italia · bfabio · Jan 5, 2021 · Jan 4, 2021 · Jan 4, 2021 · Jan 4, 2021
@@ -172,7 +172,7 @@ L'oggetto `serviceProviderConfig` contiene i parametri del Service Provider. Es:
        ],
        name: "Required attrs"
      },
-     spidCieUrl: "https://idserver.servizicie.interno.gov.it:8443/idp/shibboleth",
+     spidCieUrl: "https://preproduzione.idserver.servizicie.interno.gov.it/idp/shibboleth?Metadata",
      spidTestEnvUrl: "https://spid-testenv2:8088",
      spidValidatorUrl: "http://localhost:8080",
      strictResponseValidation: {
@@ -189,7 +189,7 @@ L'oggetto `serviceProviderConfig` contiene i parametri del Service Provider. Es:
   (identificativi in <https://docs.italia.it/italia/spid/spid-regole-tecniche/it/stabile/attributi.html>).
 * **`spidCieUrl`**: URL per l'accesso con Carta d'Identità elettronica
   ("Entra con CIE").
-  Impostare a "`https://idserver.servizicie.interno.gov.it:8443/idp/shibboleth`"
+  Impostare a "`https://preproduzione.idserver.servizicie.interno.gov.it/idp/shibboleth?Metadata`"
   per lo sviluppo.
 * **`spidTestEnvUrl`**: URL dell'istanza di [spid-testenv2](https://github.com/italia/spid-testenv2).
   Lasciare vuoto per disabilitare.

@@ -17,9 +17,9 @@ export const mockCIEIdpMetadata: Record<string, IDPEntityDescriptor> = {
   xx_servizicie_test: {
     cert: (["CERT"] as unknown) as NonEmptyArray<NonEmptyString>,
     entityID:
-      "https://idserver.servizicie.interno.gov.it:8443/idp/profile/SAML2/POST/SSO",
+      "https://preproduzione.idserver.servizicie.interno.gov.it/idp/profile/SAML2/POST/SSO",
     entryPoint:
-      "https://idserver.servizicie.interno.gov.it:8443/idp/profile/SAML2/Redirect/SSO",
+      "https://preproduzione.idserver.servizicie.interno.gov.it/idp/profile/SAML2/POST/SSO",
     logoutUrl: ""
   }
 };

@@ -82,7 +82,7 @@ const spidTestEnvUrl = "https://localhost:8088";
 const IDPMetadataUrl =
   "https://registry.spid.gov.it/metadata/idp/spid-entities-idps.xml";
 const spidCieUrl =
-  "https://idserver.servizicie.interno.gov.it:8443/idp/shibboleth";
+  "https://preproduzione.idserver.servizicie.interno.gov.it/idp/shibboleth?Metadata";
 
 const expectedLoginPath = "/login";
 const expectedSloPath = "/logout";

@@ -13,7 +13,7 @@ export const SPID_IDP_IDENTIFIERS = {
 export const CIE_IDP_IDENTIFIERS = {
   "https://idserver.servizicie.interno.gov.it/idp/profile/SAML2/POST/SSO":
     "xx_servizicie",
-  "https://idserver.servizicie.interno.gov.it:8443/idp/profile/SAML2/POST/SSO":
+  "https://preproduzione.idserver.servizicie.interno.gov.it/idp/profile/SAML2/POST/SSO":
     "xx_servizicie_test"
 };
 

@@ -71,7 +71,8 @@ const serviceProviderConfig: IServiceProviderConfig = {
     ],
     name: "Required attrs"
   },
-  spidCieUrl: "https://idserver.servizicie.interno.gov.it:8443/idp/shibboleth",
+  spidCieUrl:
+    "https://preproduzione.idserver.servizicie.interno.gov.it/idp/shibboleth?Metadata",
   spidTestEnvUrl: "https://spid-testenv2:8088",
   spidValidatorUrl: "http://localhost:8080",
   strictResponseValidation: {

@@ -44,7 +44,7 @@ const serviceProviderConfig: IServiceProviderConfig = {
     ],
     name: "Required attrs"
   },
-  spidCieUrl: "https://idserver.servizicie.interno.gov.it:8443/idp/shibboleth",
+  spidCieUrl: "https://preproduzione.idserver.servizicie.interno.gov.it/idp/shibboleth?Metadata",
   spidTestEnvUrl: "https://spid-testenv2:8088",
   spidValidatorUrl: "http://localhost:8080"
 };

