Copy overlay QA proxy overlay files to /opt, SC-2522

eidas-qa-proxy/overlay/opt/se/cfg/application-se.properties

@@ -0,0 +1,116 @@
+# Logging
+logging.level.org.springframework.web=INFO
+
+# Service path
+server.servlet.context-path=/eidas-ps
+
+#proxy-service.path.prefix=${spring.config.additional.location}..
+#proxy-service.config.location=file://${spring.config.additional.location}
+
+proxy-service.image.logo=${spring.config.additional.location}/img/idp-logo.svg
+proxy-service.image.icon=${spring.config.additional.location}/img/idp-logo-notext.svg
+
+# Service port connector settings
+server.port=8443
+#server.ssl.key-store=${proxy-service.path.prefix}/keystore/sslSnakeOil.p12
+#server.ssl.key-store-type=PKCS12
+#server.ssl.key-store-password=secret
+#server.ssl.key-password=secret
+
+tomcat.ajp.port=8009
+tomcat.ajp.remoteauthentication=false
+tomcat.ajp.enabled=true
+
+# For development. Allowing signature check on metadata to be skipped. Default false.
+#proxy-service.dev.ignoreMetadataSignCheck=true
+
+# Initial delay in milliseconds (default 5000) and seconds between metadata configuration recache (default 240 sec).
+#proxy-service.daemon.inital.delay.ms=5000
+proxy-service.daemon.recache.delay.sec=240
+
+# Location of other properties files (general-metadata.properties, psidp-metadata.properties and natsp-metadata.properties)
+# Example specifying external location: 'proxy-service.config.location=file:///opt/webapp/eidas-ps/cfg/'
+# Example specifying src/main/resources config location: 'classpath:'
+
+proxy-service.country=SE
+
+# Key Store properties
+# Location can be specified as "classpath:" or as file path e.g "/opt/webapp/eidas-ps/keystore/keyStore.jks"
+proxy-service.keySourceType=PKCS12
+proxy-service.keySourceLocation=${proxy-service.path.prefix}/proxy.p12
+proxy-service.keySourcePass=dummy
+proxy-service.keySourceAlias=proxy
+
+proxy-service.natsp.keySourceType=PKCS12
+proxy-service.natsp.keySourceLocation=${proxy-service.path.prefix}/proxy.p12
+proxy-service.natsp.keySourcePass=dummy
+proxy-service.natsp.keySourceAlias=proxy
+
+proxy-service.metadata.keySourceType=PKCS12
+proxy-service.metadata.keySourceLocation=${proxy-service.path.prefix}/metadata.p12
+proxy-service.metadata.keySourcePass=dummy
+proxy-service.metadata.keySourceAlias=metadata
+
+# Session Encryption properties
+#proxy-service.cookieEncryptPw=changeme
+
+# Requirements to show consent dialogue (Default false);
+proxy-service.consent=true
+proxy-service.consent.attributes=urn:oid:1.2.752.201.3.7,\
+  urn:oid:2.5.4.4,\
+  urn:oid:2.5.4.42,\
+  urn:oid:1.3.6.1.5.5.7.9.3,\
+  urn:oid:1.3.6.1.5.5.7.9.1
+proxy-service.consent.valuetranslation=urn:oid:1.3.6.1.5.5.7.9.3
+
+# Welcome page presentation text location
+proxy-service.welcomepage.markdown=${proxy-service.path.prefix}/cfg/infotext.md
+
+#Metadata Service List location specified as either URL (http or https), "file://" or "classpath:"
+proxy-service.eidasMdListLocation=https://qa.md.eidas.swedenconnect.se/mdservicelist-aggregate.xml
+
+# Optional certificate file for validating metadata service list file signatures
+# If no certificate is specified then proxy-service.dev.ignoreMetadataSignCheck=true must be set
+proxy-service.eidasMdListCertFile=${proxy-service.path.prefix}/cfg/metadata.crt
+
+#Metadata location for aggregated metadata specified as either URL (http or https), "file://" or "classpath:"
+proxy-service.eidasMetadataLocation=https://qa.md.eidas.swedenconnect.se/role/sp.xml
+
+# Optional certificate file for validating metadata signatures
+# If no certificate is specified then proxy-service.dev.ignoreMetadataSignCheck=true must be set
+proxy-service.eidasMetadataCertFile=${proxy-service.path.prefix}/cfg/metadata.crt
+
+# Optional cache dir for caching downloaded metadata. If not set, cache is stored in memory.
+proxy-service.eidasMetadataCacheDirName=${proxy-service.path.prefix}/ps-mdcache
+
+#Metadata location for national IdP metadata specified as either URL (http or https), "file://" or "classpath:"
+
+#proxy-service.nationalMetadata.test.location=http://eid.svelegtest.se/metadata/mdx/role/idp.xml
+#proxy-service.nationalMetadata.test.certFile=${proxy-service.path.prefix}/cfg/se-metadata-cert.crt
+#proxy-service.nationalMetadata.test.cacheFile=${proxy-service.path.prefix}/cache/test-metadata.xml
+#proxy-service.nationalMetadata.test.index=1
+
+proxy-service.nationalMetadata.qa.location=https://qa.md.swedenconnect.se/role/idp.xml
+proxy-service.nationalMetadata.qa.certFile=${proxy-service.path.prefix}/cfg/metadata.crt
+proxy-service.nationalMetadata.qa.cacheFile=${proxy-service.path.prefix}/cache/qa-metadata.xml
+proxy-service.nationalMetadata.qa.index=0
+
+management.server.context-path=/manage
+management.server.security.enabled=false
+management.server.port=8444
+management.server.ssl.enabled=true
+
+proxy-service.syslog.enabled=true
+
+# Override default signature algorithms
+proxy-service.signature-algorithm=http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1
+proxy-service.signature-algorithm.md=${proxy-service.signature-algorithm}
+proxy-service.signature-algorithm.natsp=http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
+proxy-service.signature-algorithm.natsp.md=${proxy-service.signature-algorithm.natsp}
+
+#Private SP requests from other eIDAS countries
+proxy-service.private-sp.enabled=true
+
+#These configuration properties allow configuration of the HTTP client used to obtain metadata as well as for OpenID connect operations such as retrieving ID tokens and user-info tokens from the OP.
+proxy-service.http.connect-timeout=1000
+proxy-service.http.read-timeout=5000

