Page History
Introduktion
Formål med dokumentet
Formålet med dette dokument er at give en detaljeret beskrivelse af de konkrete services, der udbydes af STS i forbindelse med anvendelsesområdet Borgeromvekslinger.
Læsevejledning
Dokumentet henvender sig primært til udviklere, der skal i gang med at anvende de konkrete borgervekslingssnitflader udbudt af STS.
Dokumentet bygger i høj grad på den overordnede STS - Guide til anvendere, som giver et overblik over STS og leverer i denne sammenhæng et mere dybdegående teknisk beskrivelse af de services i STS, der ligger i anvendelsesområdet borgeromvekslinger.
Overblik over services og anvendelse
Som beskrevet i STS - Guide til anvendere, så findes der i STS følgende services indenfor anvendelsesområdet borger:
| /sts/services/Bst2Idws | Omveksler OIO Saml bootstrap token til OIO IDWS sikkerhedsbillet rettet mod et givet audience, f.eks. FMK, Dokumentdelingsservice eller MinSpærring. Typen af bootstrap token kan enten være OIO3BST_CITIZEN, OIO2BST_CITIZEN eller OIO2BST_LEGACY. Bemærk, at bootstrap token skal være signeret af troværdig tredjepart (fx SEB IdP, NemLog-in IdP eller NemLog-in STS). |
| /sts/services/JWT2Idws | Ombytter JSON Web token (JWT) til OIO IDWS sikkerhedsbillet rettet mod et givet audience, f.eks. FMK, Dokumentdelingsservice eller MinSpærring. Bemærk, at JWT tokenet skal være signeret af troværdig tredjepart (pt. en OpenID Connect provider) |
| /sts/services/JWT2OIOSaml | Omveksler JSON Web token (JWT) til OIO Saml sikkerhedsbillet rettet mod et specifikt audience, f.eks. forløbsplaner.dk. Billetten er krypteret og er tænkt benyttet til sikker-browseropstart (SBO) Bemærk, at JWT tokenet skal være signeret af troværdig tredjepart (pt. en OpenID Connect provider) |
De to services Bst2Idws og JWT2Idws minder om hinanden i opbygning af requests, understøttede claims og valideringer. Disse beskrives derfor under et i afsnittet om claims og valideringer. JWT2OIOSaml beskrives for sig selv.
Claims og valideringer for veksling til IDWS tokens (Bst2Idws og JWT2Idws)
I forhold til berigelse af det udstedte IDWS token er der mulighed for at medsende følgende claims til:
...
- https://audience.nspop.dk/dds: Dokumentdelingsservicen
- https://audience.nspop.dk/minspaerring: MinSpærring
- https://audience.nspop.dk/minlog: MinLog2
- https://fmk: FMK
Der bliver desuden valideret at borgerens alder opfylder kravet for den minimale alder der er konfigureret i STS'en for borgeromvekslinger.
I eksemplerne nedenfor vises der eksempler på vekslinger af bootstraptoken til Idws og JWT til Idws. I eksemplet med bootstraptoken er der ydermere vist eksempler på anvendelsen af claims til både CPR for den kaldende bruger samt fuldmagt.
Service Endpoints
Afhængig af miljø udstilles tjenesten på:
|
http://<sts-host>:<port>/sts/services/JWT2Idws |
http://<sts-host>:<port>/sts/services/JWT2OIOSaml |
Eksempler på requests
I det følgende gives eksempler på følgende typer af requests:
- Omveksling af borger bootstrap token til IDWS token (med angivelse af anden borgers CPR nummer for fuldmagtstildelinger)
- Omveksling af borger JWT til IDWS token: Mangler for nuværende
- Omveksling af borger JWT til OIO Saml Token: Mangler for nuværende
Omveksling af borger bootstrap token til IDWS token
Her vises eksempler på requests til servicen Bst2IDWS. Bemærk både claim 'dk:gov:saml:attribute:CprNumberIdentifier' i forhold til borgerens eget CPR nummer med claims i forhold til anden borgers CPR nummer.
OIO3BST_CITIZEN - udstedes (på sigt) af NemLog-in STS
Request
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<?xml version="1.0" encoding="UTF-8"?> <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512" xmlns:wst14="http://docs.oasis-open.org/ws-sx/ws-trust/200802" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <soapenv:Header> <wsse:Security mustUnderstand="1" wsu:Id="security"> <wsu:Timestamp wsu:Id="ts"> <wsu:Created>2023-0112-17T1028T10:0157:42Z<48Z</wsu:Created> </wsu:Timestamp> <ds:Signature> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> <ds:Reference URI="#body"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <ds:DigestValue>T8Ud1QBjSYPcezG8dH1JpRQgIXkDigestValue>fCllw3Lagb/vujh2A3HIuRC8WFg=</ds:DigestValue> </ds:Reference> <ds:Reference URI="#ts"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <ds:DigestValue>QcufgSZuMyIqGDQRgzo2qhV9bPQDigestValue>IiN77aYXPnvGOCphzQ1GrEAscc0=</ds:DigestValue> </ds:Reference> <ds:Reference URI="#messageID"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <ds:DigestValue>+kgMXQkRQCpYQwVw8ZYiYiX5AB4DigestValue>8J2ljhLBY8bo4rMRuVW2x1/c/sQ=</ds:DigestValue> </ds:Reference> <ds:Reference URI="#action"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <ds:DigestValue>3cXAhlhZH22NiSh7AttxKxBap7Q=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>pvF86Hf5OSO3M8NkQKrVYs4B0SZQa/Kf0qajWQ5noQtNNbvpj5shvTlilRBk/De4W6afToyTuzD30vQcmzNjZG8/96AQEDkw9imahnqck7vRgZj5fAuNbnO6TEoY73x6lYFf2uloqPy/j5jQBWjPc83LhPxaovyhJPyiuYJiAtwIDE0tDeQqOZWTQn27kJ6d0tsuYwMMW/9dOe3xTVSrEfyOEr64bohqS4cpsSzvZ7/ZFgU9db4KQzOTYe9NHV45YrGvXGHLMkaWRc9N0IQBD4O3HgKdZvR+F8hqsyDak+qSUeME1nq5QG/NayO7LQdSo5spOX/2msYWVNYuBbR6c0CECBY7Nh7AwYitNRLKkLGgs46i7+iiu2NVQJbfqY6Oyi10cdwrQpC28Ui3DUxzEuhb5p6msHfR0oDzfvTh+fnlpRZ9xo5XRSjFBQDErhhGQvIojGnHE47lqm71RvJm/Ia+Or8A26p+Ntdzbw3l/WXld0Nh70yoX9VGB67BIY3s</SignatureValue> eCvtUXg+AeOiC/WMSK3/ew6M5ux79l14dZnn3Qql/Ygoxk64Rhsv0EQtpeO6n0LozT5diuH2HUOzE8TH0roqbcUnayPrRiqT0ONTCTETsWrmAQyAurrxcnofye8kUlDGSHXt72QQvnj1+1QSiMOrqeegHRa3YQV/Rd++0NIvQwdeX6HN+JHw1Tj7Y2UniUk7a7f6azyGhrv2DGj7E3a+nlHtfQWIZyAkFPniTRCgfTInBMMGi/HEevzCMt4YR9/1SEpcPWBbCnIPxqeWDy8TVMCGu2yKC/OH+q3kYDGEyhjovKYiaVXVeu2J3fZcPw1qtALrv6bxWHkI8SKQPM9yi6pz3FQwfI0PmWouBoS4BXnN35CKotpHYmswPxS3uG3Cn+gPxnGYH1TutO5wVCWYEXUrnyclj4ORXkRiGKGZxqrCcssDj3BgBCw0fZuIEQXGEsPzRPvO+t+huTmOOy9rKFljZ8i1qSsxEla+zENxxTcYDGuqpND1p9bt0gHfKg2E</ds:SignatureValue> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate>MIIGiDCCBLygAwIBAgIUNySjAhoHGRCYk/yn3wsw3wmXBrcwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMTA0MjgxMjI1NDhaFw0yNDA0MjcxMjI1NDdaMIGeMRUwEwYDVQQDDAxGT0NFU19neWxkaWcxNzA1BgNVBAUTLlVJOkRLLU86RzoyMzU1MDEzMi01ZTFmLTRlNDMtYTVmOS0wNDhhY2Y0OWUwYjgxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDDjbGCHjgv+o1q0Q8GcHnLzHG6r4Q4vfuuWHU3Uscjgo6PC55Wj+X509Certificate> MIIGiDCCBLygAwIBAgIUNySjAhoHGRCYk/yn3wsw3wmXBrcwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMTA0MjgxMjI1NDhaFw0yNDA0MjcxMjI1NDdaMIGeMRUwEwYDVQQDDAxGT0NFU19neWxkaWcxNzA1BgNVBAUTLlVJOkRLLU86RzoyMzU1MDEzMi01ZTFmLTRlNDMtYTVmOS0wNDhhY2Y0OWUwYjgxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDDjbGCHjgv+o1q0Q8GcHnLzHG6r4Q4vfuuWHU3Uscjgo6PC55Wj+GAsEnX7Gb8zIcM/kFv87wYR4w14dRO2lc8OO4e6sCzyIJduvu6da8yCBu6qYV708liVTvmTFFTc5O20lmRb0/MnUlyqU+IFcARhsT14M05sNznd1JF+/cfYwyDo+vCRPXa24WbY5GS2kBgnP/YDCUhmjOiDOGKMCgHj/YYvIZJq+2lfB+Lbi3vRXwJRCeI8FUOaVejFY6zDWOz14uELHhbK9Mhm3MV80PzK/MzDs2G60SMv7PGfkjjb3CHYKsDF0IJe59zumn322HAYOtaVSObSxESHhkOCUf6ZgFGoIQCGB7Q94A3UOktdPqgTmyequ+6HYQxPWbb5HxaItWvQ0qMV3jfu9VsH8Jzo+kpVoUVjpEucwmyXMLd22Iihfy6arckFHQFMYRBGB8bPuPGbk9aSlJ+AOQ+MD1foq051loLJb5Sukj3Bp+BtqrE3WAXp5xC+8pmN4szGacCAwEAAaOCAYYwggGCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAhBgNVHSAEGjAYMAgGBgQAj3oBATAMBgoqgVCBKQEBAQMHMDsGCCsGAQUFBwEDBC8wLTArBggrBgEFBQcLAjAfBgcEAIvsSQECMBSGEmh0dHBzOi8vdWlkLmdvdi5kazBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY3JsL2lzc3VpbmcuY3JsMB0GA1UdDgQWBBSQ2zoWKogKlPFYOToFjHSMufl3ZTAOBgNVHQ8BAf8EBAMCBaAwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4IBgQB9sFKk0XIi7AOVjMu5ngVK+KMqnEOe9YGuhW8PBRhaDXi1uVBTm3wpl7CCnPKjPCuJ8sUJxSsES8IZjowuGGRY8RI6Xrf9+gBihL/HHUFowPUSobUJeDiVqZyaQDxVXWRyTwF5R6lQtdX/GJJlrmgW2oEvm4SYGW512EA8DBMWXNfoR0iWGp7taNggMrRj+i3IRiqzfhtslBGA4Rd1t+SRkUJ9lu8JpS+zdQ9MOzfW1YWHeab7nK/k4LkfZTKh2762q4/ez74806OaTqf31Yg56KbPxWHNe0h18gFby0ggIAxhOMS+yAySN5CXcOMigqZt23vtgZjz+RgUVXX3cXrkJhFbhStO2Buh2xHfBT09L5lDfhpLAmC06oWT6xcoJO5EJ2bYCEAV74mwdyWNIkEc2H8AD7SLIxf56Q3MECYGPqyVU2yRKY6iDebTRt+HOeNLyWoZUTO7MXb7IQOhTpsVEZjZd0eiAEw8KbNPGNMwsWQwuf8RzVhildJ/bhPKsAY=</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </ds:Signature> </wsse:Security> <wsa:Action wsu:Id="action">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue</wsa:Action> <wsa:MessageID wsu:Id="messageID">urn:uuid:ebc3c28e1cf8e82e-1fb45741-48f34bb9-8d70a831-ba71b778e12c<f0f89c83578a</wsa:MessageID> </soapenv:Header> <soapenv:Body wsu:Id="body"> <wst:RequestSecurityToken Context="urn:uuid:bc96d4e7cf8a55b7-34279d5f-46f84fce-a349aced-1dc33429f4f17769c4ca2de2"> <wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType> <wst:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</wst:RequestType> <wst14:ActAs> <saml:EncryptedAssertion> <xenc:EncryptedData Assertion xmlns:xencxs="http://www.w3.org/2001/04/xmlenc#XMLSchema" Type xmlns:xsi="http://www.w3.org/2001/04/xmlenc#Element">XMLSchema-instance" <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>ID="_593cdbbb-e23d-4be5-8a6d-676187e4dd9c" IssueInstant="2023-12-28T10:57:48Z" <ds:KeyInfo> <xenc:EncryptedKey xmlns:xencVersion="2.0" xmlns:ds="http://www.w3.org/20012000/0409/xmlenc#xmldsig#"> <xenc:EncryptionMethod Algorithmxmlns:saml="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/urn:oasis:names:tc:SAML:2.0:assertion"> <saml:Issuer>https://oio3bst-issuer.dk</saml:Issuer> <xenc:CipherData> <ds:Signature Id="OCESSignature"> <xenc:CipherValue>XSpwjpEv8wqRrJsB0ZKxcfMt2Ap2/wwtWhjWp/TFUPZuF/jiU2QYj92S3n1XryjwNH/1JbY/EI60 2IHigJlrTjgj3eOd+mkGiVTFSXxzl7tvyfa+05WH8MDniGGA9gD9tIbILYIRZrmSsQsvDOy96hR6 CwLP5asNGtTEfLlN2jMAuVF27UGhZCC4XLMQ5+7ajaCaXxUuqxZTMKvVArCxUWlgQbFklvGAWWm2 gDX4mD1J4Mq81SwALK6qziQzE3sJCRAZpiyt+LCY1tDAi+mzE9Cu4HXy4RqbaeVc3uH+HJ6s+BL1 kSYgPW2tF1mGom16TWHk2q0HCjrDqVYkOoG9/C9Vm9KIGyYxtc75GstEmFn3Ltr0BI5E0G/HgnXZ VFb2dsP8X3uHsDryLuXJbWvkt+xB+MtN2zLlDQzkN4oKl9qC3l/xqmGcWbbIdRmTPyJBP4VM+BKV 8DctzzxN7Pxx5R+Ivl2/nuEWEmGXGV7BzSHhZs21fzdKGULi2havrP2z</xenc:CipherValue> <ds:SignedInfo> <ds:CanonicalizationMethod </xenc:CipherData>Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> </xenc:EncryptedKey> <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" /> </ds:KeyInfo> <ds:Reference URI="#_593cdbbb-e23d-4be5-8a6d-676187e4dd9c"> <xenc<ds:CipherData>Transforms> <xenc:CipherValue>[Udeladt for korthedens skyld]]</xenc:CipherValue> <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /> </xenc:CipherData> <ds:Transform </xenc:EncryptedData>Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> </saml:EncryptedAssertion> </wst14ds:ActAs>Transforms> <wsp:AppliesTo> <wsa:EndpointReference> <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" /> <wsa:Address>http://audience/clear</wsa:Address> <ds:DigestValue>gNWtK4XYXVkkTSzxwdyxuhUrvIMzD8IQwRwbzX2sgGI=</wsads:EndpointReference>DigestValue> </wsp:AppliesTo> <wst:Claims Dialect="http://docs.oasis-open.org/wsfed/authorization/200706/authclaims"> </ds:Reference> <auth:ClaimType Uri="dk:gov:saml:attribute:CprNumberIdentifier"> </ds:SignedInfo> <auth:Value>0501792275</auth:Value><ds:SignatureValue> </auth:ClaimType> </wst:Claims> YT3dO6StVswfqgJL39yVgSq7Kn/dEmCyXKt0fWN5niKCa2WpPNVAyfVzcXIBEYGZ7UOLlCuXkk8bELXiJwJQ2NpbbdPRYE7g1O4w91mvYl0xs3cYxXFTKDbX7xxW7gxSF0GLGWATqHYmsmo47bi2pXqKUrEF7C3mQogEo6p0ssi4n44E5mFOO6aUJcTelJK+hoUhTmLXgZ754lhzrNZ34TomKMmFsoEpERdGXDiV2uNsUChpFLOSDWLDVdeXxAZ4QoR87CAkvoutCWICw1EdbbD+HOwq9PJjOI5UuSeMtTW+Q3/oiYVEGx1w5P6zjnX3FpPuu12kOaFIgUB6qqMhT6zNSsusEgaMQjGSeW7wOwTzKHnjDakoqjuPVsMghho2tsZi5nc6NWXAi787nU7oxLn85//dhWK22UU8y/Hlc/enufs1UG+EngTTLRXt3DBQ96gJntRygSf/bz3/9Bpcw1FMrDSS2qJS2WxtOBL8IgSCE8cgW5k8WLao8OMTiKqw</ds:SignatureValue> </wst:RequestSecurityToken> </soapenv:Body> </soapenv:Envelope> |
Svar fra STS
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate> MIIGiDCCBLygAwIBAgIUNySjAhoHGRCYk/yn3wsw3wmXBrcwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMTA0MjgxMjI1NDhaFw0yNDA0MjcxMjI1NDdaMIGeMRUwEwYDVQQDDAxGT0NFU19neWxkaWcxNzA1BgNVBAUTLlVJOkRLLU86RzoyMzU1MDEzMi01ZTFmLTRlNDMtYTVmOS0wNDhhY2Y0OWUwYjgxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDDjbGCHjgv+o1q0Q8GcHnLzHG6r4Q4vfuuWHU3Uscjgo6PC55Wj+GAsEnX7Gb8zIcM/kFv87wYR4w14dRO2lc8OO4e6sCzyIJduvu6da8yCBu6qYV708liVTvmTFFTc5O20lmRb0/MnUlyqU+IFcARhsT14M05sNznd1JF+/cfYwyDo+vCRPXa24WbY5GS2kBgnP/YDCUhmjOiDOGKMCgHj/YYvIZJq+2lfB+Lbi3vRXwJRCeI8FUOaVejFY6zDWOz14uELHhbK9Mhm3MV80PzK/MzDs2G60SMv7PGfkjjb3CHYKsDF0IJe59zumn322HAYOtaVSObSxESHhkOCUf6ZgFGoIQCGB7Q94A3UOktdPqgTmyequ+6HYQxPWbb5HxaItWvQ0qMV3jfu9VsH8Jzo+kpVoUVjpEucwmyXMLd22Iihfy6arckFHQFMYRBGB8bPuPGbk9aSlJ+AOQ+MD1foq051loLJb5Sukj3Bp+BtqrE3WAXp5xC+8pmN4szGacCAwEAAaOCAYYwggGCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAhBgNVHSAEGjAYMAgGBgQAj3oBATAMBgoqgVCBKQEBAQMHMDsGCCsGAQUFBwEDBC8wLTArBggrBgEFBQcLAjAfBgcEAIvsSQECMBSGEmh0dHBzOi8vdWlkLmdvdi5kazBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY3JsL2lzc3VpbmcuY3JsMB0GA1UdDgQWBBSQ2zoWKogKlPFYOToFjHSMufl3ZTAOBgNVHQ8BAf8EBAMCBaAwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4IBgQB9sFKk0XIi7AOVjMu5ngVK+KMqnEOe9YGuhW8PBRhaDXi1uVBTm3wpl7CCnPKjPCuJ8sUJxSsES8IZjowuGGRY8RI6Xrf9+gBihL/HHUFowPUSobUJeDiVqZyaQDxVXWRyTwF5R6lQtdX/GJJlrmgW2oEvm4SYGW512EA8DBMWXNfoR0iWGp7taNggMrRj+i3IRiqzfhtslBGA4Rd1t+SRkUJ9lu8JpS+zdQ9MOzfW1YWHeab7nK/k4LkfZTKh2762q4/ez74806OaTqf31Yg56KbPxWHNe0h18gFby0ggIAxhOMS+yAySN5CXcOMigqZt23vtgZjz+RgUVXX3cXrkJhFbhStO2Buh2xHfBT09L5lDfhpLAmC06oWT6xcoJO5EJ2bYCEAV74mwdyWNIkEc2H8AD7SLIxf56Q3MECYGPqyVU2yRKY6iDebTRt+HOeNLyWoZUTO7MXb7IQOhTpsVEZjZd0eiAEw8KbNPGNMwsWQwuf8RzVhildJ/bhPKsAY=</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </ds:Signature> <saml:Subject> <saml:NameID Format="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <soapenv:Header> <wsse:Security mustUnderstand="1" wsu:Id="security"> nameid-format:persistent"> dk:gov:saml:attribute:CprNumberIdentifier:0501792275</saml:NameID> <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:holder-of-key"> <wsu<saml:TimestampSubjectConfirmationData wsuxsi:Idtype="tssaml:KeyInfoConfirmationDataType"> <wsu:Created>2023-01-17T10:01:42Z</wsu:Created> </wsu:Timestamp> <ds:Signature>KeyInfo> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> X509Data> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <ds:Reference URI="#body">X509Certificate> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> MIIGiDCCBLygAwIBAgIUNySjAhoHGRCYk/yn3wsw3wmXBrcwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMTA0MjgxMjI1NDhaFw0yNDA0MjcxMjI1NDdaMIGeMRUwEwYDVQQDDAxGT0NFU19neWxkaWcxNzA1BgNVBAUTLlVJOkRLLU86RzoyMzU1MDEzMi01ZTFmLTRlNDMtYTVmOS0wNDhhY2Y0OWUwYjgxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDDjbGCHjgv+o1q0Q8GcHnLzHG6r4Q4vfuuWHU3Uscjgo6PC55Wj+GAsEnX7Gb8zIcM/kFv87wYR4w14dRO2lc8OO4e6sCzyIJduvu6da8yCBu6qYV708liVTvmTFFTc5O20lmRb0/MnUlyqU+IFcARhsT14M05sNznd1JF+/cfYwyDo+vCRPXa24WbY5GS2kBgnP/YDCUhmjOiDOGKMCgHj/YYvIZJq+2lfB+Lbi3vRXwJRCeI8FUOaVejFY6zDWOz14uELHhbK9Mhm3MV80PzK/MzDs2G60SMv7PGfkjjb3CHYKsDF0IJe59zumn322HAYOtaVSObSxESHhkOCUf6ZgFGoIQCGB7Q94A3UOktdPqgTmyequ+6HYQxPWbb5HxaItWvQ0qMV3jfu9VsH8Jzo+kpVoUVjpEucwmyXMLd22Iihfy6arckFHQFMYRBGB8bPuPGbk9aSlJ+AOQ+MD1foq051loLJb5Sukj3Bp+BtqrE3WAXp5xC+8pmN4szGacCAwEAAaOCAYYwggGCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAhBgNVHSAEGjAYMAgGBgQAj3oBATAMBgoqgVCBKQEBAQMHMDsGCCsGAQUFBwEDBC8wLTArBggrBgEFBQcLAjAfBgcEAIvsSQECMBSGEmh0dHBzOi8vdWlkLmdvdi5kazBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY3JsL2lzc3VpbmcuY3JsMB0GA1UdDgQWBBSQ2zoWKogKlPFYOToFjHSMufl3ZTAOBgNVHQ8BAf8EBAMCBaAwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4IBgQB9sFKk0XIi7AOVjMu5ngVK+KMqnEOe9YGuhW8PBRhaDXi1uVBTm3wpl7CCnPKjPCuJ8sUJxSsES8IZjowuGGRY8RI6Xrf9+gBihL/HHUFowPUSobUJeDiVqZyaQDxVXWRyTwF5R6lQtdX/GJJlrmgW2oEvm4SYGW512EA8DBMWXNfoR0iWGp7taNggMrRj+i3IRiqzfhtslBGA4Rd1t+SRkUJ9lu8JpS+zdQ9MOzfW1YWHeab7nK/k4LkfZTKh2762q4/ez74806OaTqf31Yg56KbPxWHNe0h18gFby0ggIAxhOMS+yAySN5CXcOMigqZt23vtgZjz+RgUVXX3cXrkJhFbhStO2Buh2xHfBT09L5lDfhpLAmC06oWT6xcoJO5EJ2bYCEAV74mwdyWNIkEc2H8AD7SLIxf56Q3MECYGPqyVU2yRKY6iDebTRt+HOeNLyWoZUTO7MXb7IQOhTpsVEZjZd0eiAEw8KbNPGNMwsWQwuf8RzVhildJ/bhPKsAY=</ds:X509Certificate> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> </ds:X509Data> <ds:DigestValue>Dd3Fopf+KztciG0Ov2fyIFYV3bI=</ds:DigestValue>KeyInfo> </dssaml:Reference>SubjectConfirmationData> <ds:Reference URI="#ts"> </saml:SubjectConfirmation> <ds:Transforms></saml:Subject> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/<saml:Conditions NotOnOrAfter="2023-12-28T12:57:48Z"> </ds<saml:Transforms>AudienceRestriction> <ds:DigestMethod Algorithm="http <saml:Audience>http://www.w3.org/2000/09/xmldsig#sha1"/>audience/clear</saml:Audience> <ds:DigestValue>QcufgSZuMyIqGDQRgzo2qhV9bPQ=</dssaml:DigestValue>AudienceRestriction> </ds:Reference>saml:Conditions> <saml:AttributeStatement> <ds <saml:ReferenceAttribute URIName="#messageID">https://data.gov.dk/model/core/specVersion" <ds:Transforms> NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> <ds<saml:TransformAttributeValue Algorithmxsi:type="http://www.w3.org/2001/10/xml-exc-c14n#"/>xs:string">OIO-SAML-3.0</saml:AttributeValue> </dssaml:Transforms>Attribute> <ds<saml:DigestMethodAttribute AlgorithmName="httphttps://wwwdata.w3gov.orgdk/2000concept/09core/nsis/xmldsig#sha1loa"/> <ds:DigestValue>nu4c0NaE3eq9OGITv84JBSas6KE=</ds:DigestValue> NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> </ds:Reference> <ds:Reference URI="#relatesTo"><saml:AttributeValue xsi:type="xs:string">Substantial</saml:AttributeValue> <ds</saml:Transforms>Attribute> <ds<saml:TransformAttribute AlgorithmName="httphttps://wwwdata.w3gov.orgdk/model/2001core/10/xml-exc-c14n#"/>eid/cprNumber" </ds:Transforms> NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> <ds <saml:DigestMethodAttributeValue Algorithmxsi:type="http://www.w3.org/2000/09/xmldsig#sha1"/>xs:string">0501792275</saml:AttributeValue> <ds:DigestValue>9UwERB5xBRhppAfnRukLWgcivl0=</dssaml:DigestValue>Attribute> </dssaml:Reference>AttributeStatement> <ds:Reference URI="#action"></saml:Assertion> </wst14:ActAs> <ds<wsp:Transforms>AppliesTo> <wsa:EndpointReference> <ds:Transform Algorithm="http<wsa:Address>http://www.w3.org/2001/10/xml-exc-c14n#"/> audience/clear</wsa:Address> </dswsa:Transforms>EndpointReference> </wsp:AppliesTo> <ds<wst:DigestMethodClaims AlgorithmDialect="http://wwwdocs.w3oasis-open.org/2000wsfed/authorization/09200706/xmldsig#sha1authclaims"/> <ds:DigestValue>3cXAhlhZH22NiSh7AttxKxBap7Q=</ds:DigestValue><auth:ClaimType Uri="dk:gov:saml:attribute:CprNumberIdentifier"> <<auth:Value>0501792275</dsauth:Reference>Value> </dsauth:SignedInfo>ClaimType> </wst:Claims> </wst:RequestSecurityToken> </soapenv:Body> </soapenv:Envelope> |