@@ -5,7 +5,7 @@ export default `<?xml version="1.0" encoding="UTF-8"?>
 
      This metadata is not dynamic - it will not change as your configuration changes.
 -->
-<EntityDescriptor  xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:xml="http://www.w3.org/XML/1998/namespace" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" entityID="https://idserver.servizicie.interno.gov.it:8443/idp/profile/SAML2/POST/SSO">
+<EntityDescriptor  xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:xml="http://www.w3.org/XML/1998/namespace" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" entityID="https://preproduzione.idserver.servizicie.interno.gov.it/idp/profile/SAML2/POST/SSO">
 
     <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
 
@@ -79,20 +79,20 @@ export default `<?xml version="1.0" encoding="UTF-8"?>
 
         </KeyDescriptor>
 
-        <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idserver.servizicie.interno.gov.it:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
-        <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idserver.servizicie.interno.gov.it:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+        <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://preproduzione.idserver.servizicie.interno.gov.it/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+        <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://preproduzione.idserver.servizicie.interno.gov.it/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
 
-        <!--
-        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idserver.servizicie.interno.gov.it/idp/profile/SAML2/Redirect/SLO"/>
-        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idserver.servizicie.interno.gov.it/idp/profile/SAML2/POST/SLO"/>
-        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idserver.servizicie.interno.gov.it/idp/profile/SAML2/POST-SimpleSign/SLO"/>
-        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idserver.servizicie.interno.gov.it:8443/idp/profile/SAML2/SOAP/SLO"/>
-        -->
+
+        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://preproduzione.idserver.servizicie.interno.gov.it/idp/profile/SAML2/Redirect/SLO"/>
+        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://preproduzione.idserver.servizicie.interno.gov.it/idp/profile/SAML2/POST/SLO"/>
+        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://preproduzione.idserver.servizicie.interno.gov.it/idp/profile/SAML2/POST-SimpleSign/SLO"/>
+        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://preproduzione.idserver.servizicie.interno.gov.it/idp/profile/SAML2/SOAP/SLO"/>
+
 
-        <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idserver.servizicie.interno.gov.it:8443/idp/profile/Shibboleth/SSO"/>
-        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idserver.servizicie.interno.gov.it:8443/idp/profile/SAML2/POST/SSO"/>
-        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idserver.servizicie.interno.gov.it:8443/idp/profile/SAML2/POST-SimpleSign/SSO"/>
-        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idserver.servizicie.interno.gov.it:8443/idp/profile/SAML2/Redirect/SSO"/>
+        <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://preproduzione.idserver.servizicie.interno.gov.it/idp/profile/Shibboleth/SSO"/>
+        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://preproduzione.idserver.servizicie.interno.gov.it/idp/profile/SAML2/POST/SSO"/>
+        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://preproduzione.idserver.servizicie.interno.gov.it/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://preproduzione.idserver.servizicie.interno.gov.it/idp/profile/SAML2/Redirect/SSO"/>
 
     </IDPSSODescriptor>
 
@@ -161,8 +161,8 @@ export default `<?xml version="1.0" encoding="UTF-8"?>
 
         </KeyDescriptor>
 
-        <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idserver.servizicie.interno.gov.it:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
-        <!-- <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idserver.servizicie.interno.gov.it:8443/idp/profile/SAML2/SOAP/AttributeQuery"/> -->
+        <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://preproduzione.idserver.servizicie.interno.gov.it/idp/profile/SAML1/SOAP/AttributeQuery"/>
+        <!-- <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://preproduzione.idserver.servizicie.interno.gov.it/idp/profile/SAML2/SOAP/AttributeQuery"/> -->
         <!-- If you uncomment the above you should add urn:oasis:names:tc:SAML:2.0:protocol to the protocolSupportEnumeration above -->
 