eidas-qa-proxy/overlay/opt/se/cfg/general-metadata.properties

@@ -0,0 +1,18 @@
+psgen.country=${proxy-service.country}
+psgen.name=Sweden eIDAS ProxyService
+psgen.orgName={\
+  en:'Sweden Connect',\
+  sv:'Sweden Connect'\
+}
+psgen.dispName={\
+  en:'Sweden Connect QA',\
+  sv:'Sweden Connect QA'\
+}
+psgen.orgUrl=https://swedenconnect.se
+psgen.supportGivenName=Customer support
+psgen.techGivenName=Technical support
+psgen.supportEmail=operations@swedenconnect.se
+psgen.techEmail=operations@swedenconnect.se
+
+
+

eidas-qa-proxy/overlay/opt/se/cfg/idpdisco.properties

@@ -0,0 +1,67 @@
+# Available policies are: natToEidasMapping, natToEidasNotifiedMapping, justEidasLoa
+# Defined meaning:
+# - justEidasLoa = IdP is only allowed if it supports the national eIDAS LoAs
+# - natToEidasMapping = National IdP:s are allowed to respond with national LoA. These counts as non notified eID
+# - natToEidasNotifiedMapping = National IdP:s are allowed to respond with national LoA. These counts as notified eID
+
+idp.testIdp.entityid=http://qa.test.swedenconnect.se/idp
+idp.testIdp.loapolicy=justEidasLoa
+idp.testIdp.consent=true
+idp.testIdp.privateSpSupport=true
+idp.testIdp.deriveDob=false
+idp.testIdp.index=1
+
+idp.freja.entityid=https://idp-sweden-connect-valfr-2017-ct.test.frejaeid.com
+idp.freja.name.sv=Freja+
+idp.freja.name.en=Freja+
+idp.freja.loapolicy=justEidasLoa
+idp.freja.consent=false
+idp.freja.deriveDob=false
+idp.freja.privateSpSupport=true
+idp.freja.index=0
+
+idp.bankid.entityid=https://oidc.test.bankid.com
+idp.bankid.name.sv=BankID
+idp.bankid.name.en=BankID
+idp.bankid.logo.uri=https://www.bankid.com/assets/bankid/img/logo-bank-id.svg
+idp.bankid.logo.height=150
+idp.bankid.logo.width=159
+idp.bankid.loapolicy=natToEidasNotifiedMapping
+idp.bankid.consent=false
+idp.bankid.deriveDob=false
+idp.bankid.privateSpSupport=false
+idp.bankid.index=2
+idp.bankid.protocol=oidc
+
+#idp.mobIdp.entityid=https://midp.svelegtest.se/idp
+#idp.mobIdp.name.sv=Legacy Test ID Tjänst
+#idp.mobIdp.name.en=Legacy Test IdP
+#idp.mobIdp.logo.uri=${proxy-service.domain.prefix}/img/se-flag-rnd.svg
+#idp.mobIdp.logo.height=67
+#idp.mobIdp.logo.width=68
+#idp.mobIdp.loapolicy=natToEidasNotifiedMapping
+#idp.mobIdp.consent=false
+#idp.mobIdp.deriveDob=true
+#idp.mobIdp.index=2
+
+#idp.ccBankid.entityid=https://eid.identityhub.se/demo/bankid/
+#idp.ccBankid.name.sv=BankID
+#idp.ccBankid.name.en=BankID
+#idp.ccBankid.logo.uri=img/disco/bankid_logo.png
+#idp.ccBankid.logo.height=94
+#idp.ccBankid.logo.width=100
+#idp.ccBankid.loapolicy=natToEidasNotifiedMapping
+#idp.ccBankid.consent=true
+#idp.ccBankid.deriveDob=true
+#idp.ccBankid.index=3
+
+#idp.ccTelia.entityid=https://eid.identityhub.se/demo/teliabrowserplugin/
+#idp.ccTelia.name.sv=Telia
+#dp.ccTelia.name.en=Telia
+#idp.ccTelia.logo.uri=img/disco/telia_min_logo.png
+#idp.ccTelia.logo.height=89
+#idp.ccTelia.logo.width=86
+#idp.ccTelia.loapolicy=natToEidasNotifiedMapping
+#idp.ccTelia.consent=true
+#idp.ccTelia.deriveDob=true
+#idp.ccTelia.index=4

eidas-qa-proxy/overlay/opt/se/cfg/img/idp-logo-notext.svg

@@ -0,0 +1,9 @@
+<svg width="256" height="256" viewBox="0 0 256 256" fill="none" xmlns="http://www.w3.org/2000/svg">
+<rect x="64" width="64" height="64" fill="#CD7A6E"/>
+<rect x="128" y="64" width="64" height="64" fill="#695F59"/>
+<rect x="192" y="64" width="64" height="64" fill="#B4AFAC"/>
+<path d="M0 128H64V192H0V128Z" fill="#5A6751"/>
+<rect x="64" y="128" width="64" height="64" fill="#ACB3A8"/>
+<rect x="192" y="128" width="64" height="64" fill="#F4E0CE"/>
+<rect x="128" y="192" width="64" height="64" fill="#D59151"/>
+</svg>

eidas-qa-proxy/overlay/opt/se/cfg/img/sweden-connect-color-yellow-on-blue-no-text.svg