Svar fra STS
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <soapenv:Header> <wsse:Security mustUnderstand="1" wsu:Id="security"><ds:SignatureValue>jxKRTZ71YH+mfL4K5DyJy9Knvq12VmyklrREWzIUkiKPzbyvjyK2nXL152Sv3BY7/se+3aepmAhBGiQ7v+DHOjhCRDsGQZvs7J19tvSxLEYrdpVZdz93ZF0p5mKT9+Oqrx/nHSrcMkaBqf6/yWSoRivoJgRAJstJRfrjecNobYLowibqJJhLiGUYfucK3rde8FBTazzKwEjWdjrwCdJ3XeJanbRRY7L0z2NQahlt3HlSnT+3m0VJOBRL6dpKdOIlCi/pGcxkiXVZFXGQJhJpyaR8+QWj2Cs1rc/4/KrrGGdZX292s4UEnXsEaVcFKcvbb4Ggb4JZ1WATM9DeLABB2A==</ds:SignatureValue> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate>MIIGRzCCBS+gAwIBAgIEX51MYTANBgkqhkiG9w0BAQsFADBJMQswCQYDVQQGEwJESzESMBAGA1UECgwJVFJVU1QyNDA4MSYwJAYDVQQDDB1UUlVTVDI0MDggU3lzdGVtdGVzdCBYWFhJViBDQTAeFw0yMTA4MTYwNjQ4MjJaFw0yNDA4MTYwNjQ3MjNaMIGOMQswCQYDVQQGEwJESzEvMC0GA1UECgwmU3RhdGVucyBTZXJ1bSBJbnN0aXR1dCAvLyBDVlI6NDY4Mzc0MjgxTjAgBgNVBAUTGUNWUjo0NjgzNzQyOC1VSUQ6Mjc5MTAxMzUwKgYDVQQDDCNTdGF0ZW5zIFNlcnVtIEluc3RpdHV0IC0gVGVzdCBWT0NFUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKo3h9gnQBKbiJriTMg/QLuuJFNONeRl9F8T9RE+HEOdBhhb64afks3ztVjXQ15r8KNu0YwBkOVFOe0wz7w0uT7OSFxf5Zejl1BO7VxIkcYEfq5GjryNcHb50sB7G2CisfKtdN5DRSShJyQXgZ3cflVazP+ZrYfi9gy79GBVYi3mTxN4yJtSOkKIMh8knGiBgHVqS3fkOO+K5dmV9qImFYQvCpSf8XgN96d5+mTvuZ2Yu+8GaFCSU93CxlnfODkqAWkATYnV0I6hd9l7qrGjIT0flDaVm2ruJwKEW+CkeaG9W9yDYBNLNw6WqioUckslMkVUwSUD6rQ8MLrvxfmQ+WsCAwEAAaOCAu8wggLrMA4GA1UdDwEB/wQEAwIDuDCBlwYIKwYBBQUHAQEEgYowgYcwPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3Jlc3BvbmRlcjBHBggrBgEFBQcwAoY7aHR0cDovL3YuYWlhLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3N5c3RlbXRlc3QzNC1jYS5jZXIwggEgBgNVHSAEggEXMIIBEzCCAQ8GDSsGAQQBgfRRAgQGAwUwgf0wLwYIKwYBBQUHAgEWI2h0dHA6Ly93d3cudHJ1c3QyNDA4LmNvbS9yZXBvc2l0b3J5MIHJBggrBgEFBQcCAjCBvDAMFgVEYW5JRDADAgEBGoGrRGFuSUQgdGVzdCBjZXJ0aWZpa2F0ZXIgZnJhIGRlbm5lIENBIHVkc3RlZGVzIHVuZGVyIE9JRCAxLjMuNi4xLjQuMS4zMTMxMy4yLjQuNi4zLjUuIERhbklEIHRlc3QgY2VydGlmaWNhdGVzIGZyb20gdGhpcyBDQSBhcmUgaXNzdWVkIHVuZGVyIE9JRCAxLjMuNi4xLjQuMS4zMTMxMy4yLjQuNi4zLjUuMCAGA1UdEQQZMBeBFXRlc3RjZXJ0aWZpa2F0QHNzaS5kazCBrQYDVR0fBIGlMIGiMDygOqA4hjZodHRwOi8vY3JsLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3N5c3RlbXRlc3QzNC5jcmwwYqBgoF6kXDBaMQswCQYDVQQGEwJESzESMBAGA1UECgwJVFJVU1QyNDA4MSYwJAYDVQQDDB1UUlVTVDI0MDggU3lzdGVtdGVzdCBYWFhJViBDQTEPMA0GA1UEAwwGQ1JMMTk1MB8GA1UdIwQYMBaAFM1saJc5chmkNatk6vQRo4GH+Gk7MB0GA1UdDgQWBBTXaIm8KGHSJc24Q3sCwFiMXb5M3jAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQCA26TOPUHHxffo7ajqZkZhNfDZzBl8XlcgQPbhrAZINCKD/cKesZGnJwElGHtexRfyUh073kkww1wP2EmZf+9m5Kry73hHKyUkawtO1/R2ib04OKpIZd8M3F9YfyOusZVxuTcYYty20xEfJO8HygzXNIrFFA1qorrMjuxiXZRnUDhjzUFVDAu/Rgt8cIR3pTvU1KizLBRUC6Q+8itJizvwMHVB+tRdENbUw+ElkXbLpFt+pc+C5wDFkVudv5B/46jU/ceGNdcmkvUt6F/ey3Uc3Pc30JzpYc4KDHKc6wOttYCNtxWAnpvhOS5HUuV6GpWVww28x3Ykhv0rfYXlZo4W</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </ds:Signature> </wsse:Security> <wsa:Action wsu:Id="action">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue</wsa:Action> <wsa:MessageID wsu:Id="messageID">urn:uuid:886d0eb8-d70b-43fa-97ce-8d814342f306</wsa:MessageID> <wsa:RelatesTo wsu:Id="relatesTo">urn:uuid:ebc3c28e-1fb4-48f3-8d70-ba71b778e12c</wsa:RelatesTo> </soapenv:Header> <soapenv:Body wsu:Id="body"> <wst:RequestSecurityTokenResponseCollection> <wst<wsu:RequestSecurityTokenResponseTimestamp Contextwsu:Id="urn:uuid:bc96d4e7-3427-46f8-a349-1dc33429f4f1ts"> <wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType><wsu:Created>2023-01-17T10:01:42Z</wsu:Created> </wsu:Timestamp> <ds:Signature> <wst<ds:RequestedSecurityToken>SignedInfo> <saml<ds:AssertionCanonicalizationMethod xmlns:xsAlgorithm="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="_3fb99f0a-4da0-4157-accd-789b1ac78e14" IssueInstant="2023-01-17T10:01:42Z" Version="2.0" xmlns:ds10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"xmldsig#rsa-sha1"/> <saml:Issuer>TESTSTS</saml:Issuer> <ds:Signature Id="OCESSignature<ds:Reference URI="#body"> <ds:SignedInfo>Transforms> <ds:CanonicalizationMethodTransform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:Transforms> <ds:SignatureMethodDigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1xmldsig#sha1"/> <ds:Reference URI="#_3fb99f0a-4da0-4157-accd-789b1ac78e14">DigestValue>Dd3Fopf+KztciG0Ov2fyIFYV3bI=</ds:DigestValue> </ds:Reference> <ds:Transforms>Reference URI="#ts"> <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <ds:DigestValue>kJE9hhP9+/xweTiQukBiZipAjhQ=DigestValue>QcufgSZuMyIqGDQRgzo2qhV9bPQ=</ds:DigestValue> </ds:Reference> </ds:Reference> <ds:Reference URI="#messageID"> </ds:SignedInfo><ds:Transforms> <ds:Transform Algorithm="http:SignatureValue>UcLkNItCKooUYVERRLUkeJvkPKXa5XGyim8/QY3bz20LsgO2J2FNUwREsLLk79cB0V7DZsB3MDulLBXiApYglI/ZPsX0lnr40fKFHBS8AOUrKidMVKbWVzQLqzIduwrgcIZCx2iwkuvXxlocuPlRmlochjAOCpNF6X/ZCaMOZTI8cnVrRptzsesXhhz+Hkuj/snUmzOT6sqPXq9RcqYkKD+ucHBnn7u0altrvng7mKzshNjd73Djrn7Edsj/J2Z69P9NYSv+32Ai7Uxe3d9G9vkqjjRg6Zh7bKm4cT//tjF8Zbq+F8hbdF1vM/t0iqCLln3OaMsRVJ0jZhLvN99HJg==www.w3.org/2001/10/xml-exc-c14n#"/> </ds:SignatureValue>Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <ds:KeyInfo>DigestValue>nu4c0NaE3eq9OGITv84JBSas6KE=</ds:DigestValue> </ds:Reference> <ds:X509Data> Reference URI="#relatesTo"> <ds:Transforms> <ds:X509Certificate>MIIGRzCCBS+gAwIBAgIEX51MYTANBgkqhkiG9w0BAQsFADBJMQswCQYDVQQGEwJESzESMBAGA1UECgwJVFJVU1QyNDA4MSYwJAYDVQQDDB1UUlVTVDI0MDggU3lzdGVtdGVzdCBYWFhJViBDQTAeFw0yMTA4MTYwNjQ4MjJaFw0yNDA4MTYwNjQ3MjNaMIGOMQswCQYDVQQGEwJESzEvMC0GA1UECgwmU3RhdGVucyBTZXJ1bSBJbnN0aXR1dCAvLyBDVlI6NDY4Mzc0MjgxTjAgBgNVBAUTGUNWUjo0NjgzNzQyOC1VSUQ6Mjc5MTAxMzUwKgYDVQQDDCNTdGF0ZW5zIFNlcnVtIEluc3RpdHV0IC0gVGVzdCBWT0NFUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKo3h9gnQBKbiJriTMg/QLuuJFNONeRl9F8T9RE+HEOdBhhb64afks3ztVjXQ15r8KNu0YwBkOVFOe0wz7w0uT7OSFxf5Zejl1BO7VxIkcYEfq5GjryNcHb50sB7G2CisfKtdN5DRSShJyQXgZ3cflVazP+ZrYfi9gy79GBVYi3mTxN4yJtSOkKIMh8knGiBgHVqS3fkOO+K5dmV9qImFYQvCpSf8XgN96d5+mTvuZ2Yu+8GaFCSU93CxlnfODkqAWkATYnV0I6hd9l7qrGjIT0flDaVm2ruJwKEW+CkeaG9W9yDYBNLNw6WqioUckslMkVUwSUD6rQ8MLrvxfmQ+WsCAwEAAaOCAu8wggLrMA4GA1UdDwEB/wQEAwIDuDCBlwYIKwYBBQUHAQEEgYowgYcwPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3Jlc3BvbmRlcjBHBggrBgEFBQcwAoY7aHR0cDovL3YuYWlhLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3N5c3RlbXRlc3QzNC1jYS5jZXIwggEgBgNVHSAEggEXMIIBEzCCAQ8GDSsGAQQBgfRRAgQGAwUwgf0wLwYIKwYBBQUHAgEWI2h0dHA6Ly93d3cudHJ1c3QyNDA4LmNvbS9yZXBvc2l0b3J5MIHJBggrBgEFBQcCAjCBvDAMFgVEYW5JRDADAgEBGoGrRGFuSUQgdGVzdCBjZXJ0aWZpa2F0ZXIgZnJhIGRlbm5lIENBIHVkc3RlZGVzIHVuZGVyIE9JRCAxLjMuNi4xLjQuMS4zMTMxMy4yLjQuNi4zLjUuIERhbklEIHRlc3QgY2VydGlmaWNhdGVzIGZyb20gdGhpcyBDQSBhcmUgaXNzdWVkIHVuZGVyIE9JRCAxLjMuNi4xLjQuMS4zMTMxMy4yLjQuNi4zLjUuMCAGA1UdEQQZMBeBFXRlc3RjZXJ0aWZpa2F0QHNzaS5kazCBrQYDVR0fBIGlMIGiMDygOqA4hjZodHRwOi8vY3JsLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3N5c3RlbXRlc3QzNC5jcmwwYqBgoF6kXDBaMQswCQYDVQQGEwJESzESMBAGA1UECgwJVFJVU1QyNDA4MSYwJAYDVQQDDB1UUlVTVDI0MDggU3lzdGVtdGVzdCBYWFhJViBDQTEPMA0GA1UEAwwGQ1JMMTk1MB8GA1UdIwQYMBaAFM1saJc5chmkNatk6vQRo4GH+Gk7MB0GA1UdDgQWBBTXaIm8KGHSJc24Q3sCwFiMXb5M3jAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQCA26TOPUHHxffo7ajqZkZhNfDZzBl8XlcgQPbhrAZINCKD/cKesZGnJwElGHtexRfyUh073kkww1wP2EmZf+9m5Kry73hHKyUkawtO1/R2ib04OKpIZd8M3F9YfyOusZVxuTcYYty20xEfJO8HygzXNIrFFA1qorrMjuxiXZRnUDhjzUFVDAu/Rgt8cIR3pTvU1KizLBRUC6Q+8itJizvwMHVB+tRdENbUw+ElkXbLpFt+pc+C5wDFkVudv5B/46jU/ceGNdcmkvUt6F/ey3Uc3Pc30JzpYc4KDHKc6wOttYCNtxWAnpvhOS5HUuV6GpWVww28x3Ykhv0rfYXlZo4W</ds:X509Certificate> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <ds:DigestValue>9UwERB5xBRhppAfnRukLWgcivl0=</ds:X509Data>DigestValue> </ds:KeyInfo>Reference> </ds:Signature><ds:Reference URI="#action"> <saml<ds:Subject>Transforms> <saml<ds:NameIDTransform FormatAlgorithm="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">dk:gov:saml:attribute:CprNumberIdentifier:0501792275</saml:NameID>http://www.w3.org/2001/10/xml-exc-c14n#"/> <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:holder-of-key"></ds:Transforms> <saml:SubjectConfirmationData NotOnOrAfter="2023-01-17T10:06:42Z" Recipient="http://audience/clear"> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <ds:KeyInfo><ds:DigestValue>3cXAhlhZH22NiSh7AttxKxBap7Q=</ds:DigestValue> </ds:Reference> <ds:X509Data> </ds:SignedInfo> <ds:X509Certificate>MIIGiDCCBLygAwIBAgIUNySjAhoHGRCYk/yn3wsw3wmXBrcwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMTA0MjgxMjI1NDhaFw0yNDA0MjcxMjI1NDdaMIGeMRUwEwYDVQQDDAxGT0NFU19neWxkaWcxNzA1BgNVBAUTLlVJOkRLLU86RzoyMzU1MDEzMi01ZTFmLTRlNDMtYTVmOS0wNDhhY2Y0OWUwYjgxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDDjbGCHjgv+o1q0Q8GcHnLzHG6r4Q4vfuuWHU3Uscjgo6PC55Wj+GAsEnX7Gb8zIcM/kFv87wYR4w14dRO2lc8OO4e6sCzyIJduvu6da8yCBu6qYV708liVTvmTFFTc5O20lmRb0/MnUlyqU+IFcARhsT14M05sNznd1JF+/cfYwyDo+vCRPXa24WbY5GS2kBgnP/YDCUhmjOiDOGKMCgHj/YYvIZJq+2lfB+Lbi3vRXwJRCeI8FUOaVejFY6zDWOz14uELHhbK9Mhm3MV80PzK/MzDs2G60SMv7PGfkjjb3CHYKsDF0IJe59zumn322HAYOtaVSObSxESHhkOCUf6ZgFGoIQCGB7Q94A3UOktdPqgTmyequ+6HYQxPWbb5HxaItWvQ0qMV3jfu9VsH8Jzo+kpVoUVjpEucwmyXMLd22Iihfy6arckFHQFMYRBGB8bPuPGbk9aSlJ+AOQ+MD1foq051loLJb5Sukj3Bp+BtqrE3WAXp5xC+8pmN4szGacCAwEAAaOCAYYwggGCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAhBgNVHSAEGjAYMAgGBgQAj3oBATAMBgoqgVCBKQEBAQMHMDsGCCsGAQUFBwEDBC8wLTArBggrBgEFBQcLAjAfBgcEAIvsSQECMBSGEmh0dHBzOi8vdWlkLmdvdi5kazBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY3JsL2lzc3VpbmcuY3JsMB0GA1UdDgQWBBSQ2zoWKogKlPFYOToFjHSMufl3ZTAOBgNVHQ8BAf8EBAMCBaAwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4IBgQB9sFKk0XIi7AOVjMu5ngVK+KMqnEOe9YGuhW8PBRhaDXi1uVBTm3wpl7CCnPKjPCuJ8sUJxSsES8IZjowuGGRY8RI6Xrf9+gBihL/HHUFowPUSobUJeDiVqZyaQDxVXWRyTwF5R6lQtdX/GJJlrmgW2oEvm4SYGW512EA8DBMWXNfoR0iWGp7taNggMrRj+i3IRiqzfhtslBGA4Rd1t+SRkUJ9lu8JpS+zdQ9MOzfW1YWHeab7nK/k4LkfZTKh2762q4/ez74806OaTqf31Yg56KbPxWHNe0h18gFby0ggIAxhOMS+yAySN5CXcOMigqZt23vtgZjz+RgUVXX3cXrkJhFbhStO2Buh2xHfBT09L5lDfhpLAmC06oWT6xcoJO5EJ2bYCEAV74mwdyWNIkEc2H8AD7SLIxf56Q3MECYGPqyVU2yRKY6iDebTRt+HOeNLyWoZUTO7MXb7IQOhTpsVEZjZd0eiAEw8KbNPGNMwsWQwuf8RzVhildJ/bhPKsAYSignatureValue>jxKRTZ71YH+mfL4K5DyJy9Knvq12VmyklrREWzIUkiKPzbyvjyK2nXL152Sv3BY7/se+3aepmAhBGiQ7v+DHOjhCRDsGQZvs7J19tvSxLEYrdpVZdz93ZF0p5mKT9+Oqrx/nHSrcMkaBqf6/yWSoRivoJgRAJstJRfrjecNobYLowibqJJhLiGUYfucK3rde8FBTazzKwEjWdjrwCdJ3XeJanbRRY7L0z2NQahlt3HlSnT+3m0VJOBRL6dpKdOIlCi/pGcxkiXVZFXGQJhJpyaR8+QWj2Cs1rc/4/KrrGGdZX292s4UEnXsEaVcFKcvbb4Ggb4JZ1WATM9DeLABB2A==</ds:X509Certificate>SignatureValue> <ds:KeyInfo> </ds<ds:X509Data> </ds:KeyInfo><ds:X509Certificate>MIIGRzCCBS+gAwIBAgIEX51MYTANBgkqhkiG9w0BAQsFADBJMQswCQYDVQQGEwJESzESMBAGA1UECgwJVFJVU1QyNDA4MSYwJAYDVQQDDB1UUlVTVDI0MDggU3lzdGVtdGVzdCBYWFhJViBDQTAeFw0yMTA4MTYwNjQ4MjJaFw0yNDA4MTYwNjQ3MjNaMIGOMQswCQYDVQQGEwJESzEvMC0GA1UECgwmU3RhdGVucyBTZXJ1bSBJbnN0aXR1dCAvLyBDVlI6NDY4Mzc0MjgxTjAgBgNVBAUTGUNWUjo0NjgzNzQyOC1VSUQ6Mjc5MTAxMzUwKgYDVQQDDCNTdGF0ZW5zIFNlcnVtIEluc3RpdHV0IC0gVGVzdCBWT0NFUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKo3h9gnQBKbiJriTMg/QLuuJFNONeRl9F8T9RE+HEOdBhhb64afks3ztVjXQ15r8KNu0YwBkOVFOe0wz7w0uT7OSFxf5Zejl1BO7VxIkcYEfq5GjryNcHb50sB7G2CisfKtdN5DRSShJyQXgZ3cflVazP+ZrYfi9gy79GBVYi3mTxN4yJtSOkKIMh8knGiBgHVqS3fkOO+K5dmV9qImFYQvCpSf8XgN96d5+mTvuZ2Yu+8GaFCSU93CxlnfODkqAWkATYnV0I6hd9l7qrGjIT0flDaVm2ruJwKEW+CkeaG9W9yDYBNLNw6WqioUckslMkVUwSUD6rQ8MLrvxfmQ+WsCAwEAAaOCAu8wggLrMA4GA1UdDwEB/wQEAwIDuDCBlwYIKwYBBQUHAQEEgYowgYcwPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3Jlc3BvbmRlcjBHBggrBgEFBQcwAoY7aHR0cDovL3YuYWlhLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3N5c3RlbXRlc3QzNC1jYS5jZXIwggEgBgNVHSAEggEXMIIBEzCCAQ8GDSsGAQQBgfRRAgQGAwUwgf0wLwYIKwYBBQUHAgEWI2h0dHA6Ly93d3cudHJ1c3QyNDA4LmNvbS9yZXBvc2l0b3J5MIHJBggrBgEFBQcCAjCBvDAMFgVEYW5JRDADAgEBGoGrRGFuSUQgdGVzdCBjZXJ0aWZpa2F0ZXIgZnJhIGRlbm5lIENBIHVkc3RlZGVzIHVuZGVyIE9JRCAxLjMuNi4xLjQuMS4zMTMxMy4yLjQuNi4zLjUuIERhbklEIHRlc3QgY2VydGlmaWNhdGVzIGZyb20gdGhpcyBDQSBhcmUgaXNzdWVkIHVuZGVyIE9JRCAxLjMuNi4xLjQuMS4zMTMxMy4yLjQuNi4zLjUuMCAGA1UdEQQZMBeBFXRlc3RjZXJ0aWZpa2F0QHNzaS5kazCBrQYDVR0fBIGlMIGiMDygOqA4hjZodHRwOi8vY3JsLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3N5c3RlbXRlc3QzNC5jcmwwYqBgoF6kXDBaMQswCQYDVQQGEwJESzESMBAGA1UECgwJVFJVU1QyNDA4MSYwJAYDVQQDDB1UUlVTVDI0MDggU3lzdGVtdGVzdCBYWFhJViBDQTEPMA0GA1UEAwwGQ1JMMTk1MB8GA1UdIwQYMBaAFM1saJc5chmkNatk6vQRo4GH+Gk7MB0GA1UdDgQWBBTXaIm8KGHSJc24Q3sCwFiMXb5M3jAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQCA26TOPUHHxffo7ajqZkZhNfDZzBl8XlcgQPbhrAZINCKD/cKesZGnJwElGHtexRfyUh073kkww1wP2EmZf+9m5Kry73hHKyUkawtO1/R2ib04OKpIZd8M3F9YfyOusZVxuTcYYty20xEfJO8HygzXNIrFFA1qorrMjuxiXZRnUDhjzUFVDAu/Rgt8cIR3pTvU1KizLBRUC6Q+8itJizvwMHVB+tRdENbUw+ElkXbLpFt+pc+C5wDFkVudv5B/46jU/ceGNdcmkvUt6F/ey3Uc3Pc30JzpYc4KDHKc6wOttYCNtxWAnpvhOS5HUuV6GpWVww28x3Ykhv0rfYXlZo4W</ds:X509Certificate> </samlds:SubjectConfirmationData>X509Data> </ds:KeyInfo> </samlds:SubjectConfirmation> Signature> </samlwsse:Subject>Security> <wsa:Action wsu:Id="action">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue</wsa:Action> <saml:Conditions NotBefore="2023-01-17T09:56:42Z" NotOnOrAfter="2023-01-17T10:06:42Z"> <saml:AudienceRestriction><wsa:MessageID wsu:Id="messageID">urn:uuid:886d0eb8-d70b-43fa-97ce-8d814342f306</wsa:MessageID> <wsa:RelatesTo wsu:Id="relatesTo">urn:uuid:ebc3c28e-1fb4-48f3-8d70-ba71b778e12c</wsa:RelatesTo> </soapenv:Header> <soapenv:Body wsu:Id="body"> <wst:RequestSecurityTokenResponseCollection> <wst:RequestSecurityTokenResponse Context="urn:uuid:bc96d4e7-3427-46f8-a349-1dc33429f4f1"> <saml<wst:Audience>httpTokenType>http://audience/clear</saml:Audience>docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType> <wst:RequestedSecurityToken> </saml:AudienceRestriction> <saml:Assertion xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="_3fb99f0a-4da0-4157-accd-789b1ac78e14" IssueInstant="2023-01-17T10:01:42Z" Version="2.0" </saml:Conditions>xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"> <saml:Issuer>TESTSTS</saml:AttributeStatement>Issuer> <saml<ds:AttributeSignature Name="dk:gov:saml:attribute:SpecVer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basicId="OCESSignature"> <ds:SignedInfo> <saml:AttributeValue xsi:type="xs:string">DK-SAML-2.0</saml:AttributeValue> </saml:Attribute><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <saml:Attribute Name="dk:gov:saml:attribute:AssuranceLevel" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <saml<ds:AttributeValueReference xsi:type="xs:string">3</saml:AttributeValue> URI="#_3fb99f0a-4da0-4157-accd-789b1ac78e14"> </saml:Attribute> <ds:Transforms> <saml:Attribute Name="dk:gov:saml:attribute:CprNumberIdentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"> <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> <saml<ds:AttributeValueTransform xsi:typeAlgorithm="xs:string">0501792275</saml:AttributeValue> http://www.w3.org/2001/10/xml-exc-c14n#"/> </samlds:Attribute>Transforms> </saml:AttributeStatement> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> </saml:Assertion> <ds:DigestValue>kJE9hhP9+/xweTiQukBiZipAjhQ=</wstds:RequestedSecurityToken>DigestValue> <wsp:AppliesTo> </ds:Reference> <wsa:EndpointReference> <wsa:Address>http://audience/clear</wsa:Address></ds:SignedInfo> </wsa:EndpointReference> <ds:SignatureValue>UcLkNItCKooUYVERRLUkeJvkPKXa5XGyim8/QY3bz20LsgO2J2FNUwREsLLk79cB0V7DZsB3MDulLBXiApYglI/ZPsX0lnr40fKFHBS8AOUrKidMVKbWVzQLqzIduwrgcIZCx2iwkuvXxlocuPlRmlochjAOCpNF6X/ZCaMOZTI8cnVrRptzsesXhhz+Hkuj/snUmzOT6sqPXq9RcqYkKD+ucHBnn7u0altrvng7mKzshNjd73Djrn7Edsj/J2Z69P9NYSv+32Ai7Uxe3d9G9vkqjjRg6Zh7bKm4cT//tjF8Zbq+F8hbdF1vM/t0iqCLln3OaMsRVJ0jZhLvN99HJg==</ds:SignatureValue> </wsp:AppliesTo> <wst<ds:Lifetime>KeyInfo> <wsu:Created>2023-01-17T09:56:42Z</wsu:Created> <wsu:Expires>2023-01-17T10:06:42Z</wsu:Expires><ds:X509Data> </wst:Lifetime> </wst:RequestSecurityTokenResponse> </wst:RequestSecurityTokenResponseCollection> </soapenv:Body> </soapenv:Envelope> |
