Formålet med dette dokument er at give en detaljeret beskrivelse af de konkrete services, der udbydes af STS i forbindelse med anvendelsesområdet Borgeromvekslinger.
Dokumentet henvender sig primært til udviklere, der skal i gang med at anvende de konkrete borgervekslingssnitflader udbudt af STS.
Dokumentet bygger i høj grad på den overordnede STS - Guide til anvendere, som giver et overblik over STS og leverer i denne sammenhæng et mere dybdegående teknisk beskrivelse af de services i STS, der ligger i anvendelsesområdet borgeromvekslinger.
Som beskrevet i STS - Guide til anvendere, så findes der i STS følgende services indenfor anvendelsesområdet borger:
| /sts/services/Bst2Idws | Omveksler OIO Saml bootstrap token til OIO IDWS sikkerhedsbillet rettet mod et givet audience, f.eks. FMK, Dokumentdelingsservice eller MinSpærring. Typen af bootstrap token kan enten være OIO3BST_CITIZEN, OIO2BST_CITIZEN eller OIO2BST_LEGACY. Bemærk, at bootstrap token skal være signeret af troværdig tredjepart (fx SEB IdP, NemLog-in IdP eller NemLog-in STS). |
| /sts/services/JWT2Idws | Ombytter JSON Web token (JWT) til OIO IDWS sikkerhedsbillet rettet mod et givet audience, f.eks. FMK, Dokumentdelingsservice eller MinSpærring. Bemærk, at JWT tokenet skal være signeret af troværdig tredjepart (pt. en OpenID Connect provider) |
| /sts/services/JWT2OIOSaml | Omveksler JSON Web token (JWT) til OIO Saml sikkerhedsbillet rettet mod et specifikt audience, f.eks. forløbsplaner.dk. Billetten er krypteret og er tænkt benyttet til sikker-browseropstart (SBO) Bemærk, at JWT tokenet skal være signeret af troværdig tredjepart (pt. en OpenID Connect provider) |
De to services Bst2Idws og JWT2Idws minder om hinanden i opbygning af requests, understøttede claims og valideringer. Disse beskrives derfor under et i afsnittet om claims og valideringer. JWT2OIOSaml beskrives for sig selv.
I forhold til berigelse af det udstedte IDWS token er der mulighed for at medsende følgende claims til:
Udover claims, skal der i forespørgslen angives et audience (som beskriver hvilken service det udstedte IDWS token skal bruges til). I NSP sammenhæng opereres der med følgende audiences:
Der bliver desuden valideret at borgerens alder opfylder kravet for den minimale alder der er konfigureret i STS'en for borgeromvekslinger.
I eksemplerne nedenfor vises der eksempler på vekslinger af bootstraptoken til Idws og JWT til Idws. I eksemplet med bootstraptoken er der ydermere vist eksempler på anvendelsen af claims til både CPR for den kaldende bruger samt fuldmagt.
Afhængig af miljø udstilles tjenesten på:
|
http://<sts-host>:<port>/sts/services/JWT2Idws |
http://<sts-host>:<port>/sts/services/JWT2OIOSaml |
I det følgende gives eksempler på følgende typer af requests:
Her vises eksempler på requests til servicen Bst2IDWS. Bemærk både claim 'dk:gov:saml:attribute:CprNumberIdentifier' i forhold til borgerens eget CPR nummer med claims i forhold til anden borgers CPR nummer.
Request
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512"
xmlns:wst14="http://docs.oasis-open.org/ws-sx/ws-trust/200802"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<soapenv:Header>
<wsse:Security mustUnderstand="1" wsu:Id="security">
<wsu:Timestamp wsu:Id="ts">
<wsu:Created>2023-12-28T10:57:48Z</wsu:Created>
</wsu:Timestamp>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference URI="#body">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>fCllw3Lagb/vujh2A3HIuRC8WFg=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#ts">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>IiN77aYXPnvGOCphzQ1GrEAscc0=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#messageID">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>8J2ljhLBY8bo4rMRuVW2x1/c/sQ=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#action">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>3cXAhlhZH22NiSh7AttxKxBap7Q=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
eCvtUXg+AeOiC/WMSK3/ew6M5ux79l14dZnn3Qql/Ygoxk64Rhsv0EQtpeO6n0LozT5diuH2HUOzE8TH0roqbcUnayPrRiqT0ONTCTETsWrmAQyAurrxcnofye8kUlDGSHXt72QQvnj1+1QSiMOrqeegHRa3YQV/Rd++0NIvQwdeX6HN+JHw1Tj7Y2UniUk7a7f6azyGhrv2DGj7E3a+nlHtfQWIZyAkFPniTRCgfTInBMMGi/HEevzCMt4YR9/1SEpcPWBbCnIPxqeWDy8TVMCGu2yKC/OH+q3kYDGEyhjovKYiaVXVeu2J3fZcPw1qtALrv6bxWHkI8SKQPM9yi6pz3FQwfI0PmWouBoS4BXnN35CKotpHYmswPxS3uG3Cn+gPxnGYH1TutO5wVCWYEXUrnyclj4ORXkRiGKGZxqrCcssDj3BgBCw0fZuIEQXGEsPzRPvO+t+huTmOOy9rKFljZ8i1qSsxEla+zENxxTcYDGuqpND1p9bt0gHfKg2E</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGiDCCBLygAwIBAgIUNySjAhoHGRCYk/yn3wsw3wmXBrcwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMTA0MjgxMjI1NDhaFw0yNDA0MjcxMjI1NDdaMIGeMRUwEwYDVQQDDAxGT0NFU19neWxkaWcxNzA1BgNVBAUTLlVJOkRLLU86RzoyMzU1MDEzMi01ZTFmLTRlNDMtYTVmOS0wNDhhY2Y0OWUwYjgxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDDjbGCHjgv+o1q0Q8GcHnLzHG6r4Q4vfuuWHU3Uscjgo6PC55Wj+GAsEnX7Gb8zIcM/kFv87wYR4w14dRO2lc8OO4e6sCzyIJduvu6da8yCBu6qYV708liVTvmTFFTc5O20lmRb0/MnUlyqU+IFcARhsT14M05sNznd1JF+/cfYwyDo+vCRPXa24WbY5GS2kBgnP/YDCUhmjOiDOGKMCgHj/YYvIZJq+2lfB+Lbi3vRXwJRCeI8FUOaVejFY6zDWOz14uELHhbK9Mhm3MV80PzK/MzDs2G60SMv7PGfkjjb3CHYKsDF0IJe59zumn322HAYOtaVSObSxESHhkOCUf6ZgFGoIQCGB7Q94A3UOktdPqgTmyequ+6HYQxPWbb5HxaItWvQ0qMV3jfu9VsH8Jzo+kpVoUVjpEucwmyXMLd22Iihfy6arckFHQFMYRBGB8bPuPGbk9aSlJ+AOQ+MD1foq051loLJb5Sukj3Bp+BtqrE3WAXp5xC+8pmN4szGacCAwEAAaOCAYYwggGCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAhBgNVHSAEGjAYMAgGBgQAj3oBATAMBgoqgVCBKQEBAQMHMDsGCCsGAQUFBwEDBC8wLTArBggrBgEFBQcLAjAfBgcEAIvsSQECMBSGEmh0dHBzOi8vdWlkLmdvdi5kazBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY3JsL2lzc3VpbmcuY3JsMB0GA1UdDgQWBBSQ2zoWKogKlPFYOToFjHSMufl3ZTAOBgNVHQ8BAf8EBAMCBaAwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4IBgQB9sFKk0XIi7AOVjMu5ngVK+KMqnEOe9YGuhW8PBRhaDXi1uVBTm3wpl7CCnPKjPCuJ8sUJxSsES8IZjowuGGRY8RI6Xrf9+gBihL/HHUFowPUSobUJeDiVqZyaQDxVXWRyTwF5R6lQtdX/GJJlrmgW2oEvm4SYGW512EA8DBMWXNfoR0iWGp7taNggMrRj+i3IRiqzfhtslBGA4Rd1t+SRkUJ9lu8JpS+zdQ9MOzfW1YWHeab7nK/k4LkfZTKh2762q4/ez74806OaTqf31Yg56KbPxWHNe0h18gFby0ggIAxhOMS+yAySN5CXcOMigqZt23vtgZjz+RgUVXX3cXrkJhFbhStO2Buh2xHfBT09L5lDfhpLAmC06oWT6xcoJO5EJ2bYCEAV74mwdyWNIkEc2H8AD7SLIxf56Q3MECYGPqyVU2yRKY6iDebTRt+HOeNLyWoZUTO7MXb7IQOhTpsVEZjZd0eiAEw8KbNPGNMwsWQwuf8RzVhildJ/bhPKsAY=</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
<wsa:Action wsu:Id="action">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue</wsa:Action>
<wsa:MessageID wsu:Id="messageID">urn:uuid:1cf8e82e-5741-4bb9-a831-f0f89c83578a</wsa:MessageID>
</soapenv:Header>
<soapenv:Body wsu:Id="body">
<wst:RequestSecurityToken Context="urn:uuid:cf8a55b7-9d5f-4fce-aced-7769c4ca2de2">
<wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType>
<wst:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</wst:RequestType>
<wst14:ActAs>
<saml:Assertion xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
ID="_593cdbbb-e23d-4be5-8a6d-676187e4dd9c" IssueInstant="2023-12-28T10:57:48Z"
Version="2.0" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
<saml:Issuer>https://oio3bst-issuer.dk</saml:Issuer>
<ds:Signature Id="OCESSignature">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
<ds:Reference URI="#_593cdbbb-e23d-4be5-8a6d-676187e4dd9c">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
<ds:DigestValue>gNWtK4XYXVkkTSzxwdyxuhUrvIMzD8IQwRwbzX2sgGI=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
YT3dO6StVswfqgJL39yVgSq7Kn/dEmCyXKt0fWN5niKCa2WpPNVAyfVzcXIBEYGZ7UOLlCuXkk8bELXiJwJQ2NpbbdPRYE7g1O4w91mvYl0xs3cYxXFTKDbX7xxW7gxSF0GLGWATqHYmsmo47bi2pXqKUrEF7C3mQogEo6p0ssi4n44E5mFOO6aUJcTelJK+hoUhTmLXgZ754lhzrNZ34TomKMmFsoEpERdGXDiV2uNsUChpFLOSDWLDVdeXxAZ4QoR87CAkvoutCWICw1EdbbD+HOwq9PJjOI5UuSeMtTW+Q3/oiYVEGx1w5P6zjnX3FpPuu12kOaFIgUB6qqMhT6zNSsusEgaMQjGSeW7wOwTzKHnjDakoqjuPVsMghho2tsZi5nc6NWXAi787nU7oxLn85//dhWK22UU8y/Hlc/enufs1UG+EngTTLRXt3DBQ96gJntRygSf/bz3/9Bpcw1FMrDSS2qJS2WxtOBL8IgSCE8cgW5k8WLao8OMTiKqw</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGiDCCBLygAwIBAgIUNySjAhoHGRCYk/yn3wsw3wmXBrcwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMTA0MjgxMjI1NDhaFw0yNDA0MjcxMjI1NDdaMIGeMRUwEwYDVQQDDAxGT0NFU19neWxkaWcxNzA1BgNVBAUTLlVJOkRLLU86RzoyMzU1MDEzMi01ZTFmLTRlNDMtYTVmOS0wNDhhY2Y0OWUwYjgxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDDjbGCHjgv+o1q0Q8GcHnLzHG6r4Q4vfuuWHU3Uscjgo6PC55Wj+GAsEnX7Gb8zIcM/kFv87wYR4w14dRO2lc8OO4e6sCzyIJduvu6da8yCBu6qYV708liVTvmTFFTc5O20lmRb0/MnUlyqU+IFcARhsT14M05sNznd1JF+/cfYwyDo+vCRPXa24WbY5GS2kBgnP/YDCUhmjOiDOGKMCgHj/YYvIZJq+2lfB+Lbi3vRXwJRCeI8FUOaVejFY6zDWOz14uELHhbK9Mhm3MV80PzK/MzDs2G60SMv7PGfkjjb3CHYKsDF0IJe59zumn322HAYOtaVSObSxESHhkOCUf6ZgFGoIQCGB7Q94A3UOktdPqgTmyequ+6HYQxPWbb5HxaItWvQ0qMV3jfu9VsH8Jzo+kpVoUVjpEucwmyXMLd22Iihfy6arckFHQFMYRBGB8bPuPGbk9aSlJ+AOQ+MD1foq051loLJb5Sukj3Bp+BtqrE3WAXp5xC+8pmN4szGacCAwEAAaOCAYYwggGCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAhBgNVHSAEGjAYMAgGBgQAj3oBATAMBgoqgVCBKQEBAQMHMDsGCCsGAQUFBwEDBC8wLTArBggrBgEFBQcLAjAfBgcEAIvsSQECMBSGEmh0dHBzOi8vdWlkLmdvdi5kazBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY3JsL2lzc3VpbmcuY3JsMB0GA1UdDgQWBBSQ2zoWKogKlPFYOToFjHSMufl3ZTAOBgNVHQ8BAf8EBAMCBaAwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4IBgQB9sFKk0XIi7AOVjMu5ngVK+KMqnEOe9YGuhW8PBRhaDXi1uVBTm3wpl7CCnPKjPCuJ8sUJxSsES8IZjowuGGRY8RI6Xrf9+gBihL/HHUFowPUSobUJeDiVqZyaQDxVXWRyTwF5R6lQtdX/GJJlrmgW2oEvm4SYGW512EA8DBMWXNfoR0iWGp7taNggMrRj+i3IRiqzfhtslBGA4Rd1t+SRkUJ9lu8JpS+zdQ9MOzfW1YWHeab7nK/k4LkfZTKh2762q4/ez74806OaTqf31Yg56KbPxWHNe0h18gFby0ggIAxhOMS+yAySN5CXcOMigqZt23vtgZjz+RgUVXX3cXrkJhFbhStO2Buh2xHfBT09L5lDfhpLAmC06oWT6xcoJO5EJ2bYCEAV74mwdyWNIkEc2H8AD7SLIxf56Q3MECYGPqyVU2yRKY6iDebTRt+HOeNLyWoZUTO7MXb7IQOhTpsVEZjZd0eiAEw8KbNPGNMwsWQwuf8RzVhildJ/bhPKsAY=</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