@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 143.44 143.44"><defs><style>.cls-1{fill:#005293;}.cls-2{fill:#fecb00;}</style></defs><title>yellow-on-blue</title><g id="Layer_2" data-name="Layer 2"><g id="svg4704"><g id="layer1"><g id="g12"><g id="g14"><g id="g20"><path id="path22" class="cls-1" d="M143.44,71.72A71.72,71.72,0,1,1,71.72,0a71.72,71.72,0,0,1,71.72,71.72"/></g><g id="g4512"><g id="g24"><path id="path26" class="cls-2" d="M103.24,36a19.41,19.41,0,0,0-9.07-12.35A19.43,19.43,0,0,0,79.1,20.92c-4.89,1.06-9.3,4.74-12.3,9.54L53,52.51l-2,3.25q-4.5,7.2-2.62,14.56a17.19,17.19,0,0,0,1.48,4l8.91-14.25.08-.15,1.73-2.76h0l13.74-22a12.94,12.94,0,0,1,7.26-6c2.89-.85,5.52-.18,8.2,1.5s4.43,3.74,4.93,6.71a12.61,12.61,0,0,1-2.07,9.21L91.2,48.91h0l-14,22.47A12.12,12.12,0,0,1,70,77.1a9.91,9.91,0,0,1-2.19.4L63.15,85a17.75,17.75,0,0,0,9.36.39q7.32-1.61,11.83-8.8l14.4-23,1.42-2.26c3-4.8,4.34-10.4,3.08-15.31"/></g><g id="g28"><path id="path30" class="cls-2" d="M95.08,73.12a18,18,0,0,0-1.47-4L84.7,83.37a1.19,1.19,0,0,0-.09.15l-1.72,2.75h0l-13.74,22a12.92,12.92,0,0,1-7.26,6c-2.88.85-5.51.18-8.2-1.49S49.26,109,48.75,106a12.7,12.7,0,0,1,2.08-9.22l1.41-2.26h0L66.29,72.06a12.22,12.22,0,0,1,7.11-5.72,10.12,10.12,0,0,1,2.19-.4l4.7-7.52A17.52,17.52,0,0,0,70.94,58q-7.34,1.59-11.84,8.8l-14.4,23-1.41,2.26c-3,4.8-4.34,10.4-3.09,15.3a19.46,19.46,0,0,0,9.07,12.35,19.4,19.4,0,0,0,15.07,2.75c4.89-1.07,9.3-4.75,12.31-9.55l13.78-22h0l2-3.26q4.5-7.2,2.62-14.56"/></g></g></g></g></g></g></g></svg>