     </AttributeAuthorityDescriptor>

@@ -183,7 +183,7 @@ export const samlResponseCIE = `<?xml version="1.0" encoding="UTF-8"?>
 <saml2p:Response Destination="https://app-backend.dev.io.italia.it/assertionConsumerService" ID="_36e7b2c177afab6db4302732a68403cb" InResponseTo="_61395d807fb9fe6a869b" IssueInstant="2020-02-27T13:40:57.746Z" Version="2.0" 
   xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" 
   xmlns:xsd="http://www.w3.org/2001/XMLSchema">
-  <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://idserver.servizicie.interno.gov.it:8443/idp/profile/SAML2/POST/SSO</saml2:Issuer>
+  <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://preproduzione.idserver.servizicie.interno.gov.it/idp/profile/SAML2/POST/SSO</saml2:Issuer>
   <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
     <ds:SignedInfo>
       <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
@@ -215,7 +215,7 @@ AIa2vTA8uOKizFvCqNchj4Dby8eDOi5UaOEZYJ4NV0RorEj2wkSFbhX65FYLt68VUGY5YR1tqDfl d0A
   <saml2:Assertion ID="_6aa64187239cb0852096c42c33e176ca" IssueInstant="2020-02-27T13:40:57.746Z" Version="2.0" 
     xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" 
     xmlns:xsd="http://www.w3.org/2001/XMLSchema">
-    <saml2:Issuer>https://idserver.servizicie.interno.gov.it:8443/idp/profile/SAML2/POST/SSO</saml2:Issuer>
+    <saml2:Issuer>https://preproduzione.idserver.servizicie.interno.gov.it/idp/profile/SAML2/POST/SSO</saml2:Issuer>
     <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
       <ds:SignedInfo>
         <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
@@ -242,7 +242,7 @@ UJ23xMKOYhCcRVunnDgor2WLqHEgYeyaAhHr16+kkO6poPog2a9PoiqGUU0Dg+YMvHRJVq0h0sKz M1z
       </ds:KeyInfo>
     </ds:Signature>
     <saml2:Subject>
-      <saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient" NameQualifier="https://idserver.servizicie.interno.gov.it:8443/idp/profile/SAML2/POST/SSO" SPNameQualifier="https://app-backend.dev.io.italia.it">AAdzZWNyZXQxqDU6XhTO1MGlMAoXjWFIOcPfK4AhIPsnBAoTNelku/jA7/XaogQJhOrgxCiAIqavL2GUQqQ7VMYPRryyteifD34fsyrHmbPNr1Tz2YJe8wgENUlDvaY31unC/P1kwqTZ17jQYw3qoVZs4neWi9ZUo9j8BoiDAHdoyOOoTiVbDA==</saml2:NameID>
+      <saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient" NameQualifier="https://preproduzione.idserver.servizicie.interno.gov.it/idp/profile/SAML2/POST/SSO" SPNameQualifier="https://app-backend.dev.io.italia.it">AAdzZWNyZXQxqDU6XhTO1MGlMAoXjWFIOcPfK4AhIPsnBAoTNelku/jA7/XaogQJhOrgxCiAIqavL2GUQqQ7VMYPRryyteifD34fsyrHmbPNr1Tz2YJe8wgENUlDvaY31unC/P1kwqTZ17jQYw3qoVZs4neWi9ZUo9j8BoiDAHdoyOOoTiVbDA==</saml2:NameID>
       <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
         <saml2:SubjectConfirmationData Address="85.44.51.73" InResponseTo="_61395d807fb9fe6a869b" NotOnOrAfter="${new Date().getFullYear() +
           1}-02-26T07:32:05Z" Recipient="https://app-backend.dev.io.italia.it/assertionConsumerService"/>

@@ -75,10 +75,11 @@ describe("fetchIdpsMetadata", () => {
     expect(result.value).toHaveProperty("xx_servizicie_test", {
       cert: expect.any(NonEmptyArray),
       entityID:
-        "https://idserver.servizicie.interno.gov.it:8443/idp/profile/SAML2/POST/SSO",
+        "https://preproduzione.idserver.servizicie.interno.gov.it/idp/profile/SAML2/POST/SSO",
       entryPoint:
-        "https://idserver.servizicie.interno.gov.it:8443/idp/profile/SAML2/Redirect/SSO",
-      logoutUrl: ""
+        "https://preproduzione.idserver.servizicie.interno.gov.it/idp/profile/SAML2/Redirect/SSO",
+      logoutUrl: 
+        "https://preproduzione.idserver.servizicie.interno.gov.it/idp/profile/SAML2/Redirect/SLO"
     });
   });
 

@@ -20,7 +20,7 @@ const mockFetchIdpsMetadata = jest.spyOn(metadata, "fetchIdpsMetadata");
 
 const idpMetadataUrl = "http://ipd.metadata.example/metadata.xml";
 const cieMetadataUrl =
-  "https://idserver.servizicie.interno.gov.it:8443/idp/shibboleth";
+  "https://preproduzione.idserver.servizicie.interno.gov.it/idp/shibboleth?Metadata";
 const spidTestEnvUrl = "https://spid-testenv2:8088";
 
 const serviceProviderConfig: IServiceProviderConfig = {

@@ -363,7 +363,7 @@ describe("preValidateResponse", () => {
             RequestXML: samlRequest,
             createdAt: "2020-02-26T07:27:42Z",
             idpIssuer:
-              "https://idserver.servizicie.interno.gov.it:8443/idp/profile/SAML2/POST/SSO"
+              "https://preproduzione.idserver.servizicie.interno.gov.it/idp/profile/SAML2/POST/SSO"
           })
         );
       });