54DaOLgoCmd4nIsINwKzCmT1UNXBGjS+Xt5F3lV+v2Ayr4rAsPnkE2084BLmwcIX3w7+rx/Nd+/5HfaAMaORICYinUIvbZ5e/plUj87s1YEpep/DcC0uMFE66jFrcnHVOeHCrDh+tAZAiGew4BVJjLr0hfS4ZeaE43TJlHb00GZNfpfzGcOPbzWlSB5iF/cZbTRHmPsn0gALfpPNViniFBVqSaoywZwvkFosrehRUCNkCAwEAAaOCArQwggKwMBMGA1UdJQQMMAoGCCsGAQUFBwMCMCUGA1UdEgQeMByBGmZpcm1hLmRpZ2l0YWxlQGluZm9jZXJ0Lml0MGUGA1UdIAReMFwwWgYGK0wkAQEIMFAwTgYIKwYBBQUHAgIwQgxASW5mb0NlcnQgU3BBIFNTTCwgU01JTUUgYW5kIGRpZ2l0YWwgc2lnbmF0dXJlIENsaWVudCBDZXJ0aWZpY2F0ZTA3BggrBgEFBQcBAQQrMCkwJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3NwLnNjLmluZm9jZXJ0Lml0LzCB7AYDVR0fBIHkMIHhMDSgMqAwhi5odHRwOi8vY3JsLmluZm9jZXJ0Lml0L2NybHMvc2Vydml6aTIvQ1JMMDEuY3JsMIGooIGloIGihoGfbGRhcDovL2xkYXAuaW5mb2NlcnQuaXQvY24lM0RJbmZvQ2VydCUyMFNlcnZpemklMjBkaSUyMENlcnRpZmljYXppb25lJTIwMiUyMENSTDAxLG91JTNERW50ZSUyMENlcnRpZmljYXRvcmUsbyUzRElORk9DRVJUJTIwU1BBLEMlM0RJVD9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0MA4GA1UdDwEB/wQEAwIEsDCBswYDVR0jBIGrMIGogBTpNppkKVKhWv5ppMSDt4B9D2oSeKGBjKSBiTCBhjELMAkGA1UEBhMCSVQxFTATBgNVBAoMDElORk9DRVJUIFNQQTEbMBkGA1UECwwSRW50ZSBDZXJ0aWZpY2F0b3JlMRQwEgYDVQQFEwswNzk0NTIxMTAwNjEtMCsGA1UEAwwkSW5mb0NlcnQgU2Vydml6aSBkaSBDZXJ0aWZpY2F6aW9uZSAyggECMB0GA1UdDgQWBBTi8mIRU4ue/0lKSfv4gSQhoZQvozANBgkqhkiG9w0BAQsFAAOCAQEAUCXyjmfzxmyVQbK4cf79zj5qMZVAAjDMTR1UGFcS2IibICh3S3Uf22lPGQfm+MX9tiweETW7fBLW6lrR2ofXBz/FfU98A/AA9GZDrbGhBxoc+RoqkHVYRqEuXOq6z3X9DuvsdsfKeO3p4eXbXlCcxD2PP5fFqcZxx1WZ1HRamiGk9fMN1iT3aPa3q7TfRD6W6+XgafjXieZ8bCa1FGIfapbqsWa91jdn4xiJpbmTTq1/Zjs5RCZYzmMEV9rSuSVgFtONb8+xKC4ohMVxAUw2yZHwd4dDyBLkapuaWkzhW939+gjeoKz04Ds2C52d/kln7ehdu9LkzvRI6UAEpAYLgg==", - entryPoint: "https://identity.infocert.it/spid/samlsso", - logoutUrl: "https://identity.infocert.it/spid/samlslo" - }, - intesaid: { - cert: - "MIIEDjCCAvagAwIBAgIIIT1A+ywbIQAwDQYJKoZIhvcNAQELBQAwXjEzMDEGA1UEAwwqSU4uVEUuUy5BLiBTLnAuQSAtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRowGAYDVQQKDBFJTi5URS5TLkEuIFMucC5BLjELMAkGA1UEBhMCSVQwHhcNMTcwOTE1MTMyMzQ1WhcNMzYwNzAxMTk1OTAwWjBQMSUwDwYDVQQuEwgyMDA3OTc5NzASBgNVBAMMC1NBTUwgU2lnbmVyMRowGAYDVQQKDBFJTi5URS5TLkEuIFMucC5BLjELMAkGA1UEBhMCSVQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhYXkP+eQBURgmslDXBjG0ad+DkSAkWt7hUoaTyiK0e34QiyArq043plqTrt+6FzTGeX7960Qr3tCLGCiVOi47QuE09IKfJmKGEaUQnJQehHYZs/XV0OYQl18WrCxUX6ALOcqPs+4ypCbJV1WzSosfBcPBzivJER8kvrynMXI3or18e9XPTGBn8qNFyNF1E3BJ5UhrDvk5W2gKyYKz0M/CIu9PiHuO/ne6HbeNrCS/xzXtjsTusk41AOxIQoFbEzS08xcRY+QDE8oLcAmecSjT3xv3r9dWke6KTTAahS3K+5mOYRcBXj2FFegiUp+xh4OAWdH1+gGDYm+3aAmMpaLtAgMBAAGjgd0wgdowHQYDVR0OBBYEFEw9xWg4qvQGdlGMCqmJcVDgdE8aMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUySnWJ2sw0ljDpJVrtrxCCP0b1CYwGgYDVR0QBBMwEYAPMjAxNzA5MTUxMzIzNDVaMD8GA1UdHwQ4MDYwNKAyoDCGLmh0dHA6Ly9lLXRydXN0Y29tLmludGVzYS5pdC9DUkwvSU5URVNBX25DQS5jcmwwDgYDVR0PAQH/BAQDAgSwMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDANBgkqhkiG9w0BAQsFAAOCAQEAVRHyFRZZFpW/qjJpKftd86h3wOdUqOhc2W8ZHv0st8ptG+mZk3l1iWAsEPqKMIBhksgTvalnHC1lHUt11xsZ2mzUjVpiG8XiWXYXQnY2D+q7Dc4n20kJ717qf4SDN8wX1A6XvT3Wrsfh87vg3ZFD56/eyur2snWu4OilsFqAyLhnExG4puJ4JKBWnlwAGXD9SFgkSZ8FC66KQs6CAwVkvCIom3IwJeU/VrYQF6XHkVCQgr5mojXgCkrlRNl53WAKfQHCT4QH+oQVP97PCEL/wQ1zi0UzWauKT6u2wDym9rcpch+WLa0GUtYNhuoLU2SregPKwTWg2DfINJObyWRpww==", - entryPoint: - "https://spid.intesa.it/Time4UserServices/services/idp/AuthnRequest/", - logoutUrl: - "https://spid.intesa.it/Time4UserServices/services/idp/SingleLogout" - }, - namirialid: { - cert: - "MIIDNzCCAh+gAwIBAgIUNGvDUjTpLSPlP4sEfO0+JARITnEwDQYJKoZIhvcNAQELBQAwHjEcMBoGA1UEAwwTaWRwLm5hbWlyaWFsdHNwLmNvbTAeFw0xNzAzMDgwOTE3NTZaFw0zNzAzMDgwOTE3NTZaMB4xHDAaBgNVBAMME2lkcC5uYW1pcmlhbHRzcC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrcJvYRh49nNijgzwL1OOwgzeMDUWcMSwoWdtMpx3kDhZwMFQ3ITDmNvlz21I0QKaP0BDg/UAjfCbDtLqUy6wHtI6NWVJoqIziw+dLfg7S5Sr2nOzJ/sKhzadWH1kDsetIenOLU2ex+7Vf/+4P7nIrS0c+xghi9/zN8dH6+09wWYnloGmcW3qWRFMKJjR3ctBmsmqCKWNIIq2QfeFszSSeG0xaNlLKBrj6TyPDxDqPAskq038W1fCuh7aejCk7XTTOxuuIwDGJiYsc8rfXSG9/auskAfCziGEm304/ojy5MRcNjekz4KgWxT9anMCipv0I2T7tCAivc1z9QCsEPk5pAgMBAAGjbTBrMB0GA1UdDgQWBBQi8+cnv0Nw0lbuICzxlSHsvBw5SzBKBgNVHREEQzBBghNpZHAubmFtaXJpYWx0c3AuY29thipodHRwczovL2lkcC5uYW1pcmlhbHRzcC5jb20vaWRwL3NoaWJib2xldGgwDQYJKoZIhvcNAQELBQADggEBAEp953KMWY7wJbJqnPTmDkXaZJVoubcjW86IY494RgVBeZ4XzAGOifa3ScDK6a0OWfIlRTbaKKu9lEVw9zs54vLp9oQI4JulomSaL805Glml4bYqtcLoh5qTnKaWp5qvzBgcQ7i2GcDC9F+qrsJYreCA7rbHXzF0hu5yIfz0BrrCRWvuWiop92WeKvtucI4oBGfoHhYOZsLuoTT3hZiEFJT60xS5Y2SNdz+Eia9Dgt0cvAzoOVk93Cxg+XBdyyEEiZn/zvhjus29KyFrzh3XYznh+4jq3ymt7Os4JKmY0aJm7yNxw+LyPjkdaB0icfo3+hD7PiuUjC3Y67LUWQ8YgOc=", - entryPoint: - "https://idp.namirialtsp.com/idp/profile/SAML2/Redirect/SSO", - logoutUrl: - "https://idp.namirialtsp.com/idp/profile/SAML2/Redirect/SLO" - }, - posteid: { - cert: - "MIIEKzCCAxOgAwIBAgIDE2Y0MA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNVBAYTAklUMRgwFgYDVQQKDA9Qb3N0ZWNvbSBTLnAuQS4xIDAeBgNVBAsMF0NlcnRpZmljYXRpb24gQXV0aG9yaXR5MRUwEwYDVQQDDAxQb3N0ZWNvbSBDQTMwHhcNMTYwMjI2MTU1MjQ0WhcNMjEwMjI2MTU1MjQ0WjBxMQswCQYDVQQGEwJJVDEOMAwGA1UECAwFSXRhbHkxDTALBgNVBAcMBFJvbWUxHjAcBgNVBAoMFVBvc3RlIEl0YWxpYW5lIFMucC5BLjENMAsGA1UECwwEU1BJRDEUMBIGA1UEAwwLSURQLVBvc3RlSUQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZFEtJoEHFAjpCaZcj5DVWrRDyaLZyu31XApslbo87CyWz61OJMtw6QQU0MdCtrYbtSJ6vJwx7/6EUjsZ3u4x3EPLdlkyiGOqukPwATv4c7TVOUVs5onIqTphM9b+AHRg4ehiMGesm/9d7RIaLuN79iPUvdLn6WP3idAfEw+rhJ/wYEQ0h1Xm5osNUgtWcBGavZIjLssWNrDDfJYxXH3QZ0kI6feEvLCJwgjXLGkBuhFehNhM4fhbX9iUCWwwkJ3JsP2++Rc/iTA0LZhiUsXNNq7gBcLAJ9UX2V1dWjTzBHevfHspzt4e0VgIIwbDRqsRtF8VUPSDYYbLoqwbLt18XAgMBAAGjgdwwgdkwRgYDVR0gBD8wPTAwBgcrTAsBAgEBMCUwIwYIKwYBBQUHAgEWF2h0dHA6Ly93d3cucG9zdGVjZXJ0Lml0MAkGBytMCwEBCgIwDgYDVR0PAQH/BAQDAgSwMB8GA1UdIwQYMBaAFKc0XP2FByYU2l0gFzGKE8zVSzfmMD8GA1UdHwQ4MDYwNKAyoDCGLmh0dHA6Ly9wb3N0ZWNlcnQucG9zdGUuaXQvcG9zdGVjb21jYTMvY3JsMy5jcmwwHQYDVR0OBBYEFEvrikZQkfBjuiTpxExSBe8wGgsyMA0GCSqGSIb3DQEBCwUAA4IBAQBNAw8UoeiCF+1rFs27d3bEef6CLe/PJga9EfwKItjMDD9QzT/FShRWKLHlK69MHL1ZLPRPvuWUTkIOHTpNqBPILvO1u13bSg+6o+2OdqAkCBkbTqbGjWSPLaTUVNV6MbXmvttD8Vd9vIZg1xBBG3Fai13dwvSj3hAZd8ug8a8fW1y/iDbRC5D1O+HlHDuvIW4LbJ093jdj+oZwSyd216gtXL00QA0C1uMuDv9Wf9IxniTb710dRSgIcM4/eR7832fZgdOsoalFzGYWxSCs8WOZrjpub1fdaRSEuCQk2+gmdsiRcTs9EqPCCNiNlrNAiWEyGtL8A4ao3pDMwCtrb2yr", - entryPoint: "https://posteid.poste.it/jod-fs/ssoserviceredirect", - logoutUrl: "https://posteid.poste.it/jod-fs/sloservicepost" - }, - registerid: { - cert: - "MIIEKzCCAxOgAwIBAgIDE2Y0MA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNVBAYTAklUMRgwFgYDVQQKDA9Qb3N0ZWNvbSBTLnAuQS4xIDAeBgNVBAsMF0NlcnRpZmljYXRpb24gQXV0aG9yaXR5MRUwEwYDVQQDDAxQb3N0ZWNvbSBDQTMwHhcNMTYwMjI2MTU1MjQ0WhcNMjEwMjI2MTU1MjQ0WjBxMQswCQYDVQQGEwJJVDEOMAwGA1UECAwFSXRhbHkxDTALBgNVBAcMBFJvbWUxHjAcBgNVBAoMFVBvc3RlIEl0YWxpYW5lIFMucC5BLjENMAsGA1UECwwEU1BJRDEUMBIGA1UEAwwLSURQLVBvc3RlSUQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZFEtJoEHFAjpCaZcj5DVWrRDyaLZyu31XApslbo87CyWz61OJMtw6QQU0MdCtrYbtSJ6vJwx7/6EUjsZ3u4x3EPLdlkyiGOqukPwATv4c7TVOUVs5onIqTphM9b+AHRg4ehiMGesm/9d7RIaLuN79iPUvdLn6WP3idAfEw+rhJ/wYEQ0h1Xm5osNUgtWcBGavZIjLssWNrDDfJYxXH3QZ0kI6feEvLCJwgjXLGkBuhFehNhM4fhbX9iUCWwwkJ3JsP2++Rc/iTA0LZhiUsXNNq7gBcLAJ9UX2V1dWjTzBHevfHspzt4e0VgIIwbDRqsRtF8VUPSDYYbLoqwbLt18XAgMBAAGjgdwwgdkwRgYDVR0gBD8wPTAwBgcrTAsBAgEBMCUwIwYIKwYBBQUHAgEWF2h0dHA6Ly93d3cucG9zdGVjZXJ0Lml0MAkGBytMCwEBCgIwDgYDVR0PAQH/BAQDAgSwMB8GA1UdIwQYMBaAFKc0XP2FByYU2l0gFzGKE8zVSzfmMD8GA1UdHwQ4MDYwNKAyoDCGLmh0dHA6Ly9wb3N0ZWNlcnQucG9zdGUuaXQvcG9zdGVjb21jYTMvY3JsMy5jcmwwHQYDVR0OBBYEFEvrikZQkfBjuiTpxExSBe8wGgsyMA0GCSqGSIb3DQEBCwUAA4IBAQBNAw8UoeiCF+1rFs27d3bEef6CLe/PJga9EfwKItjMDD9QzT/FShRWKLHlK69MHL1ZLPRPvuWUTkIOHTpNqBPILvO1u13bSg+6o+2OdqAkCBkbTqbGjWSPLaTUVNV6MbXmvttD8Vd9vIZg1xBBG3Fai13dwvSj3hAZd8ug8a8fW1y/iDbRC5D1O+HlHDuvIW4LbJ093jdj+oZwSyd216gtXL00QA0C1uMuDv9Wf9IxniTb710dRSgIcM4/eR7832fZgdOsoalFzGYWxSCs8WOZrjpub1fdaRSEuCQk2+gmdsiRcTs9EqPCCNiNlrNAiWEyGtL8A4ao3pDMwCtrb2yr", - entryPoint: "https://spid.register.it/login/sso", - logoutUrl: "https://spid.register.it/login/singleLogout" - }, - sielteid: { - cert: - "MIIDczCCAlugAwIBAgIJAMsX0iEKQM6xMA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNVBAYTAklUMQ4wDAYDVQQIDAVJdGFseTEgMB4GA1UEBwwXU2FuIEdyZWdvcmlvIGRpIENhdGFuaWExDzANBgNVBAoMBlNpZWx0ZTAeFw0xNTEyMTQwODE0MTVaFw0yNTEyMTMwODE0MTVaMFAxCzAJBgNVBAYTAklUMQ4wDAYDVQQIDAVJdGFseTEgMB4GA1UEBwwXU2FuIEdyZWdvcmlvIGRpIENhdGFuaWExDzANBgNVBAoMBlNpZWx0ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANIRlOjM/tS9V9jYjJreqZSctuYriLfPTDgX2XdhWEbMpMpwA9p0bsbLQoC1gP0piLO+qbCsIh9+boPfb4/dLIA7E+Vmm5/+evOtzvjfHG4oXjZK6jo08QwkVV8Bm1jkakJPVZ57QFbyDSr+uBbIMY7CjA2LdgnIIwKN/kSfFhrZUMJ6ZxwegM100X5psfNPSV9WUtgHsvqlIlvydPo2rMm21sg+2d3Vtg8DthNSYRLqgazCc0NTsigrH7niSbJCO0nq/svMX2rSFdh5GFK7/pxT+c3OFWqIR8r+RX4qW+auJqkbTuNRwxV22Sm6r69ZJwV0WspvsVJi+FYqiyoWhgUCAwEAAaNQME4wHQYDVR0OBBYEFCUx063GwUhEFDllwCBe/+jdeW+XMB8GA1UdIwQYMBaAFCUx063GwUhEFDllwCBe/+jdeW+XMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBADF94c3JwyBM86QBLeoUZxRYKPniba8B39FfJk0pb+LejKfZMvspOrOFgYQQ9UrS8IFkBX9Xr7/tjRbr2cPwZNjrEZhoq+NfcE09bnaWTyEl1IEKK8TWOupJj9UNVpYXX0LfIRrMwNEzAPQykOaqPOnyHxOCPTY957xXSo3jXOyvugtvPHbd+iliAzUoPm1tgiTKWS+EkQ/e22eFv5NEyT+oHiKovrQ+voPWOIvJVMjiTyxRic8fEnI9zzV0SxWvFvty77wgcYbeEuFZa3iidhojUge8o1uY/JUyQjFxcvvfAgWSIZwdHiNyWaAgwzLPmPCPsvBdR3xrlcDg/9Bd3D0=", - entryPoint: - "https://identity.sieltecloud.it/simplesaml/saml2/idp/SSO.php", - logoutUrl: - "https://identity.sieltecloud.it/simplesaml/saml2/idp/SLS.php" - }, - "spid-testenv-identityserver": { - cert: - "MIICNTCCAZ6gAwIBAgIES343gjANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExFjAUBgNVBAcMDU1vdW50YWluIFZpZXcxDTALBgNVBAoMBFdTTzIxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xMDAyMTkwNzAyMjZaFw0zNTAyMTMwNzAyMjZaMFUxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzENMAsGA1UECgwEV1NPMjESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCUp/oV1vWc8/TkQSiAvTousMzOM4asB2iltr2QKozni5aVFu818MpOLZIr8LMnTzWllJvvaA5RAAdpbECb+48FjbBe0hseUdN5HpwvnH/DW8ZccGvk53I6Orq7hLCv1ZHtuOCokghz/ATrhyPq+QktMfXnRS4HrKGJTzxaCcU7OQIDAQABoxIwEDAOBgNVHQ8BAf8EBAMCBPAwDQYJKoZIhvcNAQEFBQADgYEAW5wPR7cr1LAdq+IrR44iQlRG5ITCZXY9hI0PygLP2rHANh+PYfTmxbuOnykNGyhM6FjFLbW2uZHQTY1jMrPprjOrmyK5sjJRO4d1DeGHT/YnIjs9JogRKv4XHECwLtIVdAbIdWHEtVZJyMSktcyysFcvuhPQK8Qc/E/Wq8uHSCo=", - entryPoint: "https://spid-testenv-identityserver:9443/samlsso", - logoutUrl: "https://spid-testenv-identityserver:9443/samlsso" - }, - spiditalia: { - cert: - "MIIDazCCAlOgAwIBAgIED8R+MDANBgkqhkiG9w0BAQsFADBmMQswCQYDVQQGEwJJVDELMAkGA1UECBMCRkkxETAPBgNVBAcTCGZsb3JlbmNlMREwDwYDVQQKEwhyZWdpc3RlcjERMA8GA1UECxMIcmVnaXN0ZXIxETAPBgNVBAMTCHJlZ2lzdGVyMB4XDTE3MDcxMDEwMzM0OVoXDTI3MDcwODEwMzM0OVowZjELMAkGA1UEBhMCSVQxCzAJBgNVBAgTAkZJMREwDwYDVQQHEwhmbG9yZW5jZTERMA8GA1UEChMIcmVnaXN0ZXIxETAPBgNVBAsTCHJlZ2lzdGVyMREwDwYDVQQDEwhyZWdpc3RlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANkYXHbm3q6xt3wrLAXnytswtj2JE1MM8aYmNXkTgDMCwO/+ahQOoQru6IBTbjfWH9jr+Woy54FDdX6bHl+5/mO6l/yAB/bKgwe5HmUjZJ5oakJjWucsSm+VkEwN2HquBZoN+mktju00xvLX5VAjmDHvZc/b8NhNr/FRKlYITboygkhGiUwGI3wLf3IaB76J0o7ugpW2WNLcywpX+p1VWZAMCdHBveBe/e42hh6WnWPqdwYUWHOgJ8HX4IzCHifiS1n6eUMgtoTQOmSvTQDwSjD0WWJE8tWSYt+txXg1t+3A3tbZOFu7T442wE7DtMdUL4+8gimQS+e8PxDK1uTqIPUCAwEAAaMhMB8wHQYDVR0OBBYEFMCgo1gzCIcUThQIs5g5ikfv1D7eMA0GCSqGSIb3DQEBCwUAA4IBAQBnGw3i3hQ37L8vyelkyZMeO3tLK65Cqti4oVrQZxClGV5zNA6fIMDY8Mci1UhLwjzp29POd/sez0vuHZ/Vmmygzoye4jTKr6c3jAh0u81FTzefBU+vIietm9RuV3sd7D9xq6EqOY1NDL+rkvBcTFtiwLEUm2kHYu/U67jk73pxOtmqxQvQeMU8oi42tehMZGLIGp3U5lGS8YGGl+GtkkQ2Z5/PSm67HGP81kTArG/QX+bX+ykypTJVg9hfb9zOFQidp1HkCRIez6YhDiP/ZLurd6Grt/wVfZPNBO8EOgy25AkRZlp+UD686BFg7qq5KKEbz3qmPrj8deHL3duacZcp", - entryPoint: "https://spid.register.it/login/sso", - logoutUrl: "https://spid.register.it/login/singleLogout" - }, - timid: { - cert: - "MIIE7jCCA9agAwIBAgIJAIfOQuFIcYGRMA0GCSqGSIb3DQEBCwUAMIGqMQswCQYDVQQGEwJJVDELMAkGA1UECBMCUk0xEDAOBgNVBAcTB1BvbWV6aWExLjAsBgNVBAoTJVRlbGVjb20gSXRhbGlhIFRydXN0IFRlY2hub2xvZ2llcyBzcmwxKDAmBgNVBAsTH1NlcnZpemkgcGVyIGwnaWRlbnRpdGEgZGlnaXRhbGUxIjAgBgNVBAMTGVRJIFRydXN0IFRlY2hub2xvZ2llcyBzcmwwHhcNMTYwMTE4MTAxODA2WhcNMTgwMTE3MTAxODA2WjCBqjELMAkGA1UEBhMCSVQxCzAJBgNVBAgTAlJNMRAwDgYDVQQHEwdQb21lemlhMS4wLAYDVQQKEyVUZWxlY29tIEl0YWxpYSBUcnVzdCBUZWNobm9sb2dpZXMgc3JsMSgwJgYDVQQLEx9TZXJ2aXppIHBlciBsJ2lkZW50aXRhIGRpZ2l0YWxlMSIwIAYDVQQDExlUSSBUcnVzdCBUZWNobm9sb2dpZXMgc3JsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mvyKfdJp0YgK7KAdD+sVcVpHcZoBBBFcz0cg8PPdT+2nH0ES09uxHWghcHNg0nJGWPJKaUJ0PWdokKwQ+ahI7RiHI9zufN4G7LlM40ko7heI5Xjv4wCMeJNYM2GY+1l9fS+595882GopALi8MGhTxH3QFvPTDtxj7D0fsKw0DNFk18jcRoLwfc/X0fzyUMBDk6QaZzi5MTjKP5ouHn/CATkW7MRZZOy6CGb6Fic0HyOhB46eFnB2QlRnCzQe1cwzpnfzB/BbtouWe/CFlHtbACbZwXGRKfFJnr3Zj5eYi5aRZDteIXMAj/UmNTP0X0PcI66b5ialTeDXFjgEO1hhwIDAQABo4IBEzCCAQ8wHQYDVR0OBBYEFIqo1nunRisDzjvLkTZx2/VVmXPjMIHfBgNVHSMEgdcwgdSAFIqo1nunRisDzjvLkTZx2/VVmXPjoYGwpIGtMIGqMQswCQYDVQQGEwJJVDELMAkGA1UECBMCUk0xEDAOBgNVBAcTB1BvbWV6aWExLjAsBgNVBAoTJVRlbGVjb20gSXRhbGlhIFRydXN0IFRlY2hub2xvZ2llcyBzcmwxKDAmBgNVBAsTH1NlcnZpemkgcGVyIGwnaWRlbnRpdGEgZGlnaXRhbGUxIjAgBgNVBAMTGVRJIFRydXN0IFRlY2hub2xvZ2llcyBzcmyCCQCHzkLhSHGBkTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBkgBFZDg34+ER3HaFSmg5I7BUkjyPinMqy1G2k5O2Jlry/e6X8u8QhieKXhMtGq3+XzYHY/QEFmnqOvEdlCeET9PPVb0Mr0mG5vU7lb2MfB+2+Wqg+1Hf8c3ABfDItuJoL95OsbEO4a+3a6EMfaAdSaeTb2+rsfr6R12cSxQcx16430iMhGj4T9GpFp8XH/JSE5XJvIddpNxuzf+/LlbcsMJ5lljitlOYUi7MxLpiqtgl56UD1YkGcezoi2Glb3m3l3a2V4pShh6qROfyd87jLCjqsuBJtlgToSQgMTb4lFv9RBbFD3rjL8gCx55W6kxP1YeclFVPzk/7Xaca29uTJ", - entryPoint: "https://login.id.tim.it/affwebservices/public/saml2sso", - logoutUrl: "https://login.id.tim.it/affwebservices/public/saml2slo" - } + const options = { + idp: { + arubaid: { + cert: + "MIIExTCCA62gAwIBAgIQIHtEvEhGM77HwqsuvSbi9zANBgkqhkiG9w0BAQsFADBsMQswCQYDVQQGEwJJVDEYMBYGA1UECgwPQXJ1YmFQRUMgUy5wLkEuMSEwHwYDVQQLDBhDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eUIxIDAeBgNVBAMMF0FydWJhUEVDIFMucC5BLiBORyBDQSAyMB4XDTE3MDEyMzAwMDAwMFoXDTIwMDEyMzIzNTk1OVowgaAxCzAJBgNVBAYTAklUMRYwFAYDVQQKDA1BcnViYSBQRUMgc3BhMREwDwYDVQQLDAhQcm9kb3R0bzEWMBQGA1UEAwwNcGVjLml0IHBlYy5pdDEZMBcGA1UEBRMQWFhYWFhYMDBYMDBYMDAwWDEPMA0GA1UEKgwGcGVjLml0MQ8wDQYDVQQEDAZwZWMuaXQxETAPBgNVBC4TCDE2MzQ1MzgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqt2oHJhcp03l73p+QYpEJ+f3jYYj0W0gos0RItZx/w4vpsiKBygaqDNVWSwfo1aPdVDIX13f62O+lBki29KTt+QWv5K6SGHDUXYPntRdEQlicIBh2Z0HfrM7fDl+xeJrMp1s4dsSQAuB5TJOlFZq7xCQuukytGWBTvjfcN/os5aEsEg+RbtZHJR26SbbUcIqWb27Swgj/9jwK+tvzLnP4w8FNvEOrNfR0XwTMNDFrwbOCuWgthv5jNBsVZaoqNwiA/MxYt+gTOMj/o5PWKk8Wpm6o/7/+lWAoxh0v8x9OkbIi+YaFpIxuCcUqsrJJk63x2gHCc2nr+yclYUhsKD/AwIDAQABo4IBLDCCASgwDgYDVR0PAQH/BAQDAgeAMB0GA1UdDgQWBBTKQ3+NPGcXFk8nX994vMTVpba1EzBHBgNVHSAEQDA+MDwGCysGAQQBgegtAQEBMC0wKwYIKwYBBQUHAgEWH2h0dHBzOi8vY2EuYXJ1YmFwZWMuaXQvY3BzLmh0bWwwWAYDVR0fBFEwTzBNoEugSYZHaHR0cDovL2NybC5hcnViYXBlYy5pdC9BcnViYVBFQ1NwQUNlcnRpZmljYXRpb25BdXRob3JpdHlCL0xhdGVzdENSTC5jcmwwHwYDVR0jBBgwFoAU8v9jQBwRQv3M3/FZ9m7omYcxR3kwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5hcnViYXBlYy5pdDANBgkqhkiG9w0BAQsFAAOCAQEAnEw0NuaspbpDjA5wggwFtfQydU6b3Bw2/KXPRKS2JoqGmx0SYKj+L17A2KUBa2c7gDtKXYz0FLT60Bv0pmBN/oYCgVMEBJKqwRwdki9YjEBwyCZwNEx1kDAyyqFEVU9vw/OQfrAdp7MTbuZGFKknVt7b9wOYy/Op9FiUaTg6SuOy0ep+rqhihltYNAAl4L6fY45mHvqa5vvVG30OvLW/S4uvRYUXYwY6KhWvNdDf5CnFugnuEZtHJrVe4wx9aO5GvFLFZ/mQ35C5mXPQ7nIb0CDdLBJdz82nUoLSA5BUbeXAUkfahW/hLxLdhks68/TK694xVIuiB40pvMmJwxIyDA==", + entryPoint: "https://loginspid.aruba.it/ServiceLoginWelcome", + logoutUrl: "https://loginspid.aruba.it/ServiceLogoutRequest" + }, + infocertid: { + cert: + "MIIGbDCCBVSgAwIBAgIDA+76MA0GCSqGSIb3DQEBCwUAMIGGMQswCQYDVQQGEwJJVDEVMBMGA1UECgwMSU5GT0NFUlQgU1BBMRswGQYDVQQLDBJFbnRlIENlcnRpZmljYXRvcmUxFDASBgNVBAUTCzA3OTQ1MjExMDA2MS0wKwYDVQQDDCRJbmZvQ2VydCBTZXJ2aXppIGRpIENlcnRpZmljYXppb25lIDIwHhcNMTYwMTEyMDkyNDI4WhcNMTkwMTEyMDAwMDAwWjCBsTEUMBIGA1UELhMLMDc5NDUyMTEwMDYxDzANBgkqhkiG9w0BCQEWADEUMBIGA1UEBRMLMDc5NDUyMTEwMDYxHTAbBgNVBAMMFGlkZW50aXR5LmluZm9jZXJ0Lml0MRQwEgYDVQQLDAtJbmZvQ2VydCBJRDEhMB8GA1UECgwYSW5mb0NlcnQgU3BBLzA3OTQ1MjExMDA2MQ0wCwYDVQQHDARSb21hMQswCQYDVQQGEwJJVDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALDysrpnXB+it94LSuAmOgyFDilZ8nuSEVOFl1PX/HtgK3W25B/tqJBsyZwrAIXxg5XHYd3+i7bFoBjuduzfqhvSv9WYCVtggsz5a3sbOpU54DaOLgoCmd4nIsINwKzCmT1UNXBGjS+Xt5F3lV+v2Ayr4rAsPnkE2084BLmwcIX3w7+rx/Nd+/5HfaAMaORICYinUIvbZ5e/plUj87s1YEpep/DcC0uMFE66jFrcnHVOeHCrDh+tAZAiGew4BVJjLr0hfS4ZeaE43TJlHb00GZNfpfzGcOPbzWlSB5iF/cZbTRHmPsn0gALfpPNViniFBVqSaoywZwvkFosrehRUCNkCAwEAAaOCArQwggKwMBMGA1UdJQQMMAoGCCsGAQUFBwMCMCUGA1UdEgQeMByBGmZpcm1hLmRpZ2l0YWxlQGluZm9jZXJ0Lml0MGUGA1UdIAReMFwwWgYGK0wkAQEIMFAwTgYIKwYBBQUHAgIwQgxASW5mb0NlcnQgU3BBIFNTTCwgU01JTUUgYW5kIGRpZ2l0YWwgc2lnbmF0dXJlIENsaWVudCBDZXJ0aWZpY2F0ZTA3BggrBgEFBQcBAQQrMCkwJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3NwLnNjLmluZm9jZXJ0Lml0LzCB7AYDVR0fBIHkMIHhMDSgMqAwhi5odHRwOi8vY3JsLmluZm9jZXJ0Lml0L2NybHMvc2Vydml6aTIvQ1JMMDEuY3JsMIGooIGloIGihoGfbGRhcDovL2xkYXAuaW5mb2NlcnQuaXQvY24lM0RJbmZvQ2VydCUyMFNlcnZpemklMjBkaSUyMENlcnRpZmljYXppb25lJTIwMiUyMENSTDAxLG91JTNERW50ZSUyMENlcnRpZmljYXRvcmUsbyUzRElORk9DRVJUJTIwU1BBLEMlM0RJVD9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0MA4GA1UdDwEB/wQEAwIEsDCBswYDVR0jBIGrMIGogBTpNppkKVKhWv5ppMSDt4B9D2oSeKGBjKSBiTCBhjELMAkGA1UEBhMCSVQxFTATBgNVBAoMDElORk9DRVJUIFNQQTEbMBkGA1UECwwSRW50ZSBDZXJ0aWZpY2F0b3JlMRQwEgYDVQQFEwswNzk0NTIxMTAwNjEtMCsGA1UEAwwkSW5mb0NlcnQgU2Vydml6aSBkaSBDZXJ0aWZpY2F6aW9uZSAyggECMB0GA1UdDgQWBBTi8mIRU4ue/0lKSfv4gSQhoZQvozANBgkqhkiG9w0BAQsFAAOCAQEAUCXyjmfzxmyVQbK4cf79zj5qMZVAAjDMTR1UGFcS2IibICh3S3Uf22lPGQfm+MX9tiweETW7fBLW6lrR2ofXBz/FfU98A/AA9GZDrbGhBxoc+RoqkHVYRqEuXOq6z3X9DuvsdsfKeO3p4eXbXlCcxD2PP5fFqcZxx1WZ1HRamiGk9fMN1iT3aPa3q7TfRD6W6+XgafjXieZ8bCa1FGIfapbqsWa91jdn4xiJpbmTTq1/Zjs5RCZYzmMEV9rSuSVgFtONb8+xKC4ohMVxAUw2yZHwd4dDyBLkapuaWkzhW939+gjeoKz04Ds2C52d/kln7ehdu9LkzvRI6UAEpAYLgg==", + entryPoint: "https://identity.infocert.it/spid/samlsso", + logoutUrl: "https://identity.infocert.it/spid/samlslo" + }, + intesaid: { + cert: + "MIIEDjCCAvagAwIBAgIIIT1A+ywbIQAwDQYJKoZIhvcNAQELBQAwXjEzMDEGA1UEAwwqSU4uVEUuUy5BLiBTLnAuQSAtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRowGAYDVQQKDBFJTi5URS5TLkEuIFMucC5BLjELMAkGA1UEBhMCSVQwHhcNMTcwOTE1MTMyMzQ1WhcNMzYwNzAxMTk1OTAwWjBQMSUwDwYDVQQuEwgyMDA3OTc5NzASBgNVBAMMC1NBTUwgU2lnbmVyMRowGAYDVQQKDBFJTi5URS5TLkEuIFMucC5BLjELMAkGA1UEBhMCSVQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhYXkP+eQBURgmslDXBjG0ad+DkSAkWt7hUoaTyiK0e34QiyArq043plqTrt+6FzTGeX7960Qr3tCLGCiVOi47QuE09IKfJmKGEaUQnJQehHYZs/XV0OYQl18WrCxUX6ALOcqPs+4ypCbJV1WzSosfBcPBzivJER8kvrynMXI3or18e9XPTGBn8qNFyNF1E3BJ5UhrDvk5W2gKyYKz0M/CIu9PiHuO/ne6HbeNrCS/xzXtjsTusk41AOxIQoFbEzS08xcRY+QDE8oLcAmecSjT3xv3r9dWke6KTTAahS3K+5mOYRcBXj2FFegiUp+xh4OAWdH1+gGDYm+3aAmMpaLtAgMBAAGjgd0wgdowHQYDVR0OBBYEFEw9xWg4qvQGdlGMCqmJcVDgdE8aMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUySnWJ2sw0ljDpJVrtrxCCP0b1CYwGgYDVR0QBBMwEYAPMjAxNzA5MTUxMzIzNDVaMD8GA1UdHwQ4MDYwNKAyoDCGLmh0dHA6Ly9lLXRydXN0Y29tLmludGVzYS5pdC9DUkwvSU5URVNBX25DQS5jcmwwDgYDVR0PAQH/BAQDAgSwMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDANBgkqhkiG9w0BAQsFAAOCAQEAVRHyFRZZFpW/qjJpKftd86h3wOdUqOhc2W8ZHv0st8ptG+mZk3l1iWAsEPqKMIBhksgTvalnHC1lHUt11xsZ2mzUjVpiG8XiWXYXQnY2D+q7Dc4n20kJ717qf4SDN8wX1A6XvT3Wrsfh87vg3ZFD56/eyur2snWu4OilsFqAyLhnExG4puJ4JKBWnlwAGXD9SFgkSZ8FC66KQs6CAwVkvCIom3IwJeU/VrYQF6XHkVCQgr5mojXgCkrlRNl53WAKfQHCT4QH+oQVP97PCEL/wQ1zi0UzWauKT6u2wDym9rcpch+WLa0GUtYNhuoLU2SregPKwTWg2DfINJObyWRpww==", + entryPoint: + "https://spid.intesa.it/Time4UserServices/services/idp/AuthnRequest/", + logoutUrl: + "https://spid.intesa.it/Time4UserServices/services/idp/SingleLogout" + }, + namirialid: { + cert: + "MIIDNzCCAh+gAwIBAgIUNGvDUjTpLSPlP4sEfO0+JARITnEwDQYJKoZIhvcNAQELBQAwHjEcMBoGA1UEAwwTaWRwLm5hbWlyaWFsdHNwLmNvbTAeFw0xNzAzMDgwOTE3NTZaFw0zNzAzMDgwOTE3NTZaMB4xHDAaBgNVBAMME2lkcC5uYW1pcmlhbHRzcC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrcJvYRh49nNijgzwL1OOwgzeMDUWcMSwoWdtMpx3kDhZwMFQ3ITDmNvlz21I0QKaP0BDg/UAjfCbDtLqUy6wHtI6NWVJoqIziw+dLfg7S5Sr2nOzJ/sKhzadWH1kDsetIenOLU2ex+7Vf/+4P7nIrS0c+xghi9/zN8dH6+09wWYnloGmcW3qWRFMKJjR3ctBmsmqCKWNIIq2QfeFszSSeG0xaNlLKBrj6TyPDxDqPAskq038W1fCuh7aejCk7XTTOxuuIwDGJiYsc8rfXSG9/auskAfCziGEm304/ojy5MRcNjekz4KgWxT9anMCipv0I2T7tCAivc1z9QCsEPk5pAgMBAAGjbTBrMB0GA1UdDgQWBBQi8+cnv0Nw0lbuICzxlSHsvBw5SzBKBgNVHREEQzBBghNpZHAubmFtaXJpYWx0c3AuY29thipodHRwczovL2lkcC5uYW1pcmlhbHRzcC5jb20vaWRwL3NoaWJib2xldGgwDQYJKoZIhvcNAQELBQADggEBAEp953KMWY7wJbJqnPTmDkXaZJVoubcjW86IY494RgVBeZ4XzAGOifa3ScDK6a0OWfIlRTbaKKu9lEVw9zs54vLp9oQI4JulomSaL805Glml4bYqtcLoh5qTnKaWp5qvzBgcQ7i2GcDC9F+qrsJYreCA7rbHXzF0hu5yIfz0BrrCRWvuWiop92WeKvtucI4oBGfoHhYOZsLuoTT3hZiEFJT60xS5Y2SNdz+Eia9Dgt0cvAzoOVk93Cxg+XBdyyEEiZn/zvhjus29KyFrzh3XYznh+4jq3ymt7Os4JKmY0aJm7yNxw+LyPjkdaB0icfo3+hD7PiuUjC3Y67LUWQ8YgOc=", + entryPoint: + "https://idp.namirialtsp.com/idp/profile/SAML2/Redirect/SSO", + logoutUrl: "https://idp.namirialtsp.com/idp/profile/SAML2/Redirect/SLO" + }, + posteid: { + cert: + "MIIEKzCCAxOgAwIBAgIDE2Y0MA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNVBAYTAklUMRgwFgYDVQQKDA9Qb3N0ZWNvbSBTLnAuQS4xIDAeBgNVBAsMF0NlcnRpZmljYXRpb24gQXV0aG9yaXR5MRUwEwYDVQQDDAxQb3N0ZWNvbSBDQTMwHhcNMTYwMjI2MTU1MjQ0WhcNMjEwMjI2MTU1MjQ0WjBxMQswCQYDVQQGEwJJVDEOMAwGA1UECAwFSXRhbHkxDTALBgNVBAcMBFJvbWUxHjAcBgNVBAoMFVBvc3RlIEl0YWxpYW5lIFMucC5BLjENMAsGA1UECwwEU1BJRDEUMBIGA1UEAwwLSURQLVBvc3RlSUQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZFEtJoEHFAjpCaZcj5DVWrRDyaLZyu31XApslbo87CyWz61OJMtw6QQU0MdCtrYbtSJ6vJwx7/6EUjsZ3u4x3EPLdlkyiGOqukPwATv4c7TVOUVs5onIqTphM9b+AHRg4ehiMGesm/9d7RIaLuN79iPUvdLn6WP3idAfEw+rhJ/wYEQ0h1Xm5osNUgtWcBGavZIjLssWNrDDfJYxXH3QZ0kI6feEvLCJwgjXLGkBuhFehNhM4fhbX9iUCWwwkJ3JsP2++Rc/iTA0LZhiUsXNNq7gBcLAJ9UX2V1dWjTzBHevfHspzt4e0VgIIwbDRqsRtF8VUPSDYYbLoqwbLt18XAgMBAAGjgdwwgdkwRgYDVR0gBD8wPTAwBgcrTAsBAgEBMCUwIwYIKwYBBQUHAgEWF2h0dHA6Ly93d3cucG9zdGVjZXJ0Lml0MAkGBytMCwEBCgIwDgYDVR0PAQH/BAQDAgSwMB8GA1UdIwQYMBaAFKc0XP2FByYU2l0gFzGKE8zVSzfmMD8GA1UdHwQ4MDYwNKAyoDCGLmh0dHA6Ly9wb3N0ZWNlcnQucG9zdGUuaXQvcG9zdGVjb21jYTMvY3JsMy5jcmwwHQYDVR0OBBYEFEvrikZQkfBjuiTpxExSBe8wGgsyMA0GCSqGSIb3DQEBCwUAA4IBAQBNAw8UoeiCF+1rFs27d3bEef6CLe/PJga9EfwKItjMDD9QzT/FShRWKLHlK69MHL1ZLPRPvuWUTkIOHTpNqBPILvO1u13bSg+6o+2OdqAkCBkbTqbGjWSPLaTUVNV6MbXmvttD8Vd9vIZg1xBBG3Fai13dwvSj3hAZd8ug8a8fW1y/iDbRC5D1O+HlHDuvIW4LbJ093jdj+oZwSyd216gtXL00QA0C1uMuDv9Wf9IxniTb710dRSgIcM4/eR7832fZgdOsoalFzGYWxSCs8WOZrjpub1fdaRSEuCQk2+gmdsiRcTs9EqPCCNiNlrNAiWEyGtL8A4ao3pDMwCtrb2yr", + entryPoint: "https://posteid.poste.it/jod-fs/ssoserviceredirect", + logoutUrl: "https://posteid.poste.it/jod-fs/sloservicepost" + }, + registerid: { + cert: + "MIIEKzCCAxOgAwIBAgIDE2Y0MA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNVBAYTAklUMRgwFgYDVQQKDA9Qb3N0ZWNvbSBTLnAuQS4xIDAeBgNVBAsMF0NlcnRpZmljYXRpb24gQXV0aG9yaXR5MRUwEwYDVQQDDAxQb3N0ZWNvbSBDQTMwHhcNMTYwMjI2MTU1MjQ0WhcNMjEwMjI2MTU1MjQ0WjBxMQswCQYDVQQGEwJJVDEOMAwGA1UECAwFSXRhbHkxDTALBgNVBAcMBFJvbWUxHjAcBgNVBAoMFVBvc3RlIEl0YWxpYW5lIFMucC5BLjENMAsGA1UECwwEU1BJRDEUMBIGA1UEAwwLSURQLVBvc3RlSUQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZFEtJoEHFAjpCaZcj5DVWrRDyaLZyu31XApslbo87CyWz61OJMtw6QQU0MdCtrYbtSJ6vJwx7/6EUjsZ3u4x3EPLdlkyiGOqukPwATv4c7TVOUVs5onIqTphM9b+AHRg4ehiMGesm/9d7RIaLuN79iPUvdLn6WP3idAfEw+rhJ/wYEQ0h1Xm5osNUgtWcBGavZIjLssWNrDDfJYxXH3QZ0kI6feEvLCJwgjXLGkBuhFehNhM4fhbX9iUCWwwkJ3JsP2++Rc/iTA0LZhiUsXNNq7gBcLAJ9UX2V1dWjTzBHevfHspzt4e0VgIIwbDRqsRtF8VUPSDYYbLoqwbLt18XAgMBAAGjgdwwgdkwRgYDVR0gBD8wPTAwBgcrTAsBAgEBMCUwIwYIKwYBBQUHAgEWF2h0dHA6Ly93d3cucG9zdGVjZXJ0Lml0MAkGBytMCwEBCgIwDgYDVR0PAQH/BAQDAgSwMB8GA1UdIwQYMBaAFKc0XP2FByYU2l0gFzGKE8zVSzfmMD8GA1UdHwQ4MDYwNKAyoDCGLmh0dHA6Ly9wb3N0ZWNlcnQucG9zdGUuaXQvcG9zdGVjb21jYTMvY3JsMy5jcmwwHQYDVR0OBBYEFEvrikZQkfBjuiTpxExSBe8wGgsyMA0GCSqGSIb3DQEBCwUAA4IBAQBNAw8UoeiCF+1rFs27d3bEef6CLe/PJga9EfwKItjMDD9QzT/FShRWKLHlK69MHL1ZLPRPvuWUTkIOHTpNqBPILvO1u13bSg+6o+2OdqAkCBkbTqbGjWSPLaTUVNV6MbXmvttD8Vd9vIZg1xBBG3Fai13dwvSj3hAZd8ug8a8fW1y/iDbRC5D1O+HlHDuvIW4LbJ093jdj+oZwSyd216gtXL00QA0C1uMuDv9Wf9IxniTb710dRSgIcM4/eR7832fZgdOsoalFzGYWxSCs8WOZrjpub1fdaRSEuCQk2+gmdsiRcTs9EqPCCNiNlrNAiWEyGtL8A4ao3pDMwCtrb2yr", + entryPoint: "https://spid.register.it/login/sso", + logoutUrl: "https://spid.register.it/login/singleLogout" + }, + sielteid: { + cert: + "MIIDczCCAlugAwIBAgIJAMsX0iEKQM6xMA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNVBAYTAklUMQ4wDAYDVQQIDAVJdGFseTEgMB4GA1UEBwwXU2FuIEdyZWdvcmlvIGRpIENhdGFuaWExDzANBgNVBAoMBlNpZWx0ZTAeFw0xNTEyMTQwODE0MTVaFw0yNTEyMTMwODE0MTVaMFAxCzAJBgNVBAYTAklUMQ4wDAYDVQQIDAVJdGFseTEgMB4GA1UEBwwXU2FuIEdyZWdvcmlvIGRpIENhdGFuaWExDzANBgNVBAoMBlNpZWx0ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANIRlOjM/tS9V9jYjJreqZSctuYriLfPTDgX2XdhWEbMpMpwA9p0bsbLQoC1gP0piLO+qbCsIh9+boPfb4/dLIA7E+Vmm5/+evOtzvjfHG4oXjZK6jo08QwkVV8Bm1jkakJPVZ57QFbyDSr+uBbIMY7CjA2LdgnIIwKN/kSfFhrZUMJ6ZxwegM100X5psfNPSV9WUtgHsvqlIlvydPo2rMm21sg+2d3Vtg8DthNSYRLqgazCc0NTsigrH7niSbJCO0nq/svMX2rSFdh5GFK7/pxT+c3OFWqIR8r+RX4qW+auJqkbTuNRwxV22Sm6r69ZJwV0WspvsVJi+FYqiyoWhgUCAwEAAaNQME4wHQYDVR0OBBYEFCUx063GwUhEFDllwCBe/+jdeW+XMB8GA1UdIwQYMBaAFCUx063GwUhEFDllwCBe/+jdeW+XMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBADF94c3JwyBM86QBLeoUZxRYKPniba8B39FfJk0pb+LejKfZMvspOrOFgYQQ9UrS8IFkBX9Xr7/tjRbr2cPwZNjrEZhoq+NfcE09bnaWTyEl1IEKK8TWOupJj9UNVpYXX0LfIRrMwNEzAPQykOaqPOnyHxOCPTY957xXSo3jXOyvugtvPHbd+iliAzUoPm1tgiTKWS+EkQ/e22eFv5NEyT+oHiKovrQ+voPWOIvJVMjiTyxRic8fEnI9zzV0SxWvFvty77wgcYbeEuFZa3iidhojUge8o1uY/JUyQjFxcvvfAgWSIZwdHiNyWaAgwzLPmPCPsvBdR3xrlcDg/9Bd3D0=", + entryPoint: + "https://identity.sieltecloud.it/simplesaml/saml2/idp/SSO.php", + logoutUrl: + "https://identity.sieltecloud.it/simplesaml/saml2/idp/SLS.php" + }, + spiditalia: { + cert: + "MIIDazCCAlOgAwIBAgIED8R+MDANBgkqhkiG9w0BAQsFADBmMQswCQYDVQQGEwJJVDELMAkGA1UECBMCRkkxETAPBgNVBAcTCGZsb3JlbmNlMREwDwYDVQQKEwhyZWdpc3RlcjERMA8GA1UECxMIcmVnaXN0ZXIxETAPBgNVBAMTCHJlZ2lzdGVyMB4XDTE3MDcxMDEwMzM0OVoXDTI3MDcwODEwMzM0OVowZjELMAkGA1UEBhMCSVQxCzAJBgNVBAgTAkZJMREwDwYDVQQHEwhmbG9yZW5jZTERMA8GA1UEChMIcmVnaXN0ZXIxETAPBgNVBAsTCHJlZ2lzdGVyMREwDwYDVQQDEwhyZWdpc3RlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANkYXHbm3q6xt3wrLAXnytswtj2JE1MM8aYmNXkTgDMCwO/+ahQOoQru6IBTbjfWH9jr+Woy54FDdX6bHl+5/mO6l/yAB/bKgwe5HmUjZJ5oakJjWucsSm+VkEwN2HquBZoN+mktju00xvLX5VAjmDHvZc/b8NhNr/FRKlYITboygkhGiUwGI3wLf3IaB76J0o7ugpW2WNLcywpX+p1VWZAMCdHBveBe/e42hh6WnWPqdwYUWHOgJ8HX4IzCHifiS1n6eUMgtoTQOmSvTQDwSjD0WWJE8tWSYt+txXg1t+3A3tbZOFu7T442wE7DtMdUL4+8gimQS+e8PxDK1uTqIPUCAwEAAaMhMB8wHQYDVR0OBBYEFMCgo1gzCIcUThQIs5g5ikfv1D7eMA0GCSqGSIb3DQEBCwUAA4IBAQBnGw3i3hQ37L8vyelkyZMeO3tLK65Cqti4oVrQZxClGV5zNA6fIMDY8Mci1UhLwjzp29POd/sez0vuHZ/Vmmygzoye4jTKr6c3jAh0u81FTzefBU+vIietm9RuV3sd7D9xq6EqOY1NDL+rkvBcTFtiwLEUm2kHYu/U67jk73pxOtmqxQvQeMU8oi42tehMZGLIGp3U5lGS8YGGl+GtkkQ2Z5/PSm67HGP81kTArG/QX+bX+ykypTJVg9hfb9zOFQidp1HkCRIez6YhDiP/ZLurd6Grt/wVfZPNBO8EOgy25AkRZlp+UD686BFg7qq5KKEbz3qmPrj8deHL3duacZcp", + entryPoint: "https://spid.register.it/login/sso", + logoutUrl: "https://spid.register.it/login/singleLogout" + }, + timid: { + cert: + "MIIE7jCCA9agAwIBAgIJAIfOQuFIcYGRMA0GCSqGSIb3DQEBCwUAMIGqMQswCQYDVQQGEwJJVDELMAkGA1UECBMCUk0xEDAOBgNVBAcTB1BvbWV6aWExLjAsBgNVBAoTJVRlbGVjb20gSXRhbGlhIFRydXN0IFRlY2hub2xvZ2llcyBzcmwxKDAmBgNVBAsTH1NlcnZpemkgcGVyIGwnaWRlbnRpdGEgZGlnaXRhbGUxIjAgBgNVBAMTGVRJIFRydXN0IFRlY2hub2xvZ2llcyBzcmwwHhcNMTYwMTE4MTAxODA2WhcNMTgwMTE3MTAxODA2WjCBqjELMAkGA1UEBhMCSVQxCzAJBgNVBAgTAlJNMRAwDgYDVQQHEwdQb21lemlhMS4wLAYDVQQKEyVUZWxlY29tIEl0YWxpYSBUcnVzdCBUZWNobm9sb2dpZXMgc3JsMSgwJgYDVQQLEx9TZXJ2aXppIHBlciBsJ2lkZW50aXRhIGRpZ2l0YWxlMSIwIAYDVQQDExlUSSBUcnVzdCBUZWNobm9sb2dpZXMgc3JsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mvyKfdJp0YgK7KAdD+sVcVpHcZoBBBFcz0cg8PPdT+2nH0ES09uxHWghcHNg0nJGWPJKaUJ0PWdokKwQ+ahI7RiHI9zufN4G7LlM40ko7heI5Xjv4wCMeJNYM2GY+1l9fS+595882GopALi8MGhTxH3QFvPTDtxj7D0fsKw0DNFk18jcRoLwfc/X0fzyUMBDk6QaZzi5MTjKP5ouHn/CATkW7MRZZOy6CGb6Fic0HyOhB46eFnB2QlRnCzQe1cwzpnfzB/BbtouWe/CFlHtbACbZwXGRKfFJnr3Zj5eYi5aRZDteIXMAj/UmNTP0X0PcI66b5ialTeDXFjgEO1hhwIDAQABo4IBEzCCAQ8wHQYDVR0OBBYEFIqo1nunRisDzjvLkTZx2/VVmXPjMIHfBgNVHSMEgdcwgdSAFIqo1nunRisDzjvLkTZx2/VVmXPjoYGwpIGtMIGqMQswCQYDVQQGEwJJVDELMAkGA1UECBMCUk0xEDAOBgNVBAcTB1BvbWV6aWExLjAsBgNVBAoTJVRlbGVjb20gSXRhbGlhIFRydXN0IFRlY2hub2xvZ2llcyBzcmwxKDAmBgNVBAsTH1NlcnZpemkgcGVyIGwnaWRlbnRpdGEgZGlnaXRhbGUxIjAgBgNVBAMTGVRJIFRydXN0IFRlY2hub2xvZ2llcyBzcmyCCQCHzkLhSHGBkTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBkgBFZDg34+ER3HaFSmg5I7BUkjyPinMqy1G2k5O2Jlry/e6X8u8QhieKXhMtGq3+XzYHY/QEFmnqOvEdlCeET9PPVb0Mr0mG5vU7lb2MfB+2+Wqg+1Hf8c3ABfDItuJoL95OsbEO4a+3a6EMfaAdSaeTb2+rsfr6R12cSxQcx16430iMhGj4T9GpFp8XH/JSE5XJvIddpNxuzf+/LlbcsMJ5lljitlOYUi7MxLpiqtgl56UD1YkGcezoi2Glb3m3l3a2V4pShh6qROfyd87jLCjqsuBJtlgToSQgMTb4lFv9RBbFD3rjL8gCx55W6kxP1YeclFVPzk/7Xaca29uTJ", + entryPoint: "https://login.id.tim.it/affwebservices/public/saml2sso", + logoutUrl: "https://login.id.tim.it/affwebservices/public/saml2slo" }, - sp: { - acceptedClockSkewMs: samlAcceptedClockSkewMs, - attributeConsumingServiceIndex: samlAttributeConsumingServiceIndex, - attributes: { - attributes: [ - "fiscalNumber", - "name", - "familyName", - "email", - "mobilePhone" - ], - name: "Required attributes" - }, - callbackUrl: samlCallbackUrl, - decryptionPvk: samlKey, - identifierFormat: "urn:oasis:names:tc:SAML:2.0:nameid-format:transient", - issuer: samlIssuer, - organization: { - URL: "https://github.com/teamdigitale/italia-backend", - displayName: "Digital citizenship proxy", - name: "Digital citizenship proxy" - }, - privateCert: samlKey, - signatureAlgorithm: "sha256" + xx_testenv2: { + cert: + "MIIGMzCCBBugAwIBAgIJANKJM2AtAsnrMA0GCSqGSIb3DQEBCwUAMG4xCzAJBgNVBAYTAklUMQ4wDAYDVQQIEwVJdGFseTENMAsGA1UEBxMEUm9tZTENMAsGA1UEChMEQUNNRTEWMBQGA1UECxMNSVQgRGVwYXJ0bWVudDEZMBcGA1UEAxMQYXBpLml0YWxpYS5sb2NhbDAeFw0xODA1MjUxNDA1NTBaFw0xOTA1MjUxNDA1NTBaMG4xCzAJBgNVBAYTAklUMQ4wDAYDVQQIEwVJdGFseTENMAsGA1UEBxMEUm9tZTENMAsGA1UEChMEQUNNRTEWMBQGA1UECxMNSVQgRGVwYXJ0bWVudDEZMBcGA1UEAxMQYXBpLml0YWxpYS5sb2NhbDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAM+Mpdlno+fmMT9UmuNhYhNKCctXnXTAqS7yRC/24P7+NXMiu8VB/Z2yCoPV2QDCOU4zTBT1yDhsapqvhOgZuQpGcsojn4mAcdbVQI1EpglGkNe+ZaCTBaWx7+3QV/fhYRvrs0Q4Ab9X823XApRudjUJ6MeLP6lGiyNkXvl16RjwJ/kQw3NY3zIyHGNmHb6oAwlvQRLCvbUtLheHPPwolMvKFolsvdHN1AmT8OvgoqEbeMlQLSVzSmz+2iqA8GzcAM4sXvS+t6oYFHnjx98bMguwsLCNBKpDeYzkLFYmwWU5OqXrPSBdb026Mpu1amf8A4ScoPCpY/HCHbdci12CV3k7W2QPVgsxJ2TJj9GGEOkgNqJRS5wCHe1b41x2cgOdHl4MxDU3D8QaYf5R6JBX+dpfsTcS0SdbcVFJ3W9KXHHdWfd6YH55v6HwjSTi2fty1yYahkxuIy0R2oMafbOq8xjjHFHGbUZFctNKj0i7M4HUM1XYydkhVmhmSE24csb/NFN3FfmYHqMhjSWeogsvv0zhddiaCYQ/QUHCV3/ljtG3kBg7xclWkgcRGgPTyrWKAbwtPJcX0aUrQGLwbKMVt+AJ1rPpLwCmHpw1oxy/M4GcJu2AZZEiCtAX8Pmkvm0OhqcqRMsq0U7Sy5TR83X6dVRFYmemCSc+n0pi4bnIquUvAgMBAAGjgdMwgdAwHQYDVR0OBBYEFC72rneu9Zk3u/jm7z7B0X3n1UttMIGgBgNVHSMEgZgwgZWAFC72rneu9Zk3u/jm7z7B0X3n1UttoXKkcDBuMQswCQYDVQQGEwJJVDEOMAwGA1UECBMFSXRhbHkxDTALBgNVBAcTBFJvbWUxDTALBgNVBAoTBEFDTUUxFjAUBgNVBAsTDUlUIERlcGFydG1lbnQxGTAXBgNVBAMTEGFwaS5pdGFsaWEubG9jYWyCCQDSiTNgLQLJ6zAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQACnTmiT4dXqPFmLYSccgoO53QJnIgXBmISAOmcAQ1Ypmxihy6l/a44AwdOAIm1zl3t77zrMvsdQHXOW6CkXdJHsuw6RBytlqmr0U2s5EwoiyInnokMcgE/gkd0uBG+rUVJgulcW/5GNxuyybEeDYpQByaqvW1TwE8kX1c7nHlP25i861qnD/zREWjrM5aPLrxymcbP4BzslzqRclnrfCu/RsU3Odn6xTU7b2ZvEIFpMMRhzQYfFbvMc6lJVSGq46yIXho/VWYD2CfY0XP73Nc3zQfE9NelsTUzXMNsZy+uQZHwLXFZK5PMsjm1I+u+pAbOCeeLrCh6ueV5zMA7xGJ8O2RnUq1jBm6MYgFB0+msNcFj6m7HVeipZz8FMusoHVln5MmTeeqswozIMpj4bZKEcyA3VZK6ifFyI1h9ihwZQjb1lei3uwBAn0zCXCjT0wwngpewvNQkriOJ4WDswmiI0CLsrEMnEb/ZIRbcLNXwc0xgOZ2mZ33psV79Ps8SkrrbUvScpMg3x91gFJKwXS8AkNcTdVfJrnjLy7qkh2ooitg02jnCxszWe6AgiL/eAWEmlI3cL/Ot5VDV9z9LCtKf+/xj5H8BV1Lydf3uzE2+R2z7xI+vwtHPyt3WaWgHM0znjjP50Ery3m640AUWAf2yfmFS4cAbFMrhAQ4pgJsNlg==", + entryPoint: spidTestEnvUrl + "/sso", + logoutUrl: spidTestEnvUrl + "/slo" } }, + sp: { + acceptedClockSkewMs: samlAcceptedClockSkewMs, + attributeConsumingServiceIndex: samlAttributeConsumingServiceIndex, + attributes: { + attributes: [ + "fiscalNumber", + "name", + "familyName", + "email", + "mobilePhone" + ], + name: "Required attributes" + }, + callbackUrl: samlCallbackUrl, + decryptionPvk: samlKey, + identifierFormat: "urn:oasis:names:tc:SAML:2.0:nameid-format:transient", + issuer: samlIssuer, + organization: { + URL: "https://github.com/teamdigitale/italia-backend", + displayName: "Digital citizenship proxy", + name: "Digital citizenship proxy" + }, + privateCert: samlKey, + signatureAlgorithm: "sha256" + } + }; + + const optionsWithAutoLoginInfo = { + ...options, + sp: { + ...options.sp, + additionalParams: { + auto_login: spidAutologin + } + } + }; + + return new SpidStrategy( + spidAutologin === "" ? options : optionsWithAutoLoginInfo, ( profile: SpidUser, done: (err: Error | undefined, info: SpidUser) => void diff --git a/testenv2/conf/config.yaml b/testenv2/conf/config.yaml new file mode 100644 index 000000000..dcf5fec15 --- /dev/null +++ b/testenv2/conf/config.yaml @@ -0,0 +1,51 @@ +--- +# CONFIGURAZIONE IDENTITY PROVIDER + +# Hostname da usare per generare l'entityID dell'IdP e gli URL degli endpoint +# SAML indicati nel metadata dell'IdP +hostname: "localhost" +base_url: "https://spid-testenv2:8088" + +# Chiave e certificato necessari per la firma dei messaggi SAML +key_file: "conf/idp.key" +cert_file: "conf/idp.crt" + + +# CONFIGURAZIONE SERVICE PROVIDER + +# Si possono configurare più Service Provider. Per leggere i metadati da un +# file .xml è sufficiente inserirne il path sotto "local"; per leggerli da +# un URL remoto bisogna invece inserirlo sotto "remote" (insieme al path di +# una copia locale del certificato del Service Provider, che per sicurezza +# deve coincidere con quello presente nei metadati). +# cfr. https://pysaml2.readthedocs.io/en/latest/howto/config.html#metadata +metadata: + local: + - "conf/sp_metadata.xml" +# remote: +# - url: "http://spid-sp/metadata +# cert: "spid-sp.cert" + + +# CONFIGURAZIONE TESTENV WEB SERVER + +# Abilita (true) o disabilita (false) la modalità debug +debug: true + +# Indirizzo IP dell'interfaccia su cui esporre il server e porta +# (0.0.0.0 per ascoltare su tutte le interfacce) +host: 0.0.0.0 +port: 8088 + +# Abilita (true) o disabilita (false) la modalità HTTPS per l'IdP +https: false + +# Se si abilita HTTPS è necessario specificare chiave e certificato +# (indipendenti da chiave e certificato SAML) +#https_key_file: "path/to/key" +#https_cert_file: "path/to/cert" + +# Endpoint del server IdP (path relativi) +endpoints: + single_sign_on_service: "/sso" + single_logout_service: "/slo" diff --git a/testenv2/conf/idp.crt b/testenv2/conf/idp.crt new file mode 100644 index 000000000..9a42e4b2c --- /dev/null +++ b/testenv2/conf/idp.crt @@ -0,0 +1,36 @@ +-----BEGIN CERTIFICATE----- +MIIGMzCCBBugAwIBAgIJANKJM2AtAsnrMA0GCSqGSIb3DQEBCwUAMG4xCzAJBgNV +BAYTAklUMQ4wDAYDVQQIEwVJdGFseTENMAsGA1UEBxMEUm9tZTENMAsGA1UEChME +QUNNRTEWMBQGA1UECxMNSVQgRGVwYXJ0bWVudDEZMBcGA1UEAxMQYXBpLml0YWxp +YS5sb2NhbDAeFw0xODA1MjUxNDA1NTBaFw0xOTA1MjUxNDA1NTBaMG4xCzAJBgNV +BAYTAklUMQ4wDAYDVQQIEwVJdGFseTENMAsGA1UEBxMEUm9tZTENMAsGA1UEChME +QUNNRTEWMBQGA1UECxMNSVQgRGVwYXJ0bWVudDEZMBcGA1UEAxMQYXBpLml0YWxp +YS5sb2NhbDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAM+Mpdlno+fm +MT9UmuNhYhNKCctXnXTAqS7yRC/24P7+NXMiu8VB/Z2yCoPV2QDCOU4zTBT1yDhs +apqvhOgZuQpGcsojn4mAcdbVQI1EpglGkNe+ZaCTBaWx7+3QV/fhYRvrs0Q4Ab9X +823XApRudjUJ6MeLP6lGiyNkXvl16RjwJ/kQw3NY3zIyHGNmHb6oAwlvQRLCvbUt +LheHPPwolMvKFolsvdHN1AmT8OvgoqEbeMlQLSVzSmz+2iqA8GzcAM4sXvS+t6oY +FHnjx98bMguwsLCNBKpDeYzkLFYmwWU5OqXrPSBdb026Mpu1amf8A4ScoPCpY/HC +Hbdci12CV3k7W2QPVgsxJ2TJj9GGEOkgNqJRS5wCHe1b41x2cgOdHl4MxDU3D8Qa +Yf5R6JBX+dpfsTcS0SdbcVFJ3W9KXHHdWfd6YH55v6HwjSTi2fty1yYahkxuIy0R +2oMafbOq8xjjHFHGbUZFctNKj0i7M4HUM1XYydkhVmhmSE24csb/NFN3FfmYHqMh +jSWeogsvv0zhddiaCYQ/QUHCV3/ljtG3kBg7xclWkgcRGgPTyrWKAbwtPJcX0aUr +QGLwbKMVt+AJ1rPpLwCmHpw1oxy/M4GcJu2AZZEiCtAX8Pmkvm0OhqcqRMsq0U7S +y5TR83X6dVRFYmemCSc+n0pi4bnIquUvAgMBAAGjgdMwgdAwHQYDVR0OBBYEFC72 +rneu9Zk3u/jm7z7B0X3n1UttMIGgBgNVHSMEgZgwgZWAFC72rneu9Zk3u/jm7z7B +0X3n1UttoXKkcDBuMQswCQYDVQQGEwJJVDEOMAwGA1UECBMFSXRhbHkxDTALBgNV +BAcTBFJvbWUxDTALBgNVBAoTBEFDTUUxFjAUBgNVBAsTDUlUIERlcGFydG1lbnQx +GTAXBgNVBAMTEGFwaS5pdGFsaWEubG9jYWyCCQDSiTNgLQLJ6zAMBgNVHRMEBTAD +AQH/MA0GCSqGSIb3DQEBCwUAA4ICAQACnTmiT4dXqPFmLYSccgoO53QJnIgXBmIS +AOmcAQ1Ypmxihy6l/a44AwdOAIm1zl3t77zrMvsdQHXOW6CkXdJHsuw6RBytlqmr +0U2s5EwoiyInnokMcgE/gkd0uBG+rUVJgulcW/5GNxuyybEeDYpQByaqvW1TwE8k +X1c7nHlP25i861qnD/zREWjrM5aPLrxymcbP4BzslzqRclnrfCu/RsU3Odn6xTU7 +b2ZvEIFpMMRhzQYfFbvMc6lJVSGq46yIXho/VWYD2CfY0XP73Nc3zQfE9NelsTUz +XMNsZy+uQZHwLXFZK5PMsjm1I+u+pAbOCeeLrCh6ueV5zMA7xGJ8O2RnUq1jBm6M +YgFB0+msNcFj6m7HVeipZz8FMusoHVln5MmTeeqswozIMpj4bZKEcyA3VZK6ifFy +I1h9ihwZQjb1lei3uwBAn0zCXCjT0wwngpewvNQkriOJ4WDswmiI0CLsrEMnEb/Z +IRbcLNXwc0xgOZ2mZ33psV79Ps8SkrrbUvScpMg3x91gFJKwXS8AkNcTdVfJrnjL +y7qkh2ooitg02jnCxszWe6AgiL/eAWEmlI3cL/Ot5VDV9z9LCtKf+/xj5H8BV1Ly +df3uzE2+R2z7xI+vwtHPyt3WaWgHM0znjjP50Ery3m640AUWAf2yfmFS4cAbFMrh +AQ4pgJsNlg== +-----END CERTIFICATE----- diff --git a/testenv2/conf/idp.key b/testenv2/conf/idp.key new file mode 100644 index 000000000..0b90494de --- /dev/null +++ b/testenv2/conf/idp.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKAIBAAKCAgEAz4yl2Wej5+YxP1Sa42FiE0oJy1eddMCpLvJEL/bg/v41cyK7 +xUH9nbIKg9XZAMI5TjNMFPXIOGxqmq+E6Bm5CkZyyiOfiYBx1tVAjUSmCUaQ175l +oJMFpbHv7dBX9+FhG+uzRDgBv1fzbdcClG52NQnox4s/qUaLI2Re+XXpGPAn+RDD +c1jfMjIcY2YdvqgDCW9BEsK9tS0uF4c8/CiUy8oWiWy90c3UCZPw6+CioRt4yVAt +JXNKbP7aKoDwbNwAzixe9L63qhgUeePH3xsyC7CwsI0EqkN5jOQsVibBZTk6pes9 +IF1vTboym7VqZ/wDhJyg8Klj8cIdt1yLXYJXeTtbZA9WCzEnZMmP0YYQ6SA2olFL +nAId7VvjXHZyA50eXgzENTcPxBph/lHokFf52l+xNxLRJ1txUUndb0pccd1Z93pg +fnm/ofCNJOLZ+3LXJhqGTG4jLRHagxp9s6rzGOMcUcZtRkVy00qPSLszgdQzVdjJ +2SFWaGZITbhyxv80U3cV+ZgeoyGNJZ6iCy+/TOF12JoJhD9BQcJXf+WO0beQGDvF +yVaSBxEaA9PKtYoBvC08lxfRpStAYvBsoxW34AnWs+kvAKYenDWjHL8zgZwm7YBl +kSIK0Bfw+aS+bQ6GpypEyyrRTtLLlNHzdfp1VEViZ6YJJz6fSmLhuciq5S8CAwEA +AQKCAgA703P/DfPeJalucunOv0RxAPd/yLqXa+2YnbbwCH7kocwwawOrIZGEgkyr +odnScSnpk7nLlOlo8j9sZUmvSbLf9lyiTdBv5zlpTsEzt2UQ6WlY9wX+WkLXd0oM +x/CDgFDopnFfKbG/QQ/nSoHw3UJvmXKjCk2IctAqnIUP7WAKkzdCgQWF20lDA9TR +Bh9u1KlDb/FXAhGDBwnxOEdo/B2f/JmwdUrmDimftShOJctbGzse9GB/GhOLBY9H +jzE+f9AvnfSlIdB5VEWauQDlG8a6Pe1AhvWgSqDf7umkz7kRf4SbTQqqqKQryI9L ++Og6Hxe4gxmVJY6somLEdwWpJ6gkwY9Q+U8IRlRqDG7lYuSdhH3l6czZabKxzTVm +99rXcDIyOTpkA6tuUefXZGGWzOyXZyu9SnL9IehJ+FK/gNfIBn+QQPnfTHgVIAX8 +wqRyhmPvOr0HP5x2nUVYz7FkVBn0pnoXQj1U1cVorIvdqD3c+mXhHxMHVGBE2HqO +Oc9ESTfDT16Yuf16XeEVeIlwFP7dhFjrgEWwqfc+3ErV/INyR+0wX1z9wMpgKACC +xvrwUJRh9cRlbAL6paziGuLY+i64v+icZM4NMPkjwk2xb+3UUSKQVZTCfIeRCAAC +UtGOMfE9O0mJ/+4jKoV1NtjezpTlKoGMAxcyVWsytOYiGh2SeQKCAQEA+qwpWxzl +zHMe+C1mI9dwu+nVS1fJmWFy/nhYmi7KOkG07gks3pImhtQ51vvyCRiuxQgZxe8/ +Xtu7ot6GsFcUNnbL/W0PUTr67L7tVpVez2MgPYBTcPO03g2DGS6mHZr9AU18Tv7v +LZWISwj8pwtiKGhUpk9T0nyE48+eJNFMICkmweXSbz2UXIgSoBIUYclYW86ODinq +AkIpvh+CtbIeRB+O7FIN1YzxzMenfJi9Orch1tYnpYrZ1klng8tvLebYaFW4L3B7 +PD7orCRdOpUFdFQLjDzjcrmj6pxygj+2moFSVSKDUitQHOEIPjeqU2EMMrcYZEXZ +u/8DdA2lvJQO1QKCAQEA0/XdnFvst2YypQuAyMSjS0434V3mS5J2ODCC3GMbUKde +6BwqexvJtXUPKLi6PoSHQXMbE0j76J4K1jZ1T8hKlM1CtTpwoXkZOZABXFxkcWNV +K7aFUaROj/plbGcpH2JRBl+KITH+pER3rYSBcVs8mY4Ars+XU2/b/fXL71Oct1ZZ +zhxFj6Z/RMpFEnGL2c4wNpaqaBTfv4ngVwWkRXUMhPgBhIBAm+rt9m7BAet/oJO0 +nJd5swUTEHSDEE3x1BAIA+xHhs/afTUNRMUK+j3qB/BZwou9DFjO1zlP7ba7705K +NvOCwvNix2qLwoaHkGze4Z3tZLWOTgoSRVDYpeAN8wKCAQBP0WoJvRXfF/kQhUQ0 +vXEEJNzp9LYYxNLc/G0aCzQRgMKf2QQUiu0BmaohLnBPPTDJRF8Qi7Hd/pGstrak +h9XD0ef6djOeZe1oXRMtsrpRxvqJGsd2++Lnod3Qsu3qF2Pgek/Ox5ZZKXgQjHgG +qLVEsJPjsPa72zJlZ8KvboWS6AeTTh7HlRActqdXmOosiPQ9p3PMRsRgm7i29Uml +mWXRw0q7LRWCnjKQRjKqlegLPizkP6S4LZJXjWAMs0Zfk1XtQv42/NYAxPdJePrG +oJTwCaLzsJ+r9Dihh9deafM3F16kBS1TiL8lsvHw/cCadBhyPaLiqus91WHAHmhb +t7lRAoIBAQC0TCjVLzB9lNYxpEZJAVMx5HgOITSbRht/kmxOEZOTmLtXT1YnYCzF +SKy7Y98w/MScvM/kKKn3ZjArpSlG00X1q2A6DlruT7dQSpmNuh3KgcdaJqjjGJOn +T0Rk4J+PTa9Eb5JsyD0l+AOhOtxs00IKEEuuZ3D+jWEhdqqhior9PNupQk09c1BA +8JmupZ1jiUtjs+eCH3dwU1TcUTU5y+X5WYjY78uFlWITxIQzIOJwchQpO4RO7lsY +HTO7c8HoNDbNN3hkSXw+ExmVTNMYp//h/uYrYXhO/1/6nYrK1yyn0/23Ho41TJjS +rmPx9UNta95vJkpf5zwET/bYtXuEJcFXAoIBABMXJVi92ttYX1wsxc/Okgc1M0SD +jZcIMjNHPUR0EernGTNT/Vr+rCanyVOw873vpdzJAdSTnsJTy5IlOE1cXw7sqe9z +hiRyhv77kedJcxaKQTmokp3xwD6CJSAZYZaGz09BWzzc5C/UHYDgkwQVKHjZAkew +yP9To8SzotQGyEVlPQr7hslycJ9citQgdPEW5zcchnrKLUAJokRhj6VyVUFS0H8B +8ycZel4iQX3sdTYaXghFBncEvLWLKtDa9DD9xqgdtIvtoReuXXRi29Dr/e9GHntq +er06MpaLFr9echEd9aAxBiROps9b6aw7YrhhLi9cAlEgF9k3Grok2ng7u2U= +-----END RSA PRIVATE KEY----- diff --git a/testenv2/conf/sp_metadata.xml b/testenv2/conf/sp_metadata.xml new file mode 100644 index 000000000..01bdd4303 --- /dev/null +++ b/testenv2/conf/sp_metadata.xml @@ -0,0 +1,128 @@ + + + + + + + + + + + MIIGMzCCBBugAwIBAgIJANKJM2AtAsnrMA0GCSqGSIb3DQEBCwUAMG4xCzAJBgNV + BAYTAklUMQ4wDAYDVQQIEwVJdGFseTENMAsGA1UEBxMEUm9tZTENMAsGA1UEChME + QUNNRTEWMBQGA1UECxMNSVQgRGVwYXJ0bWVudDEZMBcGA1UEAxMQYXBpLml0YWxp + YS5sb2NhbDAeFw0xODA1MjUxNDA1NTBaFw0xOTA1MjUxNDA1NTBaMG4xCzAJBgNV + BAYTAklUMQ4wDAYDVQQIEwVJdGFseTENMAsGA1UEBxMEUm9tZTENMAsGA1UEChME + QUNNRTEWMBQGA1UECxMNSVQgRGVwYXJ0bWVudDEZMBcGA1UEAxMQYXBpLml0YWxp + YS5sb2NhbDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAM+Mpdlno+fm + MT9UmuNhYhNKCctXnXTAqS7yRC/24P7+NXMiu8VB/Z2yCoPV2QDCOU4zTBT1yDhs + apqvhOgZuQpGcsojn4mAcdbVQI1EpglGkNe+ZaCTBaWx7+3QV/fhYRvrs0Q4Ab9X + 823XApRudjUJ6MeLP6lGiyNkXvl16RjwJ/kQw3NY3zIyHGNmHb6oAwlvQRLCvbUt + LheHPPwolMvKFolsvdHN1AmT8OvgoqEbeMlQLSVzSmz+2iqA8GzcAM4sXvS+t6oY + FHnjx98bMguwsLCNBKpDeYzkLFYmwWU5OqXrPSBdb026Mpu1amf8A4ScoPCpY/HC + Hbdci12CV3k7W2QPVgsxJ2TJj9GGEOkgNqJRS5wCHe1b41x2cgOdHl4MxDU3D8Qa + Yf5R6JBX+dpfsTcS0SdbcVFJ3W9KXHHdWfd6YH55v6HwjSTi2fty1yYahkxuIy0R + 2oMafbOq8xjjHFHGbUZFctNKj0i7M4HUM1XYydkhVmhmSE24csb/NFN3FfmYHqMh + jSWeogsvv0zhddiaCYQ/QUHCV3/ljtG3kBg7xclWkgcRGgPTyrWKAbwtPJcX0aUr + QGLwbKMVt+AJ1rPpLwCmHpw1oxy/M4GcJu2AZZEiCtAX8Pmkvm0OhqcqRMsq0U7S + y5TR83X6dVRFYmemCSc+n0pi4bnIquUvAgMBAAGjgdMwgdAwHQYDVR0OBBYEFC72 + rneu9Zk3u/jm7z7B0X3n1UttMIGgBgNVHSMEgZgwgZWAFC72rneu9Zk3u/jm7z7B + 0X3n1UttoXKkcDBuMQswCQYDVQQGEwJJVDEOMAwGA1UECBMFSXRhbHkxDTALBgNV + BAcTBFJvbWUxDTALBgNVBAoTBEFDTUUxFjAUBgNVBAsTDUlUIERlcGFydG1lbnQx + GTAXBgNVBAMTEGFwaS5pdGFsaWEubG9jYWyCCQDSiTNgLQLJ6zAMBgNVHRMEBTAD + AQH/MA0GCSqGSIb3DQEBCwUAA4ICAQACnTmiT4dXqPFmLYSccgoO53QJnIgXBmIS + AOmcAQ1Ypmxihy6l/a44AwdOAIm1zl3t77zrMvsdQHXOW6CkXdJHsuw6RBytlqmr + 0U2s5EwoiyInnokMcgE/gkd0uBG+rUVJgulcW/5GNxuyybEeDYpQByaqvW1TwE8k + X1c7nHlP25i861qnD/zREWjrM5aPLrxymcbP4BzslzqRclnrfCu/RsU3Odn6xTU7 + b2ZvEIFpMMRhzQYfFbvMc6lJVSGq46yIXho/VWYD2CfY0XP73Nc3zQfE9NelsTUz + XMNsZy+uQZHwLXFZK5PMsjm1I+u+pAbOCeeLrCh6ueV5zMA7xGJ8O2RnUq1jBm6M + YgFB0+msNcFj6m7HVeipZz8FMusoHVln5MmTeeqswozIMpj4bZKEcyA3VZK6ifFy + I1h9ihwZQjb1lei3uwBAn0zCXCjT0wwngpewvNQkriOJ4WDswmiI0CLsrEMnEb/Z + IRbcLNXwc0xgOZ2mZ33psV79Ps8SkrrbUvScpMg3x91gFJKwXS8AkNcTdVfJrnjL + y7qkh2ooitg02jnCxszWe6AgiL/eAWEmlI3cL/Ot5VDV9z9LCtKf+/xj5H8BV1Ly + df3uzE2+R2z7xI+vwtHPyt3WaWgHM0znjjP50Ery3m640AUWAf2yfmFS4cAbFMrh + AQ4pgJsNlg== + + + + + + + + MIIGMzCCBBugAwIBAgIJANKJM2AtAsnrMA0GCSqGSIb3DQEBCwUAMG4xCzAJBgNV + BAYTAklUMQ4wDAYDVQQIEwVJdGFseTENMAsGA1UEBxMEUm9tZTENMAsGA1UEChME + QUNNRTEWMBQGA1UECxMNSVQgRGVwYXJ0bWVudDEZMBcGA1UEAxMQYXBpLml0YWxp + YS5sb2NhbDAeFw0xODA1MjUxNDA1NTBaFw0xOTA1MjUxNDA1NTBaMG4xCzAJBgNV + BAYTAklUMQ4wDAYDVQQIEwVJdGFseTENMAsGA1UEBxMEUm9tZTENMAsGA1UEChME + QUNNRTEWMBQGA1UECxMNSVQgRGVwYXJ0bWVudDEZMBcGA1UEAxMQYXBpLml0YWxp + YS5sb2NhbDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAM+Mpdlno+fm + MT9UmuNhYhNKCctXnXTAqS7yRC/24P7+NXMiu8VB/Z2yCoPV2QDCOU4zTBT1yDhs + apqvhOgZuQpGcsojn4mAcdbVQI1EpglGkNe+ZaCTBaWx7+3QV/fhYRvrs0Q4Ab9X + 823XApRudjUJ6MeLP6lGiyNkXvl16RjwJ/kQw3NY3zIyHGNmHb6oAwlvQRLCvbUt + LheHPPwolMvKFolsvdHN1AmT8OvgoqEbeMlQLSVzSmz+2iqA8GzcAM4sXvS+t6oY + FHnjx98bMguwsLCNBKpDeYzkLFYmwWU5OqXrPSBdb026Mpu1amf8A4ScoPCpY/HC + Hbdci12CV3k7W2QPVgsxJ2TJj9GGEOkgNqJRS5wCHe1b41x2cgOdHl4MxDU3D8Qa + Yf5R6JBX+dpfsTcS0SdbcVFJ3W9KXHHdWfd6YH55v6HwjSTi2fty1yYahkxuIy0R + 2oMafbOq8xjjHFHGbUZFctNKj0i7M4HUM1XYydkhVmhmSE24csb/NFN3FfmYHqMh + jSWeogsvv0zhddiaCYQ/QUHCV3/ljtG3kBg7xclWkgcRGgPTyrWKAbwtPJcX0aUr + QGLwbKMVt+AJ1rPpLwCmHpw1oxy/M4GcJu2AZZEiCtAX8Pmkvm0OhqcqRMsq0U7S + y5TR83X6dVRFYmemCSc+n0pi4bnIquUvAgMBAAGjgdMwgdAwHQYDVR0OBBYEFC72 + rneu9Zk3u/jm7z7B0X3n1UttMIGgBgNVHSMEgZgwgZWAFC72rneu9Zk3u/jm7z7B + 0X3n1UttoXKkcDBuMQswCQYDVQQGEwJJVDEOMAwGA1UECBMFSXRhbHkxDTALBgNV + BAcTBFJvbWUxDTALBgNVBAoTBEFDTUUxFjAUBgNVBAsTDUlUIERlcGFydG1lbnQx + GTAXBgNVBAMTEGFwaS5pdGFsaWEubG9jYWyCCQDSiTNgLQLJ6zAMBgNVHRMEBTAD + AQH/MA0GCSqGSIb3DQEBCwUAA4ICAQACnTmiT4dXqPFmLYSccgoO53QJnIgXBmIS + AOmcAQ1Ypmxihy6l/a44AwdOAIm1zl3t77zrMvsdQHXOW6CkXdJHsuw6RBytlqmr + 0U2s5EwoiyInnokMcgE/gkd0uBG+rUVJgulcW/5GNxuyybEeDYpQByaqvW1TwE8k + X1c7nHlP25i861qnD/zREWjrM5aPLrxymcbP4BzslzqRclnrfCu/RsU3Odn6xTU7 + b2ZvEIFpMMRhzQYfFbvMc6lJVSGq46yIXho/VWYD2CfY0XP73Nc3zQfE9NelsTUz + XMNsZy+uQZHwLXFZK5PMsjm1I+u+pAbOCeeLrCh6ueV5zMA7xGJ8O2RnUq1jBm6M + YgFB0+msNcFj6m7HVeipZz8FMusoHVln5MmTeeqswozIMpj4bZKEcyA3VZK6ifFy + I1h9ihwZQjb1lei3uwBAn0zCXCjT0wwngpewvNQkriOJ4WDswmiI0CLsrEMnEb/Z + IRbcLNXwc0xgOZ2mZ33psV79Ps8SkrrbUvScpMg3x91gFJKwXS8AkNcTdVfJrnjL + y7qkh2ooitg02jnCxszWe6AgiL/eAWEmlI3cL/Ot5VDV9z9LCtKf+/xj5H8BV1Ly + df3uzE2+R2z7xI+vwtHPyt3WaWgHM0znjjP50Ery3m640AUWAf2yfmFS4cAbFMrh + AQ4pgJsNlg== + + + + + + + urn:oasis:names:tc:SAML:2.0:nameid-format:transient + + + + + Nome del servizio + Descrizione del servizio + + + + + + + + + + + + Nome del Service Provider + Nome completo del Service Provider + https://www.myserviceprovider.it/ + + + diff --git a/testenv2/conf/users.json b/testenv2/conf/users.json new file mode 100644 index 000000000..5ff3a7968 --- /dev/null +++ b/testenv2/conf/users.json @@ -0,0 +1,15 @@ +{ + "lussoluca": { + "pwd": "111111", + "attrs": { + "name": "Luca", + "mobilePhone": "1234567890", + "email": "lussoluca@gmail.com", + "fiscalNumber": "LSSLCU79B24L219P", + "gender": "male", + "familyName": "Lusso", + "spidCode": "123" + }, + "sp": "http://italiabackend.it" + } +}