eidas-qa-proxy/overlay/opt/se/cfg/img/sweden-connect-color-yellow-on-blue.svg

@@ -0,0 +1,123 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<svg
+   xmlns:dc="http://purl.org/dc/elements/1.1/"
+   xmlns:cc="http://creativecommons.org/ns#"
+   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+   xmlns:svg="http://www.w3.org/2000/svg"
+   xmlns="http://www.w3.org/2000/svg"
+   width="144.05821mm"
+   height="50.603855mm"
+   viewBox="0 0 144.05821 50.603855"
+   version="1.1"
+   id="svg4704">
+  <defs
+     id="defs4698">
+    <clipPath
+       clipPathUnits="userSpaceOnUse"
+       id="clipPath18">
+      <path
+         d="M 0,841.89 H 595.276 V 0 H 0 Z"
+         id="path16" />
+    </clipPath>
+  </defs>
+  <metadata
+     id="metadata4701">
+    <rdf:RDF>
+      <cc:Work
+         rdf:about="">
+        <dc:format>image/svg+xml</dc:format>
+        <dc:type
+           rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+        <dc:title></dc:title>
+      </cc:Work>
+    </rdf:RDF>
+  </metadata>
+  <g
+     id="layer1"
+     transform="translate(24.588779,-125.61458)">
+    <g
+       transform="matrix(0.35277777,0,0,-0.35277777,-54.304485,377.18468)"
+       id="g12">
+      <g
+         id="g14"
+         clip-path="url(#clipPath18)">
+        <g
+           style="fill:#005293;fill-opacity:1"
+           id="g20"
+           transform="translate(227.6775,641.3901)">
+          <path
+             d="m 0,0 c 0,-39.611 -32.111,-71.722 -71.723,-71.722 -39.61,0 -71.721,32.111 -71.721,71.722 0,39.611 32.111,71.722 71.721,71.722 C -32.111,71.722 0,39.611 0,0"
+             style="fill:#005293;fill-opacity:1;fill-rule:nonzero;stroke:none"
+             id="path22" />
+        </g>
+        <g
+           style="fill:#fecb00;fill-opacity:1"
+           id="g4512">
+          <g
+             transform="translate(187.4744,677.1006)"
+             id="g24"
+             style="fill:#fecb00;fill-opacity:1">
+            <path
+               id="path26"
+               style="fill:#fecb00;fill-opacity:1;fill-rule:nonzero;stroke:none"
+               d="m 0,0 c -1.135,4.931 -4.053,9.215 -9.067,12.349 -5.011,3.133 -10.144,3.886 -15.076,2.747 -4.888,-1.067 -9.296,-4.745 -12.301,-9.545 l -13.781,-22.047 -2.033,-3.252 c -2.999,-4.8 -3.875,-9.655 -2.619,-14.562 0.325,-1.414 0.829,-2.746 1.474,-4.013 l 8.91,14.259 c 0.03,0.049 0.055,0.099 0.085,0.148 l 1.723,2.757 0.003,-0.002 13.739,21.976 c 1.896,3.036 4.422,5.19 7.263,5.966 2.886,0.849 5.516,0.18 8.198,-1.496 2.683,-1.679 4.428,-3.745 4.933,-6.712 0.615,-2.941 -0.175,-6.179 -2.075,-9.215 l -1.413,-2.261 -0.003,0.002 -14.049,-22.472 c -1.895,-3.036 -4.266,-4.941 -7.108,-5.718 -0.737,-0.217 -1.467,-0.348 -2.192,-0.4 l -4.701,-7.523 c 3.135,-0.975 6.254,-1.108 9.356,-0.391 4.888,1.067 8.832,4.001 11.838,8.801 l 14.399,23.039 1.413,2.26 C -0.085,-10.505 1.256,-4.907 0,0" />
+          </g>
+          <g
+             transform="translate(179.3132,639.9888)"
+             id="g28"
+             style="fill:#fecb00;fill-opacity:1">
+            <path
+               id="path30"
+               style="fill:#fecb00;fill-opacity:1;fill-rule:nonzero;stroke:none"
+               d="m 0,0 c -0.325,1.415 -0.829,2.747 -1.474,4.014 l -8.91,-14.259 c -0.031,-0.049 -0.054,-0.099 -0.086,-0.149 l -1.722,-2.756 -0.003,0.002 -13.74,-21.977 c -1.896,-3.036 -4.421,-5.189 -7.262,-5.965 -2.886,-0.849 -5.517,-0.181 -8.199,1.496 -2.682,1.679 -4.427,3.745 -4.932,6.712 -0.616,2.94 0.175,6.179 2.075,9.215 l 1.413,2.261 0.003,-0.002 14.049,22.472 c 1.896,3.036 4.267,4.941 7.107,5.717 0.739,0.218 1.468,0.349 2.193,0.4 l 4.701,7.524 c -3.135,0.975 -6.254,1.108 -9.356,0.391 -4.888,-1.067 -8.833,-4.001 -11.836,-8.801 l -14.401,-23.039 -1.413,-2.26 c -2.999,-4.8 -4.341,-10.398 -3.085,-15.305 1.135,-4.931 4.054,-9.215 9.068,-12.349 5.011,-3.134 10.143,-3.886 15.075,-2.747 4.888,1.067 9.298,4.745 12.302,9.545 l 13.781,22.047 h -10e-4 l 2.033,3.252 C 0.38,-9.761 1.256,-4.906 0,0" />
+          </g>
+        </g>
+      </g>
+    </g>
+    <g
+       aria-label="sweden  connect "
+       transform="matrix(0.35277777,0,0,0.35277777,33.672222,149.40426)"
+       style="font-variant:normal;font-weight:500;font-stretch:normal;font-size:67.91529846px;font-family:'Lab Grotesque Medium';-inkscape-font-specification:LabGrotesque-Medium;writing-mode:lr-tb;fill:#000000;fill-opacity:1;fill-rule:nonzero;stroke:none"
+       id="text36">
+      <path
+         d="m 16.639248,-35.180125 c -8.6252428,0 -13.7868055,4.550325 -13.7868055,10.458956 0,5.840716 3.1241038,8.081921 12.4964145,10.187295 5.093648,1.086645 8.896905,1.833713 8.896905,5.0936475 0,2.7845273 -2.920358,4.4144944 -6.723615,4.4144944 -4.074918,0 -6.92736,-1.0866448 -11.9530925,-5.2294779 l -4.3465791,4.8899014 c 5.5011391,4.82198621 9.9835486,6.3840381 16.1638406,6.3840381 8.828989,0 14.194298,-4.4824097 14.194298,-10.9343631 0,-6.1802924 -3.939088,-8.6252424 -13.107653,-10.6627014 -5.976546,-1.358306 -8.4894121,-1.833713 -8.4894121,-4.414495 0,-2.377035 2.5128661,-4.142833 6.5198691,-4.142833 3.59951,0 6.180292,0.814984 10.458955,4.074918 l 4.074918,-4.957817 c -4.75407,-3.803257 -8.761073,-5.161563 -14.398043,-5.161563 z"
+         id="path4639" />
+      <path
+         d="m 76.065136,-34.09348 -3.056189,11.885177 c -1.494136,5.908631 -2.648696,11.138109 -3.531595,15.620519 -1.01873,-4.48241 -2.241205,-9.711888 -3.803257,-15.620519 L 62.414161,-34.09348 h -6.995276 l -3.192019,11.885177 C 50.73273,-16.367587 49.442339,-11.206024 48.423609,-6.7236145 47.54071,-11.206024 46.38615,-16.367587 44.892014,-22.208303 L 41.903741,-34.09348 H 34.025566 L 43.601623,0 h 8.896904 l 2.716612,-9.9835489 c 1.562052,-5.9086311 2.648697,-10.7306171 3.599511,-14.8055351 0.882899,4.074918 2.037459,8.896904 3.667426,14.8055351 L 65.266603,0 h 8.96482 l 9.508142,-34.09348 z"