OIO2BST_CITIZEN - udstedes af SEB IdP
Request
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:<ds:X509Certificate>MIIGRzCCBS+gAwIBAgIEX51MYTANBgkqhkiG9w0BAQsFADBJMQswCQYDVQQGEwJESzESMBAGA1UECgwJVFJVU1QyNDA4MSYwJAYDVQQDDB1UUlVTVDI0MDggU3lzdGVtdGVzdCBYWFhJViBDQTAeFw0yMTA4MTYwNjQ4MjJaFw0yNDA4MTYwNjQ3MjNaMIGOMQswCQYDVQQGEwJESzEvMC0GA1UECgwmU3RhdGVucyBTZXJ1bSBJbnN0aXR1dCAvLyBDVlI6NDY4Mzc0MjgxTjAgBgNVBAUTGUNWUjo0NjgzNzQyOC1VSUQ6Mjc5MTAxMzUwKgYDVQQDDCNTdGF0ZW5zIFNlcnVtIEluc3RpdHV0IC0gVGVzdCBWT0NFUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKo3h9gnQBKbiJriTMg/QLuuJFNONeRl9F8T9RE+HEOdBhhb64afks3ztVjXQ15r8KNu0YwBkOVFOe0wz7w0uT7OSFxf5Zejl1BO7VxIkcYEfq5GjryNcHb50sB7G2CisfKtdN5DRSShJyQXgZ3cflVazP+ZrYfi9gy79GBVYi3mTxN4yJtSOkKIMh8knGiBgHVqS3fkOO+K5dmV9qImFYQvCpSf8XgN96d5+mTvuZ2Yu+8GaFCSU93CxlnfODkqAWkATYnV0I6hd9l7qrGjIT0flDaVm2ruJwKEW+CkeaG9W9yDYBNLNw6WqioUckslMkVUwSUD6rQ8MLrvxfmQ+WsCAwEAAaOCAu8wggLrMA4GA1UdDwEB/wQEAwIDuDCBlwYIKwYBBQUHAQEEgYowgYcwPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3Jlc3BvbmRlcjBHBggrBgEFBQcwAoY7aHR0cDovL3YuYWlhLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3N5c3RlbXRlc3QzNC1jYS5jZXIwggEgBgNVHSAEggEXMIIBEzCCAQ8GDSsGAQQBgfRRAgQGAwUwgf0wLwYIKwYBBQUHAgEWI2h0dHA6Ly93d3cudHJ1c3QyNDA4LmNvbS9yZXBvc2l0b3J5MIHJBggrBgEFBQcCAjCBvDAMFgVEYW5JRDADAgEBGoGrRGFuSUQgdGVzdCBjZXJ0aWZpa2F0ZXIgZnJhIGRlbm5lIENBIHVkc3RlZGVzIHVuZGVyIE9JRCAxLjMuNi4xLjQuMS4zMTMxMy4yLjQuNi4zLjUuIERhbklEIHRlc3QgY2VydGlmaWNhdGVzIGZyb20gdGhpcyBDQSBhcmUgaXNzdWVkIHVuZGVyIE9JRCAxLjMuNi4xLjQuMS4zMTMxMy4yLjQuNi4zLjUuMCAGA1UdEQQZMBeBFXRlc3RjZXJ0aWZpa2F0QHNzaS5kazCBrQYDVR0fBIGlMIGiMDygOqA4hjZodHRwOi8vY3JsLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3N5c3RlbXRlc3QzNC5jcmwwYqBgoF6kXDBaMQswCQYDVQQGEwJESzESMBAGA1UECgwJVFJVU1QyNDA4MSYwJAYDVQQDDB1UUlVTVDI0MDggU3lzdGVtdGVzdCBYWFhJViBDQTEPMA0GA1UEAwwGQ1JMMTk1MB8GA1UdIwQYMBaAFM1saJc5chmkNatk6vQRo4GH+Gk7MB0GA1UdDgQWBBTXaIm8KGHSJc24Q3sCwFiMXb5M3jAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQCA26TOPUHHxffo7ajqZkZhNfDZzBl8XlcgQPbhrAZINCKD/cKesZGnJwElGHtexRfyUh073kkww1wP2EmZf+9m5Kry73hHKyUkawtO1/R2ib04OKpIZd8M3F9YfyOusZVxuTcYYty20xEfJO8HygzXNIrFFA1qorrMjuxiXZRnUDhjzUFVDAu/Rgt8cIR3pTvU1KizLBRUC6Q+8itJizvwMHVB+tRdENbUw+ElkXbLpFt+pc+C5wDFkVudv5B/46jU/ceGNdcmkvUt6F/ey3Uc3Pc30JzpYc4KDHKc6wOttYCNtxWAnpvhOS5HUuV6GpWVww28x3Ykhv0rfYXlZo4W</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </ds:Signature> <saml:Subject> <saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:assertion" xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512" xmlns:wst14="http://docs.oasis-open.org/ws-sx/ws-trust/200802" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <soapenv:Header> <wsse:Security mustUnderstand="1" wsu:Id="security"> <wsu:Timestamp wsu:Id="ts"> persistent">dk:gov:saml:attribute:CprNumberIdentifier:0501792275</saml:NameID> <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:holder-of-key"> <saml:SubjectConfirmationData NotOnOrAfter="2023-01-17T10:06:42Z" Recipient="http://audience/clear"> <ds:KeyInfo> <wsu:Created>2023-01-17T09:57:21Z</wsu:Created> </wsu:Timestamp> <ds:Signature>X509Data> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>X509Certificate>MIIGiDCCBLygAwIBAgIUNySjAhoHGRCYk/yn3wsw3wmXBrcwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMTA0MjgxMjI1NDhaFw0yNDA0MjcxMjI1NDdaMIGeMRUwEwYDVQQDDAxGT0NFU19neWxkaWcxNzA1BgNVBAUTLlVJOkRLLU86RzoyMzU1MDEzMi01ZTFmLTRlNDMtYTVmOS0wNDhhY2Y0OWUwYjgxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDDjbGCHjgv+o1q0Q8GcHnLzHG6r4Q4vfuuWHU3Uscjgo6PC55Wj+GAsEnX7Gb8zIcM/kFv87wYR4w14dRO2lc8OO4e6sCzyIJduvu6da8yCBu6qYV708liVTvmTFFTc5O20lmRb0/MnUlyqU+IFcARhsT14M05sNznd1JF+/cfYwyDo+vCRPXa24WbY5GS2kBgnP/YDCUhmjOiDOGKMCgHj/YYvIZJq+2lfB+Lbi3vRXwJRCeI8FUOaVejFY6zDWOz14uELHhbK9Mhm3MV80PzK/MzDs2G60SMv7PGfkjjb3CHYKsDF0IJe59zumn322HAYOtaVSObSxESHhkOCUf6ZgFGoIQCGB7Q94A3UOktdPqgTmyequ+6HYQxPWbb5HxaItWvQ0qMV3jfu9VsH8Jzo+kpVoUVjpEucwmyXMLd22Iihfy6arckFHQFMYRBGB8bPuPGbk9aSlJ+AOQ+MD1foq051loLJb5Sukj3Bp+BtqrE3WAXp5xC+8pmN4szGacCAwEAAaOCAYYwggGCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAhBgNVHSAEGjAYMAgGBgQAj3oBATAMBgoqgVCBKQEBAQMHMDsGCCsGAQUFBwEDBC8wLTArBggrBgEFBQcLAjAfBgcEAIvsSQECMBSGEmh0dHBzOi8vdWlkLmdvdi5kazBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY3JsL2lzc3VpbmcuY3JsMB0GA1UdDgQWBBSQ2zoWKogKlPFYOToFjHSMufl3ZTAOBgNVHQ8BAf8EBAMCBaAwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4IBgQB9sFKk0XIi7AOVjMu5ngVK+KMqnEOe9YGuhW8PBRhaDXi1uVBTm3wpl7CCnPKjPCuJ8sUJxSsES8IZjowuGGRY8RI6Xrf9+gBihL/HHUFowPUSobUJeDiVqZyaQDxVXWRyTwF5R6lQtdX/GJJlrmgW2oEvm4SYGW512EA8DBMWXNfoR0iWGp7taNggMrRj+i3IRiqzfhtslBGA4Rd1t+SRkUJ9lu8JpS+zdQ9MOzfW1YWHeab7nK/k4LkfZTKh2762q4/ez74806OaTqf31Yg56KbPxWHNe0h18gFby0ggIAxhOMS+yAySN5CXcOMigqZt23vtgZjz+RgUVXX3cXrkJhFbhStO2Buh2xHfBT09L5lDfhpLAmC06oWT6xcoJO5EJ2bYCEAV74mwdyWNIkEc2H8AD7SLIxf56Q3MECYGPqyVU2yRKY6iDebTRt+HOeNLyWoZUTO7MXb7IQOhTpsVEZjZd0eiAEw8KbNPGNMwsWQwuf8RzVhildJ/bhPKsAY=</ds:X509Certificate> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <ds:Reference URI="#body"> </ds:X509Data> <ds</ds:Transforms>KeyInfo> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </saml:SubjectConfirmationData> </dssaml:Transforms>SubjectConfirmation> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> </saml:Subject> <ds:DigestValue>5UlVK4msqgDfpHNhyKlWjHx5TCI=</ds:DigestValue> <saml:Conditions NotBefore="2023-01-17T09:56:42Z" NotOnOrAfter="2023-01-17T10:06:42Z"> </ds<saml:Reference>AudienceRestriction> <ds:Reference URI="#ts"> <saml:Audience>http://audience/clear</saml:Audience> <ds:Transforms> </saml:AudienceRestriction> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </saml:Conditions> </ds<saml:Transforms>AttributeStatement> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/<saml:Attribute Name="dk:gov:saml:attribute:SpecVer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"> <ds:DigestValue>P1/G5zD1nl6HzcGfKcZftL2AP30=</ds:DigestValue> </ds:Reference> <ds:Reference URI="#messageID"><saml:AttributeValue xsi:type="xs:string">DK-SAML-2.0</saml:AttributeValue> <ds:Transforms> </saml:Attribute> <ds<saml:TransformAttribute Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/Name="dk:gov:saml:attribute:AssuranceLevel" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><saml:AttributeValue xsi:type="xs:string">3</saml:AttributeValue> <ds:DigestValue>YGuMs7vXfPfuAYwwm5C1kGVT+Ps= </dssaml:DigestValue>Attribute> </ds:Reference> <ds:Reference URI="#action"> <saml:Attribute Name="dk:gov:saml:attribute:CprNumberIdentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><saml:AttributeValue xsi:type="xs:string">0501792275</saml:AttributeValue> </dssaml:Transforms>Attribute> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> </saml:AttributeStatement> </saml:Assertion> <ds:DigestValue>3cXAhlhZH22NiSh7AttxKxBap7Q=</dswst:DigestValue>RequestedSecurityToken> <wsp:AppliesTo> </ds:Reference> </ds<wsa:SignedInfo>EndpointReference> <ds:SignatureValue>E2ET9WoCLPdImrIn4Xvfn0c7O3SBgwQi0sy3Y+taGBdwTklq4M1nPTd11YpM40+Mra2ldxidolLLWpHjw21gIxmceK8ojxUNQg30nZQPAlKUGGVkftiq <wsa:Address>http://ETEfSXLAuDchdAe7EpumLuTdOcn7PN9lifCQFfPXGUolMw2gWYD4qaudience/CDc/yZwwtdm68DQ/xvn4nYrMprN9+iTUCl4KJ0cEq0AbO8CSuGss0ecJzp7yKt9OeGQgbnhNDaPxlVRKUOrORLXTKbvml1A0IzLQ30c3GdjgIHANNSUVdsllr8W78+DQrabh1m8VHn2DZJrNlTn94zrcmVsnkfoasBhfFpkUzw==</ds:SignatureValue> clear</wsa:Address> <ds:KeyInfo> </wsa:EndpointReference> </wsp:AppliesTo> <ds:X509Data> <wst:Lifetime> <ds:X509Certificate>MIIGJzCCBQ+gAwIBAgIEX6aZBzANBgkqhkiG9w0BAQsFADBJMQswCQYDVQQGEwJESzESMBAGA1UECgwJVFJVU1QyNDA4MSYwJAYDVQQDDB1UUlVTVDI0MDggU3lzdGVtdGVzdCBYWFhJViBDQTAeFw0yMjEyMTExMjQ4MTZaFw0yNTEyMTExMjQ3MzNaMIGQMQswCQYDVQQGEwJESzEnMCUGA1UECgweTkVUUyBEQU5JRCBBL1MgLy8gQ1ZSOjMwODA4NDYwMVgwIAYDVQQFExlDVlI6MzA4MDg0NjAtRklEOjk0NzMxMzE1MDQGA1UEAwwtVFUgR0VORVJFTCBGT0NFUyBneWxkaWcgKGZ1bmt0aW9uc2NlcnRpZmlrYXQpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApo+xqGtIP/POChegfzkTJiWNOwKQgR+L230FVAPjlaiJF8BqRt+JKtquv4rz1GiksodVtOYE7xUTUzBc+2IOLjW+pt8A5sZqoCoy2OVfkBjAm6h61q4SNJoKvU9jSGCj+RwcgIV/KB6qwZ46OUxze0YCbcJ1GFg2zeUXa7qKcqTifsORXHhV/Luo53C52sS8mjrkxJCT/f/ebe4i3TFGHGbvzHVvH84V0khoLv+GvyibT2+u6ry4QF0Dzfv/jpXEpvS+s1jr50L1PFU2md9r28c6N3Z8WVInN9qkdMRUIdB0kTrm5gVA9qJKXaJLsUwwt83BthyQA+4d43kSxwF0uQIDAQABo4ICzTCCAskwDgYDVR0PAQH/BAQDAgO4MIGXBggrBgEFBQcBAQSBijCBhzA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc3lzdGVtdGVzdDM0LnRydXN0MjQwOC5jb20vcmVzcG9uZGVyMEcGCCsGAQUFBzAChjtodHRwOi8vZi5haWEuc3lzdGVtdGVzdDM0LnRydXN0MjQwOC5jb20vc3lzdGVtdGVzdDM0LWNhLmNlcjCCASAGA1UdIASCARcwggETMIIBDwYNKwYBBAGB9FECBAYEAzCB/TAvBggrBgEFBQcCARYjaHR0cDovL3d3dy50cnVzdDI0MDguY29tL3JlcG9zaXRvcnkwgckGCCsGAQUFBwICMIG8MAwWBURhbklEMAMCAQEagatEYW5JRCB0ZXN0IGNlcnRpZmlrYXRlciBmcmEgZGVubmUgQ0EgdWRzdGVkZXMgdW5kZXIgT0lEIDEuMy42LjEuNC4xLjMxMzEzLjIuNC42LjQuMy4gRGFuSUQgdGVzdCBjZXJ0aWZpY2F0ZXMgZnJvbSB0aGlzIENBIGFyZSBpc3N1ZWQgdW5kZXIgT0lEIDEuMy42LjEuNC4xLjMxMzEzLjIuNC42LjQuMy4wga0GA1UdHwSBpTCBojA8oDqgOIY2aHR0cDovL2NybC5zeXN0ZW10ZXN0MzQudHJ1c3QyNDA4LmNvbS9zeXN0ZW10ZXN0MzQuY3JsMGKgYKBepFwwWjELMAkGA1UEBhMCREsxEjAQBgNVBAoMCVRSVVNUMjQwODEmMCQGA1UEAwwdVFJVU1QyNDA4IFN5c3RlbXRlc3QgWFhYSVYgQ0ExDzANBgNVBAMMBkNSTDU5NzAfBgNVHSMEGDAWgBTNbGiXOXIZpDWrZOr0EaOBh/hpOzAdBgNVHQ4EFgQUHGQX7o/mbXmLQ53B6MwbZEWWuy4wCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAjeb9T3Qeh3TuSTu4g0K4wZHUfW89e0tpiDT3nHIPqT4rNXbZ3Y1NUnkLoCtHJge5ixylFmytXAXSsBleoeNJL7DHYpAyrc6ZBUjUlSUYHFrSEOpU3KRReSRUDRLSn2naX46V1gP0OEMs1ZFixrxnBmgcI7SvHR8RFJyxGPjrSPgvIJbqeHtp9P3wSMj02jq6EEfpk6etiLBzvj0U/tWs4ucV6hu//p3/1OzjfVZG0gFxbHPV1oqIc2EcsMsskHutNd7/jw2GfP6k6E0EwV1Hlb8bVddjF3vQNPXIRnvAYSV1kDxoaXuufbRtKsuFG7ZmyIoPbc0ntgPfdYqT378JTg==</ds:X509Certificate> <wsu:Created>2023-01-17T09:56:42Z</wsu:Created> </ds:X509Data><wsu:Expires>2023-01-17T10:06:42Z</wsu:Expires> </dswst:KeyInfo>Lifetime> </dswst:Signature>RequestSecurityTokenResponse> </wssewst:Security>RequestSecurityTokenResponseCollection> </soapenv:Body> </soapenv:Envelope> |
OIO2BST_CITIZEN - udstedes af SEB IdP
Request
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<?xml version="1.0" encoding="UTF-8"?> <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" <wsa:Action wsu:Id="action">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue</wsa:Action> <wsa:MessageID wsu:Idxmlns:auth="messageID">urn:uuid:985506f2-fd1f-4935-aacd-43de6334edbf</wsa:MessageID> </soapenv:Header> <soapenv:Body wsu:Id="body"> <wst:RequestSecurityToken Context="urn:uuid:bf6660e3-f928-4357-bef6-d620ddbdb249"> <wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType> <wst:RequestType>httphttp://docs.oasis-open.org/wsfed/authorization/200706" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</wst:RequestType>" <wst14:ActAs> <saml:EncryptedAssertion> <xenc:EncryptedData xmlns:xencwst14="http://wwwdocs.w3oasis-open.org/2001/04/xmlenc#" Typews-sx/ws-trust/200802" xmlns:wsu="http://wwwdocs.w3oasis-open.org/2001wss/04/xmlenc#Element"> 2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <soapenv:Header> <xenc<wsse:EncryptionMethodSecurity AlgorithmmustUnderstand="1"http://www.w3.org/2001/04/xmlenc#aes128-cbc"/ wsu:Id="security"> <ds:KeyInfo> <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#<wsu:Timestamp wsu:Id="ts"> <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><wsu:Created>2024-02-23T09:20:36Z</wsu:Created> </wsu:Timestamp> <ds:Signature> <xenc<ds:CipherData>SignedInfo> <xenc:CipherValue>pZEMF+FlmyRym0DS8voKCvhoFehp86G6Y/21UaGfPstUP8oa+3QgBo1SPY55nXhciDN/Da7HaE46 2B1Ge9OYrYdNFYstaHdkYH1y1FVkVz51IFJAvIgdkRdlR8VZyYHim6Sr2B0t3SNTVWxH2ql+aQMr H7ugaPiVKdACfk7ofhH3/GtwTT3WvWYmu+vPX3iMp7SW9uUSgVmyK1nxbQzp6nbekTiPhpq6VTW6 IoBztPBIzkFKo3qRbEXXi72kqEfVNj7ynHv2alwU/C/46IEB2n6AXxXT3PCTjzimzhV/YeW5/ASq i4sLxezzcA6iIsuIHexbXBeALRk394HIhsh9bQ==</xenc:CipherValue> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> </xenc:CipherData> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> </xenc:EncryptedKey> </ds:KeyInfo><ds:Reference URI="#body"> <xenc:CipherData> <xenc:CipherValue>[Udeladt for korthedens skyld]</xenc:CipherValue><ds:Transforms> </xenc:CipherData> </xenc:EncryptedData> </saml:EncryptedAssertion> </wst14:ActAs> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> <wsp:AppliesTo> <wsa:EndpointReference> <wsa:Address>http://audience/clear</wsa:Address> </ds:Transforms> </wsa:EndpointReference> </wsp:AppliesTo> <wst<ds:ClaimsDigestMethod DialectAlgorithm="http://docswww.oasis-openw3.org/wsfed2000/authorization09/200706xmldsig#sha1" /authclaims"> <auth:ClaimType Uri="dk:gov:saml:attribute:CprNumberIdentifier"> <auth<ds:Value>0501792275<DigestValue>K6NblQLm29GnlaOTpaoqPbtcLHg=</authds:Value> DigestValue> </authds:ClaimType>Reference> </wst:Claims> </wst:RequestSecurityToken> </soapenv:Body> </soapenv:Envelope> |
Svar fra STS
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:wsa<ds:Reference URI="#ts"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/20052001/08/addressing" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <soapenv:Header> <wsse:Security mustUnderstand="1" wsu:Id="security"> 10/xml-exc-c14n#" /> <wsu:Timestamp wsu:Id="ts"> <wsu:Created>2023-01-17T09:57:21Z</wsu:Created></ds:Transforms> </wsu:Timestamp> <ds:Signature> <ds:SignedInfo> <ds:CanonicalizationMethodDigestMethod Algorithm="http://www.w3.org/20012000/10/xml-exc-c14n#"09/xmldsig#sha1" /> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <ds:DigestValue>/OQpEg3nog5DimJhhsBbCmCYrnU=</ds:DigestValue> </ds:Reference> <ds:Reference URI="#body#messageID"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> </ds:Transforms> <ds:</ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <ds:DigestValue>CsO3OtjcpgDEEHz6V7q3F0clIm0DigestValue>0EpRuLcuAoWm8+cuLdJGMBkBWVo=</ds:DigestValue> </ds:Reference> <ds:Reference URI="#ts#action"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <ds:DigestValue>P1/G5zD1nl6HzcGfKcZftL2AP30=</ds:DigestValue> <ds:DigestValue>3cXAhlhZH22NiSh7AttxKxBap7Q=</ds:Reference>DigestValue> <ds:Reference URI="#messageID"> <ds:Transforms></ds:Reference> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:SignedInfo> </ds<ds:Transforms> SignatureValue> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> YUhbJ+uMu87Tj7TP1PYSflr1fTVUrf5ao6C5t+wtt06y9hn4QDtAovzPG3QAS7Cx79chxFcwKHWfGB2eBsKmj3VRr69d9C9JN62kpOSXDhdqKPcZETMvGU0iw1n29oI1JoR8UW55glppoRU07sGkssut1mm42PWg0P3xjXbUYofD0VMznHDLXF2iGtBv1vjXHXuin5UXYy1zL/SXl8Hvl9WWN1Cxg46VEGhvFcRRvoHknzDrWYJMbvVyVqzbRRTYDOUSaY+ECsGK/Gxn8NcVjbuHXa9kcs87h5GKHc+8wnV5dorDVo+SikpIuOrMPNwzW85Y8e2O68vK8NLa2SyrP2NaYFi50KoXluUOePGla8IFX1PxdVBCQLg+twFAosV3Ta1Ma7Ssdj/dSINs/lU9tcBvsNvnNPIxZVVBUZvMZ3K39AwoUDChSFZuv7o1FWHCXdJkI+3NZepFG2QL8ah3k4tq58MSFAAE8IW48F0thxyzjVxVvCRysD6J0hdo6JgD</ds:SignatureValue> <ds:DigestValue>YpDqv8FMp6a/7aLnYCqeS/cRQgc=</ds:DigestValue>KeyInfo> </ds:Reference> <ds:Reference URI="#relatesTo"> X509Data> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> X509Certificate> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> MIIGiDCCBLygAwIBAgIUNySjAhoHGRCYk/yn3wsw3wmXBrcwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMTA0MjgxMjI1NDhaFw0yNDA0MjcxMjI1NDdaMIGeMRUwEwYDVQQDDAxGT0NFU19neWxkaWcxNzA1BgNVBAUTLlVJOkRLLU86RzoyMzU1MDEzMi01ZTFmLTRlNDMtYTVmOS0wNDhhY2Y0OWUwYjgxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDDjbGCHjgv+o1q0Q8GcHnLzHG6r4Q4vfuuWHU3Uscjgo6PC55Wj+GAsEnX7Gb8zIcM/kFv87wYR4w14dRO2lc8OO4e6sCzyIJduvu6da8yCBu6qYV708liVTvmTFFTc5O20lmRb0/MnUlyqU+IFcARhsT14M05sNznd1JF+/cfYwyDo+vCRPXa24WbY5GS2kBgnP/YDCUhmjOiDOGKMCgHj/YYvIZJq+2lfB+Lbi3vRXwJRCeI8FUOaVejFY6zDWOz14uELHhbK9Mhm3MV80PzK/MzDs2G60SMv7PGfkjjb3CHYKsDF0IJe59zumn322HAYOtaVSObSxESHhkOCUf6ZgFGoIQCGB7Q94A3UOktdPqgTmyequ+6HYQxPWbb5HxaItWvQ0qMV3jfu9VsH8Jzo+kpVoUVjpEucwmyXMLd22Iihfy6arckFHQFMYRBGB8bPuPGbk9aSlJ+AOQ+MD1foq051loLJb5Sukj3Bp+BtqrE3WAXp5xC+8pmN4szGacCAwEAAaOCAYYwggGCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAhBgNVHSAEGjAYMAgGBgQAj3oBATAMBgoqgVCBKQEBAQMHMDsGCCsGAQUFBwEDBC8wLTArBggrBgEFBQcLAjAfBgcEAIvsSQECMBSGEmh0dHBzOi8vdWlkLmdvdi5kazBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY3JsL2lzc3VpbmcuY3JsMB0GA1UdDgQWBBSQ2zoWKogKlPFYOToFjHSMufl3ZTAOBgNVHQ8BAf8EBAMCBaAwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4IBgQB9sFKk0XIi7AOVjMu5ngVK+KMqnEOe9YGuhW8PBRhaDXi1uVBTm3wpl7CCnPKjPCuJ8sUJxSsES8IZjowuGGRY8RI6Xrf9+gBihL/HHUFowPUSobUJeDiVqZyaQDxVXWRyTwF5R6lQtdX/GJJlrmgW2oEvm4SYGW512EA8DBMWXNfoR0iWGp7taNggMrRj+i3IRiqzfhtslBGA4Rd1t+SRkUJ9lu8JpS+zdQ9MOzfW1YWHeab7nK/k4LkfZTKh2762q4/ez74806OaTqf31Yg56KbPxWHNe0h18gFby0ggIAxhOMS+yAySN5CXcOMigqZt23vtgZjz+RgUVXX3cXrkJhFbhStO2Buh2xHfBT09L5lDfhpLAmC06oWT6xcoJO5EJ2bYCEAV74mwdyWNIkEc2H8AD7SLIxf56Q3MECYGPqyVU2yRKY6iDebTRt+HOeNLyWoZUTO7MXb7IQOhTpsVEZjZd0eiAEw8KbNPGNMwsWQwuf8RzVhildJ/bhPKsAY=</ds:X509Certificate> <ds:DigestValue>9GjXKHm3j+o8uQB+HTRCvT8GQQM=</ds:DigestValue> </ds:Reference>X509Data> <ds:Reference