<saml:Subject>
<saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">
dk:gov:saml:attribute:CprNumberIdentifier:0501792275</saml:NameID>
<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:holder-of-key">
<saml:SubjectConfirmationData xsi:type="saml:KeyInfoConfirmationDataType">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGiDCCBLygAwIBAgIUNySjAhoHGRCYk/yn3wsw3wmXBrcwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMTA0MjgxMjI1NDhaFw0yNDA0MjcxMjI1NDdaMIGeMRUwEwYDVQQDDAxGT0NFU19neWxkaWcxNzA1BgNVBAUTLlVJOkRLLU86RzoyMzU1MDEzMi01ZTFmLTRlNDMtYTVmOS0wNDhhY2Y0OWUwYjgxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDDjbGCHjgv+o1q0Q8GcHnLzHG6r4Q4vfuuWHU3Uscjgo6PC55Wj+GAsEnX7Gb8zIcM/kFv87wYR4w14dRO2lc8OO4e6sCzyIJduvu6da8yCBu6qYV708liVTvmTFFTc5O20lmRb0/MnUlyqU+IFcARhsT14M05sNznd1JF+/cfYwyDo+vCRPXa24WbY5GS2kBgnP/YDCUhmjOiDOGKMCgHj/YYvIZJq+2lfB+Lbi3vRXwJRCeI8FUOaVejFY6zDWOz14uELHhbK9Mhm3MV80PzK/MzDs2G60SMv7PGfkjjb3CHYKsDF0IJe59zumn322HAYOtaVSObSxESHhkOCUf6ZgFGoIQCGB7Q94A3UOktdPqgTmyequ+6HYQxPWbb5HxaItWvQ0qMV3jfu9VsH8Jzo+kpVoUVjpEucwmyXMLd22Iihfy6arckFHQFMYRBGB8bPuPGbk9aSlJ+AOQ+MD1foq051loLJb5Sukj3Bp+BtqrE3WAXp5xC+8pmN4szGacCAwEAAaOCAYYwggGCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAhBgNVHSAEGjAYMAgGBgQAj3oBATAMBgoqgVCBKQEBAQMHMDsGCCsGAQUFBwEDBC8wLTArBggrBgEFBQcLAjAfBgcEAIvsSQECMBSGEmh0dHBzOi8vdWlkLmdvdi5kazBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY3JsL2lzc3VpbmcuY3JsMB0GA1UdDgQWBBSQ2zoWKogKlPFYOToFjHSMufl3ZTAOBgNVHQ8BAf8EBAMCBaAwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4IBgQB9sFKk0XIi7AOVjMu5ngVK+KMqnEOe9YGuhW8PBRhaDXi1uVBTm3wpl7CCnPKjPCuJ8sUJxSsES8IZjowuGGRY8RI6Xrf9+gBihL/HHUFowPUSobUJeDiVqZyaQDxVXWRyTwF5R6lQtdX/GJJlrmgW2oEvm4SYGW512EA8DBMWXNfoR0iWGp7taNggMrRj+i3IRiqzfhtslBGA4Rd1t+SRkUJ9lu8JpS+zdQ9MOzfW1YWHeab7nK/k4LkfZTKh2762q4/ez74806OaTqf31Yg56KbPxWHNe0h18gFby0ggIAxhOMS+yAySN5CXcOMigqZt23vtgZjz+RgUVXX3cXrkJhFbhStO2Buh2xHfBT09L5lDfhpLAmC06oWT6xcoJO5EJ2bYCEAV74mwdyWNIkEc2H8AD7SLIxf56Q3MECYGPqyVU2yRKY6iDebTRt+HOeNLyWoZUTO7MXb7IQOhTpsVEZjZd0eiAEw8KbNPGNMwsWQwuf8RzVhildJ/bhPKsAY=</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</saml:SubjectConfirmationData>
</saml:SubjectConfirmation>
</saml:Subject>
<saml:Conditions NotOnOrAfter="2023-12-28T12:57:48Z">
<saml:AudienceRestriction>
<saml:Audience>http://audience/clear</saml:Audience>
</saml:AudienceRestriction>
</saml:Conditions>
<saml:AttributeStatement>
<saml:Attribute Name="https://data.gov.dk/model/core/specVersion"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml:AttributeValue xsi:type="xs:string">OIO-SAML-3.0</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="https://data.gov.dk/concept/core/nsis/loa"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml:AttributeValue xsi:type="xs:string">Substantial</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="https://data.gov.dk/model/core/eid/cprNumber"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml:AttributeValue xsi:type="xs:string">0501792275</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>
</saml:Assertion>
</wst14:ActAs>
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>http://audience/clear</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wst:Claims Dialect="http://docs.oasis-open.org/wsfed/authorization/200706/authclaims">
<auth:ClaimType Uri="dk:gov:saml:attribute:CprNumberIdentifier">
<auth:Value>0501792275</auth:Value>
</auth:ClaimType>
</wst:Claims>
</wst:RequestSecurityToken>
</soapenv:Body>
</soapenv:Envelope> |
Svar fra STS
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<soapenv:Header>
<wsse:Security mustUnderstand="1" wsu:Id="security">
<wsu:Timestamp wsu:Id="ts">
<wsu:Created>2023-01-17T10:01:42Z</wsu:Created>
</wsu:Timestamp>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#body">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>Dd3Fopf+KztciG0Ov2fyIFYV3bI=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#ts">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>QcufgSZuMyIqGDQRgzo2qhV9bPQ=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#messageID">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>nu4c0NaE3eq9OGITv84JBSas6KE=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#relatesTo">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>9UwERB5xBRhppAfnRukLWgcivl0=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#action">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>3cXAhlhZH22NiSh7AttxKxBap7Q=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>jxKRTZ71YH+mfL4K5DyJy9Knvq12VmyklrREWzIUkiKPzbyvjyK2nXL152Sv3BY7/se+3aepmAhBGiQ7v+DHOjhCRDsGQZvs7J19tvSxLEYrdpVZdz93ZF0p5mKT9+Oqrx/nHSrcMkaBqf6/yWSoRivoJgRAJstJRfrjecNobYLowibqJJhLiGUYfucK3rde8FBTazzKwEjWdjrwCdJ3XeJanbRRY7L0z2NQahlt3HlSnT+3m0VJOBRL6dpKdOIlCi/pGcxkiXVZFXGQJhJpyaR8+QWj2Cs1rc/4/KrrGGdZX292s4UEnXsEaVcFKcvbb4Ggb4JZ1WATM9DeLABB2A==</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>MIIGRzCCBS+gAwIBAgIEX51MYTANBgkqhkiG9w0BAQsFADBJMQswCQYDVQQGEwJESzESMBAGA1UECgwJVFJVU1QyNDA4MSYwJAYDVQQDDB1UUlVTVDI0MDggU3lzdGVtdGVzdCBYWFhJViBDQTAeFw0yMTA4MTYwNjQ4MjJaFw0yNDA4MTYwNjQ3MjNaMIGOMQswCQYDVQQGEwJESzEvMC0GA1UECgwmU3RhdGVucyBTZXJ1bSBJbnN0aXR1dCAvLyBDVlI6NDY4Mzc0MjgxTjAgBgNVBAUTGUNWUjo0NjgzNzQyOC1VSUQ6Mjc5MTAxMzUwKgYDVQQDDCNTdGF0ZW5zIFNlcnVtIEluc3RpdHV0IC0gVGVzdCBWT0NFUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKo3h9gnQBKbiJriTMg/QLuuJFNONeRl9F8T9RE+HEOdBhhb64afks3ztVjXQ15r8KNu0YwBkOVFOe0wz7w0uT7OSFxf5Zejl1BO7VxIkcYEfq5GjryNcHb50sB7G2CisfKtdN5DRSShJyQXgZ3cflVazP+ZrYfi9gy79GBVYi3mTxN4yJtSOkKIMh8knGiBgHVqS3fkOO+K5dmV9qImFYQvCpSf8XgN96d5+mTvuZ2Yu+8GaFCSU93CxlnfODkqAWkATYnV0I6hd9l7qrGjIT0flDaVm2ruJwKEW+CkeaG9W9yDYBNLNw6WqioUckslMkVUwSUD6rQ8MLrvxfmQ+WsCAwEAAaOCAu8wggLrMA4GA1UdDwEB/wQEAwIDuDCBlwYIKwYBBQUHAQEEgYowgYcwPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3Jlc3BvbmRlcjBHBggrBgEFBQcwAoY7aHR0cDovL3YuYWlhLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3N5c3RlbXRlc3QzNC1jYS5jZXIwggEgBgNVHSAEggEXMIIBEzCCAQ8GDSsGAQQBgfRRAgQGAwUwgf0wLwYIKwYBBQUHAgEWI2h0dHA6Ly93d3cudHJ1c3QyNDA4LmNvbS9yZXBvc2l0b3J5MIHJBggrBgEFBQcCAjCBvDAMFgVEYW5JRDADAgEBGoGrRGFuSUQgdGVzdCBjZXJ0aWZpa2F0ZXIgZnJhIGRlbm5lIENBIHVkc3RlZGVzIHVuZGVyIE9JRCAxLjMuNi4xLjQuMS4zMTMxMy4yLjQuNi4zLjUuIERhbklEIHRlc3QgY2VydGlmaWNhdGVzIGZyb20gdGhpcyBDQSBhcmUgaXNzdWVkIHVuZGVyIE9JRCAxLjMuNi4xLjQuMS4zMTMxMy4yLjQuNi4zLjUuMCAGA1UdEQQZMBeBFXRlc3RjZXJ0aWZpa2F0QHNzaS5kazCBrQYDVR0fBIGlMIGiMDygOqA4hjZodHRwOi8vY3JsLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3N5c3RlbXRlc3QzNC5jcmwwYqBgoF6kXDBaMQswCQYDVQQGEwJESzESMBAGA1UECgwJVFJVU1QyNDA4MSYwJAYDVQQDDB1UUlVTVDI0MDggU3lzdGVtdGVzdCBYWFhJViBDQTEPMA0GA1UEAwwGQ1JMMTk1MB8GA1UdIwQYMBaAFM1saJc5chmkNatk6vQRo4GH+Gk7MB0GA1UdDgQWBBTXaIm8KGHSJc24Q3sCwFiMXb5M3jAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQCA26TOPUHHxffo7ajqZkZhNfDZzBl8XlcgQPbhrAZINCKD/cKesZGnJwElGHtexRfyUh073kkww1wP2EmZf+9m5Kry73hHKyUkawtO1/R2ib04OKpIZd8M3F9YfyOusZVxuTcYYty20xEfJO8HygzXNIrFFA1qorrMjuxiXZRnUDhjzUFVDAu/Rgt8cIR3pTvU1KizLBRUC6Q+8itJizvwMHVB+tRdENbUw+ElkXbLpFt+pc+C5wDFkVudv5B/46jU/ceGNdcmkvUt6F/ey3Uc3Pc30JzpYc4KDHKc6wOttYCNtxWAnpvhOS5HUuV6GpWVww28x3Ykhv0rfYXlZo4W</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
<wsa:Action wsu:Id="action">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue</wsa:Action>
<wsa:MessageID wsu:Id="messageID">urn:uuid:886d0eb8-d70b-43fa-97ce-8d814342f306</wsa:MessageID>
<wsa:RelatesTo wsu:Id="relatesTo">urn:uuid:ebc3c28e-1fb4-48f3-8d70-ba71b778e12c</wsa:RelatesTo>
</soapenv:Header>
<soapenv:Body wsu:Id="body">
<wst:RequestSecurityTokenResponseCollection>
<wst:RequestSecurityTokenResponse Context="urn:uuid:bc96d4e7-3427-46f8-a349-1dc33429f4f1">
<wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType>
<wst:RequestedSecurityToken>
<saml:Assertion xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="_3fb99f0a-4da0-4157-accd-789b1ac78e14" IssueInstant="2023-01-17T10:01:42Z" Version="2.0" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
<saml:Issuer>TESTSTS</saml:Issuer>