+         id="path4641" />
+      <path
+         d="m 114.23353,-10.391041 c -4.07492,3.6674265 -6.45195,5.0936477 -10.59478,5.0936477 -6.587789,0 -9.711892,-4.4824097 -10.255215,-10.0514637 h 24.992835 c 0.0679,-0.679153 0.13583,-2.17329 0.13583,-3.056189 0,-10.323125 -5.56906,-16.775079 -15.68844,-16.775079 -10.391039,0 -16.775077,7.674429 -16.775077,18.337131 0,10.7985324 6.655699,17.8617235 17.454227,17.8617235 5.50114,0 10.05147,-1.69788248 15.0772,-6.8594452 z m -11.61351,-18.880453 c 5.22947,0 8.28566,3.32785 8.55732,8.489413 H 93.587281 c 0.950814,-5.229478 4.007003,-8.489413 9.032739,-8.489413 z"
+         id="path4643" />
+      <path
+         d="m 149.90265,-48.219862 v 18.133385 c -2.30912,-3.192019 -5.77281,-4.957817 -10.66271,-4.957817 -8.62524,0 -15.14511,7.063191 -15.14511,17.997554 0,10.9343631 6.38404,17.99755418 15.0772,17.99755418 5.29739,0 8.96482,-2.17328958 11.27394,-5.90863098 V 0 h 6.92736 v -48.219862 z m -9.23649,42.7866381 c -5.50113,0 -8.96481,-4.6182401 -8.96481,-11.6135161 0,-6.995276 3.66742,-11.545601 9.03273,-11.545601 5.36531,0 9.44023,4.210749 9.44023,11.545601 0,7.266937 -3.93909,11.6135161 -9.50815,11.6135161 z"
+         id="path4645" />
+      <path
+         d="m 192.62138,-10.391041 c -4.07492,3.6674265 -6.45195,5.0936477 -10.59479,5.0936477 -6.58778,0 -9.71188,-4.4824097 -10.25521,-10.0514637 h 24.99283 c 0.0679,-0.679153 0.13583,-2.17329 0.13583,-3.056189 0,-10.323125 -5.56905,-16.775079 -15.68843,-16.775079 -10.39104,0 -16.77508,7.674429 -16.77508,18.337131 0,10.7985324 6.6557,17.8617235 17.45423,17.8617235 5.50114,0 10.05147,-1.69788248 15.0772,-6.8594452 z m -11.61352,-18.880453 c 5.22948,0 8.28567,3.32785 8.55733,8.489413 h -17.59006 c 0.95081,-5.229478 4.007,-8.489413 9.03273,-8.489413 z"
+         id="path4647" />
+      <path
+         d="m 221.66875,-35.180125 c -4.68616,0 -8.35358,1.901629 -10.52687,5.229478 v -4.142833 h -6.92736 V 0 h 7.47068 v -20.849997 c 0,-4.61824 3.25993,-7.94609 7.67443,-7.94609 4.55032,0 7.06319,2.716612 7.06319,7.742344 V 0 h 7.47068 v -23.362863 c 0,-6.723614 -4.14283,-11.817262 -12.22475,-11.817262 z"
+         id="path4649" />
+      <path
+         d="m 26.486966,24.856999 4.754071,-4.61824 C 26.826543,15.416773 22.68371,13.786806 17.18257,13.786806 c -10.0514638,0 -17.11465483,6.995276 -17.11465483,18.133384 0,11.070194 6.85944513,18.06547 17.04673983,18.06547 5.7728,0 9.983549,-1.765798 14.669705,-7.674429 l -4.957817,-4.142833 c -3.735342,4.074918 -6.180292,5.433224 -9.643973,5.433224 -6.316122,0 -9.5081414,-5.433224 -9.5081414,-11.681432 0,-6.248207 3.1920194,-11.817261 9.5081414,-11.817261 2.920358,0 5.433224,0.882898 9.304396,4.75407 z"
+         id="path4651" />
+      <path
+         d="m 52.362696,13.786806 c -10.25521,0 -17.386317,7.334852 -17.386317,18.133384 0,10.730618 7.131107,18.06547 17.386317,18.06547 10.119379,0 17.318401,-7.334852 17.318401,-18.06547 0,-10.798532 -7.199022,-18.133384 -17.318401,-18.133384 z m 0,6.316123 c 5.840715,0 9.711887,4.686155 9.711887,11.817261 0,7.063192 -3.871172,11.749347 -9.711887,11.749347 -5.976546,0 -9.779803,-4.686155 -9.779803,-11.749347 0,-7.131106 3.803257,-11.817261 9.779803,-11.817261 z"
+         id="path4653" />
+      <path
+         d="m 93.315623,13.786806 c -4.686156,0 -8.353582,1.901628 -10.526872,5.229478 v -4.142833 h -6.92736 V 48.96693 h 7.470683 V 28.116934 c 0,-4.618241 3.259934,-7.94609 7.674428,-7.94609 4.550325,0 7.063191,2.716612 7.063191,7.742344 V 48.96693 h 7.470687 V 25.604068 c 0,-6.723615 -4.14284,-11.817262 -12.224757,-11.817262 z"
+         id="path4655" />
+      <path
+         d="m 131.34819,13.786806 c -4.68615,0 -8.35358,1.901628 -10.52687,5.229478 v -4.142833 h -6.92736 V 48.96693 h 7.47068 V 28.116934 c 0,-4.618241 3.25994,-7.94609 7.67443,-7.94609 4.55033,0 7.06319,2.716612 7.06319,7.742344 V 48.96693 h 7.47069 V 25.604068 c 0,-6.723615 -4.14284,-11.817262 -12.22476,-11.817262 z"
+         id="path4657" />
+      <path
+         d="m 178.35916,38.57589 c -4.07492,3.667426 -6.45196,5.093647 -10.59479,5.093647 -6.58778,0 -9.71189,-4.48241 -10.25521,-10.051464 h 24.99283 c 0.0679,-0.679153 0.13583,-2.17329 0.13583,-3.056188 0,-10.323126 -5.56905,-16.775079 -15.68843,-16.775079 -10.39104,0 -16.77508,7.674429 -16.77508,18.33713 0,10.798533 6.6557,17.861724 17.45423,17.861724 5.50114,0 10.05146,-1.697883 15.0772,-6.859445 z M 166.74564,19.695437 c 5.22948,0 8.28567,3.327849 8.55733,8.489412 h -17.59006 c 0.95081,-5.229478 4.007,-8.489412 9.03273,-8.489412 z"
+         id="path4659" />
+      <path
+         d="m 214.13694,24.856999 4.75407,-4.61824 c -4.41449,-4.821986 -8.55733,-6.451953 -14.05847,-6.451953 -10.05146,0 -17.11465,6.995276 -17.11465,18.133384 0,11.070194 6.85944,18.06547 17.04674,18.06547 5.7728,0 9.98355,-1.765798 14.6697,-7.674429 l -4.95781,-4.142833 c -3.73535,4.074918 -6.1803,5.433224 -9.64398,5.433224 -6.31612,0 -9.50814,-5.433224 -9.50814,-11.681432 0,-6.248207 3.19202,-11.817261 9.50814,-11.817261 2.92036,0 5.43323,0.882898 9.3044,4.75407 z"
+         id="path4661" />
+      <path
+         d="m 242.25388,42.514977 c -2.24121,0.611238 -3.39577,0.747068 -4.55033,0.747068 -2.51287,0 -3.66743,-0.950814 -3.66743,-3.59951 V 20.51042 h 8.62525 v -5.636969 h -8.62525 V 6.8711723 h -7.47068 v 8.0022787 h -6.18029 v 5.636969 h 6.18029 v 20.035013 c 0,5.908631 2.51287,9.168566 9.3044,9.168566 2.10537,0 4.55032,-0.339577 7.33485,-1.290391 z"
+         id="path4663" />
+    </g>
+  </g>
+</svg>