URI="#action"> </ds:KeyInfo> <ds</ds:Transforms>Signature> </wsse:Security> <ds <wsa:TransformAction Algorithmwsu:Id="httpaction">http://wwwdocs.w3oasis-open.org/2001/10/xml-exc-c14n#"/>ws-sx/ws-trust/200512/RST/Issue</wsa:Action> <wsa:MessageID wsu:Id="messageID">urn:uuid:8f55fcc0-6939-4a08-a6f7-35dfe686573e</wsa:MessageID> </dssoapenv:Transforms>Header> <soapenv:Body wsu:Id="body"> <ds <wst:DigestMethodRequestSecurityToken AlgorithmContext="http://www.w3.org/2000/09/xmldsig#sha1"/urn:uuid:edd62a55-4408-45ca-8dc5-b215d49c9797"> <ds:DigestValue>3cXAhlhZH22NiSh7AttxKxBap7Q=</ds:DigestValue><wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType> </ds:Reference> <wst:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</wst:RequestType> </ds:SignedInfo> <wst14:ActAs> <ds:SignatureValue>D8Ski/wVUNo6QXbr/Z+O+/ma8c4UP0ah3IDubLDuK49V2jwULT94CJ3uz+Y0Duq5CbhB9hlIghcYG1AZAsx9NhYfRxGp3melp/JfvX2rIomOK5Cd00fky6QAYmSwPeBCZy5yIPxoEHQshnCkUgtjXD2eiO40czQ94lvlLIAaCg3vYegBQqLRB41qNAom9QFbDkpmqshrbJplJVqwz+fsy8ALrU/UGqHVRpU45r4/DpJw6agNmSZNNAErKR4V/5jds5JLXuLuZaFrfb5ip/jhXJNb+UuszHhJkDMKud3Zz7P+9PiaVjPmYOjkOEV3TVukCAs31bqArE6wi7/ba4T9Hw==</ds:SignatureValue> <ds:KeyInfo><saml:Assertion xmlns:xs="http://www.w3.org/2001/XMLSchema" <ds:X509Data> <ds:X509Certificate>MIIGRzCCBS+gAwIBAgIEX51MYTANBgkqhkiG9w0BAQsFADBJMQswCQYDVQQGEwJESzESMBAGA1UECgwJVFJVU1QyNDA4MSYwJAYDVQQDDB1UUlVTVDI0MDggU3lzdGVtdGVzdCBYWFhJViBDQTAeFw0yMTA4MTYwNjQ4MjJaFw0yNDA4MTYwNjQ3MjNaMIGOMQswCQYDVQQGEwJESzEvMC0GA1UECgwmU3RhdGVucyBTZXJ1bSBJbnN0aXR1dCAvLyBDVlI6NDY4Mzc0MjgxTjAgBgNVBAUTGUNWUjo0NjgzNzQyOC1VSUQ6Mjc5MTAxMzUwKgYDVQQDDCNTdGF0ZW5zIFNlcnVtIEluc3RpdHV0IC0gVGVzdCBWT0NFUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKo3h9gnQBKbiJriTMg/QLuuJFNONeRl9F8T9RE+HEOdBhhb64afks3ztVjXQ15r8KNu0YwBkOVFOe0wz7w0uT7OSFxf5Zejl1BO7VxIkcYEfq5GjryNcHb50sB7G2CisfKtdN5DRSShJyQXgZ3cflVazP+ZrYfi9gy79GBVYi3mTxN4yJtSOkKIMh8knGiBgHVqS3fkOO+K5dmV9qImFYQvCpSf8XgN96d5+mTvuZ2Yu+8GaFCSU93CxlnfODkqAWkATYnV0I6hd9l7qrGjIT0flDaVm2ruJwKEW+CkeaG9W9yDYBNLNw6WqioUckslMkVUwSUD6rQ8MLrvxfmQ+WsCAwEAAaOCAu8wggLrMA4GA1UdDwEB/wQEAwIDuDCBlwYIKwYBBQUHAQEEgYowgYcwPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3Jlc3BvbmRlcjBHBggrBgEFBQcwAoY7aHR0cDovL3YuYWlhLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3N5c3RlbXRlc3QzNC1jYS5jZXIwggEgBgNVHSAEggEXMIIBEzCCAQ8GDSsGAQQBgfRRAgQGAwUwgf0wLwYIKwYBBQUHAgEWI2h0dHA6Ly93d3cudHJ1c3QyNDA4LmNvbS9yZXBvc2l0b3J5MIHJBggrBgEFBQcCAjCBvDAMFgVEYW5JRDADAgEBGoGrRGFuSUQgdGVzdCBjZXJ0aWZpa2F0ZXIgZnJhIGRlbm5lIENBIHVkc3RlZGVzIHVuZGVyIE9JRCAxLjMuNi4xLjQuMS4zMTMxMy4yLjQuNi4zLjUuIERhbklEIHRlc3QgY2VydGlmaWNhdGVzIGZyb20gdGhpcyBDQSBhcmUgaXNzdWVkIHVuZGVyIE9JRCAxLjMuNi4xLjQuMS4zMTMxMy4yLjQuNi4zLjUuMCAGA1UdEQQZMBeBFXRlc3RjZXJ0aWZpa2F0QHNzaS5kazCBrQYDVR0fBIGlMIGiMDygOqA4hjZodHRwOi8vY3JsLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3N5c3RlbXRlc3QzNC5jcmwwYqBgoF6kXDBaMQswCQYDVQQGEwJESzESMBAGA1UECgwJVFJVU1QyNDA4MSYwJAYDVQQDDB1UUlVTVDI0MDggU3lzdGVtdGVzdCBYWFhJViBDQTEPMA0GA1UEAwwGQ1JMMTk1MB8GA1UdIwQYMBaAFM1saJc5chmkNatk6vQRo4GH+Gk7MB0GA1UdDgQWBBTXaIm8KGHSJc24Q3sCwFiMXb5M3jAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQCA26TOPUHHxffo7ajqZkZhNfDZzBl8XlcgQPbhrAZINCKD/cKesZGnJwElGHtexRfyUh073kkww1wP2EmZf+9m5Kry73hHKyUkawtO1/R2ib04OKpIZd8M3F9YfyOusZVxuTcYYty20xEfJO8HygzXNIrFFA1qorrMjuxiXZRnUDhjzUFVDAu/Rgt8cIR3pTvU1KizLBRUC6Q+8itJizvwMHVB+tRdENbUw+ElkXbLpFt+pc+C5wDFkVudv5B/46jU/ceGNdcmkvUt6F/ey3Uc3Pc30JzpYc4KDHKc6wOttYCNtxWAnpvhOS5HUuV6GpWVww28x3Ykhv0rfYXlZo4W</ds:X509Certificate>xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" </ds:X509Data> </ds:KeyInfo> </ds:Signature> </wsse:Security> <wsa:Action wsu:Id="action">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue</wsa:Action> <wsa:MessageID wsu:Id="messageID">urn:uuid:41d4b3b0-43a7-4751-ab78-bbedc3f81c8e</wsa:MessageID> <wsa:RelatesTo wsu:Id="relatesTo">urn:uuid:985506f2-fd1f-4935-aacd-43de6334edbf</wsa:RelatesTo> </soapenv:Header> <soapenv:Body wsu:Id="body"> <wst:RequestSecurityTokenResponseCollection> <wst:RequestSecurityTokenResponse Context="urn:uuid:bf6660e3-f928-4357-bef6-d620ddbdb249"> <wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType> ID="_247b7481-a132-491b-aab9-187bdb90383c" IssueInstant="2024-02-23T09:20:36Z" Version="2.0" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"> <saml:Issuer>https://oio2bst-issuer.dk</saml:Issuer> <wst:RequestedSecurityToken> <saml<ds:AssertionSignature xmlns:xsId="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="_ce03e1da-ebb5-420d-bf95-c0a2cc9fa675" IssueInstant="2023-01-17T09:57:21Z" Version="2.0" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"> OCESSignature"> <saml:Issuer>TESTSTS</saml:Issuer><ds:SignedInfo> <ds:Signature Id="OCESSignature"> <ds:SignedInfo>CanonicalizationMethod <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/20002001/0910/xmldsig#rsaxml-exc-sha1c14n#" /> <ds:Reference URI="#_ce03e1da-ebb5-420d-bf95-c0a2cc9fa675"> <ds:SignatureMethod <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/20002001/0904/xmldsig#envelopedxmldsig-more#rsa-signaturesha256" /> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:Reference URI="#_247b7481-a132-491b-aab9-187bdb90383c"> </ds <ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <ds:DigestValue>dHk01KvYsxDQZzO6SkRMY8a1ajs=</ds:DigestValue>Transform </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>EcFniIcKh69vir3ARrFsHjs+A6Oooqn+iIUqzqjFIPCZN03fZx5Lyr7kRQmoZ9syRFdy2FMw/mh1eyxe8vRgc59iJqt6Jx6RZpQfLJpL1VgIsXugN0Y98smwSd1N+32sinliEP25L4OxgrNwu6mua7Ch595uph+bRP063s/MuHNLU6SVbH8dub+6swgAo/Y1YHhRrwtL8covyvy5Ph448lpDyj3FKc8kpziS3jubnTijq5kHPNbCoh6mPeauSJ8vBxlgyIjvTIySSWdUrnO6wtUqs80ranVDQan6bfZIQOoKTPG7Jo1Mq/slkEX1C6tbT3pjEUpMyGzH/YDgk1AJmg==</ds:SignatureValue> Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /> <ds:KeyInfo> <ds:X509Data>Transform <ds:X509Certificate>MIIGRzCCBS+gAwIBAgIEX51MYTANBgkqhkiG9w0BAQsFADBJMQswCQYDVQQGEwJESzESMBAGA1UECgwJVFJVU1QyNDA4MSYwJAYDVQQDDB1UUlVTVDI0MDggU3lzdGVtdGVzdCBYWFhJViBDQTAeFw0yMTA4MTYwNjQ4MjJaFw0yNDA4MTYwNjQ3MjNaMIGOMQswCQYDVQQGEwJESzEvMC0GA1UECgwmU3RhdGVucyBTZXJ1bSBJbnN0aXR1dCAvLyBDVlI6NDY4Mzc0MjgxTjAgBgNVBAUTGUNWUjo0NjgzNzQyOC1VSUQ6Mjc5MTAxMzUwKgYDVQQDDCNTdGF0ZW5zIFNlcnVtIEluc3RpdHV0IC0gVGVzdCBWT0NFUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKo3h9gnQBKbiJriTMg/QLuuJFNONeRl9F8T9RE+HEOdBhhb64afks3ztVjXQ15r8KNu0YwBkOVFOe0wz7w0uT7OSFxf5Zejl1BO7VxIkcYEfq5GjryNcHb50sB7G2CisfKtdN5DRSShJyQXgZ3cflVazP+ZrYfi9gy79GBVYi3mTxN4yJtSOkKIMh8knGiBgHVqS3fkOO+K5dmV9qImFYQvCpSf8XgN96d5+mTvuZ2Yu+8GaFCSU93CxlnfODkqAWkATYnV0I6hd9l7qrGjIT0flDaVm2ruJwKEW+CkeaG9W9yDYBNLNw6WqioUckslMkVUwSUD6rQ8MLrvxfmQ+WsCAwEAAaOCAu8wggLrMA4GA1UdDwEB/wQEAwIDuDCBlwYIKwYBBQUHAQEEgYowgYcwPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3Jlc3BvbmRlcjBHBggrBgEFBQcwAoY7aHR0cDovL3YuYWlhLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3N5c3RlbXRlc3QzNC1jYS5jZXIwggEgBgNVHSAEggEXMIIBEzCCAQ8GDSsGAQQBgfRRAgQGAwUwgf0wLwYIKwYBBQUHAgEWI2h0dHA6Ly93d3cudHJ1c3QyNDA4LmNvbS9yZXBvc2l0b3J5MIHJBggrBgEFBQcCAjCBvDAMFgVEYW5JRDADAgEBGoGrRGFuSUQgdGVzdCBjZXJ0aWZpa2F0ZXIgZnJhIGRlbm5lIENBIHVkc3RlZGVzIHVuZGVyIE9JRCAxLjMuNi4xLjQuMS4zMTMxMy4yLjQuNi4zLjUuIERhbklEIHRlc3QgY2VydGlmaWNhdGVzIGZyb20gdGhpcyBDQSBhcmUgaXNzdWVkIHVuZGVyIE9JRCAxLjMuNi4xLjQuMS4zMTMxMy4yLjQuNi4zLjUuMCAGA1UdEQQZMBeBFXRlc3RjZXJ0aWZpa2F0QHNzaS5kazCBrQYDVR0fBIGlMIGiMDygOqA4hjZodHRwOi8vY3JsLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3N5c3RlbXRlc3QzNC5jcmwwYqBgoF6kXDBaMQswCQYDVQQGEwJESzESMBAGA1UECgwJVFJVU1QyNDA4MSYwJAYDVQQDDB1UUlVTVDI0MDggU3lzdGVtdGVzdCBYWFhJViBDQTEPMA0GA1UEAwwGQ1JMMTk1MB8GA1UdIwQYMBaAFM1saJc5chmkNatk6vQRo4GH+Gk7MB0GA1UdDgQWBBTXaIm8KGHSJc24Q3sCwFiMXb5M3jAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQCA26TOPUHHxffo7ajqZkZhNfDZzBl8XlcgQPbhrAZINCKD/cKesZGnJwElGHtexRfyUh073kkww1wP2EmZf+9m5Kry73hHKyUkawtO1/R2ib04OKpIZd8M3F9YfyOusZVxuTcYYty20xEfJO8HygzXNIrFFA1qorrMjuxiXZRnUDhjzUFVDAu/Rgt8cIR3pTvU1KizLBRUC6Q+8itJizvwMHVB+tRdENbUw+ElkXbLpFt+pc+C5wDFkVudv5B/46jU/ceGNdcmkvUt6F/ey3Uc3Pc30JzpYc4KDHKc6wOttYCNtxWAnpvhOS5HUuV6GpWVww28x3Ykhv0rfYXlZo4W</ds:X509Certificate> </ds:X509Data> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> </ds:KeyInfo> </ds:Signature>Transforms> <saml:Subject> <saml<ds:NameIDDigestMethod FormatAlgorithm="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">dk:gov:saml:attribute:CprNumberIdentifier:0501792275</saml:NameID> http://www.w3.org/2001/04/xmlenc#sha256" /> <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:holder-of-key"> <saml:SubjectConfirmationData NotOnOrAfter="2023-01-17T10:02:21Z" Recipient="http://audience/clear"><ds:DigestValue>KeyC0zlzgeHD5vDYBaivdYgfKi/2cnhpW31VXUoV65k=</ds:DigestValue> <ds:KeyInfo> <ds:X509Data> </ds:Reference> <ds:X509Certificate>MIIGJzCCBQ+gAwIBAgIEX6aZBzANBgkqhkiG9w0BAQsFADBJMQswCQYDVQQGEwJESzESMBAGA1UECgwJVFJVU1QyNDA4MSYwJAYDVQQDDB1UUlVTVDI0MDggU3lzdGVtdGVzdCBYWFhJViBDQTAeFw0yMjEyMTExMjQ4MTZaFw0yNTEyMTExMjQ3MzNaMIGQMQswCQYDVQQGEwJESzEnMCUGA1UECgweTkVUUyBEQU5JRCBBL1MgLy8gQ1ZSOjMwODA4NDYwMVgwIAYDVQQFExlDVlI6MzA4MDg0NjAtRklEOjk0NzMxMzE1MDQGA1UEAwwtVFUgR0VORVJFTCBGT0NFUyBneWxkaWcgKGZ1bmt0aW9uc2NlcnRpZmlrYXQpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApo+xqGtIP/POChegfzkTJiWNOwKQgR+L230FVAPjlaiJF8BqRt+JKtquv4rz1GiksodVtOYE7xUTUzBc+2IOLjW+pt8A5sZqoCoy2OVfkBjAm6h61q4SNJoKvU9jSGCj+RwcgIV/KB6qwZ46OUxze0YCbcJ1GFg2zeUXa7qKcqTifsORXHhV/Luo53C52sS8mjrkxJCT/f/ebe4i3TFGHGbvzHVvH84V0khoLv+GvyibT2+u6ry4QF0Dzfv/jpXEpvS+s1jr50L1PFU2md9r28c6N3Z8WVInN9qkdMRUIdB0kTrm5gVA9qJKXaJLsUwwt83BthyQA+4d43kSxwF0uQIDAQABo4ICzTCCAskwDgYDVR0PAQH/BAQDAgO4MIGXBggrBgEFBQcBAQSBijCBhzA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc3lzdGVtdGVzdDM0LnRydXN0MjQwOC5jb20vcmVzcG9uZGVyMEcGCCsGAQUFBzAChjtodHRwOi8vZi5haWEuc3lzdGVtdGVzdDM0LnRydXN0MjQwOC5jb20vc3lzdGVtdGVzdDM0LWNhLmNlcjCCASAGA1UdIASCARcwggETMIIBDwYNKwYBBAGB9FECBAYEAzCB/TAvBggrBgEFBQcCARYjaHR0cDovL3d3dy50cnVzdDI0MDguY29tL3JlcG9zaXRvcnkwgckGCCsGAQUFBwICMIG8MAwWBURhbklEMAMCAQEagatEYW5JRCB0ZXN0IGNlcnRpZmlrYXRlciBmcmEgZGVubmUgQ0EgdWRzdGVkZXMgdW5kZXIgT0lEIDEuMy42LjEuNC4xLjMxMzEzLjIuNC42LjQuMy4gRGFuSUQgdGVzdCBjZXJ0aWZpY2F0ZXMgZnJvbSB0aGlzIENBIGFyZSBpc3N1ZWQgdW5kZXIgT0lEIDEuMy42LjEuNC4xLjMxMzEzLjIuNC42LjQuMy4wga0GA1UdHwSBpTCBojA8oDqgOIY2aHR0cDovL2NybC5zeXN0ZW10ZXN0MzQudHJ1c3QyNDA4LmNvbS9zeXN0ZW10ZXN0MzQuY3JsMGKgYKBepFwwWjELMAkGA1UEBhMCREsxEjAQBgNVBAoMCVRSVVNUMjQwODEmMCQGA1UEAwwdVFJVU1QyNDA4IFN5c3RlbXRlc3QgWFhYSVYgQ0ExDzANBgNVBAMMBkNSTDU5NzAfBgNVHSMEGDAWgBTNbGiXOXIZpDWrZOr0EaOBh/hpOzAdBgNVHQ4EFgQUHGQX7o/mbXmLQ53B6MwbZEWWuy4wCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAjeb9T3Qeh3TuSTu4g0K4wZHUfW89e0tpiDT3nHIPqT4rNXbZ3Y1NUnkLoCtHJge5ixylFmytXAXSsBleoeNJL7DHYpAyrc6ZBUjUlSUYHFrSEOpU3KRReSRUDRLSn2naX46V1gP0OEMs1ZFixrxnBmgcI7SvHR8RFJyxGPjrSPgvIJbqeHtp9P3wSMj02jq6EEfpk6etiLBzvj0U/tWs4ucV6hu//p3/1OzjfVZG0gFxbHPV1oqIc2EcsMsskHutNd7/jw2GfP6k6E0EwV1Hlb8bVddjF3vQNPXIRnvAYSV1kDxoaXuufbRtKsuFG7ZmyIoPbc0ntgPfdYqT378JTg==</ds:X509Certificate>SignedInfo> </ds:X509Data> <ds:SignatureValue> </ds:KeyInfo> </saml:SubjectConfirmationData>Tr5Puq+s+4X1SHRTjK4od5/lQN2qhhz6TpSKxR4jbsZOtP/ngPdi2uR/i9XVjyWanBCgsd+FYsX9qeyHXw4fwlcOTTw6NWYxzTJhM+QNHhZcr9+nzgAy3uX3etqIiF6CTSQn52ZSFtVyKJzXzi3yNsaHR6HCJO4O2e8qSXyONsFlbsoVz/BBxze/uAKmwZG/5EsrWGJMQRjBd6Ik8vQ1WN/2yFPxGqAbsh7l0oEQqT8e/St/CuP4pLzvRMkRvQ9VuL9jaUAbtNDh2uFNWqy//l6t2EmRLB1yNdpFnThOkV66kx9F4yC9VPYcfkaB/dr+WbAGmMILuu+d14RvZPw5fe9eommtxRqT4ALH3JTKQDoXAkunXAEiAXtQEa+0IHip0Jwg6KzSZSNTxy+e1qh+aA57+QCZLzm7I5tkS1jUxT2AsaYP6iYnspRohTiiKM0AGfcXzW8dilriQX8W92fqEqCzpkZ0eNbnTCNvj9SP6+fq5BRraHKccb/VDRkVscmu</ds:SignatureValue> </saml:SubjectConfirmation> </saml:Subject><ds:KeyInfo> <saml:Conditions NotBefore="2023-01-17T09:52:21Z" NotOnOrAfter="2023-01-17T10:02:21Z"> <saml<ds:AudienceRestriction>X509Data> <saml:Audience>http://audience/clear</saml:Audience> </saml<ds:AudienceRestriction>X509Certificate> </saml:Conditions> <saml:AttributeStatement> <saml:Attribute Name="dk:gov:saml:attribute:SpecVer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"> MIIGiDCCBLygAwIBAgIUNySjAhoHGRCYk/yn3wsw3wmXBrcwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMTA0MjgxMjI1NDhaFw0yNDA0MjcxMjI1NDdaMIGeMRUwEwYDVQQDDAxGT0NFU19neWxkaWcxNzA1BgNVBAUTLlVJOkRLLU86RzoyMzU1MDEzMi01ZTFmLTRlNDMtYTVmOS0wNDhhY2Y0OWUwYjgxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDDjbGCHjgv+o1q0Q8GcHnLzHG6r4Q4vfuuWHU3Uscjgo6PC55Wj+GAsEnX7Gb8zIcM/kFv87wYR4w14dRO2lc8OO4e6sCzyIJduvu6da8yCBu6qYV708liVTvmTFFTc5O20lmRb0/MnUlyqU+IFcARhsT14M05sNznd1JF+/cfYwyDo+vCRPXa24WbY5GS2kBgnP/YDCUhmjOiDOGKMCgHj/YYvIZJq+2lfB+Lbi3vRXwJRCeI8FUOaVejFY6zDWOz14uELHhbK9Mhm3MV80PzK/MzDs2G60SMv7PGfkjjb3CHYKsDF0IJe59zumn322HAYOtaVSObSxESHhkOCUf6ZgFGoIQCGB7Q94A3UOktdPqgTmyequ+6HYQxPWbb5HxaItWvQ0qMV3jfu9VsH8Jzo+kpVoUVjpEucwmyXMLd22Iihfy6arckFHQFMYRBGB8bPuPGbk9aSlJ+AOQ+MD1foq051loLJb5Sukj3Bp+BtqrE3WAXp5xC+8pmN4szGacCAwEAAaOCAYYwggGCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAhBgNVHSAEGjAYMAgGBgQAj3oBATAMBgoqgVCBKQEBAQMHMDsGCCsGAQUFBwEDBC8wLTArBggrBgEFBQcLAjAfBgcEAIvsSQECMBSGEmh0dHBzOi8vdWlkLmdvdi5kazBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY3JsL2lzc3VpbmcuY3JsMB0GA1UdDgQWBBSQ2zoWKogKlPFYOToFjHSMufl3ZTAOBgNVHQ8BAf8EBAMCBaAwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4IBgQB9sFKk0XIi7AOVjMu5ngVK+KMqnEOe9YGuhW8PBRhaDXi1uVBTm3wpl7CCnPKjPCuJ8sUJxSsES8IZjowuGGRY8RI6Xrf9+gBihL/HHUFowPUSobUJeDiVqZyaQDxVXWRyTwF5R6lQtdX/GJJlrmgW2oEvm4SYGW512EA8DBMWXNfoR0iWGp7taNggMrRj+i3IRiqzfhtslBGA4Rd1t+SRkUJ9lu8JpS+zdQ9MOzfW1YWHeab7nK/k4LkfZTKh2762q4/ez74806OaTqf31Yg56KbPxWHNe0h18gFby0ggIAxhOMS+yAySN5CXcOMigqZt23vtgZjz+RgUVXX3cXrkJhFbhStO2Buh2xHfBT09L5lDfhpLAmC06oWT6xcoJO5EJ2bYCEAV74mwdyWNIkEc2H8AD7SLIxf56Q3MECYGPqyVU2yRKY6iDebTRt+HOeNLyWoZUTO7MXb7IQOhTpsVEZjZd0eiAEw8KbNPGNMwsWQwuf8RzVhildJ/bhPKsAY=</ds:X509Certificate> <saml:AttributeValue xsi:type="xs:string">DK-SAML-2.0</saml:AttributeValue> </samlds:Attribute> X509Data> <saml:Attribute Name="dk:gov:saml:attribute:AssuranceLevel" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"> </ds:KeyInfo> <saml:AttributeValue xsi:type="xs:string">3</saml:AttributeValue> </ds:Signature> </saml:Attribute> <saml:Subject> <saml:AttributeNameID NameFormat="dk:gov:saml:attribute:CprNumberIdentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrnamenameid-format:basicpersistent"> <saml:AttributeValue xsi:type="xs:string">0501792275< dk:gov:saml:attribute:CprNumberIdentifier:0501792275</saml:AttributeValue>NameID> </saml:Attribute> <saml:SubjectConfirmation </saml:AttributeStatement> </saml:Assertion> </wst:RequestedSecurityToken> <wsp:AppliesTo> Method="urn:oasis:names:tc:SAML:2.0:cm:holder-of-key"> <wsa:EndpointReference> <wsa:Address>http://audience/clear</wsa:Address><saml:SubjectConfirmationData xsi:type="saml:KeyInfoConfirmationDataType"> </wsa:EndpointReference> <ds:KeyInfo> </wsp:AppliesTo> <wst<ds:Lifetime>X509Data> <wsu:Created>2023-01-17T09:52:21Z</wsu:Created> <wsu:Expires>2023-01-17T10:02:21Z</wsu:Expires> </wst:Lifetime> </wst:RequestSecurityTokenResponse> </wst<ds:RequestSecurityTokenResponseCollection> </soapenv:Body> </soapenv:Envelope> |
OIO2BST_LEGACY - udstedes af NemLog-in IdP
Request
X509Certificate>
MIIGiDCCBLygAwIBAgIUNySjAhoHGRCYk/yn3wsw3wmXBrcwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMTA0MjgxMjI1NDhaFw0yNDA0MjcxMjI1NDdaMIGeMRUwEwYDVQQDDAxGT0NFU19neWxkaWcxNzA1BgNVBAUTLlVJOkRLLU86RzoyMzU1MDEzMi01ZTFmLTRlNDMtYTVmOS0wNDhhY2Y0OWUwYjgxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDDjbGCHjgv+o1q0Q8GcHnLzHG6r4Q4vfuuWHU3Uscjgo6PC55Wj+GAsEnX7Gb8zIcM/kFv87wYR4w14dRO2lc8OO4e6sCzyIJduvu6da8yCBu6qYV708liVTvmTFFTc5O20lmRb0/MnUlyqU+IFcARhsT14M05sNznd1JF+/cfYwyDo+vCRPXa24WbY5GS2kBgnP/YDCUhmjOiDOGKMCgHj/YYvIZJq+2lfB+Lbi3vRXwJRCeI8FUOaVejFY6zDWOz14uELHhbK9Mhm3MV80PzK/MzDs2G60SMv7PGfkjjb3CHYKsDF0IJe59zumn322HAYOtaVSObSxESHhkOCUf6ZgFGoIQCGB7Q94A3UOktdPqgTmyequ+6HYQxPWbb5HxaItWvQ0qMV3jfu9VsH8Jzo+kpVoUVjpEucwmyXMLd22Iihfy6arckFHQFMYRBGB8bPuPGbk9aSlJ+AOQ+MD1foq051loLJb5Sukj3Bp+BtqrE3WAXp5xC+8pmN4szGacCAwEAAaOCAYYwggGCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAhBgNVHSAEGjAYMAgGBgQAj3oBATAMBgoqgVCBKQEBAQMHMDsGCCsGAQUFBwEDBC8wLTArBggrBgEFBQcLAjAfBgcEAIvsSQECMBSGEmh0dHBzOi8vdWlkLmdvdi5kazBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY3JsL2lzc3VpbmcuY3JsMB0GA1UdDgQWBBSQ2zoWKogKlPFYOToFjHSMufl3ZTAOBgNVHQ8BAf8EBAMCBaAwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4IBgQB9sFKk0XIi7AOVjMu5ngVK+KMqnEOe9YGuhW8PBRhaDXi1uVBTm3wpl7CCnPKjPCuJ8sUJxSsES8IZjowuGGRY8RI6Xrf9+gBihL/HHUFowPUSobUJeDiVqZyaQDxVXWRyTwF5R6lQtdX/GJJlrmgW2oEvm4SYGW512EA8DBMWXNfoR0iWGp7taNggMrRj+i3IRiqzfhtslBGA4Rd1t+SRkUJ9lu8JpS+zdQ9MOzfW1YWHeab7nK/k4LkfZTKh2762q4/ez74806OaTqf31Yg56KbPxWHNe0h18gFby0ggIAxhOMS+yAySN5CXcOMigqZt23vtgZjz+RgUVXX3cXrkJhFbhStO2Buh2xHfBT09L5lDfhpLAmC06oWT6xcoJO5EJ2bYCEAV74mwdyWNIkEc2H8AD7SLIxf56Q3MECYGPqyVU2yRKY6iDebTRt+HOeNLyWoZUTO7MXb7IQOhTpsVEZjZd0eiAEw8KbNPGNMwsWQwuf8RzVhildJ/bhPKsAY=</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</saml:SubjectConfirmationData>
