move tag Extensions in metadata template (fixes #21923)
Current template does not validate the SAML 2.0 metadata schema.
This commit is contained in:
parent
6c528dd2c3
commit
a0d3e209c1
|
@ -6,6 +6,12 @@
|
|||
AuthnRequestsSigned="true"
|
||||
WantAssertionsSigned="true"
|
||||
protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
|
||||
<Extensions>
|
||||
<idpdisc:DiscoveryResponse index="1"
|
||||
xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
|
||||
Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
|
||||
Location="{{ discovery_endpoint_url }}"/>
|
||||
</Extensions>
|
||||
{% for public_key in public_keys %}
|
||||
<KeyDescriptor>
|
||||
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||
|
@ -15,12 +21,6 @@
|
|||
</ds:KeyInfo>
|
||||
</KeyDescriptor>
|
||||
{% endfor %}
|
||||
<Extensions>
|
||||
<idpdisc:DiscoveryResponse index="1"
|
||||
xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
|
||||
Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
|
||||
Location="{{ discovery_endpoint_url }}"/>
|
||||
</Extensions>
|
||||
<SingleLogoutService
|
||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
|
||||
Location="{{ logout_url }}" />
|
||||
|
|
Loading…
Reference in New Issue