eidas-qa-proxy/overlay/opt/se/cfg/infotext.md

@@ -0,0 +1,38 @@
+### Proxy Service
+
+This is the Swedish proxy service of the Swedish eIDAS Pilot
+
+- Application ID: **${proxy-service.applicationId}**
+- Supported eIDAS protocol versions: **${proxy-service.eidasVersions}**
+
+**Relevant resources:**
+<table class="table table-striped table-links table-responsive">
+
+<tr><td>Sweden Connect Home Page</td>
+<td><a href="https://swedenconnect.se">https://swedenconnect.se</a></td></tr>
+
+<tr><td>eIDAS Proxy Service Metadata</td>
+<td><a href="ServiceMetadata">${proxy-service.domain.prefix}/ServiceMetadata</a></td></tr>
+
+<tr><td>National SP Metadata</td>
+<td><a href="nat-metadata">${proxy-service.domain.prefix}/nat-metadata</a></td></tr>
+
+<tr><td>Private Sector SP Metadata</td>
+<td><a href="nat-metadata${proxy-service.private-sp.suffix}">${proxy-service.domain.prefix}/nat-metadata${proxy-service.private-sp.suffix}</a></td></tr>
+
+
+</table>
+
+**Metadata validation certificate:**
+<div style="margin-left:20px; font-size:small">
+
+
+```
+${proxy.service.metadata.cert}
+```
+</div>
+
+**Developers:**
+
+>Stefan Santesson  <a href="mailto:stefan@aaa-sec.com"><stefan@aaa-sec.com></a><br/>
+>Martin Lindström  <a href="mailto:martin.lindstrom@litsec.se"><martin.lindstrom@litsec.se></a>

eidas-qa-proxy/overlay/opt/se/cfg/metadata.crt

@@ -0,0 +1,30 @@
+-----BEGIN CERTIFICATE-----
+MIIFIjCCAwoCCQCVO3v9xSA+FDANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJT
+RTEnMCUGA1UECgweU3dlZGlzaCBFLWlkZW50aWZpY2F0aW9uIEJvYXJkMRswGQYD
+VQQDDBJRQSBNZXRhZGF0YSBTaWduZXIwHhcNMTcxMjE5MTIyMDI1WhcNMjcxMjE3
+MTIyMDI1WjBTMQswCQYDVQQGEwJTRTEnMCUGA1UECgweU3dlZGlzaCBFLWlkZW50
+aWZpY2F0aW9uIEJvYXJkMRswGQYDVQQDDBJRQSBNZXRhZGF0YSBTaWduZXIwggIi
+MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDYzcmlNTMkBzIYUXxT13zNMakh
+xR9BO1Qnlt2euUNdvL8FhgiNo+2AJDxFWts8nsg9Jam15F38nTqRMt4r1zFHYFJ5
+22h8urckpwvFVu/kjQrY8pztLE/pPvGXLPlySDkiRifCGibXuACngZx5chCwNs2h
+2OoMgKH7d5aZmUcB2mIc/Ybd98W9jtch1gh5/QM0aJsYnDTYuB840YGwHXCyiBUf
+1teUT9bJ/Y90OSXBdib9kuOmtQNMTYtyX8FAodYXVx8ibXNDfhdGaBJh+2J4lFTA
+DQQ1tM1YigZyvBuslBcuLDfZce0OaWPYPAf8PE8voxJhGkA026GGNjXP/9nRK146
+bkN4nd/Aa6842aYEOjjcDAl43tjHKZBu0+pnq/2GRiN7Dw4Y+Td/2y8PqD/W87CV
+ttrU6yniSMr7Y1+TfzzESSVPXs+csyatH9MJ2IA184Oh7TL6tPh5N96ugh7s85pN
+zswG+Gouw1BVCfqpSJmmNMheEOr6igOYQ0LY5aOooLoqET9gu0ks9cixjANFhnhE
+vRVkMfbnFVAnvXQEWPQY5NgqO4b0Z65ey011L+slNo6EIiw0FkznAwER0aYzrM2r
+hs/hJAAbjnxEhgMKN9bdoXpnrAehwbTOTipOWwrdcd3IKNdDEyFY15j5rGgyIBcK
+8gNnvGJLKcaC4vBd1QIDAQABMA0GCSqGSIb3DQEBCwUAA4ICAQBuws48HrfwW/Eq
+WN4+VSZ1cMgkp/mgqyyDdXoCPUf5o7ro17oDSocmpdQypiCr6M88MACBX8cqKmie
+kIyptrzp1x2seo8rTJpno97dt3hSwbe6+SbRh2bjDpDzL2ecrtv/GXjR41b2CbMO
+wu4WTgiFhWmKGNDNcEem37VUpKEYe7u/ucie71AQi49jM0rJ5uSVdBONKj3iAH5d
+mckw2nt6HKMJ0S+ckM/aq+m8ACgAyYmMr74Yt6wcpl/NORtIxaGUeT7Z8rN7TUmk
+gP9scbYF16xJJkxtylnK2BrSwSFOIuB5KJo2xxhuMffxEgdy4711TfwMCUaTPKmF
+dlYzPKeBaYzWFU42jcVsiQz4mSqgvS2dS8nZpYe2K0zHIzKwytn+HQ36KhRRDAVR
+7aKH9S8FZJXC6wqXFdEwwZujkGhu/BxgfjGkde8qOQMUwHboX9+aflQ9okB1Tha6
+xVB1kG86WdgJLmrsfqaX1FVyO761ZXYHTuoAZ0iuzIRhteUksfRZchnKpUX0fF1i
+yB9M0E6JfqvFeVfLlo8c2FI4MUYFWgqciizaXSfw0waMFdX5+U33eXr1RWF0POZX
+JERf83JkjVLanESP9/U9nsZYgIiSX88PahYtuSZLhqamzzFvK+wuVcNKark8s1kS
+2d8EIOY6h4jmS2ds9ORaavkV/xxTAA==
+-----END CERTIFICATE-----