</saml:SubjectConfirmation>
</saml:Subject>
<saml:Conditions NotOnOrAfter="2024-02-23T11:20:35Z">
<saml:AudienceRestriction>
<saml:Audience>http://audience/clear</saml:Audience>
</saml:AudienceRestriction>
</saml:Conditions>
<saml:AttributeStatement>
<saml:Attribute Name="dk:gov:saml:attribute:SpecVer"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">DK-SAML-2.0</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="dk:gov:saml:attribute:AssuranceLevel"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">3</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="dk:gov:saml:attribute:CprNumberIdentifier"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">0501792275</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>
</saml:Assertion>
</wst14:ActAs>
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>http://audience/clear</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wst:Claims Dialect="http://docs.oasis-open.org/wsfed/authorization/200706/authclaims">
<auth:ClaimType Uri="dk:gov:saml:attribute:CprNumberIdentifier">
<auth:Value>0501792275</auth:Value>
</auth:ClaimType>
</wst:Claims>
</wst:RequestSecurityToken>
</soapenv:Body>
</soapenv:Envelope> |
Svar fra STS
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<soapenv:Header>
<wsse:Security mustUnderstand="1" wsu:Id="security">
<wsu:Timestamp wsu:Id="ts">
<wsu:Created>2024-02-23T09:20:36Z</wsu:Created>
</wsu:Timestamp>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference URI="#body">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>MX56m7Zlnfh3wUIqhO2cUcVYPZo=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#ts">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>/OQpEg3nog5DimJhhsBbCmCYrnU=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#messageID">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>Svg8kNvCmu7pVJgK+XnUIZmuwmo=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#relatesTo">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>6811BMZG6WN0RxCj46QkgkGQ04A=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#action">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>3cXAhlhZH22NiSh7AttxKxBap7Q=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
DTKTeVwgSBy5JVzReLpWwTR3VHTdZ8OMoT81O6rE8e0gAfzbxWiDXXjOe//d1DJ/lcuMjgx3d0Q34Hjx133Jm/neFoD04fgYk2PIO8bj/k0C/LUXz/53kvyzDU7wWRCVwFgBdJl4FwIxqrnAAEG+ILvPiIPZd1buVLiKgv9KJi4eN4xLtU+korApF5o95xAVbTKyFQJVATRHAMHRna416FffBxYTEffIY4x9UxWBrYxMvdbZ03hLrCkRqTYGCWb2oxOAtnB4vKwP1Q9jwMir8GgGy4JHdyF4cTxHLK5u1xVuN16BO3PFM4lv2hQGW45WZqSqGGXfeGfulvYH5St2nxGlPCA419V0n8GtoYhkDZjo12fVDxwU5897UbP/ewvJ/7B7P4kMmIidtNxo3f+JiGqUzE9KwFh4ofNevauKwciObIWp0EkAxmQttqTSScqv8ovZEw2dii1Xz6NXsAHavtk8fIDCLrLdKQhDDK8Go6e36VmzHpMdGX3WuSgI3UGg</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGjTCCBMGgAwIBAgIUFy4h2LTxF4eZW2LC1kay4XM2HOkwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMjExMjkwOTMwMjVaFw0yNTExMjgwOTMwMjRaMIGjMSIwIAYDVQQDDBlOU1AgVGVzdCBTZXJ2aWNlIENvbnN1bWVyMTcwNQYDVQQFEy5VSTpESy1POkc6OGQzZmEwNDctYzc3ZS00N2U0LWJkZDItZTkxNDg4NjEwY2U2MR4wHAYDVQQKDBVTdW5kaGVkc2RhdGFzdHlyZWxzZW4xFzAVBgNVBGEMDk5UUkRLLTMzMjU3ODcyMQswCQYDVQQGEwJESzCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALyJRrV1jHkQtPZ5Yb1BQsVv7CsH2G7xMebZh6o7Opm/Pb2+u8QKnPK2dkPXtFDn4efC6adwMN7EeDulIOC+6S/2yNcUQvD9Nbk40TBX6wqHjcQoMA9a725m1cqQiHPGxlHhQVMRzeJLjpEVnkdush3NCZFfndu48bdtsxM2n6sJgB3wJhvVAb8PdABfZETRcpMVIU8gBEWhMFHZhKlzmZqPUf7OQCtF2Hd1N7F4Qzus/NCP98p9z92h07sVprZD8iwWLlN9GukssDoZTbHpYmeFRE74WnxibQwau8FRFXxHZVSMQ+b3rOPLw0fLL09wDIDcBdJZyK2S/qHWzCfxxNwUCMd5g5aEvXElxiVnNdSBNVz+9phvMz3T66Za64DxFbQ/cfQcCJgSQyGpGpAOEuv2Rl9xxiNHFkoYVTR85bsHPFm6zda7/WSRZbjrhWRsbcTNunu+ucK1STkb0jiupk951zwlGN/HFGPtYP6GEMbaln01Rc7XrQDO7Rc4VKBVlwIDAQABo4IBhjCCAYIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBR/KJ/ZcZlC4nXn1zV2Lk0IJW12XjB7BggrBgEFBQcBAQRvMG0wQwYIKwYBBQUHMAKGN2h0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY2VzL2lzc3VpbmcvMS9jYWNlcnQvaXNzdWluZy5jZXIwJgYIKwYBBQUHMAGGGmh0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY3NwMCEGA1UdIAQaMBgwCAYGBACPegEBMAwGCiqBUIEpAQEBAwcwOwYIKwYBBQUHAQMELzAtMCsGCCsGAQUFBwsCMB8GBwQAi+xJAQIwFIYSaHR0cHM6Ly91aWQuZ292LmRrMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY2VzL2lzc3VpbmcvMS9jcmwvaXNzdWluZy5jcmwwHQYDVR0OBBYEFFNN5GI5Bd91v2k+3gh2tB79kMiJMA4GA1UdDwEB/wQEAwIFoDBBBgkqhkiG9w0BAQowNKAPMA0GCWCGSAFlAwQCAQUAoRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogMCASADggGBAAg7zaoHb0a4EKKoVc2SVcp6/x4Np2CfUmduosmoWxd5SboR2NV93MinTkhJRLPXjTYjETLKLNbmgrDm1oFtnw4rVRdKtpy06D0Zh5hKmR3KDjfXt/+KiHtjqs5fmB8GVo3TxFHGnS4sOmph6l/KG4tOPhMabVWcX7vJQfIBVJMak1QHWzig4ooREvupqefYTpvP13GIG4DsyRabAlR2M3pyvdrSAU899gxASvWI6LBQlEdd4tPodAvdEEb3fHS2pnWmI56Im881jOdVtmmjWMCyPD4kP6SaBUxs7XhqZMwH8X98d5NMwPUYyyKwOVJfPrsWdfhupshcdyn2AWpVLU5GfhdRkmSdLdTKzzJOt7pPH+fS95R5MyV0febSJnSOXgNq7ICdQdiKO/HQ8/zmePRq8Ax/7DGrEA0zXENH2un6AV+7bZtELmNoU+B0MoN/AuSteAxmfTTnc8Xu45rTIXh3Vx1OS3NFggGSBvawlVkE7kWKej3o2sKtfot8a+ILzw==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
<wsa:Action wsu:Id="action">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue</wsa:Action>
<wsa:MessageID wsu:Id="messageID">urn:uuid:47fa9dab-7fbc-417a-ad0d-dd2c82dccf70</wsa:MessageID>
<wsa:RelatesTo wsu:Id="relatesTo">urn:uuid:8f55fcc0-6939-4a08-a6f7-35dfe686573e</wsa:RelatesTo>
</soapenv:Header>
<soapenv:Body wsu:Id="body">
<wst:RequestSecurityTokenResponseCollection>
<wst:RequestSecurityTokenResponse
Context="urn:uuid:edd62a55-4408-45ca-8dc5-b215d49c9797">
<wst:TokenType>
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType>
<wst:RequestedSecurityToken>
<saml:Assertion xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
ID="_f355a920-4da2-4d1c-8e17-f974accb1413"
IssueInstant="2024-02-23T09:20:36Z" Version="2.0"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
<saml:Issuer>TESTSTS</saml:Issuer>
<ds:Signature Id="OCESSignature">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference URI="#_f355a920-4da2-4d1c-8e17-f974accb1413">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>PX0vREuRydy5Mod7TU8FWeEUyqg=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
bv8FCelnJYIBmqHMhIrOTlaklZfv7YWlxfOhb2Mo5v1m/89pZJYDRWOLD8XphD6oEZZEKUIxNWimSceaL3vhv1cHplvulxDPgMUQv40c7exFbF7QRcZRY+NOrohTi0DFrzaFNEkNAXh5pHS1JB56kquHWsXfK26+7QyM9wDeLxPZO4P0baWP7VNO2m06Ah4Ru3B/hqNYxv4DcAKPibpgRQFYyT952INHMai21l8BAwHL1gmFxjVxrSLSj+Qo2FDCHLB2ldkPAZy3Ar/+fDHHxlDrqJIfUQXonsQZ01GGHGlcTIdbPbFZoPQVNn+aTWYgTFdJFIsQyUFIMM5dr2UUI6J7tx11t+kI6DMi4akhLFv+rD+N23NQlZSHZqpPnbe0OCt7DOebDwtxDZatd9oshrS4jw4MM70iiT6as9UZTv/31tzwhVf6tCd+zGaUdFSZ/+HDfqC1rAVWMdXf0tTaIQ8p20HuzrxZ+xyR/tjF4m6yx+4yS9k6fZXbc6uXduAs</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGjTCCBMGgAwIBAgIUFy4h2LTxF4eZW2LC1kay4XM2HOkwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMjExMjkwOTMwMjVaFw0yNTExMjgwOTMwMjRaMIGjMSIwIAYDVQQDDBlOU1AgVGVzdCBTZXJ2aWNlIENvbnN1bWVyMTcwNQYDVQQFEy5VSTpESy1POkc6OGQzZmEwNDctYzc3ZS00N2U0LWJkZDItZTkxNDg4NjEwY2U2MR4wHAYDVQQKDBVTdW5kaGVkc2RhdGFzdHlyZWxzZW4xFzAVBgNVBGEMDk5UUkRLLTMzMjU3ODcyMQswCQYDVQQGEwJESzCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALyJRrV1jHkQtPZ5Yb1BQsVv7CsH2G7xMebZh6o7Opm/Pb2+u8QKnPK2dkPXtFDn4efC6adwMN7EeDulIOC+6S/2yNcUQvD9Nbk40TBX6wqHjcQoMA9a725m1cqQiHPGxlHhQVMRzeJLjpEVnkdush3NCZFfndu48bdtsxM2n6sJgB3wJhvVAb8PdABfZETRcpMVIU8gBEWhMFHZhKlzmZqPUf7OQCtF2Hd1N7F4Qzus/NCP98p9z92h07sVprZD8iwWLlN9GukssDoZTbHpYmeFRE74WnxibQwau8FRFXxHZVSMQ+b3rOPLw0fLL09wDIDcBdJZyK2S/qHWzCfxxNwUCMd5g5aEvXElxiVnNdSBNVz+9phvMz3T66Za64DxFbQ/cfQcCJgSQyGpGpAOEuv2Rl9xxiNHFkoYVTR85bsHPFm6zda7/WSRZbjrhWRsbcTNunu+ucK1STkb0jiupk951zwlGN/HFGPtYP6GEMbaln01Rc7XrQDO7Rc4VKBVlwIDAQABo4IBhjCCAYIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBR/KJ/ZcZlC4nXn1zV2Lk0IJW12XjB7BggrBgEFBQcBAQRvMG0wQwYIKwYBBQUHMAKGN2h0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY2VzL2lzc3VpbmcvMS9jYWNlcnQvaXNzdWluZy5jZXIwJgYIKwYBBQUHMAGGGmh0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY3NwMCEGA1UdIAQaMBgwCAYGBACPegEBMAwGCiqBUIEpAQEBAwcwOwYIKwYBBQUHAQMELzAtMCsGCCsGAQUFBwsCMB8GBwQAi+xJAQIwFIYSaHR0cHM6Ly91aWQuZ292LmRrMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY2VzL2lzc3VpbmcvMS9jcmwvaXNzdWluZy5jcmwwHQYDVR0OBBYEFFNN5GI5Bd91v2k+3gh2tB79kMiJMA4GA1UdDwEB/wQEAwIFoDBBBgkqhkiG9w0BAQowNKAPMA0GCWCGSAFlAwQCAQUAoRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogMCASADggGBAAg7zaoHb0a4EKKoVc2SVcp6/x4Np2CfUmduosmoWxd5SboR2NV93MinTkhJRLPXjTYjETLKLNbmgrDm1oFtnw4rVRdKtpy06D0Zh5hKmR3KDjfXt/+KiHtjqs5fmB8GVo3TxFHGnS4sOmph6l/KG4tOPhMabVWcX7vJQfIBVJMak1QHWzig4ooREvupqefYTpvP13GIG4DsyRabAlR2M3pyvdrSAU899gxASvWI6LBQlEdd4tPodAvdEEb3fHS2pnWmI56Im881jOdVtmmjWMCyPD4kP6SaBUxs7XhqZMwH8X98d5NMwPUYyyKwOVJfPrsWdfhupshcdyn2AWpVLU5GfhdRkmSdLdTKzzJOt7pPH+fS95R5MyV0febSJnSOXgNq7ICdQdiKO/HQ8/zmePRq8Ax/7DGrEA0zXENH2un6AV+7bZtELmNoU+B0MoN/AuSteAxmfTTnc8Xu45rTIXh3Vx1OS3NFggGSBvawlVkE7kWKej3o2sKtfot8a+ILzw==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
<saml:Subject>
<saml:NameID
Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">
dk:gov:saml:attribute:CprNumberIdentifier:0501792275</saml:NameID>
<saml:SubjectConfirmation
Method="urn:oasis:names:tc:SAML:2.0:cm:holder-of-key">
<saml:SubjectConfirmationData NotOnOrAfter="2024-02-23T09:25:36Z"
Recipient="http://audience/clear">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGiDCCBLygAwIBAgIUNySjAhoHGRCYk/yn3wsw3wmXBrcwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMTA0MjgxMjI1NDhaFw0yNDA0MjcxMjI1NDdaMIGeMRUwEwYDVQQDDAxGT0NFU19neWxkaWcxNzA1BgNVBAUTLlVJOkRLLU86RzoyMzU1MDEzMi01ZTFmLTRlNDMtYTVmOS0wNDhhY2Y0OWUwYjgxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDDjbGCHjgv+o1q0Q8GcHnLzHG6r4Q4vfuuWHU3Uscjgo6PC55Wj+GAsEnX7Gb8zIcM/kFv87wYR4w14dRO2lc8OO4e6sCzyIJduvu6da8yCBu6qYV708liVTvmTFFTc5O20lmRb0/MnUlyqU+IFcARhsT14M05sNznd1JF+/cfYwyDo+vCRPXa24WbY5GS2kBgnP/YDCUhmjOiDOGKMCgHj/YYvIZJq+2lfB+Lbi3vRXwJRCeI8FUOaVejFY6zDWOz14uELHhbK9Mhm3MV80PzK/MzDs2G60SMv7PGfkjjb3CHYKsDF0IJe59zumn322HAYOtaVSObSxESHhkOCUf6ZgFGoIQCGB7Q94A3UOktdPqgTmyequ+6HYQxPWbb5HxaItWvQ0qMV3jfu9VsH8Jzo+kpVoUVjpEucwmyXMLd22Iihfy6arckFHQFMYRBGB8bPuPGbk9aSlJ+AOQ+MD1foq051loLJb5Sukj3Bp+BtqrE3WAXp5xC+8pmN4szGacCAwEAAaOCAYYwggGCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAhBgNVHSAEGjAYMAgGBgQAj3oBATAMBgoqgVCBKQEBAQMHMDsGCCsGAQUFBwEDBC8wLTArBggrBgEFBQcLAjAfBgcEAIvsSQECMBSGEmh0dHBzOi8vdWlkLmdvdi5kazBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY3JsL2lzc3VpbmcuY3JsMB0GA1UdDgQWBBSQ2zoWKogKlPFYOToFjHSMufl3ZTAOBgNVHQ8BAf8EBAMCBaAwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4IBgQB9sFKk0XIi7AOVjMu5ngVK+KMqnEOe9YGuhW8PBRhaDXi1uVBTm3wpl7CCnPKjPCuJ8sUJxSsES8IZjowuGGRY8RI6Xrf9+gBihL/HHUFowPUSobUJeDiVqZyaQDxVXWRyTwF5R6lQtdX/GJJlrmgW2oEvm4SYGW512EA8DBMWXNfoR0iWGp7taNggMrRj+i3IRiqzfhtslBGA4Rd1t+SRkUJ9lu8JpS+zdQ9MOzfW1YWHeab7nK/k4LkfZTKh2762q4/ez74806OaTqf31Yg56KbPxWHNe0h18gFby0ggIAxhOMS+yAySN5CXcOMigqZt23vtgZjz+RgUVXX3cXrkJhFbhStO2Buh2xHfBT09L5lDfhpLAmC06oWT6xcoJO5EJ2bYCEAV74mwdyWNIkEc2H8AD7SLIxf56Q3MECYGPqyVU2yRKY6iDebTRt+HOeNLyWoZUTO7MXb7IQOhTpsVEZjZd0eiAEw8KbNPGNMwsWQwuf8RzVhildJ/bhPKsAY=</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</saml:SubjectConfirmationData>
</saml:SubjectConfirmation>
</saml:Subject>
<saml:Conditions NotBefore="2024-02-23T09:15:36Z"
NotOnOrAfter="2024-02-23T09:25:36Z">
<saml:AudienceRestriction>
<saml:Audience>http://audience/clear</saml:Audience>
</saml:AudienceRestriction>
</saml:Conditions>
<saml:AttributeStatement>
<saml:Attribute Name="dk:gov:saml:attribute:SpecVer"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">DK-SAML-2.0</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="dk:gov:saml:attribute:AssuranceLevel"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">3</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="dk:gov:saml:attribute:CprNumberIdentifier"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">0501792275</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>
</saml:Assertion>
</wst:RequestedSecurityToken>
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>http://audience/clear</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wst:Lifetime>
<wsu:Created>2024-02-23T09:15:36Z</wsu:Created>
<wsu:Expires>2024-02-23T09:25:36Z</wsu:Expires>
</wst:Lifetime>
</wst:RequestSecurityTokenResponse>
</wst:RequestSecurityTokenResponseCollection>
</soapenv:Body>
</soapenv:Envelope> |
OIO2BST_LEGACY - udstedes af NemLog-in IdP
Request
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512"
xmlns:wst14="http://docs.oasis-open.org/ws-sx/ws-trust/200802"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<soapenv:Header>
<wsse:Security mustUnderstand="1" wsu:Id="security">
<wsu:Timestamp wsu:Id="ts">
<wsu:Created>2024-02-22T13:19:27Z</wsu:Created>
</wsu:Timestamp>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference URI="#body">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>+PQJ+2kwDcJxXYE8iUenERzGeI4=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#ts">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>TThCBOCpnyZAloTBcWlyRTYupNM=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#messageID">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>N2ZemMQczU42xX24fGmGmyNxxog=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#action">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>3cXAhlhZH22NiSh7AttxKxBap7Q=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
CdwfolKMiOq1bj3fCctMQCNVAIQRaU+oQ9kDrJ9eDkT4kNPI52gXwlaYc3YFYEAAvTIccTn3cxEJOTRtz7O3I4Q9vv1loFEf9rkiDoHqVotgggxTcDzXM2F8BfSBMv3Cn4cvIbCBgal9Deiwkk0PPpMZ2TkRrevPcSPlxcaZzgCMTYoIupC/OazGccUUEGQ86PWAzUXXL+Ae7FNeKhB8MNCE7kPy9pHrOWGoASlKoKhcX1lZgsMhBC4NZRhRFJD7aT781V44ozKlXoLpmvgb5JtKiBC/+dQ7UUhtgRL4QX/esdt3xRT+m0SMtU2Qkym/uP1KEon6IyGKarHNOWGanhaNYKuKtaspP6qotYqDZdLETw6ZbQwqgCewmyhHxhsEcGLS/k+PEJQAqFj/kLb8dZL+YqRAT90XJNmRcBD2AmoXFuXmKb8OFgz4EpbVhvcEiCIiYS9gf53jFae1ggVZl4zaKukizZcejYWPXEw7ZwM3i95rgVHcnjScDji9PYdk</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGiDCCBLygAwIBAgIUNySjAhoHGRCYk/yn3wsw3wmXBrcwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMTA0MjgxMjI1NDhaFw0yNDA0MjcxMjI1NDdaMIGeMRUwEwYDVQQDDAxGT0NFU19neWxkaWcxNzA1BgNVBAUTLlVJOkRLLU86RzoyMzU1MDEzMi01ZTFmLTRlNDMtYTVmOS0wNDhhY2Y0OWUwYjgxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDDjbGCHjgv+o1q0Q8GcHnLzHG6r4Q4vfuuWHU3Uscjgo6PC55Wj+GAsEnX7Gb8zIcM/kFv87wYR4w14dRO2lc8OO4e6sCzyIJduvu6da8yCBu6qYV708liVTvmTFFTc5O20lmRb0/MnUlyqU+IFcARhsT14M05sNznd1JF+/cfYwyDo+vCRPXa24WbY5GS2kBgnP/YDCUhmjOiDOGKMCgHj/YYvIZJq+2lfB+Lbi3vRXwJRCeI8FUOaVejFY6zDWOz14uELHhbK9Mhm3MV80PzK/MzDs2G60SMv7PGfkjjb3CHYKsDF0IJe59zumn322HAYOtaVSObSxESHhkOCUf6ZgFGoIQCGB7Q94A3UOktdPqgTmyequ+6HYQxPWbb5HxaItWvQ0qMV3jfu9VsH8Jzo+kpVoUVjpEucwmyXMLd22Iihfy6arckFHQFMYRBGB8bPuPGbk9aSlJ+AOQ+MD1foq051loLJb5Sukj3Bp+BtqrE3WAXp5xC+8pmN4szGacCAwEAAaOCAYYwggGCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAhBgNVHSAEGjAYMAgGBgQAj3oBATAMBgoqgVCBKQEBAQMHMDsGCCsGAQUFBwEDBC8wLTArBggrBgEFBQcLAjAfBgcEAIvsSQECMBSGEmh0dHBzOi8vdWlkLmdvdi5kazBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY3JsL2lzc3VpbmcuY3JsMB0GA1UdDgQWBBSQ2zoWKogKlPFYOToFjHSMufl3ZTAOBgNVHQ8BAf8EBAMCBaAwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4IBgQB9sFKk0XIi7AOVjMu5ngVK+KMqnEOe9YGuhW8PBRhaDXi1uVBTm3wpl7CCnPKjPCuJ8sUJxSsES8IZjowuGGRY8RI6Xrf9+gBihL/HHUFowPUSobUJeDiVqZyaQDxVXWRyTwF5R6lQtdX/GJJlrmgW2oEvm4SYGW512EA8DBMWXNfoR0iWGp7taNggMrRj+i3IRiqzfhtslBGA4Rd1t+SRkUJ9lu8JpS+zdQ9MOzfW1YWHeab7nK/k4LkfZTKh2762q4/ez74806OaTqf31Yg56KbPxWHNe0h18gFby0ggIAxhOMS+yAySN5CXcOMigqZt23vtgZjz+RgUVXX3cXrkJhFbhStO2Buh2xHfBT09L5lDfhpLAmC06oWT6xcoJO5EJ2bYCEAV74mwdyWNIkEc2H8AD7SLIxf56Q3MECYGPqyVU2yRKY6iDebTRt+HOeNLyWoZUTO7MXb7IQOhTpsVEZjZd0eiAEw8KbNPGNMwsWQwuf8RzVhildJ/bhPKsAY=</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
<wsa:Action wsu:Id="action">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue</wsa:Action>
<wsa:MessageID wsu:Id="messageID">urn:uuid:1bb8ec36-9f6e-4414-aa38-f24e461d1444</wsa:MessageID>
</soapenv:Header>
<soapenv:Body wsu:Id="body">
<wst:RequestSecurityToken Context="urn:uuid:bc4558fb-83dc-4a7d-ac91-b02f48cfa602">
<wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType>
<wst:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</wst:RequestType>
<wst14:ActAs>
<saml:Assertion xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
ID="_025f66d8-0d7b-4e0b-8f53-21f2d475719b" IssueInstant="2024-02-22T13:19:27Z"
Version="2.0" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
<saml:Issuer>https://oio2bst-legacy-issuer.dk</saml:Issuer>
<ds:Signature Id="OCESSignature">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod
Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
<ds:Reference URI="#_025f66d8-0d7b-4e0b-8f53-21f2d475719b">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
<ds:DigestValue>jpSuVLJ294+i3yyNtxCXCkpyux1/Y/7b3tfmtvxW6TY=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