<ds:Signature Id="OCESSignature">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#_3fb99f0a-4da0-4157-accd-789b1ac78e14">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>kJE9hhP9+/xweTiQukBiZipAjhQ=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>UcLkNItCKooUYVERRLUkeJvkPKXa5XGyim8/QY3bz20LsgO2J2FNUwREsLLk79cB0V7DZsB3MDulLBXiApYglI/ZPsX0lnr40fKFHBS8AOUrKidMVKbWVzQLqzIduwrgcIZCx2iwkuvXxlocuPlRmlochjAOCpNF6X/ZCaMOZTI8cnVrRptzsesXhhz+Hkuj/snUmzOT6sqPXq9RcqYkKD+ucHBnn7u0altrvng7mKzshNjd73Djrn7Edsj/J2Z69P9NYSv+32Ai7Uxe3d9G9vkqjjRg6Zh7bKm4cT//tjF8Zbq+F8hbdF1vM/t0iqCLln3OaMsRVJ0jZhLvN99HJg==</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>MIIGRzCCBS+gAwIBAgIEX51MYTANBgkqhkiG9w0BAQsFADBJMQswCQYDVQQGEwJESzESMBAGA1UECgwJVFJVU1QyNDA4MSYwJAYDVQQDDB1UUlVTVDI0MDggU3lzdGVtdGVzdCBYWFhJViBDQTAeFw0yMTA4MTYwNjQ4MjJaFw0yNDA4MTYwNjQ3MjNaMIGOMQswCQYDVQQGEwJESzEvMC0GA1UECgwmU3RhdGVucyBTZXJ1bSBJbnN0aXR1dCAvLyBDVlI6NDY4Mzc0MjgxTjAgBgNVBAUTGUNWUjo0NjgzNzQyOC1VSUQ6Mjc5MTAxMzUwKgYDVQQDDCNTdGF0ZW5zIFNlcnVtIEluc3RpdHV0IC0gVGVzdCBWT0NFUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKo3h9gnQBKbiJriTMg/QLuuJFNONeRl9F8T9RE+HEOdBhhb64afks3ztVjXQ15r8KNu0YwBkOVFOe0wz7w0uT7OSFxf5Zejl1BO7VxIkcYEfq5GjryNcHb50sB7G2CisfKtdN5DRSShJyQXgZ3cflVazP+ZrYfi9gy79GBVYi3mTxN4yJtSOkKIMh8knGiBgHVqS3fkOO+K5dmV9qImFYQvCpSf8XgN96d5+mTvuZ2Yu+8GaFCSU93CxlnfODkqAWkATYnV0I6hd9l7qrGjIT0flDaVm2ruJwKEW+CkeaG9W9yDYBNLNw6WqioUckslMkVUwSUD6rQ8MLrvxfmQ+WsCAwEAAaOCAu8wggLrMA4GA1UdDwEB/wQEAwIDuDCBlwYIKwYBBQUHAQEEgYowgYcwPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3Jlc3BvbmRlcjBHBggrBgEFBQcwAoY7aHR0cDovL3YuYWlhLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3N5c3RlbXRlc3QzNC1jYS5jZXIwggEgBgNVHSAEggEXMIIBEzCCAQ8GDSsGAQQBgfRRAgQGAwUwgf0wLwYIKwYBBQUHAgEWI2h0dHA6Ly93d3cudHJ1c3QyNDA4LmNvbS9yZXBvc2l0b3J5MIHJBggrBgEFBQcCAjCBvDAMFgVEYW5JRDADAgEBGoGrRGFuSUQgdGVzdCBjZXJ0aWZpa2F0ZXIgZnJhIGRlbm5lIENBIHVkc3RlZGVzIHVuZGVyIE9JRCAxLjMuNi4xLjQuMS4zMTMxMy4yLjQuNi4zLjUuIERhbklEIHRlc3QgY2VydGlmaWNhdGVzIGZyb20gdGhpcyBDQSBhcmUgaXNzdWVkIHVuZGVyIE9JRCAxLjMuNi4xLjQuMS4zMTMxMy4yLjQuNi4zLjUuMCAGA1UdEQQZMBeBFXRlc3RjZXJ0aWZpa2F0QHNzaS5kazCBrQYDVR0fBIGlMIGiMDygOqA4hjZodHRwOi8vY3JsLnN5c3RlbXRlc3QzNC50cnVzdDI0MDguY29tL3N5c3RlbXRlc3QzNC5jcmwwYqBgoF6kXDBaMQswCQYDVQQGEwJESzESMBAGA1UECgwJVFJVU1QyNDA4MSYwJAYDVQQDDB1UUlVTVDI0MDggU3lzdGVtdGVzdCBYWFhJViBDQTEPMA0GA1UEAwwGQ1JMMTk1MB8GA1UdIwQYMBaAFM1saJc5chmkNatk6vQRo4GH+Gk7MB0GA1UdDgQWBBTXaIm8KGHSJc24Q3sCwFiMXb5M3jAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQCA26TOPUHHxffo7ajqZkZhNfDZzBl8XlcgQPbhrAZINCKD/cKesZGnJwElGHtexRfyUh073kkww1wP2EmZf+9m5Kry73hHKyUkawtO1/R2ib04OKpIZd8M3F9YfyOusZVxuTcYYty20xEfJO8HygzXNIrFFA1qorrMjuxiXZRnUDhjzUFVDAu/Rgt8cIR3pTvU1KizLBRUC6Q+8itJizvwMHVB+tRdENbUw+ElkXbLpFt+pc+C5wDFkVudv5B/46jU/ceGNdcmkvUt6F/ey3Uc3Pc30JzpYc4KDHKc6wOttYCNtxWAnpvhOS5HUuV6GpWVww28x3Ykhv0rfYXlZo4W</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
<saml:Subject>
<saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">dk:gov:saml:attribute:CprNumberIdentifier:0501792275</saml:NameID>
<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:holder-of-key">
<saml:SubjectConfirmationData NotOnOrAfter="2023-01-17T10:06:42Z" Recipient="http://audience/clear">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>MIIGiDCCBLygAwIBAgIUNySjAhoHGRCYk/yn3wsw3wmXBrcwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMTA0MjgxMjI1NDhaFw0yNDA0MjcxMjI1NDdaMIGeMRUwEwYDVQQDDAxGT0NFU19neWxkaWcxNzA1BgNVBAUTLlVJOkRLLU86RzoyMzU1MDEzMi01ZTFmLTRlNDMtYTVmOS0wNDhhY2Y0OWUwYjgxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDDjbGCHjgv+o1q0Q8GcHnLzHG6r4Q4vfuuWHU3Uscjgo6PC55Wj+GAsEnX7Gb8zIcM/kFv87wYR4w14dRO2lc8OO4e6sCzyIJduvu6da8yCBu6qYV708liVTvmTFFTc5O20lmRb0/MnUlyqU+IFcARhsT14M05sNznd1JF+/cfYwyDo+vCRPXa24WbY5GS2kBgnP/YDCUhmjOiDOGKMCgHj/YYvIZJq+2lfB+Lbi3vRXwJRCeI8FUOaVejFY6zDWOz14uELHhbK9Mhm3MV80PzK/MzDs2G60SMv7PGfkjjb3CHYKsDF0IJe59zumn322HAYOtaVSObSxESHhkOCUf6ZgFGoIQCGB7Q94A3UOktdPqgTmyequ+6HYQxPWbb5HxaItWvQ0qMV3jfu9VsH8Jzo+kpVoUVjpEucwmyXMLd22Iihfy6arckFHQFMYRBGB8bPuPGbk9aSlJ+AOQ+MD1foq051loLJb5Sukj3Bp+BtqrE3WAXp5xC+8pmN4szGacCAwEAAaOCAYYwggGCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAhBgNVHSAEGjAYMAgGBgQAj3oBATAMBgoqgVCBKQEBAQMHMDsGCCsGAQUFBwEDBC8wLTArBggrBgEFBQcLAjAfBgcEAIvsSQECMBSGEmh0dHBzOi8vdWlkLmdvdi5kazBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY3JsL2lzc3VpbmcuY3JsMB0GA1UdDgQWBBSQ2zoWKogKlPFYOToFjHSMufl3ZTAOBgNVHQ8BAf8EBAMCBaAwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4IBgQB9sFKk0XIi7AOVjMu5ngVK+KMqnEOe9YGuhW8PBRhaDXi1uVBTm3wpl7CCnPKjPCuJ8sUJxSsES8IZjowuGGRY8RI6Xrf9+gBihL/HHUFowPUSobUJeDiVqZyaQDxVXWRyTwF5R6lQtdX/GJJlrmgW2oEvm4SYGW512EA8DBMWXNfoR0iWGp7taNggMrRj+i3IRiqzfhtslBGA4Rd1t+SRkUJ9lu8JpS+zdQ9MOzfW1YWHeab7nK/k4LkfZTKh2762q4/ez74806OaTqf31Yg56KbPxWHNe0h18gFby0ggIAxhOMS+yAySN5CXcOMigqZt23vtgZjz+RgUVXX3cXrkJhFbhStO2Buh2xHfBT09L5lDfhpLAmC06oWT6xcoJO5EJ2bYCEAV74mwdyWNIkEc2H8AD7SLIxf56Q3MECYGPqyVU2yRKY6iDebTRt+HOeNLyWoZUTO7MXb7IQOhTpsVEZjZd0eiAEw8KbNPGNMwsWQwuf8RzVhildJ/bhPKsAY=</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</saml:SubjectConfirmationData>
</saml:SubjectConfirmation>
</saml:Subject>
<saml:Conditions NotBefore="2023-01-17T09:56:42Z" NotOnOrAfter="2023-01-17T10:06:42Z">
<saml:AudienceRestriction>
<saml:Audience>http://audience/clear</saml:Audience>
</saml:AudienceRestriction>
</saml:Conditions>
<saml:AttributeStatement>
<saml:Attribute Name="dk:gov:saml:attribute:SpecVer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">DK-SAML-2.0</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="dk:gov:saml:attribute:AssuranceLevel" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">3</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="dk:gov:saml:attribute:CprNumberIdentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">0501792275</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>
</saml:Assertion>
</wst:RequestedSecurityToken>
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>http://audience/clear</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wst:Lifetime>
<wsu:Created>2023-01-17T09:56:42Z</wsu:Created>
<wsu:Expires>2023-01-17T10:06:42Z</wsu:Expires>
</wst:Lifetime>
</wst:RequestSecurityTokenResponse>
</wst:RequestSecurityTokenResponseCollection>
</soapenv:Body>
</soapenv:Envelope> |
Request
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512"
xmlns:wst14="http://docs.oasis-open.org/ws-sx/ws-trust/200802"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<soapenv:Header>
<wsse:Security mustUnderstand="1" wsu:Id="security">
<wsu:Timestamp wsu:Id="ts">
<wsu:Created>2024-02-23T09:20:36Z</wsu:Created>
</wsu:Timestamp>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference URI="#body">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>K6NblQLm29GnlaOTpaoqPbtcLHg=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#ts">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>/OQpEg3nog5DimJhhsBbCmCYrnU=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#messageID">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>0EpRuLcuAoWm8+cuLdJGMBkBWVo=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#action">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>3cXAhlhZH22NiSh7AttxKxBap7Q=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
YUhbJ+uMu87Tj7TP1PYSflr1fTVUrf5ao6C5t+wtt06y9hn4QDtAovzPG3QAS7Cx79chxFcwKHWfGB2eBsKmj3VRr69d9C9JN62kpOSXDhdqKPcZETMvGU0iw1n29oI1JoR8UW55glppoRU07sGkssut1mm42PWg0P3xjXbUYofD0VMznHDLXF2iGtBv1vjXHXuin5UXYy1zL/SXl8Hvl9WWN1Cxg46VEGhvFcRRvoHknzDrWYJMbvVyVqzbRRTYDOUSaY+ECsGK/Gxn8NcVjbuHXa9kcs87h5GKHc+8wnV5dorDVo+SikpIuOrMPNwzW85Y8e2O68vK8NLa2SyrP2NaYFi50KoXluUOePGla8IFX1PxdVBCQLg+twFAosV3Ta1Ma7Ssdj/dSINs/lU9tcBvsNvnNPIxZVVBUZvMZ3K39AwoUDChSFZuv7o1FWHCXdJkI+3NZepFG2QL8ah3k4tq58MSFAAE8IW48F0thxyzjVxVvCRysD6J0hdo6JgD</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGiDCCBLygAwIBAgIUNySjAhoHGRCYk/yn3wsw3wmXBrcwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMTA0MjgxMjI1NDhaFw0yNDA0MjcxMjI1NDdaMIGeMRUwEwYDVQQDDAxGT0NFU19neWxkaWcxNzA1BgNVBAUTLlVJOkRLLU86RzoyMzU1MDEzMi01ZTFmLTRlNDMtYTVmOS0wNDhhY2Y0OWUwYjgxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDDjbGCHjgv+o1q0Q8GcHnLzHG6r4Q4vfuuWHU3Uscjgo6PC55Wj+GAsEnX7Gb8zIcM/kFv87wYR4w14dRO2lc8OO4e6sCzyIJduvu6da8yCBu6qYV708liVTvmTFFTc5O20lmRb0/MnUlyqU+IFcARhsT14M05sNznd1JF+/cfYwyDo+vCRPXa24WbY5GS2kBgnP/YDCUhmjOiDOGKMCgHj/YYvIZJq+2lfB+Lbi3vRXwJRCeI8FUOaVejFY6zDWOz14uELHhbK9Mhm3MV80PzK/MzDs2G60SMv7PGfkjjb3CHYKsDF0IJe59zumn322HAYOtaVSObSxESHhkOCUf6ZgFGoIQCGB7Q94A3UOktdPqgTmyequ+6HYQxPWbb5HxaItWvQ0qMV3jfu9VsH8Jzo+kpVoUVjpEucwmyXMLd22Iihfy6arckFHQFMYRBGB8bPuPGbk9aSlJ+AOQ+MD1foq051loLJb5Sukj3Bp+BtqrE3WAXp5xC+8pmN4szGacCAwEAAaOCAYYwggGCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAhBgNVHSAEGjAYMAgGBgQAj3oBATAMBgoqgVCBKQEBAQMHMDsGCCsGAQUFBwEDBC8wLTArBggrBgEFBQcLAjAfBgcEAIvsSQECMBSGEmh0dHBzOi8vdWlkLmdvdi5kazBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY3JsL2lzc3VpbmcuY3JsMB0GA1UdDgQWBBSQ2zoWKogKlPFYOToFjHSMufl3ZTAOBgNVHQ8BAf8EBAMCBaAwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4IBgQB9sFKk0XIi7AOVjMu5ngVK+KMqnEOe9YGuhW8PBRhaDXi1uVBTm3wpl7CCnPKjPCuJ8sUJxSsES8IZjowuGGRY8RI6Xrf9+gBihL/HHUFowPUSobUJeDiVqZyaQDxVXWRyTwF5R6lQtdX/GJJlrmgW2oEvm4SYGW512EA8DBMWXNfoR0iWGp7taNggMrRj+i3IRiqzfhtslBGA4Rd1t+SRkUJ9lu8JpS+zdQ9MOzfW1YWHeab7nK/k4LkfZTKh2762q4/ez74806OaTqf31Yg56KbPxWHNe0h18gFby0ggIAxhOMS+yAySN5CXcOMigqZt23vtgZjz+RgUVXX3cXrkJhFbhStO2Buh2xHfBT09L5lDfhpLAmC06oWT6xcoJO5EJ2bYCEAV74mwdyWNIkEc2H8AD7SLIxf56Q3MECYGPqyVU2yRKY6iDebTRt+HOeNLyWoZUTO7MXb7IQOhTpsVEZjZd0eiAEw8KbNPGNMwsWQwuf8RzVhildJ/bhPKsAY=</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