eidas-qa-proxy/overlay/opt/se/cfg/natsp-metadata.properties

@@ -0,0 +1,25 @@
+#EntityID of the n
+natsp.entityId=${proxy-service.domain.prefix}/nat-ps-sp
+natsp.logos={\
+  '${proxy-service.domain.prefix}/image/logo.svg':'60,171',\
+  '${proxy-service.domain.prefix}/image/icon.svg':'32,32'\
+  }
+natsp.displayNames={\
+  en:'Sweden Connect – Cross-border Digital Identification',\
+  sv:'Sveriges internationella nod för e-legitimering'\
+  }
+natsp.descriptions={\
+  en:'Test service for the Swedish eIDAS Pilot New Local',\
+  sv:'Testtjänst för Svenska eIDAS piloten'\
+  }
+natsp.assertionConsumerServices={\
+  'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST':'${proxy-service.domain.prefix}/assertionconsumer'\
+  }
+natsp.nameIDFormats=\
+  urn:oasis:names:tc:SAML:2.0:nameid-format:persistent,\
+  urn:oasis:names:tc:SAML:2.0:nameid-format:transient
+natsp.entityCategories=\
+  http://id.elegnamnden.se/ec/1.0/loa3-pnr,\
+  http://id.elegnamnden.se/ec/1.0/eidas-pnr-delivery
+
+

eidas-qa-proxy/overlay/opt/se/cfg/oidc-rp.properties

@@ -0,0 +1,23 @@
+oidc-enabled=true
+
+# OIDC client metadata
+client-metadata.client-key[0].alias=oidc-rp
+client-metadata.client-key[0].key-store-location=file://${proxy-service.path.prefix}/keystore/oidc-rp.jks
+client-metadata.client-key[0].password=S3cr3t
+client-metadata.client-key[0].supported-jws-algos=PS256, RS256
+client-metadata.preferred-userinfo-signed-response-algs=ES256,PS256,RS256
+client-metadata.redirect-uris[0]=${proxy-service.domain.prefix}/oidc/return
+client-metadata.redirect-uris[1]=https://qa.proxy.eidas.swedenconnect.se/oidc/return
+client-metadata.subject-type=pairwise
+client-metadata.default-acr-values=http://id.elegnamnden.se/loa/1.0/loa3
+
+# OIDC config
+oidc-config.op.bid-op.client-id=swedenconnectqa
+oidc-config.op.bid-op.op-metadata-location=file://${proxy-service.path.prefix}/metadata/oidc/bid-op-metadata.json
+oidc-config.op.bid-op.op-jwks-metadata-location=file://${proxy-service.path.prefix}/metadata/oidc/bid-op-jwks.json
+oidc-config.return-url=${proxy-service.domain.prefix}/oidc/return
+
+# User messages
+user-message.default.sv=Sveriges internationella nod för e-legitimering
+user-message.default.en=Sweden Connect - Cross-border Digital Identification
+

eidas-qa-proxy/overlay/opt/se/cfg/psidp-metadata.properties

@@ -0,0 +1,34 @@
+psmd.gen.entityID=${proxy-service.domain.prefix}/ServiceMetadata
+# Protocol version is the supported eIDAS protocol version. A coma separated list of versions may be provided if more than one are supported.
+psmd.gen.supportedProtocolVersions=1.1,1.2
+# Application ID prefix MUST have the format {provider name}:{application ID}:  e.g. "SE-eidas:proxy-service:"
+psmd.gen.applicationIdPrefix=SE:proxy-service:
+psmd.ext.supportedEncAlgos=\
+  http://www.w3.org/2009/xmlenc11#aes128-gcm,\
+  http://www.w3.org/2009/xmlenc11#aes192-gcm,\
+  http://www.w3.org/2009/xmlenc11#aes256-gcm
+psmd.ext.supportedSigAlgorithms=\
+  http://www.w3.org/2001/04/xmldsig-more#rsa-sha512,\
+  http://www.w3.org/2001/04/xmldsig-more#rsa-sha256,\
+  http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256
+psmd.ext.supportedDigestAlgorithms=\
+  http://www.w3.org/2001/04/xmldsig-more#sha384,\
+  http://www.w3.org/2001/04/xmlenc#sha512,\
+  http://www.w3.org/2001/04/xmlenc#sha256
+psmd.idp.nameIDFormats=\
+  urn:oasis:names:tc:SAML:2.0:nameid-format:persistent,\
+  urn:oasis:names:tc:SAML:2.0:nameid-format:transient,\
+  urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
+psmd.idp.ssoList={'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST':'${proxy-service.domain.prefix}/ColleagueRequest'}
+psmd.idp.supportedAttributes=\
+  http://eidas.europa.eu/attributes/naturalperson/CurrentFamilyName,\
+  http://eidas.europa.eu/attributes/naturalperson/CurrentGivenName,\
+  http://eidas.europa.eu/attributes/naturalperson/DateOfBirth,\
+  http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier,\
+  http://eidas.europa.eu/attributes/naturalperson/Gender
+psmd.idp.assuranceCertifications=\
+  http://eidas.europa.eu/LoA/substantial,\
+  http://eidas.europa.eu/LoA/low,\
+  http://eidas.europa.eu/NotNotified/LoA/substantial
+psmd.idp.termsofaccessRequesterId=false
+psmd.gen.supportedProtocolVersions=1.2,1.3,1.4