jKSKaKZYtBbJwFYrhLHqkX6ao5OeCUZLojxc3zLcsFK6aCV5kVYU53plxkIcG3M5SzES3hhwgjiOu9M95IlHe2dNJvQzCRECzWSiPHnJL+X008ouTMwNfZlWfgVX6FlBeIIl1sfs8lcvDL/1fo+5YBT8uF0mJFnuLQwtSlEIkze51dsJ233qGQnXeSZvhKWdq+SJDztKWeM71f57DZ1cekxFFoKmaJ5R5ru5UCalylHzEYgfBqQZGeQj/L/XG4oP/B7evBFnylx6NAPkiQ47AavV9Kt4BMC3VRBMr8h6oof585QB1MoykR0Rr6yVRfWOQNGKoK0oe9RXk41AMe6JdifxZiR8TuNJDPu9Cqfq9sguO6oP9smKa9jhPyYdrgUkBJMD1p68r//wVW6jFiDSW+ufe1m77cYMe2MKraDDF95Fe9wc8lLWig2HBFnMCQ4d2OT4gV3mEwseIm0EClHzZ6OpOF4BzhZ6gs2fmBmEUa+p6Cbm6wNphHIC/PuTo2qe</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGiDCCBLygAwIBAgIUNySjAhoHGRCYk/yn3wsw3wmXBrcwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMTA0MjgxMjI1NDhaFw0yNDA0MjcxMjI1NDdaMIGeMRUwEwYDVQQDDAxGT0NFU19neWxkaWcxNzA1BgNVBAUTLlVJOkRLLU86RzoyMzU1MDEzMi01ZTFmLTRlNDMtYTVmOS0wNDhhY2Y0OWUwYjgxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDDjbGCHjgv+o1q0Q8GcHnLzHG6r4Q4vfuuWHU3Uscjgo6PC55Wj+GAsEnX7Gb8zIcM/kFv87wYR4w14dRO2lc8OO4e6sCzyIJduvu6da8yCBu6qYV708liVTvmTFFTc5O20lmRb0/MnUlyqU+IFcARhsT14M05sNznd1JF+/cfYwyDo+vCRPXa24WbY5GS2kBgnP/YDCUhmjOiDOGKMCgHj/YYvIZJq+2lfB+Lbi3vRXwJRCeI8FUOaVejFY6zDWOz14uELHhbK9Mhm3MV80PzK/MzDs2G60SMv7PGfkjjb3CHYKsDF0IJe59zumn322HAYOtaVSObSxESHhkOCUf6ZgFGoIQCGB7Q94A3UOktdPqgTmyequ+6HYQxPWbb5HxaItWvQ0qMV3jfu9VsH8Jzo+kpVoUVjpEucwmyXMLd22Iihfy6arckFHQFMYRBGB8bPuPGbk9aSlJ+AOQ+MD1foq051loLJb5Sukj3Bp+BtqrE3WAXp5xC+8pmN4szGacCAwEAAaOCAYYwggGCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAhBgNVHSAEGjAYMAgGBgQAj3oBATAMBgoqgVCBKQEBAQMHMDsGCCsGAQUFBwEDBC8wLTArBggrBgEFBQcLAjAfBgcEAIvsSQECMBSGEmh0dHBzOi8vdWlkLmdvdi5kazBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY3JsL2lzc3VpbmcuY3JsMB0GA1UdDgQWBBSQ2zoWKogKlPFYOToFjHSMufl3ZTAOBgNVHQ8BAf8EBAMCBaAwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4IBgQB9sFKk0XIi7AOVjMu5ngVK+KMqnEOe9YGuhW8PBRhaDXi1uVBTm3wpl7CCnPKjPCuJ8sUJxSsES8IZjowuGGRY8RI6Xrf9+gBihL/HHUFowPUSobUJeDiVqZyaQDxVXWRyTwF5R6lQtdX/GJJlrmgW2oEvm4SYGW512EA8DBMWXNfoR0iWGp7taNggMrRj+i3IRiqzfhtslBGA4Rd1t+SRkUJ9lu8JpS+zdQ9MOzfW1YWHeab7nK/k4LkfZTKh2762q4/ez74806OaTqf31Yg56KbPxWHNe0h18gFby0ggIAxhOMS+yAySN5CXcOMigqZt23vtgZjz+RgUVXX3cXrkJhFbhStO2Buh2xHfBT09L5lDfhpLAmC06oWT6xcoJO5EJ2bYCEAV74mwdyWNIkEc2H8AD7SLIxf56Q3MECYGPqyVU2yRKY6iDebTRt+HOeNLyWoZUTO7MXb7IQOhTpsVEZjZd0eiAEw8KbNPGNMwsWQwuf8RzVhildJ/bhPKsAY=</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
<saml:Subject>
<saml:NameID
Format="urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName">C=DK,O=Testorganisation
nr.
94354969,CN=null,Serial=UI:DK-P:G:23550132-5e1f-4e43-a5f9-048acf49e0b8</saml:NameID>
<saml:SubjectConfirmation
Method="urn:oasis:names:tc:SAML:2.0:cm:holder-of-key">
<saml:SubjectConfirmationData
xsi:type="saml:KeyInfoConfirmationDataType">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGiDCCBLygAwIBAgIUNySjAhoHGRCYk/yn3wsw3wmXBrcwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMTA0MjgxMjI1NDhaFw0yNDA0MjcxMjI1NDdaMIGeMRUwEwYDVQQDDAxGT0NFU19neWxkaWcxNzA1BgNVBAUTLlVJOkRLLU86RzoyMzU1MDEzMi01ZTFmLTRlNDMtYTVmOS0wNDhhY2Y0OWUwYjgxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDDjbGCHjgv+o1q0Q8GcHnLzHG6r4Q4vfuuWHU3Uscjgo6PC55Wj+GAsEnX7Gb8zIcM/kFv87wYR4w14dRO2lc8OO4e6sCzyIJduvu6da8yCBu6qYV708liVTvmTFFTc5O20lmRb0/MnUlyqU+IFcARhsT14M05sNznd1JF+/cfYwyDo+vCRPXa24WbY5GS2kBgnP/YDCUhmjOiDOGKMCgHj/YYvIZJq+2lfB+Lbi3vRXwJRCeI8FUOaVejFY6zDWOz14uELHhbK9Mhm3MV80PzK/MzDs2G60SMv7PGfkjjb3CHYKsDF0IJe59zumn322HAYOtaVSObSxESHhkOCUf6ZgFGoIQCGB7Q94A3UOktdPqgTmyequ+6HYQxPWbb5HxaItWvQ0qMV3jfu9VsH8Jzo+kpVoUVjpEucwmyXMLd22Iihfy6arckFHQFMYRBGB8bPuPGbk9aSlJ+AOQ+MD1foq051loLJb5Sukj3Bp+BtqrE3WAXp5xC+8pmN4szGacCAwEAAaOCAYYwggGCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAhBgNVHSAEGjAYMAgGBgQAj3oBATAMBgoqgVCBKQEBAQMHMDsGCCsGAQUFBwEDBC8wLTArBggrBgEFBQcLAjAfBgcEAIvsSQECMBSGEmh0dHBzOi8vdWlkLmdvdi5kazBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY3JsL2lzc3VpbmcuY3JsMB0GA1UdDgQWBBSQ2zoWKogKlPFYOToFjHSMufl3ZTAOBgNVHQ8BAf8EBAMCBaAwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4IBgQB9sFKk0XIi7AOVjMu5ngVK+KMqnEOe9YGuhW8PBRhaDXi1uVBTm3wpl7CCnPKjPCuJ8sUJxSsES8IZjowuGGRY8RI6Xrf9+gBihL/HHUFowPUSobUJeDiVqZyaQDxVXWRyTwF5R6lQtdX/GJJlrmgW2oEvm4SYGW512EA8DBMWXNfoR0iWGp7taNggMrRj+i3IRiqzfhtslBGA4Rd1t+SRkUJ9lu8JpS+zdQ9MOzfW1YWHeab7nK/k4LkfZTKh2762q4/ez74806OaTqf31Yg56KbPxWHNe0h18gFby0ggIAxhOMS+yAySN5CXcOMigqZt23vtgZjz+RgUVXX3cXrkJhFbhStO2Buh2xHfBT09L5lDfhpLAmC06oWT6xcoJO5EJ2bYCEAV74mwdyWNIkEc2H8AD7SLIxf56Q3MECYGPqyVU2yRKY6iDebTRt+HOeNLyWoZUTO7MXb7IQOhTpsVEZjZd0eiAEw8KbNPGNMwsWQwuf8RzVhildJ/bhPKsAY=</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</saml:SubjectConfirmationData>
</saml:SubjectConfirmation>
</saml:Subject>
<saml:Conditions NotOnOrAfter="2024-02-22T15:19:20Z">
<saml:AudienceRestriction>
<saml:Audience>http://audience/clear</saml:Audience>
</saml:AudienceRestriction>
</saml:Conditions>
<saml:AuthnStatement AuthnInstant="2024-02-22T12:19:20Z"
SessionIndex="_025f66d8-0d7b-4e0b-8f53-21f2d475719b">
<saml:AuthnContext>
<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:X509</saml:AuthnContextClassRef>
</saml:AuthnContext>
</saml:AuthnStatement>
<saml:AttributeStatement>
<saml:Attribute Name="dk:gov:saml:attribute:CprNumberIdentifier"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">0501792275</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="dk:gov:saml:attribute:AssuranceLevel"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">3</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>
<saml:AuthnStatement AuthnInstant="2024-02-22T12:19:20Z"
SessionIndex="_025f66d8-0d7b-4e0b-8f53-21f2d475719b">
<saml:AuthnContext>
<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:X509</saml:AuthnContextClassRef>
</saml:AuthnContext>
</saml:AuthnStatement>
</saml:Assertion>
</wst14:ActAs>
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>http://audience/clear</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wst:Claims Dialect="http://docs.oasis-open.org/wsfed/authorization/200706/authclaims">
<auth:ClaimType Uri="dk:gov:saml:attribute:CprNumberIdentifier">
<auth:Value>0501792275</auth:Value>
</auth:ClaimType>
<auth:ClaimType Uri="dk:healthcare:saml:attribute:OnBehalfOf">
<auth:Value>
urn:dk:healthcare:saml:actThroughProcurationBy:cprNumberIdentifier:1111111118</auth:Value>
</auth:ClaimType>
</wst:Claims>
</wst:RequestSecurityToken>
</soapenv:Body>
</soapenv:Envelope> |
Svar fra STS
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<soapenv:Header>
<wsse:Security mustUnderstand="1" wsu:Id="security">
<wsu:Timestamp wsu:Id="ts">
<wsu:Created>2024-02-22T13:21:38Z</wsu:Created>
</wsu:Timestamp>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference URI="#body">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>SwKjKMO/razhrzgzJF1iP19kWtk=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#ts">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>lfWkWps0ueOLKfaZ3WFPcizG5A4=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#messageID">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>W6GOH/kKoBhMPCKDQH4VcD5o9xg=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#relatesTo">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>RqZqQczJIzv0XwAX5KFxtHom2wE=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#action">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>3cXAhlhZH22NiSh7AttxKxBap7Q=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
ptVHrau5WCAkxuxMOc0Grtw1ihtZ+v5gLVS/UZhuSZExSacRE+9ae/hDlxZ9KEKolitbKedGSqo4hrV8KltdKt9f8g2HB6Y2mBBjNOoqEjjV4gQUfj1R/ubc0lRgUNtRobtEl6WRg4K0lfHo0HJsq5mG/jcGPV5O1rPxblfunaZex2EgHzsEH2YX2Eb1icSz/Sviust7AnteHg7cUmNBDXmFM6EYDxF1e/xnC9IQeR9fcj9+Rgki0FYfkikW1625med9wRCiHPEafqKZmcw4CPcC+Ryt/GV6tz1YwyjQGwT9V45VCknpD1X3uADdzyMpQIJnojigeZI0I+C3vkH+SjWpwenklBENIoJA9EhhgRWsfAWzWmc69+FNvLEyVfFp5SDl1MfOiTw+zoGKSEAguDysEmcnvcLpvbsMEMDMqj2FvSVY+7ZngIkNWhOxVDAvjO8Zx1rMNIaNImipSa7wdYKqujGRtv7AsSjGMqGvfYkbxKgyjdetUu0+8TSBYCiK</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGjTCCBMGgAwIBAgIUFy4h2LTxF4eZW2LC1kay4XM2HOkwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMjExMjkwOTMwMjVaFw0yNTExMjgwOTMwMjRaMIGjMSIwIAYDVQQDDBlOU1AgVGVzdCBTZXJ2aWNlIENvbnN1bWVyMTcwNQYDVQQFEy5VSTpESy1POkc6OGQzZmEwNDctYzc3ZS00N2U0LWJkZDItZTkxNDg4NjEwY2U2MR4wHAYDVQQKDBVTdW5kaGVkc2RhdGFzdHlyZWxzZW4xFzAVBgNVBGEMDk5UUkRLLTMzMjU3ODcyMQswCQYDVQQGEwJESzCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALyJRrV1jHkQtPZ5Yb1BQsVv7CsH2G7xMebZh6o7Opm/Pb2+u8QKnPK2dkPXtFDn4efC6adwMN7EeDulIOC+6S/2yNcUQvD9Nbk40TBX6wqHjcQoMA9a725m1cqQiHPGxlHhQVMRzeJLjpEVnkdush3NCZFfndu48bdtsxM2n6sJgB3wJhvVAb8PdABfZETRcpMVIU8gBEWhMFHZhKlzmZqPUf7OQCtF2Hd1N7F4Qzus/NCP98p9z92h07sVprZD8iwWLlN9GukssDoZTbHpYmeFRE74WnxibQwau8FRFXxHZVSMQ+b3rOPLw0fLL09wDIDcBdJZyK2S/qHWzCfxxNwUCMd5g5aEvXElxiVnNdSBNVz+9phvMz3T66Za64DxFbQ/cfQcCJgSQyGpGpAOEuv2Rl9xxiNHFkoYVTR85bsHPFm6zda7/WSRZbjrhWRsbcTNunu+ucK1STkb0jiupk951zwlGN/HFGPtYP6GEMbaln01Rc7XrQDO7Rc4VKBVlwIDAQABo4IBhjCCAYIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBR/KJ/ZcZlC4nXn1zV2Lk0IJW12XjB7BggrBgEFBQcBAQRvMG0wQwYIKwYBBQUHMAKGN2h0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY2VzL2lzc3VpbmcvMS9jYWNlcnQvaXNzdWluZy5jZXIwJgYIKwYBBQUHMAGGGmh0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY3NwMCEGA1UdIAQaMBgwCAYGBACPegEBMAwGCiqBUIEpAQEBAwcwOwYIKwYBBQUHAQMELzAtMCsGCCsGAQUFBwsCMB8GBwQAi+xJAQIwFIYSaHR0cHM6Ly91aWQuZ292LmRrMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY2VzL2lzc3VpbmcvMS9jcmwvaXNzdWluZy5jcmwwHQYDVR0OBBYEFFNN5GI5Bd91v2k+3gh2tB79kMiJMA4GA1UdDwEB/wQEAwIFoDBBBgkqhkiG9w0BAQowNKAPMA0GCWCGSAFlAwQCAQUAoRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogMCASADggGBAAg7zaoHb0a4EKKoVc2SVcp6/x4Np2CfUmduosmoWxd5SboR2NV93MinTkhJRLPXjTYjETLKLNbmgrDm1oFtnw4rVRdKtpy06D0Zh5hKmR3KDjfXt/+KiHtjqs5fmB8GVo3TxFHGnS4sOmph6l/KG4tOPhMabVWcX7vJQfIBVJMak1QHWzig4ooREvupqefYTpvP13GIG4DsyRabAlR2M3pyvdrSAU899gxASvWI6LBQlEdd4tPodAvdEEb3fHS2pnWmI56Im881jOdVtmmjWMCyPD4kP6SaBUxs7XhqZMwH8X98d5NMwPUYyyKwOVJfPrsWdfhupshcdyn2AWpVLU5GfhdRkmSdLdTKzzJOt7pPH+fS95R5MyV0febSJnSOXgNq7ICdQdiKO/HQ8/zmePRq8Ax/7DGrEA0zXENH2un6AV+7bZtELmNoU+B0MoN/AuSteAxmfTTnc8Xu45rTIXh3Vx1OS3NFggGSBvawlVkE7kWKej3o2sKtfot8a+ILzw==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
<wsa:Action wsu:Id="action">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue</wsa:Action>
<wsa:MessageID wsu:Id="messageID">urn:uuid:c467ee8f-de82-4ca7-9afa-fdb1e70f203a</wsa:MessageID>
<wsa:RelatesTo wsu:Id="relatesTo">urn:uuid:1bb8ec36-9f6e-4414-aa38-f24e461d1444</wsa:RelatesTo>
</soapenv:Header>
<soapenv:Body wsu:Id="body">
<wst:RequestSecurityTokenResponseCollection>
<wst:RequestSecurityTokenResponse
Context="urn:uuid:bc4558fb-83dc-4a7d-ac91-b02f48cfa602">
<wst:TokenType>
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType>
<wst:RequestedSecurityToken>
<saml:Assertion xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
ID="_4205addb-4282-49a4-8d9c-90bf5e93566d"
IssueInstant="2024-02-22T13:21:38Z" Version="2.0"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
<saml:Issuer>TESTSTS</saml:Issuer>
<ds:Signature Id="OCESSignature">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference URI="#_4205addb-4282-49a4-8d9c-90bf5e93566d">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod
| ||||||
| Code Block | ||||||
| ||||||
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512" xmlns:wst14="http://docs.oasis-open.org/ws-sx/ws-trust/200802" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <soapenv:Header> <wsse:Security mustUnderstand="1" wsu:Id="security"> <wsu:Timestamp wsu:Id="ts"> <wsu:Created>2023-01-17T10:03:13Z</wsu:Created> </wsu:Timestamp> <ds:Signature> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/20012000/10/xml-exc-c14n#"/>09/xmldsig#sha1" /> <ds:DigestValue>0Cz5s72TRBmk12a6pmVWJAgrnBI=</ds:DigestValue> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <ds:Reference URI="#body"> <ds:Transforms></ds:Reference> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:Transforms>SignedInfo> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <ds:DigestValue>MSbQq/em4bKm08NwGe+5bvHkdtA=</ds:DigestValue> SignatureValue> </ds:Reference> HHzFb7ye7g0kUyc0OsLt4BoEXk+nr35yrgVhZi0YzW+viNasZkJtpRSjznhydJFsyaWiXNW9DpFHbdp1jZrmDwPHyHQEacqmdi5SggQ1o6g70QI3d33QyxQNxzl6CegaRPcGUsu1moGkkziNT2bsydHmQknGf1cOkrVtAuqBg0wUhcvVf+jI3gEyU3zFNOKW9IZXl1X8jotMSrdav4IpeylmS3qVWUqc1MKajBwZjFQrYVridkDxrBRd7wDpzzF5cZP80tkJY+3d2Uf3UimsjzEo2jJNx64UVa/PsT6lgwpA2vfm6ZIYPcCecadngEdORCjetelDQPIcJ9ZLAwWtqcmVXo7gndDUBtKcKieQzd32PD3Nu7PC1lq5ZwjqoX1vtWku88+iYARi539pOj6agboVCxIUJkcXWIE0fVkLq9yD43yXuN7EYHF/uI4WnK1olUJWr2pyUnihG5G9DDuUbsi2WFNPfrLRtV26f6IaEbZ6u4rjEvKhphA/mzPcqeS0</ds:SignatureValue> <ds:Reference URI="#ts"> <ds:Transforms>KeyInfo> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds<ds:Transforms>X509Data> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <ds:DigestValue>F2BK5nJnIzveH/RjehxuxejFQuE=</ds:DigestValue> </ds<ds:Reference>X509Certificate> <ds:Reference URI="#messageID"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> MIIGjTCCBMGgAwIBAgIUFy4h2LTxF4eZW2LC1kay4XM2HOkwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMjExMjkwOTMwMjVaFw0yNTExMjgwOTMwMjRaMIGjMSIwIAYDVQQDDBlOU1AgVGVzdCBTZXJ2aWNlIENvbnN1bWVyMTcwNQYDVQQFEy5VSTpESy1POkc6OGQzZmEwNDctYzc3ZS00N2U0LWJkZDItZTkxNDg4NjEwY2U2MR4wHAYDVQQKDBVTdW5kaGVkc2RhdGFzdHlyZWxzZW4xFzAVBgNVBGEMDk5UUkRLLTMzMjU3ODcyMQswCQYDVQQGEwJESzCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALyJRrV1jHkQtPZ5Yb1BQsVv7CsH2G7xMebZh6o7Opm/Pb2+u8QKnPK2dkPXtFDn4efC6adwMN7EeDulIOC+6S/2yNcUQvD9Nbk40TBX6wqHjcQoMA9a725m1cqQiHPGxlHhQVMRzeJLjpEVnkdush3NCZFfndu48bdtsxM2n6sJgB3wJhvVAb8PdABfZETRcpMVIU8gBEWhMFHZhKlzmZqPUf7OQCtF2Hd1N7F4Qzus/NCP98p9z92h07sVprZD8iwWLlN9GukssDoZTbHpYmeFRE74WnxibQwau8FRFXxHZVSMQ+b3rOPLw0fLL09wDIDcBdJZyK2S/qHWzCfxxNwUCMd5g5aEvXElxiVnNdSBNVz+9phvMz3T66Za64DxFbQ/cfQcCJgSQyGpGpAOEuv2Rl9xxiNHFkoYVTR85bsHPFm6zda7/WSRZbjrhWRsbcTNunu+ucK1STkb0jiupk951zwlGN/HFGPtYP6GEMbaln01Rc7XrQDO7Rc4VKBVlwIDAQABo4IBhjCCAYIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBR/KJ/ZcZlC4nXn1zV2Lk0IJW12XjB7BggrBgEFBQcBAQRvMG0wQwYIKwYBBQUHMAKGN2h0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY2VzL2lzc3VpbmcvMS9jYWNlcnQvaXNzdWluZy5jZXIwJgYIKwYBBQUHMAGGGmh0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY3NwMCEGA1UdIAQaMBgwCAYGBACPegEBMAwGCiqBUIEpAQEBAwcwOwYIKwYBBQUHAQMELzAtMCsGCCsGAQUFBwsCMB8GBwQAi+xJAQIwFIYSaHR0cHM6Ly91aWQuZ292LmRrMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY2VzL2lzc3VpbmcvMS9jcmwvaXNzdWluZy5jcmwwHQYDVR0OBBYEFFNN5GI5Bd91v2k+3gh2tB79kMiJMA4GA1UdDwEB/wQEAwIFoDBBBgkqhkiG9w0BAQowNKAPMA0GCWCGSAFlAwQCAQUAoRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogMCASADggGBAAg7zaoHb0a4EKKoVc2SVcp6/x4Np2CfUmduosmoWxd5SboR2NV93MinTkhJRLPXjTYjETLKLNbmgrDm1oFtnw4rVRdKtpy06D0Zh5hKmR3KDjfXt/+KiHtjqs5fmB8GVo3TxFHGnS4sOmph6l/KG4tOPhMabVWcX7vJQfIBVJMak1QHWzig4ooREvupqefYTpvP13GIG4DsyRabAlR2M3pyvdrSAU899gxASvWI6LBQlEdd4tPodAvdEEb3fHS2pnWmI56Im881jOdVtmmjWMCyPD4kP6SaBUxs7XhqZMwH8X98d5NMwPUYyyKwOVJfPrsWdfhupshcdyn2AWpVLU5GfhdRkmSdLdTKzzJOt7pPH+fS95R5MyV0febSJnSOXgNq7ICdQdiKO/HQ8/zmePRq8Ax/7DGrEA0zXENH2un6AV+7bZtELmNoU+B0MoN/AuSteAxmfTTnc8Xu45rTIXh3Vx1OS3NFggGSBvawlVkE7kWKej3o2sKtfot8a+ILzw==</ds:X509Certificate> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <ds:DigestValue>fLMGn3Oku6LmMaUKdmlo2Wcz4nQ=</ds:DigestValue>X509Data> </ds:Reference> <ds:Reference URI="#action"> <ds:Transforms> </ds:KeyInfo> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:Transforms>Signature> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <ds:DigestValue>3cXAhlhZH22NiSh7AttxKxBap7Q=</ds:DigestValue><saml:Subject> </ds:Reference> </ds<saml:SignedInfo>NameID <ds:SignatureValue>h2XGnEF6FO/BWVr3iY95iGkyWKhWq1i1tNwZahSqbMFx+hZkMTG3WJkxmf+4nFAqR9ufMJtpXN176sjEgvPU01ISAzRqNGuq9D2qLsqbQzYr/JTNqVpwoVW1QHbpKVHzh4a4rUGtGFJmBe/elINHL8yY4Uv7nfFyTbHWSM31GXetTTv/vsdKx1tz9kIP9z3WCyE6hRV34c/IlJi0+RzdmjWe+GwG9Hs70wt6AyROOZyCqVqKlP0sIE1WkyyM6gmW4g6GqXQu4jBYxip1cg2bqU4Zgz3L7tudDwaF+hQZCPQgg+iB9aWKve5poLk/wn6EgqE13rZpKSI+vBvUCsKmMA==</ds:SignatureValue> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate>MIIGJzCCBQ+gAwIBAgIEX6aZBzANBgkqhkiG9w0BAQsFADBJMQswCQYDVQQGEwJESzESMBAGA1UECgwJVFJVU1QyNDA4MSYwJAYDVQQDDB1UUlVTVDI0MDggU3lzdGVtdGVzdCBYWFhJViBDQTAeFw0yMjEyMTExMjQ4MTZaFw0yNTEyMTExMjQ3MzNaMIGQMQswCQYDVQQGEwJESzEnMCUGA1UECgweTkVUUyBEQU5JRCBBL1MgLy8gQ1ZSOjMwODA4NDYwMVgwIAYDVQQFExlDVlI6MzA4MDg0NjAtRklEOjk0NzMxMzE1MDQGA1UEAwwtVFUgR0VORVJFTCBGT0NFUyBneWxkaWcgKGZ1bmt0aW9uc2NlcnRpZmlrYXQpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApo+xqGtIP/POChegfzkTJiWNOwKQgR+L230FVAPjlaiJF8BqRt+JKtquv4rz1GiksodVtOYE7xUTUzBc+2IOLjW+pt8A5sZqoCoy2OVfkBjAm6h61q4SNJoKvU9jSGCj+RwcgIV/KB6qwZ46OUxze0YCbcJ1GFg2zeUXa7qKcqTifsORXHhV/Luo53C52sS8mjrkxJCT/f/ebe4i3TFGHGbvzHVvH84V0khoLv+GvyibT2+u6ry4QF0Dzfv/jpXEpvS+s1jr50L1PFU2md9r28c6N3Z8WVInN9qkdMRUIdB0kTrm5gVA9qJKXaJLsUwwt83BthyQA+4d43kSxwF0uQIDAQABo4ICzTCCAskwDgYDVR0PAQH/BAQDAgO4MIGXBggrBgEFBQcBAQSBijCBhzA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc3lzdGVtdGVzdDM0LnRydXN0MjQwOC5jb20vcmVzcG9uZGVyMEcGCCsGAQUFBzAChjtodHRwOi8vZi5haWEuc3lzdGVtdGVzdDM0LnRydXN0MjQwOC5jb20vc3lzdGVtdGVzdDM0LWNhLmNlcjCCASAGA1UdIASCARcwggETMIIBDwYNKwYBBAGB9FECBAYEAzCB/TAvBggrBgEFBQcCARYjaHR0cDovL3d3dy50cnVzdDI0MDguY29tL3JlcG9zaXRvcnkwgckGCCsGAQUFBwICMIG8MAwWBURhbklEMAMCAQEagatEYW5JRCB0ZXN0IGNlcnRpZmlrYXRlciBmcmEgZGVubmUgQ0EgdWRzdGVkZXMgdW5kZXIgT0lEIDEuMy42LjEuNC4xLjMxMzEzLjIuNC42LjQuMy4gRGFuSUQgdGVzdCBjZXJ0aWZpY2F0ZXMgZnJvbSB0aGlzIENBIGFyZSBpc3N1ZWQgdW5kZXIgT0lEIDEuMy42LjEuNC4xLjMxMzEzLjIuNC42LjQuMy4wga0GA1UdHwSBpTCBojA8oDqgOIY2aHR0cDovL2NybC5zeXN0ZW10ZXN0MzQudHJ1c3QyNDA4LmNvbS9zeXN0ZW10ZXN0MzQuY3JsMGKgYKBepFwwWjELMAkGA1UEBhMCREsxEjAQBgNVBAoMCVRSVVNUMjQwODEmMCQGA1UEAwwdVFJVU1QyNDA4IFN5c3RlbXRlc3QgWFhYSVYgQ0ExDzANBgNVBAMMBkNSTDU5NzAfBgNVHSMEGDAWgBTNbGiXOXIZpDWrZOr0EaOBh/hpOzAdBgNVHQ4EFgQUHGQX7o/mbXmLQ53B6MwbZEWWuy4wCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAjeb9T3Qeh3TuSTu4g0K4wZHUfW89e0tpiDT3nHIPqT4rNXbZ3Y1NUnkLoCtHJge5ixylFmytXAXSsBleoeNJL7DHYpAyrc6ZBUjUlSUYHFrSEOpU3KRReSRUDRLSn2naX46V1gP0OEMs1ZFixrxnBmgcI7SvHR8RFJyxGPjrSPgvIJbqeHtp9P3wSMj02jq6EEfpk6etiLBzvj0U/tWs4ucV6hu//p3/1OzjfVZG0gFxbHPV1oqIc2EcsMsskHutNd7/jw2GfP6k6E0EwV1Hlb8bVddjF3vQNPXIRnvAYSV1kDxoaXuufbRtKsuFG7ZmyIoPbc0ntgPfdYqT378JTg==</ds:X509Certificate>Format="urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName"> </ds:X509Data> </ds:KeyInfo> </ds:Signature> </wsse:Security> <wsa:Action wsu:Id="action">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue</wsa:Action> C=DK,O=Testorganisation <wsa:MessageID wsu:Id="messageID">urn:uuid:88990319-c8f3-490e-8c47-0a4a3cb16bc8</wsa:MessageID> </soapenv:Header> <soapenv:Body wsu:Id="body"> <wst:RequestSecurityToken Context="urn:uuid:85ea86e9-3b54-44d9-8142-4fe699966d2f"> <wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType> nr. <wst:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</wst:RequestType> <wst14:ActAs> <saml:EncryptedAssertion> <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element"> 94354969,CN=null,Serial=UI:DK-P:G:23550132-5e1f-4e43-a5f9-048acf49e0b8</saml:NameID> <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> <saml:SubjectConfirmation <ds:KeyInfo> <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"> <xenc:EncryptionMethod AlgorithmMethod="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/urn:oasis:names:tc:SAML:2.0:cm:holder-of-key"> <xenc:CipherData> <xenc:CipherValue>BCwxZu3ZyhGu4mto6E4QnXbDb02ghSk/YvbuNMcqbG0IM5P+LQJ3o7Z8xQwC+WfNNTz+4EcJgndX 9vQVvZI4l5GMtteZKAGK+jfa1UVH//RSRFHd6Xe7TA2xeun0XiFxepPdcpMEvjJ8X7pXLu3bDKug c6dC0tFx7C470b//sa4viGDSU9Mj/Z79yLp8l3mOc/iOd8JOW69IMVm7IKHhFY0ecZ3+8n+QafNi LFasxO5pEei4bObZ4jMUT7lFv+Tej6NAmDnyBn0OtawjU5SlGLvUukiKC1a7Tmcivc5I4uBA+hyB CK2wvCvsYLPqyXjAuPJ4nnxLR8Tqj09b7HTxhA==</xenc:CipherValue><saml:SubjectConfirmationData NotOnOrAfter="2024-02-22T13:26:38Z" </xenc:CipherData> </xenc:EncryptedKey>Recipient="http://audience/clear"> </ds:KeyInfo> <xenc:CipherData> <ds:KeyInfo> <xenc:CipherValue>[Udeladt for korthedens skyld]</xenc:CipherValue> </xenc:CipherData> </xenc:EncryptedData> </saml:EncryptedAssertion> </wst14<ds:ActAs>X509Data> <wsp:AppliesTo> <wsa:EndpointReference> <wsa:Address>http://audience/clear</wsa:Address> </wsa:EndpointReference> </wsp:AppliesTo> <wst:Claims Dialect="http://docs.oasis-open.org/wsfed/authorization/200706/authclaims"> <ds:X509Certificate> <auth:ClaimType Uri="dk:gov:saml:attribute:CprNumberIdentifier"> <auth:Value>0501792275</auth:Value> </auth:ClaimType> </wst:Claims> </wst:RequestSecurityToken> </soapenv:Body> </soapenv:Envelope> |
Svar fra STS
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <soapenv:Header> <wsse:Security mustUnderstand="1" wsu:Id="security"> MIIGiDCCBLygAwIBAgIUNySjAhoHGRCYk/yn3wsw3wmXBrcwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMTA0MjgxMjI1NDhaFw0yNDA0MjcxMjI1NDdaMIGeMRUwEwYDVQQDDAxGT0NFU19neWxkaWcxNzA1BgNVBAUTLlVJOkRLLU86RzoyMzU1MDEzMi01ZTFmLTRlNDMtYTVmOS0wNDhhY2Y0OWUwYjgxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDDjbGCHjgv+o1q0Q8GcHnLzHG6r4Q4vfuuWHU3Uscjgo6PC55Wj+GAsEnX7Gb8zIcM/kFv87wYR4w14dRO2lc8OO4e6sCzyIJduvu6da8yCBu6qYV708liVTvmTFFTc5O20lmRb0/MnUlyqU+IFcARhsT14M05sNznd1JF+/cfYwyDo+vCRPXa24WbY5GS2kBgnP/YDCUhmjOiDOGKMCgHj/YYvIZJq+2lfB+Lbi3vRXwJRCeI8FUOaVejFY6zDWOz14uELHhbK9Mhm3MV80PzK/MzDs2G60SMv7PGfkjjb3CHYKsDF0IJe59zumn322HAYOtaVSObSxESHhkOCUf6ZgFGoIQCGB7Q94A3UOktdPqgTmyequ+6HYQxPWbb5HxaItWvQ0qMV3jfu9VsH8Jzo+kpVoUVjpEucwmyXMLd22Iihfy6arckFHQFMYRBGB8bPuPGbk9aSlJ+AOQ+MD1foq051loLJb5Sukj3Bp+BtqrE3WAXp5xC+8pmN4szGacCAwEAAaOCAYYwggGCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAhBgNVHSAEGjAYMAgGBgQAj3oBATAMBgoqgVCBKQEBAQMHMDsGCCsGAQUFBwEDBC8wLTArBggrBgEFBQcLAjAfBgcEAIvsSQECMBSGEmh0dHBzOi8vdWlkLmdvdi5kazBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY3JsL2lzc3VpbmcuY3JsMB0GA1UdDgQWBBSQ2zoWKogKlPFYOToFjHSMufl3ZTAOBgNVHQ8BAf8EBAMCBaAwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4IBgQB9sFKk0XIi7AOVjMu5ngVK+KMqnEOe9YGuhW8PBRhaDXi1uVBTm3wpl7CCnPKjPCuJ8sUJxSsES8IZjowuGGRY8RI6Xrf9+gBihL/HHUFowPUSobUJeDiVqZyaQDxVXWRyTwF5R6lQtdX/GJJlrmgW2oEvm4SYGW512EA8DBMWXNfoR0iWGp7taNggMrRj+i3IRiqzfhtslBGA4Rd1t+SRkUJ9lu8JpS+zdQ9MOzfW1YWHeab7nK/k4LkfZTKh2762q4/ez74806OaTqf31Yg56KbPxWHNe0h18gFby0ggIAxhOMS+yAySN5CXcOMigqZt23vtgZjz+RgUVXX3cXrkJhFbhStO2Buh2xHfBT09L5lDfhpLAmC06oWT6xcoJO5EJ2bYCEAV74mwdyWNIkEc2H8AD7SLIxf56Q3MECYGPqyVU2yRKY6iDebTRt+HOeNLyWoZUTO7MXb7IQOhTpsVEZjZd0eiAEw8KbNPGNMwsWQwuf8RzVhildJ/bhPKsAY=</ds:X509Certificate> <wsu:Timestamp wsu:Id="ts"> <wsu:Created>2023-01-17T10:03:13Z</wsu:Created> </wsu:Timestamp> <ds:Signature> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:X509Data> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <ds:Reference URI="#body"> <ds</ds:Transforms>KeyInfo> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </dssaml:Transforms>SubjectConfirmationData> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <ds:DigestValue>YC/OWFWGmPotaF45rOcxkqi77TE=</dssaml:DigestValue>SubjectConfirmation> </ds:Reference> <ds:Reference URI="#ts"> </saml:Subject> <ds:Transforms> <ds<saml:TransformConditions AlgorithmNotBefore="http://www.w3.org/2001/10/xml-exc-c14n#"/> 2024-02-22T13:16:38Z" </ds:Transforms> <ds:DigestMethod AlgorithmNotOnOrAfter="http://www.w3.org/2000/09/xmldsig#sha1"/2024-02-22T13:26:38Z"> <ds:DigestValue>F2BK5nJnIzveH/RjehxuxejFQuE=</ds:DigestValue> </ds:Reference> <saml:AudienceRestriction> <ds:Reference URI="#messageID"> <ds:Transforms> <ds:Transform Algorithm="http<saml:Audience>http://www.w3.org/2001/10/xml-exc-c14n#"/> audience/clear</saml:Audience> </dssaml:Transforms>AudienceRestriction> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <ds:DigestValue>TDmlZ6hRHFgqOwv6FSm3c8UM5Lo=</dssaml:DigestValue>Conditions> </ds:Reference> <ds<saml:Reference URI="#relatesTo"> AttributeStatement> <ds:Transforms> <ds<saml:TransformAttribute AlgorithmName="http://www.w3.org/2001/10/xml-exc-c14n#"/>dk:gov:saml:attribute:SpecVer" </ds:Transforms> <ds:DigestMethod AlgorithmNameFormat="http://www.w3.org/2000/09/xmldsig#sha1"/urn:oasis:names:tc:SAML:2.0:attrname-format:basic"> <ds:DigestValue>n3QRqS2iBhjlolls5a74M2Vzo3g=</ds:DigestValue> </ds:Reference> <ds<saml:ReferenceAttributeValue URIxsi:type="#action">xs:string">DK-SAML-2.0</saml:AttributeValue> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </saml:Attribute> </ds:Transforms> <ds<saml:DigestMethodAttribute AlgorithmName="http://www.w3.org/2000/09/xmldsig#sha1"/>dk:gov:saml:attribute:AssuranceLevel" <ds:DigestValue>3cXAhlhZH22NiSh7AttxKxBap7Q=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>U+SYOkZA5IGl+44Hkj3eXS5GHgkGDB3gFU0Zr5OsmJ4s23KbIVLfNaqBCesiOZ5HhHQBTpMaibUW4YiI42N/k6vQ46BTR5ZO26obKnNOl1JpokBKBgIKtwKO3QzXh7LuyeVeJkGe1wftVaxUHfGbxHiC2m/dhUrzrn+P5x+3/JiSHzqbtylQXWSYXwJY3oXoMtPyIXm2mHoqyUSEnCJk/NU/HNPMmEtB/VtaFjfylNF83H7bA/bynuiduxh695YuFO/AVpYxbf1HSZK7Ck0gxemaT5LKx2aB+M6rp4q3EARg0TBYoT6Bj6sOIXzufVfB9qObzxm+ItEmGMOuF1/lTw==</ds:SignatureValue> NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate>MIIGRzCCBS+gAwIBAgIEX51MYTANBgkqhkiG9w0BAQsFADBJMQswCQYDVQQGEwJESzESMBAGA1UECgwJVFJVU1QyNDA4MSYwJAYDVQQDDB1UUlVTVDI0MDggU3lzdGVtdGVzdCBYWFhJViBDQTAeFw0yMTA4MTYwNjQ4MjJaFw0yNDA4MTYwNjQ3MjNaMIGOMQswCQYDVQQGEwJESzEvMC0GA1UECgwmU3RhdGVucyBTZXJ1bSBJbnN0aXR1dCAvLyBDVlI6NDY4Mzc0MjgxTjAgBgNVBAUTGUNWUjo0NjgzNzQyOC1VSUQ6Mjc5MTAxMzUwKgYDVQQDDCNTdGF0ZW5zIFNlcnVtIEluc3RpdHV0IC0gVGVzdCBWT0NFUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKo3h9gnQBKbiJriTMg/QLuuJFNONeRl9F8T9RE+HEOdBhhb64afks3ztVjXQ15r8KNu0YwBkOVFOe0wz7w0uT7OSFxf5Zejl1BO7VxIkcYEfq5GjryNcHb50sB7G2CisfKtdN5DRSShJyQXgZ3cflVazP+ZrYfi9gy79GBVYi3mTxN4yJtSOkKIMh8knGiBgHVqS3fkOO+K5dmV9qImFYQvCpSf8XgN96d5+mTvuZ2Yu+8GaFCSU93CxlnfODkqAWkATYnV0I6hd9l7qrGjIT0flDaVm2ruJwKEW+CkeaG9W9yDYBNLNw6WqioUckslMkVUwSUD6rQ8MLrvxfmQ+WsCAwEAAaOCAu8wggLrMA4GA1UdDwEB/wQEAwIDuDCBlwYIKwYBBQUHAQEEgYowgYcwPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3Jlc3BvbmRlcjBHBggrBgEFBQcwAoY7aHR0cDovL3YuYWlhLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3N5c3RlbXRlc3QzNC1jYS5jZXIwggEgBgNVHSAEggEXMIIBEzCCAQ8GDSsGAQQBgfRRAgQGAwUwgf0wLwYIKwYBBQUHAgEWI2h0dHA6Ly93d3cudHJ1c3QyNDA4LmNvbS9yZXBvc2l0b3J5MIHJBggrBgEFBQcCAjCBvDAMFgVEYW5JRDADAgEBGoGrRGFuSUQgdGVzdCBjZXJ0aWZpa2F0ZXIgZnJhIGRlbm5lIENBIHVkc3RlZGVzIHVuZGVyIE9JRCAxLjMuNi4xLjQuMS4zMTMxMy4yLjQuNi4zLjUuIERhbklEIHRlc3QgY2VydGlmaWNhdGVzIGZyb20gdGhpcyBDQSBhcmUgaXNzdWVkIHVuZGVyIE9JRCAxLjMuNi4xLjQuMS4zMTMxMy4yLjQuNi4zLjUuMCAGA1UdEQQZMBeBFXRlc3RjZXJ0aWZpa2F0QHNzaS5kazCBrQYDVR0fBIGlMIGiMDygOqA4hjZodHRwOi8vY3JsLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3N5c3RlbXRlc3QzNC5jcmwwYqBgoF6kXDBaMQswCQYDVQQGEwJESzESMBAGA1UECgwJVFJVU1QyNDA4MSYwJAYDVQQDDB1UUlVTVDI0MDggU3lzdGVtdGVzdCBYWFhJViBDQTEPMA0GA1UEAwwGQ1JMMTk1MB8GA1UdIwQYMBaAFM1saJc5chmkNatk6vQRo4GH+Gk7MB0GA1UdDgQWBBTXaIm8KGHSJc24Q3sCwFiMXb5M3jAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQCA26TOPUHHxffo7ajqZkZhNfDZzBl8XlcgQPbhrAZINCKD/cKesZGnJwElGHtexRfyUh073kkww1wP2EmZf+9m5Kry73hHKyUkawtO1/R2ib04OKpIZd8M3F9YfyOusZVxuTcYYty20xEfJO8HygzXNIrFFA1qorrMjuxiXZRnUDhjzUFVDAu/Rgt8cIR3pTvU1KizLBRUC6Q+8itJizvwMHVB+tRdENbUw+ElkXbLpFt+pc+C5wDFkVudv5B/46jU/ceGNdcmkvUt6F/ey3Uc3Pc30JzpYc4KDHKc6wOttYCNtxWAnpvhOS5HUuV6GpWVww28x3Ykhv0rfYXlZo4W</ds:X509Certificate><saml:AttributeValue xsi:type="xs:string">3</saml:AttributeValue> </dssaml:X509Data>Attribute> </ds:KeyInfo> </ds:Signature> </wsse:Security> <wsa:Action wsu:Id="action">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue</wsa:Action> <wsa<saml:MessageIDAttribute wsu:IdName="messageID">urn:uuid:dfcf3f60-ad40-4059-94e5-2635cb4ac6bd</wsa:MessageID> dk:gov:saml:attribute:CprNumberIdentifier" <wsa:RelatesTo wsu:Id="relatesTo">urn:uuid:88990319-c8f3-490e-8c47-0a4a3cb16bc8</wsa:RelatesTo> </soapenv:Header> <soapenv:Body wsu:Id="body"> <wst:RequestSecurityTokenResponseCollection> <wst:RequestSecurityTokenResponse ContextNameFormat="urn:uuid:85ea86e9-3b54-44d9-8142-4fe699966d2foasis:names:tc:SAML:2.0:attrname-format:basic"> <wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType> <wst:RequestedSecurityToken> <saml:Assertion xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="_db23ce22-558d-43c6-9e1c-554e86619bd1" IssueInstant="2023-01-17T10:03:13Z" Version="2.0" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"> <saml:AttributeValue xsi:type="xs:string">0501792275</saml:AttributeValue> <saml:Issuer>TESTSTS< </saml:Issuer> Attribute> <ds<saml:SignatureAttribute IdName="OCESSignature">dk:gov:saml:attribute:Privileges_intermediate" <ds:SignedInfo> <ds:CanonicalizationMethod AlgorithmNameFormat="http://www.w3.org/2001/10/xml-exc-c14n#"/> urn:oasis:names:tc:SAML:2.0:attrname-format:basic"> <saml:AttributeValue <dsxsi:SignatureMethod Algorithmtype="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> xs:string"> <ds:Reference URI="#_db23ce22-558d-43c6-9e1c-554e86619bd1"> <ds:Transforms> PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiID8+PGJwcDpQcml2aWxlZ2VMaXN0IHhtbG5zOmJwcD0iaHR0cDovL2l0c3QuZGsvb2lvc2FtbC9iYXNpY19wcml2aWxlZ2VfcHJvZmlsZSI+PGJwcDpQcml2aWxlZ2VHcm91cCBTY29wZT0idXJuOmRrOmhlYWx0aGNhcmU6c2FtbDphY3RUaHJvdWdoUHJvY3VyYXRpb25CeTpjcHJOdW1iZXJJZGVudGlmaWVyOjExMTExMTExMTgiPjxicHA6UHJpdmlsZWdlPnVybjpkazpuc3BvcDpzdHM6Zm1rOnJlYWQ8L2JwcDpQcml2aWxlZ2U+PC9icHA6UHJpdmlsZWdlR3JvdXA+PC9icHA6UHJpdmlsZWdlTGlzdD4=</saml:AttributeValue> <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> </saml:Attribute> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </saml:AttributeStatement> </dssaml:Transforms>Assertion> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/></wst:RequestedSecurityToken> <ds:DigestValue>2i5iOUmb3Dipf43TBztqV/7iN6Q=</ds:DigestValue> <wsp:AppliesTo> </ds<wsa:Reference> EndpointReference> </ds:SignedInfo> <wsa:Address>http://audience/clear</wsa:Address> <ds:SignatureValue>HqepjItq6Pp7gbTySp010TjjNMmyIS2bywUk0KtR8aM76oc/oTYeFM/q4Va/WYadksyYx9bPmtrIxTbKZDpN6ucvhbM7/LXuLpskSRblM5dz3PmY0YMDx0i2rA9oUJyMIyRpwOtm5Dh9ZEdsaDnxzSCoV/4Oz/SuaszpN77RFbuDQHz2VaMsJewvpememOjT60GG0i/Wq77GLHmn9i9JewEqwFODmUBmUh9KFbpJ5cn0EPIUjZfdgnj3N0tK8oo1V8zxLOgQOF62NFTcgdKjkTjAN99jnX5yOEpRbc/26tiTQIfekCwV6sinPiJQrdO4bWUw990ubwSaHUuKVpBoYQ== </dswsa:SignatureValue>EndpointReference> <ds</wsp:KeyInfo>AppliesTo> <ds<wst:X509Data>Lifetime> <ds:X509Certificate>MIIGRzCCBS+gAwIBAgIEX51MYTANBgkqhkiG9w0BAQsFADBJMQswCQYDVQQGEwJESzESMBAGA1UECgwJVFJVU1QyNDA4MSYwJAYDVQQDDB1UUlVTVDI0MDggU3lzdGVtdGVzdCBYWFhJViBDQTAeFw0yMTA4MTYwNjQ4MjJaFw0yNDA4MTYwNjQ3MjNaMIGOMQswCQYDVQQGEwJESzEvMC0GA1UECgwmU3RhdGVucyBTZXJ1bSBJbnN0aXR1dCAvLyBDVlI6NDY4Mzc0MjgxTjAgBgNVBAUTGUNWUjo0NjgzNzQyOC1VSUQ6Mjc5MTAxMzUwKgYDVQQDDCNTdGF0ZW5zIFNlcnVtIEluc3RpdHV0IC0gVGVzdCBWT0NFUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKo3h9gnQBKbiJriTMg/QLuuJFNONeRl9F8T9RE+HEOdBhhb64afks3ztVjXQ15r8KNu0YwBkOVFOe0wz7w0uT7OSFxf5Zejl1BO7VxIkcYEfq5GjryNcHb50sB7G2CisfKtdN5DRSShJyQXgZ3cflVazP+ZrYfi9gy79GBVYi3mTxN4yJtSOkKIMh8knGiBgHVqS3fkOO+K5dmV9qImFYQvCpSf8XgN96d5+mTvuZ2Yu+8GaFCSU93CxlnfODkqAWkATYnV0I6hd9l7qrGjIT0flDaVm2ruJwKEW+CkeaG9W9yDYBNLNw6WqioUckslMkVUwSUD6rQ8MLrvxfmQ+WsCAwEAAaOCAu8wggLrMA4GA1UdDwEB/wQEAwIDuDCBlwYIKwYBBQUHAQEEgYowgYcwPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3Jlc3BvbmRlcjBHBggrBgEFBQcwAoY7aHR0cDovL3YuYWlhLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3N5c3RlbXRlc3QzNC1jYS5jZXIwggEgBgNVHSAEggEXMIIBEzCCAQ8GDSsGAQQBgfRRAgQGAwUwgf0wLwYIKwYBBQUHAgEWI2h0dHA6Ly93d3cudHJ1c3QyNDA4LmNvbS9yZXBvc2l0b3J5MIHJBggrBgEFBQcCAjCBvDAMFgVEYW5JRDADAgEBGoGrRGFuSUQgdGVzdCBjZXJ0aWZpa2F0ZXIgZnJhIGRlbm5lIENBIHVkc3RlZGVzIHVuZGVyIE9JRCAxLjMuNi4xLjQuMS4zMTMxMy4yLjQuNi4zLjUuIERhbklEIHRlc3QgY2VydGlmaWNhdGVzIGZyb20gdGhpcyBDQSBhcmUgaXNzdWVkIHVuZGVyIE9JRCAxLjMuNi4xLjQuMS4zMTMxMy4yLjQuNi4zLjUuMCAGA1UdEQQZMBeBFXRlc3RjZXJ0aWZpa2F0QHNzaS5kazCBrQYDVR0fBIGlMIGiMDygOqA4hjZodHRwOi8vY3JsLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3N5c3RlbXRlc3QzNC5jcmwwYqBgoF6kXDBaMQswCQYDVQQGEwJESzESMBAGA1UECgwJVFJVU1QyNDA4MSYwJAYDVQQDDB1UUlVTVDI0MDggU3lzdGVtdGVzdCBYWFhJViBDQTEPMA0GA1UEAwwGQ1JMMTk1MB8GA1UdIwQYMBaAFM1saJc5chmkNatk6vQRo4GH+Gk7MB0GA1UdDgQWBBTXaIm8KGHSJc24Q3sCwFiMXb5M3jAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQCA26TOPUHHxffo7ajqZkZhNfDZzBl8XlcgQPbhrAZINCKD/cKesZGnJwElGHtexRfyUh073kkww1wP2EmZf+9m5Kry73hHKyUkawtO1/R2ib04OKpIZd8M3F9YfyOusZVxuTcYYty20xEfJO8HygzXNIrFFA1qorrMjuxiXZRnUDhjzUFVDAu/Rgt8cIR3pTvU1KizLBRUC6Q+8itJizvwMHVB+tRdENbUw+ElkXbLpFt+pc+C5wDFkVudv5B/46jU/ceGNdcmkvUt6F/ey3Uc3Pc30JzpYc4KDHKc6wOttYCNtxWAnpvhOS5HUuV6GpWVww28x3Ykhv0rfYXlZo4W</ds:X509Certificate> <wsu:Created>2024-02-22T13:16:38Z</wsu:Created> </ds:X509Data> <wsu:Expires>2024-02-22T13:26:38Z</wsu:Expires> </dswst:KeyInfo>Lifetime> </dswst:Signature>RequestSecurityTokenResponse> </wst:RequestSecurityTokenResponseCollection> <saml</soapenv:Subject> <saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName">C=DK,O=Ingen organisatorisk tilknytning,CN=Lars Larsen,Serial=PID:9208-2002-2-514358910503</saml:NameID> <saml:SubjectConfirmation MethodBody> </soapenv:Envelope> |
Overordnet for ovenstående typer
Bemærk returværdien fra STS, der indeholder attributten 'dk:gov:saml:attribute:Privileges_intermediate' (Vist i ovenstående eksempel fra OIO2BST_LEGACY STS-svaret):
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<saml:Attribute Name="dk:gov:saml:attribute:Privileges_intermediate" NameFormat="urn:oasis:names:tc:SAML:2.0:cm:holder-of-keyattrname-format:basic"> <saml:AttributeValue xsi:type="xs:string"> PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiID8+PGJwcDpQcml2aWxlZ2VMaXN0IHhtbG5zOmJwcD0iaHR0cDovL2RpZ3N0LmRrL29pb3NhbWwvYmFzaWNfcHJpdmlsZWdlX3Byb2ZpbGUiPjxQcml2aWxlZ2VHcm91cCBTY29wZT0idXJuOnByZWZpeDoxMjM0NTY3ODkwIj48UHJpdmlsZWdlPnVybjpkazpzdW5kaGVkc2RhdGFzdHlyZWxzZW46aWRzYXM6cmVhZDp1bmJsdXJyZWQ8L1ByaXZpbGVnZT48L1ByaXZpbGVnZUdyb3VwPjwvYnBwOlByaXZpbGVnZUxpc3Q+ </saml:AttributeValue> </saml:Attribute> |
Værdien er base64 encoded, og kan indeholde forskellige værdier. Disse er beskrevet nedenunder. Eksemplerne viser værdien efter en base64 decode.