<wsa:Action wsu:Id="action">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue</wsa:Action>
<wsa:MessageID wsu:Id="messageID">urn:uuid:8f55fcc0-6939-4a08-a6f7-35dfe686573e</wsa:MessageID>
</soapenv:Header>
<soapenv:Body wsu:Id="body">
<wst:RequestSecurityToken Context="urn:uuid:edd62a55-4408-45ca-8dc5-b215d49c9797">
<wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType>
<wst:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</wst:RequestType>
<wst14:ActAs>
<saml:Assertion xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
ID="_247b7481-a132-491b-aab9-187bdb90383c" IssueInstant="2024-02-23T09:20:36Z"
Version="2.0" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
<saml:Issuer>https://oio2bst-issuer.dk</saml:Issuer>
<ds:Signature Id="OCESSignature">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod
Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
<ds:Reference URI="#_247b7481-a132-491b-aab9-187bdb90383c">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
<ds:DigestValue>KeyC0zlzgeHD5vDYBaivdYgfKi/2cnhpW31VXUoV65k=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
Tr5Puq+s+4X1SHRTjK4od5/lQN2qhhz6TpSKxR4jbsZOtP/ngPdi2uR/i9XVjyWanBCgsd+FYsX9qeyHXw4fwlcOTTw6NWYxzTJhM+QNHhZcr9+nzgAy3uX3etqIiF6CTSQn52ZSFtVyKJzXzi3yNsaHR6HCJO4O2e8qSXyONsFlbsoVz/BBxze/uAKmwZG/5EsrWGJMQRjBd6Ik8vQ1WN/2yFPxGqAbsh7l0oEQqT8e/St/CuP4pLzvRMkRvQ9VuL9jaUAbtNDh2uFNWqy//l6t2EmRLB1yNdpFnThOkV66kx9F4yC9VPYcfkaB/dr+WbAGmMILuu+d14RvZPw5fe9eommtxRqT4ALH3JTKQDoXAkunXAEiAXtQEa+0IHip0Jwg6KzSZSNTxy+e1qh+aA57+QCZLzm7I5tkS1jUxT2AsaYP6iYnspRohTiiKM0AGfcXzW8dilriQX8W92fqEqCzpkZ0eNbnTCNvj9SP6+fq5BRraHKccb/VDRkVscmu</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGiDCCBLygAwIBAgIUNySjAhoHGRCYk/yn3wsw3wmXBrcwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMTA0MjgxMjI1NDhaFw0yNDA0MjcxMjI1NDdaMIGeMRUwEwYDVQQDDAxGT0NFU19neWxkaWcxNzA1BgNVBAUTLlVJOkRLLU86RzoyMzU1MDEzMi01ZTFmLTRlNDMtYTVmOS0wNDhhY2Y0OWUwYjgxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDDjbGCHjgv+o1q0Q8GcHnLzHG6r4Q4vfuuWHU3Uscjgo6PC55Wj+GAsEnX7Gb8zIcM/kFv87wYR4w14dRO2lc8OO4e6sCzyIJduvu6da8yCBu6qYV708liVTvmTFFTc5O20lmRb0/MnUlyqU+IFcARhsT14M05sNznd1JF+/cfYwyDo+vCRPXa24WbY5GS2kBgnP/YDCUhmjOiDOGKMCgHj/YYvIZJq+2lfB+Lbi3vRXwJRCeI8FUOaVejFY6zDWOz14uELHhbK9Mhm3MV80PzK/MzDs2G60SMv7PGfkjjb3CHYKsDF0IJe59zumn322HAYOtaVSObSxESHhkOCUf6ZgFGoIQCGB7Q94A3UOktdPqgTmyequ+6HYQxPWbb5HxaItWvQ0qMV3jfu9VsH8Jzo+kpVoUVjpEucwmyXMLd22Iihfy6arckFHQFMYRBGB8bPuPGbk9aSlJ+AOQ+MD1foq051loLJb5Sukj3Bp+BtqrE3WAXp5xC+8pmN4szGacCAwEAAaOCAYYwggGCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAhBgNVHSAEGjAYMAgGBgQAj3oBATAMBgoqgVCBKQEBAQMHMDsGCCsGAQUFBwEDBC8wLTArBggrBgEFBQcLAjAfBgcEAIvsSQECMBSGEmh0dHBzOi8vdWlkLmdvdi5kazBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY3JsL2lzc3VpbmcuY3JsMB0GA1UdDgQWBBSQ2zoWKogKlPFYOToFjHSMufl3ZTAOBgNVHQ8BAf8EBAMCBaAwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4IBgQB9sFKk0XIi7AOVjMu5ngVK+KMqnEOe9YGuhW8PBRhaDXi1uVBTm3wpl7CCnPKjPCuJ8sUJxSsES8IZjowuGGRY8RI6Xrf9+gBihL/HHUFowPUSobUJeDiVqZyaQDxVXWRyTwF5R6lQtdX/GJJlrmgW2oEvm4SYGW512EA8DBMWXNfoR0iWGp7taNggMrRj+i3IRiqzfhtslBGA4Rd1t+SRkUJ9lu8JpS+zdQ9MOzfW1YWHeab7nK/k4LkfZTKh2762q4/ez74806OaTqf31Yg56KbPxWHNe0h18gFby0ggIAxhOMS+yAySN5CXcOMigqZt23vtgZjz+RgUVXX3cXrkJhFbhStO2Buh2xHfBT09L5lDfhpLAmC06oWT6xcoJO5EJ2bYCEAV74mwdyWNIkEc2H8AD7SLIxf56Q3MECYGPqyVU2yRKY6iDebTRt+HOeNLyWoZUTO7MXb7IQOhTpsVEZjZd0eiAEw8KbNPGNMwsWQwuf8RzVhildJ/bhPKsAY=</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
<saml:Subject>
<saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">
dk:gov:saml:attribute:CprNumberIdentifier:0501792275</saml:NameID>
<saml:SubjectConfirmation
Method="urn:oasis:names:tc:SAML:2.0:cm:holder-of-key">
<saml:SubjectConfirmationData
xsi:type="saml:KeyInfoConfirmationDataType">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGiDCCBLygAwIBAgIUNySjAhoHGRCYk/yn3wsw3wmXBrcwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMTA0MjgxMjI1NDhaFw0yNDA0MjcxMjI1NDdaMIGeMRUwEwYDVQQDDAxGT0NFU19neWxkaWcxNzA1BgNVBAUTLlVJOkRLLU86RzoyMzU1MDEzMi01ZTFmLTRlNDMtYTVmOS0wNDhhY2Y0OWUwYjgxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDDjbGCHjgv+o1q0Q8GcHnLzHG6r4Q4vfuuWHU3Uscjgo6PC55Wj+GAsEnX7Gb8zIcM/kFv87wYR4w14dRO2lc8OO4e6sCzyIJduvu6da8yCBu6qYV708liVTvmTFFTc5O20lmRb0/MnUlyqU+IFcARhsT14M05sNznd1JF+/cfYwyDo+vCRPXa24WbY5GS2kBgnP/YDCUhmjOiDOGKMCgHj/YYvIZJq+2lfB+Lbi3vRXwJRCeI8FUOaVejFY6zDWOz14uELHhbK9Mhm3MV80PzK/MzDs2G60SMv7PGfkjjb3CHYKsDF0IJe59zumn322HAYOtaVSObSxESHhkOCUf6ZgFGoIQCGB7Q94A3UOktdPqgTmyequ+6HYQxPWbb5HxaItWvQ0qMV3jfu9VsH8Jzo+kpVoUVjpEucwmyXMLd22Iihfy6arckFHQFMYRBGB8bPuPGbk9aSlJ+AOQ+MD1foq051loLJb5Sukj3Bp+BtqrE3WAXp5xC+8pmN4szGacCAwEAAaOCAYYwggGCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAhBgNVHSAEGjAYMAgGBgQAj3oBATAMBgoqgVCBKQEBAQMHMDsGCCsGAQUFBwEDBC8wLTArBggrBgEFBQcLAjAfBgcEAIvsSQECMBSGEmh0dHBzOi8vdWlkLmdvdi5kazBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY3JsL2lzc3VpbmcuY3JsMB0GA1UdDgQWBBSQ2zoWKogKlPFYOToFjHSMufl3ZTAOBgNVHQ8BAf8EBAMCBaAwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4IBgQB9sFKk0XIi7AOVjMu5ngVK+KMqnEOe9YGuhW8PBRhaDXi1uVBTm3wpl7CCnPKjPCuJ8sUJxSsES8IZjowuGGRY8RI6Xrf9+gBihL/HHUFowPUSobUJeDiVqZyaQDxVXWRyTwF5R6lQtdX/GJJlrmgW2oEvm4SYGW512EA8DBMWXNfoR0iWGp7taNggMrRj+i3IRiqzfhtslBGA4Rd1t+SRkUJ9lu8JpS+zdQ9MOzfW1YWHeab7nK/k4LkfZTKh2762q4/ez74806OaTqf31Yg56KbPxWHNe0h18gFby0ggIAxhOMS+yAySN5CXcOMigqZt23vtgZjz+RgUVXX3cXrkJhFbhStO2Buh2xHfBT09L5lDfhpLAmC06oWT6xcoJO5EJ2bYCEAV74mwdyWNIkEc2H8AD7SLIxf56Q3MECYGPqyVU2yRKY6iDebTRt+HOeNLyWoZUTO7MXb7IQOhTpsVEZjZd0eiAEw8KbNPGNMwsWQwuf8RzVhildJ/bhPKsAY=</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</saml:SubjectConfirmationData>
</saml:SubjectConfirmation>
</saml:Subject>
<saml:Conditions NotOnOrAfter="2024-02-23T11:20:35Z">
<saml:AudienceRestriction>
<saml:Audience>http://audience/clear</saml:Audience>
</saml:AudienceRestriction>
</saml:Conditions>
<saml:AttributeStatement>
<saml:Attribute Name="dk:gov:saml:attribute:SpecVer"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">DK-SAML-2.0</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="dk:gov:saml:attribute:AssuranceLevel"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">3</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="dk:gov:saml:attribute:CprNumberIdentifier"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">0501792275</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>
</saml:Assertion>
</wst14:ActAs>
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>http://audience/clear</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wst:Claims Dialect="http://docs.oasis-open.org/wsfed/authorization/200706/authclaims">
<auth:ClaimType Uri="dk:gov:saml:attribute:CprNumberIdentifier">
<auth:Value>0501792275</auth:Value>
</auth:ClaimType>
</wst:Claims>
</wst:RequestSecurityToken>
</soapenv:Body>
</soapenv:Envelope> |
Svar fra STS
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<soapenv:Header>
<wsse:Security mustUnderstand="1" wsu:Id="security">
<wsu:Timestamp wsu:Id="ts">
<wsu:Created>2024-02-23T09:20:36Z</wsu:Created>
</wsu:Timestamp>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference URI="#body">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>MX56m7Zlnfh3wUIqhO2cUcVYPZo=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#ts">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>/OQpEg3nog5DimJhhsBbCmCYrnU=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#messageID">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>Svg8kNvCmu7pVJgK+XnUIZmuwmo=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#relatesTo">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>6811BMZG6WN0RxCj46QkgkGQ04A=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#action">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>3cXAhlhZH22NiSh7AttxKxBap7Q=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
DTKTeVwgSBy5JVzReLpWwTR3VHTdZ8OMoT81O6rE8e0gAfzbxWiDXXjOe//d1DJ/lcuMjgx3d0Q34Hjx133Jm/neFoD04fgYk2PIO8bj/k0C/LUXz/53kvyzDU7wWRCVwFgBdJl4FwIxqrnAAEG+ILvPiIPZd1buVLiKgv9KJi4eN4xLtU+korApF5o95xAVbTKyFQJVATRHAMHRna416FffBxYTEffIY4x9UxWBrYxMvdbZ03hLrCkRqTYGCWb2oxOAtnB4vKwP1Q9jwMir8GgGy4JHdyF4cTxHLK5u1xVuN16BO3PFM4lv2hQGW45WZqSqGGXfeGfulvYH5St2nxGlPCA419V0n8GtoYhkDZjo12fVDxwU5897UbP/ewvJ/7B7P4kMmIidtNxo3f+JiGqUzE9KwFh4ofNevauKwciObIWp0EkAxmQttqTSScqv8ovZEw2dii1Xz6NXsAHavtk8fIDCLrLdKQhDDK8Go6e36VmzHpMdGX3WuSgI3UGg</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGjTCCBMGgAwIBAgIUFy4h2LTxF4eZW2LC1kay4XM2HOkwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMjExMjkwOTMwMjVaFw0yNTExMjgwOTMwMjRaMIGjMSIwIAYDVQQDDBlOU1AgVGVzdCBTZXJ2aWNlIENvbnN1bWVyMTcwNQYDVQQFEy5VSTpESy1POkc6OGQzZmEwNDctYzc3ZS00N2U0LWJkZDItZTkxNDg4NjEwY2U2MR4wHAYDVQQKDBVTdW5kaGVkc2RhdGFzdHlyZWxzZW4xFzAVBgNVBGEMDk5UUkRLLTMzMjU3ODcyMQswCQYDVQQGEwJESzCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALyJRrV1jHkQtPZ5Yb1BQsVv7CsH2G7xMebZh6o7Opm/Pb2+u8QKnPK2dkPXtFDn4efC6adwMN7EeDulIOC+6S/2yNcUQvD9Nbk40TBX6wqHjcQoMA9a725m1cqQiHPGxlHhQVMRzeJLjpEVnkdush3NCZFfndu48bdtsxM2n6sJgB3wJhvVAb8PdABfZETRcpMVIU8gBEWhMFHZhKlzmZqPUf7OQCtF2Hd1N7F4Qzus/NCP98p9z92h07sVprZD8iwWLlN9GukssDoZTbHpYmeFRE74WnxibQwau8FRFXxHZVSMQ+b3rOPLw0fLL09wDIDcBdJZyK2S/qHWzCfxxNwUCMd5g5aEvXElxiVnNdSBNVz+9phvMz3T66Za64DxFbQ/cfQcCJgSQyGpGpAOEuv2Rl9xxiNHFkoYVTR85bsHPFm6zda7/WSRZbjrhWRsbcTNunu+ucK1STkb0jiupk951zwlGN/HFGPtYP6GEMbaln01Rc7XrQDO7Rc4VKBVlwIDAQABo4IBhjCCAYIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBR/KJ/ZcZlC4nXn1zV2Lk0IJW12XjB7BggrBgEFBQcBAQRvMG0wQwYIKwYBBQUHMAKGN2h0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY2VzL2lzc3VpbmcvMS9jYWNlcnQvaXNzdWluZy5jZXIwJgYIKwYBBQUHMAGGGmh0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY3NwMCEGA1UdIAQaMBgwCAYGBACPegEBMAwGCiqBUIEpAQEBAwcwOwYIKwYBBQUHAQMELzAtMCsGCCsGAQUFBwsCMB8GBwQAi+xJAQIwFIYSaHR0cHM6Ly91aWQuZ292LmRrMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY2VzL2lzc3VpbmcvMS9jcmwvaXNzdWluZy5jcmwwHQYDVR0OBBYEFFNN5GI5Bd91v2k+3gh2tB79kMiJMA4GA1UdDwEB/wQEAwIFoDBBBgkqhkiG9w0BAQowNKAPMA0GCWCGSAFlAwQCAQUAoRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogMCASADggGBAAg7zaoHb0a4EKKoVc2SVcp6/x4Np2CfUmduosmoWxd5SboR2NV93MinTkhJRLPXjTYjETLKLNbmgrDm1oFtnw4rVRdKtpy06D0Zh5hKmR3KDjfXt/+KiHtjqs5fmB8GVo3TxFHGnS4sOmph6l/KG4tOPhMabVWcX7vJQfIBVJMak1QHWzig4ooREvupqefYTpvP13GIG4DsyRabAlR2M3pyvdrSAU899gxASvWI6LBQlEdd4tPodAvdEEb3fHS2pnWmI56Im881jOdVtmmjWMCyPD4kP6SaBUxs7XhqZMwH8X98d5NMwPUYyyKwOVJfPrsWdfhupshcdyn2AWpVLU5GfhdRkmSdLdTKzzJOt7pPH+fS95R5MyV0febSJnSOXgNq7ICdQdiKO/HQ8/zmePRq8Ax/7DGrEA0zXENH2un6AV+7bZtELmNoU+B0MoN/AuSteAxmfTTnc8Xu45rTIXh3Vx1OS3NFggGSBvawlVkE7kWKej3o2sKtfot8a+ILzw==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
<wsa:Action wsu:Id="action">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue</wsa:Action>
<wsa:MessageID wsu:Id="messageID">urn:uuid:47fa9dab-7fbc-417a-ad0d-dd2c82dccf70</wsa:MessageID>
<wsa:RelatesTo wsu:Id="relatesTo">urn:uuid:8f55fcc0-6939-4a08-a6f7-35dfe686573e</wsa:RelatesTo>
</soapenv:Header>
<soapenv:Body wsu:Id="body">
<wst:RequestSecurityTokenResponseCollection>
<wst:RequestSecurityTokenResponse
Context="urn:uuid:edd62a55-4408-45ca-8dc5-b215d49c9797">
<wst:TokenType>
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType>
<wst:RequestedSecurityToken>
<saml:Assertion xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
ID="_f355a920-4da2-4d1c-8e17-f974accb1413"
IssueInstant="2024-02-23T09:20:36Z" Version="2.0"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
<saml:Issuer>TESTSTS</saml:Issuer>
<ds:Signature Id="OCESSignature">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference URI="#_f355a920-4da2-4d1c-8e17-f974accb1413">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>PX0vREuRydy5Mod7TU8FWeEUyqg=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
bv8FCelnJYIBmqHMhIrOTlaklZfv7YWlxfOhb2Mo5v1m/89pZJYDRWOLD8XphD6oEZZEKUIxNWimSceaL3vhv1cHplvulxDPgMUQv40c7exFbF7QRcZRY+NOrohTi0DFrzaFNEkNAXh5pHS1JB56kquHWsXfK26+7QyM9wDeLxPZO4P0baWP7VNO2m06Ah4Ru3B/hqNYxv4DcAKPibpgRQFYyT952INHMai21l8BAwHL1gmFxjVxrSLSj+Qo2FDCHLB2ldkPAZy3Ar/+fDHHxlDrqJIfUQXonsQZ01GGHGlcTIdbPbFZoPQVNn+aTWYgTFdJFIsQyUFIMM5dr2UUI6J7tx11t+kI6DMi4akhLFv+rD+N23NQlZSHZqpPnbe0OCt7DOebDwtxDZatd9oshrS4jw4MM70iiT6as9UZTv/31tzwhVf6tCd+zGaUdFSZ/+HDfqC1rAVWMdXf0tTaIQ8p20HuzrxZ+xyR/tjF4m6yx+4yS9k6fZXbc6uXduAs</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGjTCCBMGgAwIBAgIUFy4h2LTxF4eZW2LC1kay4XM2HOkwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMjExMjkwOTMwMjVaFw0yNTExMjgwOTMwMjRaMIGjMSIwIAYDVQQDDBlOU1AgVGVzdCBTZXJ2aWNlIENvbnN1bWVyMTcwNQYDVQQFEy5VSTpESy1POkc6OGQzZmEwNDctYzc3ZS00N2U0LWJkZDItZTkxNDg4NjEwY2U2MR4wHAYDVQQKDBVTdW5kaGVkc2RhdGFzdHlyZWxzZW4xFzAVBgNVBGEMDk5UUkRLLTMzMjU3ODcyMQswCQYDVQQGEwJESzCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALyJRrV1jHkQtPZ5Yb1BQsVv7CsH2G7xMebZh6o7Opm/Pb2+u8QKnPK2dkPXtFDn4efC6adwMN7EeDulIOC+6S/2yNcUQvD9Nbk40TBX6wqHjcQoMA9a725m1cqQiHPGxlHhQVMRzeJLjpEVnkdush3NCZFfndu48bdtsxM2n6sJgB3wJhvVAb8PdABfZETRcpMVIU8gBEWhMFHZhKlzmZqPUf7OQCtF2Hd1N7F4Qzus/NCP98p9z92h07sVprZD8iwWLlN9GukssDoZTbHpYmeFRE74WnxibQwau8FRFXxHZVSMQ+b3rOPLw0fLL09wDIDcBdJZyK2S/qHWzCfxxNwUCMd5g5aEvXElxiVnNdSBNVz+9phvMz3T66Za64DxFbQ/cfQcCJgSQyGpGpAOEuv2Rl9xxiNHFkoYVTR85bsHPFm6zda7/WSRZbjrhWRsbcTNunu+ucK1STkb0jiupk951zwlGN/HFGPtYP6GEMbaln01Rc7XrQDO7Rc4VKBVlwIDAQABo4IBhjCCAYIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBR/KJ/ZcZlC4nXn1zV2Lk0IJW12XjB7BggrBgEFBQcBAQRvMG0wQwYIKwYBBQUHMAKGN2h0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY2VzL2lzc3VpbmcvMS9jYWNlcnQvaXNzdWluZy5jZXIwJgYIKwYBBQUHMAGGGmh0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY3NwMCEGA1UdIAQaMBgwCAYGBACPegEBMAwGCiqBUIEpAQEBAwcwOwYIKwYBBQUHAQMELzAtMCsGCCsGAQUFBwsCMB8GBwQAi+xJAQIwFIYSaHR0cHM6Ly91aWQuZ292LmRrMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY2VzL2lzc3VpbmcvMS9jcmwvaXNzdWluZy5jcmwwHQYDVR0OBBYEFFNN5GI5Bd91v2k+3gh2tB79kMiJMA4GA1UdDwEB/wQEAwIFoDBBBgkqhkiG9w0BAQowNKAPMA0GCWCGSAFlAwQCAQUAoRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogMCASADggGBAAg7zaoHb0a4EKKoVc2SVcp6/x4Np2CfUmduosmoWxd5SboR2NV93MinTkhJRLPXjTYjETLKLNbmgrDm1oFtnw4rVRdKtpy06D0Zh5hKmR3KDjfXt/+KiHtjqs5fmB8GVo3TxFHGnS4sOmph6l/KG4tOPhMabVWcX7vJQfIBVJMak1QHWzig4ooREvupqefYTpvP13GIG4DsyRabAlR2M3pyvdrSAU899gxASvWI6LBQlEdd4tPodAvdEEb3fHS2pnWmI56Im881jOdVtmmjWMCyPD4kP6SaBUxs7XhqZMwH8X98d5NMwPUYyyKwOVJfPrsWdfhupshcdyn2AWpVLU5GfhdRkmSdLdTKzzJOt7pPH+fS95R5MyV0febSJnSOXgNq7ICdQdiKO/HQ8/zmePRq8Ax/7DGrEA0zXENH2un6AV+7bZtELmNoU+B0MoN/AuSteAxmfTTnc8Xu45rTIXh3Vx1OS3NFggGSBvawlVkE7kWKej3o2sKtfot8a+ILzw==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
<saml:Subject>
<saml:NameID
Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">
dk:gov:saml:attribute:CprNumberIdentifier:0501792275</saml:NameID>
<saml:SubjectConfirmation
Method="urn:oasis:names:tc:SAML:2.0:cm:holder-of-key">
<saml:SubjectConfirmationData NotOnOrAfter="2024-02-23T09:25:36Z"
Recipient="http://audience/clear">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGiDCCBLygAwIBAgIUNySjAhoHGRCYk/yn3wsw3wmXBrcwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMTA0MjgxMjI1NDhaFw0yNDA0MjcxMjI1NDdaMIGeMRUwEwYDVQQDDAxGT0NFU19neWxkaWcxNzA1BgNVBAUTLlVJOkRLLU86RzoyMzU1MDEzMi01ZTFmLTRlNDMtYTVmOS0wNDhhY2Y0OWUwYjgxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDDjbGCHjgv+o1q0Q8GcHnLzHG6r4Q4vfuuWHU3Uscjgo6PC55Wj+GAsEnX7Gb8zIcM/kFv87wYR4w14dRO2lc8OO4e6sCzyIJduvu6da8yCBu6qYV708liVTvmTFFTc5O20lmRb0/MnUlyqU+IFcARhsT14M05sNznd1JF+/cfYwyDo+vCRPXa24WbY5GS2kBgnP/YDCUhmjOiDOGKMCgHj/YYvIZJq+2lfB+Lbi3vRXwJRCeI8FUOaVejFY6zDWOz14uELHhbK9Mhm3MV80PzK/MzDs2G60SMv7PGfkjjb3CHYKsDF0IJe59zumn322HAYOtaVSObSxESHhkOCUf6ZgFGoIQCGB7Q94A3UOktdPqgTmyequ+6HYQxPWbb5HxaItWvQ0qMV3jfu9VsH8Jzo+kpVoUVjpEucwmyXMLd22Iihfy6arckFHQFMYRBGB8bPuPGbk9aSlJ+AOQ+MD1foq051loLJb5Sukj3Bp+BtqrE3WAXp5xC+8pmN4szGacCAwEAAaOCAYYwggGCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAhBgNVHSAEGjAYMAgGBgQAj3oBATAMBgoqgVCBKQEBAQMHMDsGCCsGAQUFBwEDBC8wLTArBggrBgEFBQcLAjAfBgcEAIvsSQECMBSGEmh0dHBzOi8vdWlkLmdvdi5kazBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY3JsL2lzc3VpbmcuY3JsMB0GA1UdDgQWBBSQ2zoWKogKlPFYOToFjHSMufl3ZTAOBgNVHQ8BAf8EBAMCBaAwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4IBgQB9sFKk0XIi7AOVjMu5ngVK+KMqnEOe9YGuhW8PBRhaDXi1uVBTm3wpl7CCnPKjPCuJ8sUJxSsES8IZjowuGGRY8RI6Xrf9+gBihL/HHUFowPUSobUJeDiVqZyaQDxVXWRyTwF5R6lQtdX/GJJlrmgW2oEvm4SYGW512EA8DBMWXNfoR0iWGp7taNggMrRj+i3IRiqzfhtslBGA4Rd1t+SRkUJ9lu8JpS+zdQ9MOzfW1YWHeab7nK/k4LkfZTKh2762q4/ez74806OaTqf31Yg56KbPxWHNe0h18gFby0ggIAxhOMS+yAySN5CXcOMigqZt23vtgZjz+RgUVXX3cXrkJhFbhStO2Buh2xHfBT09L5lDfhpLAmC06oWT6xcoJO5EJ2bYCEAV74mwdyWNIkEc2H8AD7SLIxf56Q3MECYGPqyVU2yRKY6iDebTRt+HOeNLyWoZUTO7MXb7IQOhTpsVEZjZd0eiAEw8KbNPGNMwsWQwuf8RzVhildJ/bhPKsAY=</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</saml:SubjectConfirmationData>
</saml:SubjectConfirmation>
</saml:Subject>
<saml:Conditions NotBefore="2024-02-23T09:15:36Z"
NotOnOrAfter="2024-02-23T09:25:36Z">
<saml:AudienceRestriction>
<saml:Audience>http://audience/clear</saml:Audience>
</saml:AudienceRestriction>
</saml:Conditions>
<saml:AttributeStatement>
<saml:Attribute Name="dk:gov:saml:attribute:SpecVer"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">DK-SAML-2.0</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="dk:gov:saml:attribute:AssuranceLevel"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">3</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="dk:gov:saml:attribute:CprNumberIdentifier"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">0501792275</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>
</saml:Assertion>
</wst:RequestedSecurityToken>
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>http://audience/clear</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wst:Lifetime>
<wsu:Created>2024-02-23T09:15:36Z</wsu:Created>
<wsu:Expires>2024-02-23T09:25:36Z</wsu:Expires>
</wst:Lifetime>
</wst:RequestSecurityTokenResponse>
</wst:RequestSecurityTokenResponseCollection>
</soapenv:Body>
</soapenv:Envelope> |
Request
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512"
xmlns:wst14="http://docs.oasis-open.org/ws-sx/ws-trust/200802"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<soapenv:Header>
<wsse:Security mustUnderstand="1" wsu:Id="security">
<wsu:Timestamp wsu:Id="ts">
<wsu:Created>2024-02-22T13:19:27Z</wsu:Created>