Fuldmagt
Bemærk at strukturen både indeholder det CPR nummer, som borgeren ønsker at arbejde på vegne af, samt listen af de privilegier der rent faktisk er tildelt fra denne borger, til den kaldende borger:
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<?xml <saml:SubjectConfirmationData NotOnOrAfter="2023-01-17T10:08:13Z" Recipientversion="1.0" encoding="UTF-8"?> <bpp:PrivilegeList xmlns:bpp="http://itst.dk/oiosaml/basic_privilege_profile"> <bpp:PrivilegeGroup Scope="urn:dk:healthcare:saml:actThroughProcurationBy:cprNumberIdentifier:0101603040"> <bpp:Privilege>urn:dk:nspop:sts:fmk:read</bpp:Privilege> <bpp:Privilege>urn:dk:nspop:sts:fmk:write</bpp:Privilege> </bpp:PrivilegeGroup> </bpp:PrivilegeList> |
Subject Relations
Man kan også vedlægge en claim om værgemål eller forældremyndighed ift. en anden borger. Dette gøres under "dk:healthcare:saml:attribute:OnBehalfOf", og der er de to muligheder der ses herunder. Bemærk dog, at man kun kan claime "WardCustody" hvis man specifikt er blevet whitelisted til det som anvender.
| Code Block | ||||||||
|---|---|---|---|---|---|---|---|---|
| ||||||||
<auth:ClaimType Uri="dk:healthcare:saml:attribute:OnBehalfOf">
<auth:Value>
urn:dk:healthcare:saml:actThrough:WardCustody:cprNumberIdentifier:1111111118
</auth:Value>
</auth:ClaimType> |
| Code Block | ||||||||
|---|---|---|---|---|---|---|---|---|
| ||||||||
<auth:ClaimType Uri="dk:healthcare:saml:attribute:OnBehalfOf">
<auth:Value>
urn:dk:healthcare:saml:actThrough:ParentalCustody:cprNumberIdentifier:1111111118
</auth:Value>
</auth:ClaimType> |
I billetten vil subject relations være kodet i stil med følgende, dog i praksis base64-encoded som nævnt ovenfor.
Eksempel for "Fuld værge". Her behøves attributten "relatedPersonAge" ikke være angivet:
| Code Block | ||||
|---|---|---|---|---|
| ||||
<?xml version="1.0" encoding="UTF-8"?> <srp:SubjectRelations xmlns:srp="urn:dk:healthcare:saml:subject_relations_profile:1.1"> <srp:VerifiedRelation relationType="wardCustodyHolder"audience/clear"> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate>MIIGJzCCBQ+gAwIBAgIEX6aZBzANBgkqhkiG9w0BAQsFADBJMQswCQYDVQQGEwJESzESMBAGA1UECgwJVFJVU1QyNDA4MSYwJAYDVQQDDB1UUlVTVDI0MDggU3lzdGVtdGVzdCBYWFhJViBDQTAeFw0yMjEyMTExMjQ4MTZaFw0yNTEyMTExMjQ3MzNaMIGQMQswCQYDVQQGEwJESzEnMCUGA1UECgweTkVUUyBEQU5JRCBBL1MgLy8gQ1ZSOjMwODA4NDYwMVgwIAYDVQQFExlDVlI6MzA4MDg0NjAtRklEOjk0NzMxMzE1MDQGA1UEAwwtVFUgR0VORVJFTCBGT0NFUyBneWxkaWcgKGZ1bmt0aW9uc2NlcnRpZmlrYXQpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApo+xqGtIP/POChegfzkTJiWNOwKQgR+L230FVAPjlaiJF8BqRt+JKtquv4rz1GiksodVtOYE7xUTUzBc+2IOLjW+pt8A5sZqoCoy2OVfkBjAm6h61q4SNJoKvU9jSGCj+RwcgIV/KB6qwZ46OUxze0YCbcJ1GFg2zeUXa7qKcqTifsORXHhV/Luo53C52sS8mjrkxJCT/f/ebe4i3TFGHGbvzHVvH84V0khoLv+GvyibT2+u6ry4QF0Dzfv/jpXEpvS+s1jr50L1PFU2md9r28c6N3Z8WVInN9qkdMRUIdB0kTrm5gVA9qJKXaJLsUwwt83BthyQA+4d43kSxwF0uQIDAQABo4ICzTCCAskwDgYDVR0PAQH/BAQDAgO4MIGXBggrBgEFBQcBAQSBijCBhzA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc3lzdGVtdGVzdDM0LnRydXN0MjQwOC5jb20vcmVzcG9uZGVyMEcGCCsGAQUFBzAChjtodHRwOi8vZi5haWEuc3lzdGVtdGVzdDM0LnRydXN0MjQwOC5jb20vc3lzdGVtdGVzdDM0LWNhLmNlcjCCASAGA1UdIASCARcwggETMIIBDwYNKwYBBAGB9FECBAYEAzCB/TAvBggrBgEFBQcCARYjaHR0cDovL3d3dy50cnVzdDI0MDguY29tL3JlcG9zaXRvcnkwgckGCCsGAQUFBwICMIG8MAwWBURhbklEMAMCAQEagatEYW5JRCB0ZXN0IGNlcnRpZmlrYXRlciBmcmEgZGVubmUgQ0EgdWRzdGVkZXMgdW5kZXIgT0lEIDEuMy42LjEuNC4xLjMxMzEzLjIuNC42LjQuMy4gRGFuSUQgdGVzdCBjZXJ0aWZpY2F0ZXMgZnJvbSB0aGlzIENBIGFyZSBpc3N1ZWQgdW5kZXIgT0lEIDEuMy42LjEuNC4xLjMxMzEzLjIuNC42LjQuMy4wga0GA1UdHwSBpTCBojA8oDqgOIY2aHR0cDovL2NybC5zeXN0ZW10ZXN0MzQudHJ1c3QyNDA4LmNvbS9zeXN0ZW10ZXN0MzQuY3JsMGKgYKBepFwwWjELMAkGA1UEBhMCREsxEjAQBgNVBAoMCVRSVVNUMjQwODEmMCQGA1UEAwwdVFJVU1QyNDA4IFN5c3RlbXRlc3QgWFhYSVYgQ0ExDzANBgNVBAMMBkNSTDU5NzAfBgNVHSMEGDAWgBTNbGiXOXIZpDWrZOr0EaOBh/hpOzAdBgNVHQ4EFgQUHGQX7o/mbXmLQ53B6MwbZEWWuy4wCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAjeb9T3Qeh3TuSTu4g0K4wZHUfW89e0tpiDT3nHIPqT4rNXbZ3Y1NUnkLoCtHJge5ixylFmytXAXSsBleoeNJL7DHYpAyrc6ZBUjUlSUYHFrSEOpU3KRReSRUDRLSn2naX46V1gP0OEMs1ZFixrxnBmgcI7SvHR8RFJyxGPjrSPgvIJbqeHtp9P3wSMj02jq6EEfpk6etiLBzvj0U/tWs4ucV6hu//p3/1OzjfVZG0gFxbHPV1oqIc2EcsMsskHutNd7/jw2GfP6k6E0EwV1Hlb8bVddjF3vQNPXIRnvAYSV1kDxoaXuufbRtKsuFG7ZmyIoPbc0ntgPfdYqT378JTg==</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </saml:SubjectConfirmationData> </saml:SubjectConfirmation> </saml:Subject> <saml:Conditions NotBefore="2023-01-17T09:58:13Z" NotOnOrAfter="2023-01-17T10:08:13Z"> <saml:AudienceRestriction> <saml:Audience>http://audience/clear</saml:Audience> </saml:AudienceRestriction> relatedPersonID="0101111234" </saml:Conditions> relatedPersonIDType="URN:OID:1.2.208.176.1.2" /> </srp:SubjectRelations> |
Hvis det drejer sig om "Forældremyndighed", så skal attributten "relatedPersonAge" være angivet:
| Code Block | ||||||||
|---|---|---|---|---|---|---|---|---|
| ||||||||
<?xml <saml:AttributeStatement>version="1.0" encoding="UTF-8"?> <srp:SubjectRelations xmlns:srp="urn:dk:healthcare:saml:subject_relations_profile:1.1"> <srp:VerifiedRelation <saml:Attribute Name="dk:gov:saml:attribute:SpecVer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"> relationType="parentalCustodyHolder" relatedPersonID="0101111234" <saml:AttributeValue xsi:typerelatedPersonIDType="xs:string">DK-SAML-2.0</saml:AttributeValue>URN:OID:1.2.208.176.1.2" relatedPersonAge= ”10” </saml:Attribute> <saml:/> </srp:SubjectRelations> |
Sløring
STS vil gennem IDSAS slå op om sløring er ønsket. Sløring vil optræde som specificeret i OIOITP Blurring Instructions Profile 1.1 i billetten.
Returværdien fra STS indeholder sløringer hvis xml'en indeholder attributten "urn:dk:healthcare:saml:attribute:BlurringInstructions":
| Code Block | ||||
|---|---|---|---|---|
| ||||
<?xml version="1.0" encoding="UTF-8"?> <saml:Attribute xmlns:samlAttribute Name="dk:gov:saml:attribute:AssuranceLevel" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basicassertion"> <saml:AttributeValue xsi:type="xs:string">3</saml:AttributeValue> </saml:Attribute> <saml:Attribute Name="dk:gov xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Name="urn:dk:healthcare:saml:attribute:CprNumberIdentifierBlurringInstructions" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"> <saml:AttributeValue xsi:type="xs:string"> <!-- Slørings-oplysninger i Base64 encodet form. --> PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4NCjxiaXA6Qmx1cnJpbmdJbnN0cnVj dGlvbnMgeG1sbnM6YmlwPSJ1cm46ZGs6aG- VhbHRoY2FyZTpzYW1sOmJsdXJyaW5nX2luc3RydWN0aW9uX3Byb2ZpbGU6MS4wIiBjdXItcmVudFNhbH Q9IjVrWlpMTlFNTkl- rejFZN3RDRGozR1E9PSI+DQoJPGJpcDpCbHVyRW1wbG95ZWVOYW1lc0Zyb21Pcmcgb3JnVHlwZT0iQ1Z SIiByZWFzb249ImZyb21fcmVsYXRlZF9wZXJzb24iPg0KCQkyOTE5MDkyNQ0KCTwvYml- wOkJsdXJFbXBsb3llZU5hbWVzRnJvbU9yZz4NCjwvYmlwOkJsdXJyaW5nSW5zdHJ1Y3Rpb25zPg== </saml:AttributeValue> </saml:Attribute> |
Værdien er base64 encoded, og kan indeholde forskellige værdier. Disse er beskrevet nedenunder. Eksemplerne viser værdien efter en base64 decode.
Brugerspecifik sløring fra to CVR numre
Eksempel på en borgerspecifik sløring fra både Region Midtjylland (CVR:29190925) og Region Nordjylland (CVR:29190941).
| Code Block | ||||
|---|---|---|---|---|
| ||||
<?xml version="1.0" encoding="UTF-8"?> <bip:BlurringInstructions xmlns:bip="urn:dk:healthcare:saml:blurring_instruction_profile:1.1" currentSalt="5kZZLNQMNIkz1Y7tCDj3GQ=="> <bip:BlurEmployeeNamesFromOrg orgType="CVR" reason="specific_for_person"> 29190925 </bip:BlurEmployeeNamesFromOrg> <bip:BlurEmployeeNamesFromOrg orgType="CVR" reason="specific_for_person"> 29190941>0501792275</saml:AttributeValue> </saml:Attribute> </saml:AttributeStatement> </saml:Assertion> </wst:RequestedSecurityToken> <wsp:AppliesTo> <wsa:EndpointReference> <wsa:Address>http://audience/clear</wsa:Address> </wsa:EndpointReference> </wsp:AppliesTo> <wst:Lifetime> <wsu:Created>2023-01-17T09:58:13Z</wsu:Created> <wsu:Expires>2023-01-17T10:08:13Z</wsu:Expires> </wst:Lifetime> </wst:RequestSecurityTokenResponse> </wstbip:RequestSecurityTokenResponseCollection>BlurEmployeeNamesFromOrg> </soapenv:Body> </soapenv:Envelope> |
Overordnet for ovenstående typer
Bemærk returværdien fra STS, der indeholder attributten 'dk:gov:saml:attribute:Privileges_intermediate' (ikke vist i ovenstående eksempler):
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<saml:Attribute Name="dk:gov:saml:attribute:Privileges_intermediate"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">
PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiID8+PGJwcDpQcml2aWxlZ2VMaXN0IHhtbG5zOmJwcD0iaHR0cDovL2RpZ3N0LmRrL29pb3NhbWwvYmFzaWNfcHJpdmlsZWdlX3Byb2ZpbGUiPjxQcml2aWxlZ2VHcm91cCBTY29wZT0idXJuOnByZWZpeDoxMjM0NTY3ODkwIj48UHJpdmlsZWdlPnVybjpkazpzdW5kaGVkc2RhdGFzdHlyZWxzZW46aWRzYXM6cmVhZDp1bmJsdXJyZWQ8L1ByaXZpbGVnZT48L1ByaXZpbGVnZUdyb3VwPjwvYnBwOlByaXZpbGVnZUxpc3Q+
</saml:AttributeValue>
</saml:Attribute> |
Værdien er base64 encoded, og kan indeholde forskellige værdier. Disse er beskrevet nedenunder. Eksemplerne viser værdien efter en base64 decode.
Fuldmagt
Bemærk at strukturen både indeholder det CPR nummer, som borgeren ønsker at arbejde på vegne af, samt listen af de privilegier der rent faktisk er tildelt fra denne borger, til den kaldende borger:
bip:BlurringInstructions> |
Ingen sløringer
Bemærk: <bip:BlurringInstructions> med currentSalt skal altid indlejres, uanset om der er sløringer ej.
| Code Block | ||||
|---|---|---|---|---|
| ||||
<?xml version="1.0" encoding="UTF-8"?>
<bip:BlurringInstructions
xmlns:bip="urn:dk:healthcare:saml:blurring_instruction_profile:1.1"
currentSalt="5kZZLNQMNIkz1Y7tCDj3GQ==" /> |
Sløringer fra en relateret person
Hvis borgeren skal se oplysninger om en relateret person (f.eks. en fuldmagtsgiver), skal der også sløres for borgeren, når der er sløret for fuldmagtsgiveren.
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
| Code Block | ||||||
| ||||||
<?xml version="1.0" encoding="UTF-8"?> <bpp<bip:PrivilegeList BlurringInstructions xmlns:bppbip="httpurn://itst.dk/oiosaml/basic_privilege_profile"> <bpp:PrivilegeGroup Scope="urn:dk:healthcare:saml:actThroughProcurationBy:cprNumberIdentifier:0101603040"> <bpp:Privilege>urn:dk:nspop:sts:fmk:read</bpp:Privilege> <bpp:Privilege>urn:dk:nspop:sts:fmk:write</bpp:Privilege> </bpp:PrivilegeGroup> </bpp:PrivilegeList> |
Sløring
STS vil gennem IDSAS slå op om sløring er ønsket. Der kan være forskellige scenarier. Hvis værdien ikke er tilstede, eller den er "unblurred", så ønskes sløring ikke:
dk:healthcare:saml:blurring_instruction_profile:1.1"
currentSalt="5kZZLNQMNIkz1Y7tCDj3GQ==">
<bip:BlurEmployeeNamesFromOrg orgType="CVR" reason="from_related_person">
29190925
</bip:BlurEmployeeNamesFromOrg>
</bip:BlurringInstructions> |
Sløringer både personlige og for en relateret person
I sjældne tilfælde kan der både være sløret for ’subject’ og den som ’subject’ ønsker at slå op på:
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
| Code Block | ||||||
| ||||||
<?xml version="1.0" encoding="UTF-8"?> <bip:BlurringInstructions xmlns:bip=" encoding="UTF-8"?> <bpp:PrivilegeList xmlns:bpp="http://digst.dk/oiosaml/basic_privilege_profile"> <PrivilegeGroup Scope="urn:prefix:0501792275"> <Privilege>urn:dk:sundhedsdatastyrelsen:idsas:read:unblurred</Privilege>urn:dk:healthcare:saml:blurring_instruction_profile:1.1" currentSalt="5kZZLNQMNIkz1Y7tCDj3GQ=="> <bip:BlurEmployeeNamesFromOrg orgType="CVR" reason="specific_for_person"> 29190925 </bip:BlurEmployeeNamesFromOrg> <bip:BlurEmployeeNamesFromOrg orgType="CVR" reason="from_related_person"> 29190941 </PrivilegeGroup>bip:BlurEmployeeNamesFromOrg> </bpp:PrivilegeList>bip:BlurringInstructions> |
Simpel afdelingssløring
Afdelingssløringer vil i mange tilfælde optræde uden tilhørende borgerspecifikke sløringerHvis sløring ønskes vil det se sådan her ud:
| Code Block | |||||||
|---|---|---|---|---|---|---|---|
| |||||||
<?xml version="1.0" encoding="UTF-8"?> <bip:BlurringInstructions xmlns:bip="urn:dk:healthcare:saml:blurring_instruction_profile:1.0" encoding="UTF-8"?> <bpp:PrivilegeList xmlns:bpp="http://digst.dk/oiosaml/basic_privilege_profile"> <PrivilegeGroup Scope="urn:prefix:0501792275"> 1" currentSalt="5kZZLNQMNIkz1Y7tCDj3GQ=="> <bip:BlurEmployeeNamesFromOrg orgType="SOR" reason="specific_department"> <!-- Retspsykiatrien Glostrup, SOR kode --> <Privilege>urn:dk:sundhedsdatastyrelsen:idsas:read:unblurred</Privilege>536331000016003 </bip:BlurEmployeeNamesFromOrg> <bip:BlurEmployeeNamesFromOrg orgType="SHAK" reason="specific_department"> <!-- Retspsykiatrien Glostrup, SHAK kode --> <Constraint Name="CVR">12345678</Constraint>1500P1V </PrivilegeGroup>bip:BlurEmployeeNamesFromOrg> </bpp:PrivilegeList>bip:BlurringInstructions> |
Kombination af specifikke sløringer og afdelingssløringer
Afdelingssløringer kombineret med borgerspecifikke sløringerDer kan være flere sløringer tilstede. Det vil f.eks. gælde ved fuldmagt, hvor både personen der har fuldmagt, samt personen som har givet fuldmagt, begge har sløring for sig:
| Code Block | ||||||||
|---|---|---|---|---|---|---|---|---|
| ||||||||
<?xml version="1.0" encoding="UTF-8"?> <bpp:PrivilegeList <bip:BlurringInstructions xmlns:bppbip="httpurn://digst.dk/oiosaml/basic_privilege_profile"> <PrivilegeGroup Scope="urn:prefix:0501792275"> <Privilege>urn:dk:sundhedsdatastyrelsen:idsas:read:unblurred</Privilege>dk:healthcare:saml:blurring_instruction_profile:1.1" currentSalt="5kZZLNQMNIkz1Y7tCDj3GQ=="> <bip:BlurEmployeeNamesFromOrg orgType="CVR" reason="specific_for_person"> <!-- Slør for alle medarbejdere i Reg. Midt, CVR kode --> <Constraint Name="CVR">12345678</Constraint>29190925 </PrivilegeGroup>bip:BlurEmployeeNamesFromOrg> <PrivilegeGroup Scope="urn:dk:healthcare:saml:actThroughProcurationBy:cprNumberIdentifier:1111111118"> <bip:BlurEmployeeNamesFromOrg orgType="SOR" reason="specific_department"> <!-- Retspsykiatrien Glostrup, SOR kode --> <Privilege>urn:dk:nspop:sts:fmk:read</Privilege>536331000016003 </PrivilegeGroup>bip:BlurEmployeeNamesFromOrg> <PrivilegeGroup Scope="urn:prefix:1111111118"> <Privilege>urn:dk:sundhedsdatastyrelsen:idsas:read:unblurred</Privilege><bip:BlurEmployeeNamesFromOrg orgType="SHAK" reason="specific_department"> <!-- Retspsykiatrien Glostrup, SHAK kode --> <Constraint Name="CVR">87654321</Constraint>1500P1V </PrivilegeGroup>bip:BlurEmployeeNamesFromOrg> </bppbip:PrivilegeList>BlurringInstructions> |