</wsu:Timestamp>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference URI="#body">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>+PQJ+2kwDcJxXYE8iUenERzGeI4=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#ts">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>TThCBOCpnyZAloTBcWlyRTYupNM=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#messageID">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>N2ZemMQczU42xX24fGmGmyNxxog=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#action">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>3cXAhlhZH22NiSh7AttxKxBap7Q=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
CdwfolKMiOq1bj3fCctMQCNVAIQRaU+oQ9kDrJ9eDkT4kNPI52gXwlaYc3YFYEAAvTIccTn3cxEJOTRtz7O3I4Q9vv1loFEf9rkiDoHqVotgggxTcDzXM2F8BfSBMv3Cn4cvIbCBgal9Deiwkk0PPpMZ2TkRrevPcSPlxcaZzgCMTYoIupC/OazGccUUEGQ86PWAzUXXL+Ae7FNeKhB8MNCE7kPy9pHrOWGoASlKoKhcX1lZgsMhBC4NZRhRFJD7aT781V44ozKlXoLpmvgb5JtKiBC/+dQ7UUhtgRL4QX/esdt3xRT+m0SMtU2Qkym/uP1KEon6IyGKarHNOWGanhaNYKuKtaspP6qotYqDZdLETw6ZbQwqgCewmyhHxhsEcGLS/k+PEJQAqFj/kLb8dZL+YqRAT90XJNmRcBD2AmoXFuXmKb8OFgz4EpbVhvcEiCIiYS9gf53jFae1ggVZl4zaKukizZcejYWPXEw7ZwM3i95rgVHcnjScDji9PYdk</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGiDCCBLygAwIBAgIUNySjAhoHGRCYk/yn3wsw3wmXBrcwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMTA0MjgxMjI1NDhaFw0yNDA0MjcxMjI1NDdaMIGeMRUwEwYDVQQDDAxGT0NFU19neWxkaWcxNzA1BgNVBAUTLlVJOkRLLU86RzoyMzU1MDEzMi01ZTFmLTRlNDMtYTVmOS0wNDhhY2Y0OWUwYjgxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDDjbGCHjgv+o1q0Q8GcHnLzHG6r4Q4vfuuWHU3Uscjgo6PC55Wj+GAsEnX7Gb8zIcM/kFv87wYR4w14dRO2lc8OO4e6sCzyIJduvu6da8yCBu6qYV708liVTvmTFFTc5O20lmRb0/MnUlyqU+IFcARhsT14M05sNznd1JF+/cfYwyDo+vCRPXa24WbY5GS2kBgnP/YDCUhmjOiDOGKMCgHj/YYvIZJq+2lfB+Lbi3vRXwJRCeI8FUOaVejFY6zDWOz14uELHhbK9Mhm3MV80PzK/MzDs2G60SMv7PGfkjjb3CHYKsDF0IJe59zumn322HAYOtaVSObSxESHhkOCUf6ZgFGoIQCGB7Q94A3UOktdPqgTmyequ+6HYQxPWbb5HxaItWvQ0qMV3jfu9VsH8Jzo+kpVoUVjpEucwmyXMLd22Iihfy6arckFHQFMYRBGB8bPuPGbk9aSlJ+AOQ+MD1foq051loLJb5Sukj3Bp+BtqrE3WAXp5xC+8pmN4szGacCAwEAAaOCAYYwggGCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAhBgNVHSAEGjAYMAgGBgQAj3oBATAMBgoqgVCBKQEBAQMHMDsGCCsGAQUFBwEDBC8wLTArBggrBgEFBQcLAjAfBgcEAIvsSQECMBSGEmh0dHBzOi8vdWlkLmdvdi5kazBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY3JsL2lzc3VpbmcuY3JsMB0GA1UdDgQWBBSQ2zoWKogKlPFYOToFjHSMufl3ZTAOBgNVHQ8BAf8EBAMCBaAwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4IBgQB9sFKk0XIi7AOVjMu5ngVK+KMqnEOe9YGuhW8PBRhaDXi1uVBTm3wpl7CCnPKjPCuJ8sUJxSsES8IZjowuGGRY8RI6Xrf9+gBihL/HHUFowPUSobUJeDiVqZyaQDxVXWRyTwF5R6lQtdX/GJJlrmgW2oEvm4SYGW512EA8DBMWXNfoR0iWGp7taNggMrRj+i3IRiqzfhtslBGA4Rd1t+SRkUJ9lu8JpS+zdQ9MOzfW1YWHeab7nK/k4LkfZTKh2762q4/ez74806OaTqf31Yg56KbPxWHNe0h18gFby0ggIAxhOMS+yAySN5CXcOMigqZt23vtgZjz+RgUVXX3cXrkJhFbhStO2Buh2xHfBT09L5lDfhpLAmC06oWT6xcoJO5EJ2bYCEAV74mwdyWNIkEc2H8AD7SLIxf56Q3MECYGPqyVU2yRKY6iDebTRt+HOeNLyWoZUTO7MXb7IQOhTpsVEZjZd0eiAEw8KbNPGNMwsWQwuf8RzVhildJ/bhPKsAY=</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
<wsa:Action wsu:Id="action">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue</wsa:Action>
<wsa:MessageID wsu:Id="messageID">urn:uuid:1bb8ec36-9f6e-4414-aa38-f24e461d1444</wsa:MessageID>
</soapenv:Header>
<soapenv:Body wsu:Id="body">
<wst:RequestSecurityToken Context="urn:uuid:bc4558fb-83dc-4a7d-ac91-b02f48cfa602">
<wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType>
<wst:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</wst:RequestType>
<wst14:ActAs>
<saml:Assertion xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
ID="_025f66d8-0d7b-4e0b-8f53-21f2d475719b" IssueInstant="2024-02-22T13:19:27Z"
Version="2.0" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
<saml:Issuer>https://oio2bst-legacy-issuer.dk</saml:Issuer>
<ds:Signature Id="OCESSignature">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod
Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
<ds:Reference URI="#_025f66d8-0d7b-4e0b-8f53-21f2d475719b">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
<ds:DigestValue>jpSuVLJ294+i3yyNtxCXCkpyux1/Y/7b3tfmtvxW6TY=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
jKSKaKZYtBbJwFYrhLHqkX6ao5OeCUZLojxc3zLcsFK6aCV5kVYU53plxkIcG3M5SzES3hhwgjiOu9M95IlHe2dNJvQzCRECzWSiPHnJL+X008ouTMwNfZlWfgVX6FlBeIIl1sfs8lcvDL/1fo+5YBT8uF0mJFnuLQwtSlEIkze51dsJ233qGQnXeSZvhKWdq+SJDztKWeM71f57DZ1cekxFFoKmaJ5R5ru5UCalylHzEYgfBqQZGeQj/L/XG4oP/B7evBFnylx6NAPkiQ47AavV9Kt4BMC3VRBMr8h6oof585QB1MoykR0Rr6yVRfWOQNGKoK0oe9RXk41AMe6JdifxZiR8TuNJDPu9Cqfq9sguO6oP9smKa9jhPyYdrgUkBJMD1p68r//wVW6jFiDSW+ufe1m77cYMe2MKraDDF95Fe9wc8lLWig2HBFnMCQ4d2OT4gV3mEwseIm0EClHzZ6OpOF4BzhZ6gs2fmBmEUa+p6Cbm6wNphHIC/PuTo2qe</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGiDCCBLygAwIBAgIUNySjAhoHGRCYk/yn3wsw3wmXBrcwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMTA0MjgxMjI1NDhaFw0yNDA0MjcxMjI1NDdaMIGeMRUwEwYDVQQDDAxGT0NFU19neWxkaWcxNzA1BgNVBAUTLlVJOkRLLU86RzoyMzU1MDEzMi01ZTFmLTRlNDMtYTVmOS0wNDhhY2Y0OWUwYjgxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDDjbGCHjgv+o1q0Q8GcHnLzHG6r4Q4vfuuWHU3Uscjgo6PC55Wj+GAsEnX7Gb8zIcM/kFv87wYR4w14dRO2lc8OO4e6sCzyIJduvu6da8yCBu6qYV708liVTvmTFFTc5O20lmRb0/MnUlyqU+IFcARhsT14M05sNznd1JF+/cfYwyDo+vCRPXa24WbY5GS2kBgnP/YDCUhmjOiDOGKMCgHj/YYvIZJq+2lfB+Lbi3vRXwJRCeI8FUOaVejFY6zDWOz14uELHhbK9Mhm3MV80PzK/MzDs2G60SMv7PGfkjjb3CHYKsDF0IJe59zumn322HAYOtaVSObSxESHhkOCUf6ZgFGoIQCGB7Q94A3UOktdPqgTmyequ+6HYQxPWbb5HxaItWvQ0qMV3jfu9VsH8Jzo+kpVoUVjpEucwmyXMLd22Iihfy6arckFHQFMYRBGB8bPuPGbk9aSlJ+AOQ+MD1foq051loLJb5Sukj3Bp+BtqrE3WAXp5xC+8pmN4szGacCAwEAAaOCAYYwggGCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAhBgNVHSAEGjAYMAgGBgQAj3oBATAMBgoqgVCBKQEBAQMHMDsGCCsGAQUFBwEDBC8wLTArBggrBgEFBQcLAjAfBgcEAIvsSQECMBSGEmh0dHBzOi8vdWlkLmdvdi5kazBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY3JsL2lzc3VpbmcuY3JsMB0GA1UdDgQWBBSQ2zoWKogKlPFYOToFjHSMufl3ZTAOBgNVHQ8BAf8EBAMCBaAwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4IBgQB9sFKk0XIi7AOVjMu5ngVK+KMqnEOe9YGuhW8PBRhaDXi1uVBTm3wpl7CCnPKjPCuJ8sUJxSsES8IZjowuGGRY8RI6Xrf9+gBihL/HHUFowPUSobUJeDiVqZyaQDxVXWRyTwF5R6lQtdX/GJJlrmgW2oEvm4SYGW512EA8DBMWXNfoR0iWGp7taNggMrRj+i3IRiqzfhtslBGA4Rd1t+SRkUJ9lu8JpS+zdQ9MOzfW1YWHeab7nK/k4LkfZTKh2762q4/ez74806OaTqf31Yg56KbPxWHNe0h18gFby0ggIAxhOMS+yAySN5CXcOMigqZt23vtgZjz+RgUVXX3cXrkJhFbhStO2Buh2xHfBT09L5lDfhpLAmC06oWT6xcoJO5EJ2bYCEAV74mwdyWNIkEc2H8AD7SLIxf56Q3MECYGPqyVU2yRKY6iDebTRt+HOeNLyWoZUTO7MXb7IQOhTpsVEZjZd0eiAEw8KbNPGNMwsWQwuf8RzVhildJ/bhPKsAY=</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
<saml:Subject>
<saml:NameID
Format="urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName">C=DK,O=Testorganisation
nr.
94354969,CN=null,Serial=UI:DK-P:G:23550132-5e1f-4e43-a5f9-048acf49e0b8</saml:NameID>
<saml:SubjectConfirmation
Method="urn:oasis:names:tc:SAML:2.0:cm:holder-of-key">
<saml:SubjectConfirmationData
xsi:type="saml:KeyInfoConfirmationDataType">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGiDCCBLygAwIBAgIUNySjAhoHGRCYk/yn3wsw3wmXBrcwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMTA0MjgxMjI1NDhaFw0yNDA0MjcxMjI1NDdaMIGeMRUwEwYDVQQDDAxGT0NFU19neWxkaWcxNzA1BgNVBAUTLlVJOkRLLU86RzoyMzU1MDEzMi01ZTFmLTRlNDMtYTVmOS0wNDhhY2Y0OWUwYjgxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDDjbGCHjgv+o1q0Q8GcHnLzHG6r4Q4vfuuWHU3Uscjgo6PC55Wj+GAsEnX7Gb8zIcM/kFv87wYR4w14dRO2lc8OO4e6sCzyIJduvu6da8yCBu6qYV708liVTvmTFFTc5O20lmRb0/MnUlyqU+IFcARhsT14M05sNznd1JF+/cfYwyDo+vCRPXa24WbY5GS2kBgnP/YDCUhmjOiDOGKMCgHj/YYvIZJq+2lfB+Lbi3vRXwJRCeI8FUOaVejFY6zDWOz14uELHhbK9Mhm3MV80PzK/MzDs2G60SMv7PGfkjjb3CHYKsDF0IJe59zumn322HAYOtaVSObSxESHhkOCUf6ZgFGoIQCGB7Q94A3UOktdPqgTmyequ+6HYQxPWbb5HxaItWvQ0qMV3jfu9VsH8Jzo+kpVoUVjpEucwmyXMLd22Iihfy6arckFHQFMYRBGB8bPuPGbk9aSlJ+AOQ+MD1foq051loLJb5Sukj3Bp+BtqrE3WAXp5xC+8pmN4szGacCAwEAAaOCAYYwggGCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAhBgNVHSAEGjAYMAgGBgQAj3oBATAMBgoqgVCBKQEBAQMHMDsGCCsGAQUFBwEDBC8wLTArBggrBgEFBQcLAjAfBgcEAIvsSQECMBSGEmh0dHBzOi8vdWlkLmdvdi5kazBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY3JsL2lzc3VpbmcuY3JsMB0GA1UdDgQWBBSQ2zoWKogKlPFYOToFjHSMufl3ZTAOBgNVHQ8BAf8EBAMCBaAwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4IBgQB9sFKk0XIi7AOVjMu5ngVK+KMqnEOe9YGuhW8PBRhaDXi1uVBTm3wpl7CCnPKjPCuJ8sUJxSsES8IZjowuGGRY8RI6Xrf9+gBihL/HHUFowPUSobUJeDiVqZyaQDxVXWRyTwF5R6lQtdX/GJJlrmgW2oEvm4SYGW512EA8DBMWXNfoR0iWGp7taNggMrRj+i3IRiqzfhtslBGA4Rd1t+SRkUJ9lu8JpS+zdQ9MOzfW1YWHeab7nK/k4LkfZTKh2762q4/ez74806OaTqf31Yg56KbPxWHNe0h18gFby0ggIAxhOMS+yAySN5CXcOMigqZt23vtgZjz+RgUVXX3cXrkJhFbhStO2Buh2xHfBT09L5lDfhpLAmC06oWT6xcoJO5EJ2bYCEAV74mwdyWNIkEc2H8AD7SLIxf56Q3MECYGPqyVU2yRKY6iDebTRt+HOeNLyWoZUTO7MXb7IQOhTpsVEZjZd0eiAEw8KbNPGNMwsWQwuf8RzVhildJ/bhPKsAY=</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</saml:SubjectConfirmationData>
</saml:SubjectConfirmation>
</saml:Subject>
<saml:Conditions NotOnOrAfter="2024-02-22T15:19:20Z">
<saml:AudienceRestriction>
<saml:Audience>http://audience/clear</saml:Audience>
</saml:AudienceRestriction>
</saml:Conditions>
<saml:AuthnStatement AuthnInstant="2024-02-22T12:19:20Z"
SessionIndex="_025f66d8-0d7b-4e0b-8f53-21f2d475719b">
<saml:AuthnContext>
<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:X509</saml:AuthnContextClassRef>
</saml:AuthnContext>
</saml:AuthnStatement>
<saml:AttributeStatement>
<saml:Attribute Name="dk:gov:saml:attribute:CprNumberIdentifier"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">0501792275</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="dk:gov:saml:attribute:AssuranceLevel"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">3</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>
<saml:AuthnStatement AuthnInstant="2024-02-22T12:19:20Z"
SessionIndex="_025f66d8-0d7b-4e0b-8f53-21f2d475719b">
<saml:AuthnContext>
<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:X509</saml:AuthnContextClassRef>
</saml:AuthnContext>
</saml:AuthnStatement>
</saml:Assertion>
</wst14:ActAs>
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>http://audience/clear</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wst:Claims Dialect="http://docs.oasis-open.org/wsfed/authorization/200706/authclaims">
<auth:ClaimType Uri="dk:gov:saml:attribute:CprNumberIdentifier">
<auth:Value>0501792275</auth:Value>
</auth:ClaimType>
<auth:ClaimType Uri="dk:healthcare:saml:attribute:OnBehalfOf">
<auth:Value>
urn:dk:healthcare:saml:actThroughProcurationBy:cprNumberIdentifier:1111111118</auth:Value>
</auth:ClaimType>
</wst:Claims>
</wst:RequestSecurityToken>
</soapenv:Body>
</soapenv:Envelope> |
Svar fra STS
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<soapenv:Header>
<wsse:Security mustUnderstand="1" wsu:Id="security">
<wsu:Timestamp wsu:Id="ts">
<wsu:Created>2024-02-22T13:21:38Z</wsu:Created>
</wsu:Timestamp>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference URI="#body">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>SwKjKMO/razhrzgzJF1iP19kWtk=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#ts">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>lfWkWps0ueOLKfaZ3WFPcizG5A4=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#messageID">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>W6GOH/kKoBhMPCKDQH4VcD5o9xg=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#relatesTo">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>RqZqQczJIzv0XwAX5KFxtHom2wE=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#action">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>3cXAhlhZH22NiSh7AttxKxBap7Q=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
ptVHrau5WCAkxuxMOc0Grtw1ihtZ+v5gLVS/UZhuSZExSacRE+9ae/hDlxZ9KEKolitbKedGSqo4hrV8KltdKt9f8g2HB6Y2mBBjNOoqEjjV4gQUfj1R/ubc0lRgUNtRobtEl6WRg4K0lfHo0HJsq5mG/jcGPV5O1rPxblfunaZex2EgHzsEH2YX2Eb1icSz/Sviust7AnteHg7cUmNBDXmFM6EYDxF1e/xnC9IQeR9fcj9+Rgki0FYfkikW1625med9wRCiHPEafqKZmcw4CPcC+Ryt/GV6tz1YwyjQGwT9V45VCknpD1X3uADdzyMpQIJnojigeZI0I+C3vkH+SjWpwenklBENIoJA9EhhgRWsfAWzWmc69+FNvLEyVfFp5SDl1MfOiTw+zoGKSEAguDysEmcnvcLpvbsMEMDMqj2FvSVY+7ZngIkNWhOxVDAvjO8Zx1rMNIaNImipSa7wdYKqujGRtv7AsSjGMqGvfYkbxKgyjdetUu0+8TSBYCiK</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGjTCCBMGgAwIBAgIUFy4h2LTxF4eZW2LC1kay4XM2HOkwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMjExMjkwOTMwMjVaFw0yNTExMjgwOTMwMjRaMIGjMSIwIAYDVQQDDBlOU1AgVGVzdCBTZXJ2aWNlIENvbnN1bWVyMTcwNQYDVQQFEy5VSTpESy1POkc6OGQzZmEwNDctYzc3ZS00N2U0LWJkZDItZTkxNDg4NjEwY2U2MR4wHAYDVQQKDBVTdW5kaGVkc2RhdGFzdHlyZWxzZW4xFzAVBgNVBGEMDk5UUkRLLTMzMjU3ODcyMQswCQYDVQQGEwJESzCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALyJRrV1jHkQtPZ5Yb1BQsVv7CsH2G7xMebZh6o7Opm/Pb2+u8QKnPK2dkPXtFDn4efC6adwMN7EeDulIOC+6S/2yNcUQvD9Nbk40TBX6wqHjcQoMA9a725m1cqQiHPGxlHhQVMRzeJLjpEVnkdush3NCZFfndu48bdtsxM2n6sJgB3wJhvVAb8PdABfZETRcpMVIU8gBEWhMFHZhKlzmZqPUf7OQCtF2Hd1N7F4Qzus/NCP98p9z92h07sVprZD8iwWLlN9GukssDoZTbHpYmeFRE74WnxibQwau8FRFXxHZVSMQ+b3rOPLw0fLL09wDIDcBdJZyK2S/qHWzCfxxNwUCMd5g5aEvXElxiVnNdSBNVz+9phvMz3T66Za64DxFbQ/cfQcCJgSQyGpGpAOEuv2Rl9xxiNHFkoYVTR85bsHPFm6zda7/WSRZbjrhWRsbcTNunu+ucK1STkb0jiupk951zwlGN/HFGPtYP6GEMbaln01Rc7XrQDO7Rc4VKBVlwIDAQABo4IBhjCCAYIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBR/KJ/ZcZlC4nXn1zV2Lk0IJW12XjB7BggrBgEFBQcBAQRvMG0wQwYIKwYBBQUHMAKGN2h0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY2VzL2lzc3VpbmcvMS9jYWNlcnQvaXNzdWluZy5jZXIwJgYIKwYBBQUHMAGGGmh0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY3NwMCEGA1UdIAQaMBgwCAYGBACPegEBMAwGCiqBUIEpAQEBAwcwOwYIKwYBBQUHAQMELzAtMCsGCCsGAQUFBwsCMB8GBwQAi+xJAQIwFIYSaHR0cHM6Ly91aWQuZ292LmRrMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY2VzL2lzc3VpbmcvMS9jcmwvaXNzdWluZy5jcmwwHQYDVR0OBBYEFFNN5GI5Bd91v2k+3gh2tB79kMiJMA4GA1UdDwEB/wQEAwIFoDBBBgkqhkiG9w0BAQowNKAPMA0GCWCGSAFlAwQCAQUAoRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogMCASADggGBAAg7zaoHb0a4EKKoVc2SVcp6/x4Np2CfUmduosmoWxd5SboR2NV93MinTkhJRLPXjTYjETLKLNbmgrDm1oFtnw4rVRdKtpy06D0Zh5hKmR3KDjfXt/+KiHtjqs5fmB8GVo3TxFHGnS4sOmph6l/KG4tOPhMabVWcX7vJQfIBVJMak1QHWzig4ooREvupqefYTpvP13GIG4DsyRabAlR2M3pyvdrSAU899gxASvWI6LBQlEdd4tPodAvdEEb3fHS2pnWmI56Im881jOdVtmmjWMCyPD4kP6SaBUxs7XhqZMwH8X98d5NMwPUYyyKwOVJfPrsWdfhupshcdyn2AWpVLU5GfhdRkmSdLdTKzzJOt7pPH+fS95R5MyV0febSJnSOXgNq7ICdQdiKO/HQ8/zmePRq8Ax/7DGrEA0zXENH2un6AV+7bZtELmNoU+B0MoN/AuSteAxmfTTnc8Xu45rTIXh3Vx1OS3NFggGSBvawlVkE7kWKej3o2sKtfot8a+ILzw==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
<wsa:Action wsu:Id="action">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue</wsa:Action>
<wsa:MessageID wsu:Id="messageID">urn:uuid:c467ee8f-de82-4ca7-9afa-fdb1e70f203a</wsa:MessageID>
<wsa:RelatesTo wsu:Id="relatesTo">urn:uuid:1bb8ec36-9f6e-4414-aa38-f24e461d1444</wsa:RelatesTo>
</soapenv:Header>
<soapenv:Body wsu:Id="body">
<wst:RequestSecurityTokenResponseCollection>
<wst:RequestSecurityTokenResponse
Context="urn:uuid:bc4558fb-83dc-4a7d-ac91-b02f48cfa602">
<wst:TokenType>
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType>
<wst:RequestedSecurityToken>
<saml:Assertion xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
ID="_4205addb-4282-49a4-8d9c-90bf5e93566d"
IssueInstant="2024-02-22T13:21:38Z" Version="2.0"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
<saml:Issuer>TESTSTS</saml:Issuer>
<ds:Signature Id="OCESSignature">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference URI="#_4205addb-4282-49a4-8d9c-90bf5e93566d">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>0Cz5s72TRBmk12a6pmVWJAgrnBI=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
HHzFb7ye7g0kUyc0OsLt4BoEXk+nr35yrgVhZi0YzW+viNasZkJtpRSjznhydJFsyaWiXNW9DpFHbdp1jZrmDwPHyHQEacqmdi5SggQ1o6g70QI3d33QyxQNxzl6CegaRPcGUsu1moGkkziNT2bsydHmQknGf1cOkrVtAuqBg0wUhcvVf+jI3gEyU3zFNOKW9IZXl1X8jotMSrdav4IpeylmS3qVWUqc1MKajBwZjFQrYVridkDxrBRd7wDpzzF5cZP80tkJY+3d2Uf3UimsjzEo2jJNx64UVa/PsT6lgwpA2vfm6ZIYPcCecadngEdORCjetelDQPIcJ9ZLAwWtqcmVXo7gndDUBtKcKieQzd32PD3Nu7PC1lq5ZwjqoX1vtWku88+iYARi539pOj6agboVCxIUJkcXWIE0fVkLq9yD43yXuN7EYHF/uI4WnK1olUJWr2pyUnihG5G9DDuUbsi2WFNPfrLRtV26f6IaEbZ6u4rjEvKhphA/mzPcqeS0</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGjTCCBMGgAwIBAgIUFy4h2LTxF4eZW2LC1kay4XM2HOkwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMjExMjkwOTMwMjVaFw0yNTExMjgwOTMwMjRaMIGjMSIwIAYDVQQDDBlOU1AgVGVzdCBTZXJ2aWNlIENvbnN1bWVyMTcwNQYDVQQFEy5VSTpESy1POkc6OGQzZmEwNDctYzc3ZS00N2U0LWJkZDItZTkxNDg4NjEwY2U2MR4wHAYDVQQKDBVTdW5kaGVkc2RhdGFzdHlyZWxzZW4xFzAVBgNVBGEMDk5UUkRLLTMzMjU3ODcyMQswCQYDVQQGEwJESzCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALyJRrV1jHkQtPZ5Yb1BQsVv7CsH2G7xMebZh6o7Opm/Pb2+u8QKnPK2dkPXtFDn4efC6adwMN7EeDulIOC+6S/2yNcUQvD9Nbk40TBX6wqHjcQoMA9a725m1cqQiHPGxlHhQVMRzeJLjpEVnkdush3NCZFfndu48bdtsxM2n6sJgB3wJhvVAb8PdABfZETRcpMVIU8gBEWhMFHZhKlzmZqPUf7OQCtF2Hd1N7F4Qzus/NCP98p9z92h07sVprZD8iwWLlN9GukssDoZTbHpYmeFRE74WnxibQwau8FRFXxHZVSMQ+b3rOPLw0fLL09wDIDcBdJZyK2S/qHWzCfxxNwUCMd5g5aEvXElxiVnNdSBNVz+9phvMz3T66Za64DxFbQ/cfQcCJgSQyGpGpAOEuv2Rl9xxiNHFkoYVTR85bsHPFm6zda7/WSRZbjrhWRsbcTNunu+ucK1STkb0jiupk951zwlGN/HFGPtYP6GEMbaln01Rc7XrQDO7Rc4VKBVlwIDAQABo4IBhjCCAYIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBR/KJ/ZcZlC4nXn1zV2Lk0IJW12XjB7BggrBgEFBQcBAQRvMG0wQwYIKwYBBQUHMAKGN2h0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY2VzL2lzc3VpbmcvMS9jYWNlcnQvaXNzdWluZy5jZXIwJgYIKwYBBQUHMAGGGmh0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY3NwMCEGA1UdIAQaMBgwCAYGBACPegEBMAwGCiqBUIEpAQEBAwcwOwYIKwYBBQUHAQMELzAtMCsGCCsGAQUFBwsCMB8GBwQAi+xJAQIwFIYSaHR0cHM6Ly91aWQuZ292LmRrMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY2VzL2lzc3VpbmcvMS9jcmwvaXNzdWluZy5jcmwwHQYDVR0OBBYEFFNN5GI5Bd91v2k+3gh2tB79kMiJMA4GA1UdDwEB/wQEAwIFoDBBBgkqhkiG9w0BAQowNKAPMA0GCWCGSAFlAwQCAQUAoRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogMCASADggGBAAg7zaoHb0a4EKKoVc2SVcp6/x4Np2CfUmduosmoWxd5SboR2NV93MinTkhJRLPXjTYjETLKLNbmgrDm1oFtnw4rVRdKtpy06D0Zh5hKmR3KDjfXt/+KiHtjqs5fmB8GVo3TxFHGnS4sOmph6l/KG4tOPhMabVWcX7vJQfIBVJMak1QHWzig4ooREvupqefYTpvP13GIG4DsyRabAlR2M3pyvdrSAU899gxASvWI6LBQlEdd4tPodAvdEEb3fHS2pnWmI56Im881jOdVtmmjWMCyPD4kP6SaBUxs7XhqZMwH8X98d5NMwPUYyyKwOVJfPrsWdfhupshcdyn2AWpVLU5GfhdRkmSdLdTKzzJOt7pPH+fS95R5MyV0febSJnSOXgNq7ICdQdiKO/HQ8/zmePRq8Ax/7DGrEA0zXENH2un6AV+7bZtELmNoU+B0MoN/AuSteAxmfTTnc8Xu45rTIXh3Vx1OS3NFggGSBvawlVkE7kWKej3o2sKtfot8a+ILzw==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
<saml:Subject>
<saml:NameID
Format="urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName">
C=DK,O=Testorganisation
nr.
94354969,CN=null,Serial=UI:DK-P:G:23550132-5e1f-4e43-a5f9-048acf49e0b8</saml:NameID>
<saml:SubjectConfirmation
Method="urn:oasis:names:tc:SAML:2.0:cm:holder-of-key">
<saml:SubjectConfirmationData NotOnOrAfter="2024-02-22T13:26:38Z"
Recipient="http://audience/clear">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGiDCCBLygAwIBAgIUNySjAhoHGRCYk/yn3wsw3wmXBrcwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMTA0MjgxMjI1NDhaFw0yNDA0MjcxMjI1NDdaMIGeMRUwEwYDVQQDDAxGT0NFU19neWxkaWcxNzA1BgNVBAUTLlVJOkRLLU86RzoyMzU1MDEzMi01ZTFmLTRlNDMtYTVmOS0wNDhhY2Y0OWUwYjgxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDDjbGCHjgv+o1q0Q8GcHnLzHG6r4Q4vfuuWHU3Uscjgo6PC55Wj+GAsEnX7Gb8zIcM/kFv87wYR4w14dRO2lc8OO4e6sCzyIJduvu6da8yCBu6qYV708liVTvmTFFTc5O20lmRb0/MnUlyqU+IFcARhsT14M05sNznd1JF+/cfYwyDo+vCRPXa24WbY5GS2kBgnP/YDCUhmjOiDOGKMCgHj/YYvIZJq+2lfB+Lbi3vRXwJRCeI8FUOaVejFY6zDWOz14uELHhbK9Mhm3MV80PzK/MzDs2G60SMv7PGfkjjb3CHYKsDF0IJe59zumn322HAYOtaVSObSxESHhkOCUf6ZgFGoIQCGB7Q94A3UOktdPqgTmyequ+6HYQxPWbb5HxaItWvQ0qMV3jfu9VsH8Jzo+kpVoUVjpEucwmyXMLd22Iihfy6arckFHQFMYRBGB8bPuPGbk9aSlJ+AOQ+MD1foq051loLJb5Sukj3Bp+BtqrE3WAXp5xC+8pmN4szGacCAwEAAaOCAYYwggGCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAhBgNVHSAEGjAYMAgGBgQAj3oBATAMBgoqgVCBKQEBAQMHMDsGCCsGAQUFBwEDBC8wLTArBggrBgEFBQcLAjAfBgcEAIvsSQECMBSGEmh0dHBzOi8vdWlkLmdvdi5kazBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY3JsL2lzc3VpbmcuY3JsMB0GA1UdDgQWBBSQ2zoWKogKlPFYOToFjHSMufl3ZTAOBgNVHQ8BAf8EBAMCBaAwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4IBgQB9sFKk0XIi7AOVjMu5ngVK+KMqnEOe9YGuhW8PBRhaDXi1uVBTm3wpl7CCnPKjPCuJ8sUJxSsES8IZjowuGGRY8RI6Xrf9+gBihL/HHUFowPUSobUJeDiVqZyaQDxVXWRyTwF5R6lQtdX/GJJlrmgW2oEvm4SYGW512EA8DBMWXNfoR0iWGp7taNggMrRj+i3IRiqzfhtslBGA4Rd1t+SRkUJ9lu8JpS+zdQ9MOzfW1YWHeab7nK/k4LkfZTKh2762q4/ez74806OaTqf31Yg56KbPxWHNe0h18gFby0ggIAxhOMS+yAySN5CXcOMigqZt23vtgZjz+RgUVXX3cXrkJhFbhStO2Buh2xHfBT09L5lDfhpLAmC06oWT6xcoJO5EJ2bYCEAV74mwdyWNIkEc2H8AD7SLIxf56Q3MECYGPqyVU2yRKY6iDebTRt+HOeNLyWoZUTO7MXb7IQOhTpsVEZjZd0eiAEw8KbNPGNMwsWQwuf8RzVhildJ/bhPKsAY=</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</saml:SubjectConfirmationData>
</saml:SubjectConfirmation>
</saml:Subject>
<saml:Conditions NotBefore="2024-02-22T13:16:38Z"
NotOnOrAfter="2024-02-22T13:26:38Z">
<saml:AudienceRestriction>
<saml:Audience>http://audience/clear</saml:Audience>
</saml:AudienceRestriction>
</saml:Conditions>
<saml:AttributeStatement>
<saml:Attribute Name="dk:gov:saml:attribute:SpecVer"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">DK-SAML-2.0</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="dk:gov:saml:attribute:AssuranceLevel"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">3</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="dk:gov:saml:attribute:CprNumberIdentifier"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">0501792275</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="dk:gov:saml:attribute:Privileges_intermediate"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">
PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiID8+PGJwcDpQcml2aWxlZ2VMaXN0IHhtbG5zOmJwcD0iaHR0cDovL2l0c3QuZGsvb2lvc2FtbC9iYXNpY19wcml2aWxlZ2VfcHJvZmlsZSI+PGJwcDpQcml2aWxlZ2VHcm91cCBTY29wZT0idXJuOmRrOmhlYWx0aGNhcmU6c2FtbDphY3RUaHJvdWdoUHJvY3VyYXRpb25CeTpjcHJOdW1iZXJJZGVudGlmaWVyOjExMTExMTExMTgiPjxicHA6UHJpdmlsZWdlPnVybjpkazpuc3BvcDpzdHM6Zm1rOnJlYWQ8L2JwcDpQcml2aWxlZ2U+PC9icHA6UHJpdmlsZWdlR3JvdXA+PC9icHA6UHJpdmlsZWdlTGlzdD4=</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>
</saml:Assertion>
</wst:RequestedSecurityToken>
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>http://audience/clear</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wst:Lifetime>
<wsu:Created>2024-02-22T13:16:38Z</wsu:Created>
<wsu:Expires>2024-02-22T13:26:38Z</wsu:Expires>
</wst:Lifetime>
</wst:RequestSecurityTokenResponse>
</wst:RequestSecurityTokenResponseCollection>
</soapenv:Body>
</soapenv:Envelope> |
Bemærk returværdien fra STS, der indeholder attributten 'dk:gov:saml:attribute:Privileges_intermediate' (Vist i ovenstående eksempel fra OIO2BST_LEGACY STS-svaret):
<saml:Attribute Name="dk:gov:saml:attribute:Privileges_intermediate"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">
PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiID8+PGJwcDpQcml2aWxlZ2VMaXN0IHhtbG5zOmJwcD0iaHR0cDovL2RpZ3N0LmRrL29pb3NhbWwvYmFzaWNfcHJpdmlsZWdlX3Byb2ZpbGUiPjxQcml2aWxlZ2VHcm91cCBTY29wZT0idXJuOnByZWZpeDoxMjM0NTY3ODkwIj48UHJpdmlsZWdlPnVybjpkazpzdW5kaGVkc2RhdGFzdHlyZWxzZW46aWRzYXM6cmVhZDp1bmJsdXJyZWQ8L1ByaXZpbGVnZT48L1ByaXZpbGVnZUdyb3VwPjwvYnBwOlByaXZpbGVnZUxpc3Q+
</saml:AttributeValue>
</saml:Attribute> |
Værdien er base64 encoded, og kan indeholde forskellige værdier. Disse er beskrevet nedenunder. Eksemplerne viser værdien efter en base64 decode.
Bemærk at strukturen både indeholder det CPR nummer, som borgeren ønsker at arbejde på vegne af, samt listen af de privilegier der rent faktisk er tildelt fra denne borger, til den kaldende borger:
<?xml version="1.0" encoding="UTF-8"?>
<bpp:PrivilegeList xmlns:bpp="http://itst.dk/oiosaml/basic_privilege_profile">
<bpp:PrivilegeGroup Scope="urn:dk:healthcare:saml:actThroughProcurationBy:cprNumberIdentifier:0101603040">
<bpp:Privilege>urn:dk:nspop:sts:fmk:read</bpp:Privilege>
<bpp:Privilege>urn:dk:nspop:sts:fmk:write</bpp:Privilege>
</bpp:PrivilegeGroup>
</bpp:PrivilegeList> |
Man kan også vedlægge en claim om værgemål eller forældremyndighed ift. en anden borger. Dette gøres under "dk:healthcare:saml:attribute:OnBehalfOf", og der er de to muligheder der ses herunder. Bemærk dog, at man kun kan claime "WardCustody" hvis man specifikt er blevet whitelisted til det som anvender.
<auth:ClaimType Uri="dk:healthcare:saml:attribute:OnBehalfOf">
<auth:Value>
urn:dk:healthcare:saml:actThrough:WardCustody:cprNumberIdentifier:1111111118
</auth:Value>
</auth:ClaimType> |
<auth:ClaimType Uri="dk:healthcare:saml:attribute:OnBehalfOf">
<auth:Value>
urn:dk:healthcare:saml:actThrough:ParentalCustody:cprNumberIdentifier:1111111118
</auth:Value>
</auth:ClaimType> |
I billetten vil subject relations være kodet i stil med følgende, dog i praksis base64-encoded som nævnt ovenfor.
Eksempel for "Fuld værge". Her behøves attributten "relatedPersonAge" ikke være angivet:
<?xml version="1.0" encoding="UTF-8"?>
<srp:SubjectRelations
xmlns:srp="urn:dk:healthcare:saml:subject_relations_profile:1.1">
<srp:VerifiedRelation
relationType="wardCustodyHolder"
relatedPersonID="0101111234"
relatedPersonIDType="URN:OID:1.2.208.176.1.2"
/>
</srp:SubjectRelations> |
Hvis det drejer sig om "Forældremyndighed", så skal attributten "relatedPersonAge" være angivet:
<?xml version="1.0" encoding="UTF-8"?>
<srp:SubjectRelations
xmlns:srp="urn:dk:healthcare:saml:subject_relations_profile:1.1">
<srp:VerifiedRelation
relationType="parentalCustodyHolder"
relatedPersonID="0101111234"
relatedPersonIDType="URN:OID:1.2.208.176.1.2"
relatedPersonAge= ”10”
/>
</srp:SubjectRelations> |
STS vil gennem IDSAS slå op om sløring er ønsket. Sløring vil optræde som specificeret i OIOITP Blurring Instructions Profile 1.1 i billetten.
Returværdien fra STS indeholder sløringer hvis xml'en indeholder attributten "urn:dk:healthcare:saml:attribute:BlurringInstructions":
<?xml version="1.0" encoding="UTF-8"?> <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Name="urn:dk:healthcare:saml:attribute:BlurringInstructions" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"> <saml:AttributeValue xsi:type="xs:string"> <!-- Slørings-oplysninger i Base64 encodet form. --> PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4NCjxiaXA6Qmx1cnJpbmdJbnN0cnVj dGlvbnMgeG1sbnM6YmlwPSJ1cm46ZGs6aG- VhbHRoY2FyZTpzYW1sOmJsdXJyaW5nX2luc3RydWN0aW9uX3Byb2ZpbGU6MS4wIiBjdXItcmVudFNhbH Q9IjVrWlpMTlFNTkl- rejFZN3RDRGozR1E9PSI+DQoJPGJpcDpCbHVyRW1wbG95ZWVOYW1lc0Zyb21Pcmcgb3JnVHlwZT0iQ1Z SIiByZWFzb249ImZyb21fcmVsYXRlZF9wZXJzb24iPg0KCQkyOTE5MDkyNQ0KCTwvYml- wOkJsdXJFbXBsb3llZU5hbWVzRnJvbU9yZz4NCjwvYmlwOkJsdXJyaW5nSW5zdHJ1Y3Rpb25zPg== </saml:AttributeValue> </saml:Attribute> |
Værdien er base64 encoded, og kan indeholde forskellige værdier. Disse er beskrevet nedenunder. Eksemplerne viser værdien efter en base64 decode.
Eksempel på en borgerspecifik sløring fra både Region Midtjylland (CVR:29190925) og Region Nordjylland (CVR:29190941).
<?xml version="1.0" encoding="UTF-8"?>
<bip:BlurringInstructions
xmlns:bip="urn:dk:healthcare:saml:blurring_instruction_profile:1.1"
currentSalt="5kZZLNQMNIkz1Y7tCDj3GQ==">
<bip:BlurEmployeeNamesFromOrg orgType="CVR" reason="specific_for_person">
29190925
</bip:BlurEmployeeNamesFromOrg>
<bip:BlurEmployeeNamesFromOrg orgType="CVR" reason="specific_for_person">
29190941
</bip:BlurEmployeeNamesFromOrg>
</bip:BlurringInstructions> |
Bemærk: <bip:BlurringInstructions> med currentSalt skal altid indlejres, uanset om der er sløringer ej.
<?xml version="1.0" encoding="UTF-8"?> <bip:BlurringInstructions xmlns:bip="urn:dk:healthcare:saml:blurring_instruction_profile:1.1" currentSalt="5kZZLNQMNIkz1Y7tCDj3GQ==" /> |
Hvis borgeren skal se oplysninger om en relateret person (f.eks. en fuldmagtsgiver), skal der også sløres for borgeren, når der er sløret for fuldmagtsgiveren.
<?xml version="1.0" encoding="UTF-8"?> <bip:BlurringInstructions xmlns:bip="urn:dk:healthcare:saml:blurring_instruction_profile:1.1" currentSalt="5kZZLNQMNIkz1Y7tCDj3GQ=="> <bip:BlurEmployeeNamesFromOrg orgType="CVR" reason="from_related_person"> 29190925 </bip:BlurEmployeeNamesFromOrg> </bip:BlurringInstructions> |
I sjældne tilfælde kan der både være sløret for ’subject’ og den som ’subject’ ønsker at slå op på:
<?xml version="1.0" encoding="UTF-8"?>
<bip:BlurringInstructions
xmlns:bip="urn:dk:healthcare:saml:blurring_instruction_profile:1.1"
currentSalt="5kZZLNQMNIkz1Y7tCDj3GQ==">
<bip:BlurEmployeeNamesFromOrg orgType="CVR" reason="specific_for_person">
29190925
</bip:BlurEmployeeNamesFromOrg>
<bip:BlurEmployeeNamesFromOrg orgType="CVR" reason="from_related_person">
29190941
</bip:BlurEmployeeNamesFromOrg>
</bip:BlurringInstructions> |
Afdelingssløringer vil i mange tilfælde optræde uden tilhørende borgerspecifikke sløringer:
<?xml version="1.0" encoding="UTF-8"?>
<bip:BlurringInstructions
xmlns:bip="urn:dk:healthcare:saml:blurring_instruction_profile:1.1"
currentSalt="5kZZLNQMNIkz1Y7tCDj3GQ==">
<bip:BlurEmployeeNamesFromOrg orgType="SOR" reason="specific_department">
<!-- Retspsykiatrien Glostrup, SOR kode -->
536331000016003
</bip:BlurEmployeeNamesFromOrg>
<bip:BlurEmployeeNamesFromOrg orgType="SHAK" reason="specific_department">
<!-- Retspsykiatrien Glostrup, SHAK kode -->
1500P1V
</bip:BlurEmployeeNamesFromOrg>
</bip:BlurringInstructions> |
Afdelingssløringer kombineret med borgerspecifikke sløringer:
<?xml version="1.0" encoding="UTF-8"?>
<bip:BlurringInstructions
xmlns:bip="urn:dk:healthcare:saml:blurring_instruction_profile:1.1"
currentSalt="5kZZLNQMNIkz1Y7tCDj3GQ==">
<bip:BlurEmployeeNamesFromOrg orgType="CVR" reason="specific_for_person">
<!-- Slør for alle medarbejdere i Reg. Midt, CVR kode -->
29190925
</bip:BlurEmployeeNamesFromOrg>
<bip:BlurEmployeeNamesFromOrg orgType="SOR" reason="specific_department">
<!-- Retspsykiatrien Glostrup, SOR kode -->
536331000016003
</bip:BlurEmployeeNamesFromOrg>
<bip:BlurEmployeeNamesFromOrg orgType="SHAK" reason="specific_department">
<!-- Retspsykiatrien Glostrup, SHAK kode -->
1500P1V
</bip:BlurEmployeeNamesFromOrg>
</bip:BlurringInstructions> |