eidas-qa-proxy/overlay/opt/se/cfg/se-metadata-cert.crt

@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICyzCCAbMCBgFEwQFDRDANBgkqhkiG9w0BAQUFADApMScwJQYDVQQDDB5Td2VkaXNoIEUtaWRl
+bnRpZmljYXRpb24gYm9hcmQwHhcNMTQwMzE0MTIzMTI5WhcNMTkwMzE0MTQzMTI5WjApMScwJQYD
+VQQDDB5Td2VkaXNoIEUtaWRlbnRpZmljYXRpb24gYm9hcmQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQCGxrPbCuZYeMZniwOAIO1MiQjGD3LIfaLBddNucsAVrxpYW7bYMwzvgL2Gp4yV
+6IyAx5kUgHPjEkEEIjH+NhxYdChD8iWBkLuaOkxyYNXFjFQ3APk5kqP+BB+fP8peWlKGX6S2mfcB
+7eObDQqb28osfXE+bak4X2rNf5i+Yx9VdXBpRhDxk7umDdWTSJlc+ZCxWUt3ldc58/sXIgAzVWk4
+9A3GIvOHlBVgm/5g3yzU9HnxD1fyOKT+NkF5J9mjM0x8Qg9K/Zep3n1xmb8kZ/vcRxv+AounGDd7
+w/QWW84sPegySHqm5GkLSgwB63nJZr5wS+qoT9sTooCM0AhBhY1FAgMBAAEwDQYJKoZIhvcNAQEF
+BQADggEBAESqy6GrAEbL/blJQxDb/LCCW4y3KAAs/pqvR4SQMP0rvVe5FJiUJsE/6DEhk+cl0N+o
+5e8/NusIUD7f6vKSYTHgCodSeDYGdrkRrOucDBWgIlYVsR3yTb/za3AlgiTW6eGGqiY6SeEzXNTM
+5o0GpoZbknQZEK/xCJLtMAU6oX7pDBLahtYeJAJJNFVjtPKsERr2Ob2ni9XW8+fxyjv0v2gmlQvW
+i6VnpD6VJ3nwAFDsGHBgzli32YBd62rukqyiqvC595LNg0Dg4fyv1ZuOiqajWSd3x8JI6bS01QvY
+3fNKY84wMQXpRq9C3zRtpPKmh22W6mcQvh1uN3qNaIEEklE=
+-----END CERTIFICATE-----

eidas-qa-proxy/overlay/opt/se/cfg/syslog.properties

@@ -0,0 +1,16 @@
+# Parameters:
+# - host           : Arrray of hostname or IP adresses separated by comma.
+# - port           : TCP or UDP port
+# - protocol       : udp, tcp or ssl
+# - bsd            : Using message format RFC_3164 when set to true. Using RFC_5424 (UDP) or RFC_5425 (TCP) when false
+# - facility       : The syslog facility identifier (0-23)
+# - severity       : The syslog sverity code 0-7
+# - clienthostname : Name of the sending client host
+# - clientapp      : Name of the sending client application
+
+syslog.1.host=log.qa.sveidas.se
+syslog.1.port=514
+syslog.1.protocol=udp
+syslog.1.bsd=false
+syslog.1.facility=19
+syslog.1.clientapp=eidas-proxy-service

eidas-qa-proxy/overlay/opt/se/metadata/oidc/bid-op-jwks.json

@@ -0,0 +1,21 @@
+{
+  "keys" : [ {
+    "kty" : "RSA",
+    "e" : "AQAB",
+    "use" : "sig",
+    "kid" : "FU06ji53d1xJVy4BhUXw3pWSe3SpDZwZdsetIL8qh1Q",
+    "n" : "gClrCXP5Ff9ON-Hfkqp9fZiK_OUWfz4ERWlKZUq54bswJml4oTywhLHdzIf2BK8oHMYUPzAM4uTmf2p37lkgsHHkZUCDbb5UT3TKHmbbtvRbJ7StWea9kmDXRcG0RW_FjfRbFNCrwuc1Z7gzILOXVGcE5nc1-WXSz-6XYAd84U562uTkbZIlolMSVXr_ZHkYAKNNGRyESfsU34kj3SXN9eJmooFUUGXRikskHEDE1otWC8Hds8DmnDcZXmH_MaioJGbJpK3OA6dpkeT5K55ygegO7ADkjWrbmuzPOhIHBovQGhMmkTJGCSJmwX82jZWgT8jEr8JgWc6dsSnPTg91NOqIFegiYyS-4UrlXOcf9h9OHftiPgysHqemAaFS_S_NYEWEcnKoPsPnE2dUxf7OjQuWESknjgqy8N6Jm4Y8srj5fE_4fXKV7ept8tsSFS2Fc3g4Wqpd4XYuiKUYeq8JDISf15jqWw4p129X1nRTskMKrF0FjhMCgWCJDOnD57one6sGsXz9toQ4AKJRjC2O0zylD0cFfmuWN1T5e4dGEiu5Q8nJEyXbQaiOneD1kC5x2pFIEUMuvZ2YRkbVLTzEieyOELbdwegMA6vkiU4IMLSUB3ondIz5IuqaLnp4T0OnWU-d9sdelw_liHA9n__188zrnktvSge5bf8B-SuhLsc"
+  }, {
+    "kty" : "RSA",
+    "e" : "AQAB",
+    "use" : "sig",
+    "kid" : "Cez4Zz2YANA6d9JfVFHzADqsWw_RWqdQ7_L1CPy7dFE",
+    "n" : "nu4CC39I0lwnm6qV1ZSb3lHqpOOiS5XOZGPnszxWqLCPU6K1eFjL62vO2pIN9EC5cKVbJMjSA9-XCJYlLufHm7C80INlyuBOzKYqS7WP6dKc3KX2jsTzvhJpPiBNxyUEm760YpiKB3cHAf7NNa_V0EGnWToTc_jbRTG8GZSgv8lCNNgpBFlJ0LcDTAlB8oau-yKNY4s5Ik3RktVy5IkhO2cXIFSpzYVB3N8I9RD_yeWMrzPv2j_GVHL4wSoaXIZbEz-LVw2VpbKBEzcO-SGSaXpbE58doW15kdj6EipuPxOQKH81Lmi-CTz3D91tQUPjTaACqe_M7_ny3I-gIomhlw"
+  }, {
+    "kty" : "RSA",
+    "e" : "AQAB",
+    "use" : "enc",
+    "kid" : "fF5EqLffTfFXPAoKlwS1m8FxE55jvrjTaAd7H_R41xs",
+    "n" : "yHQ9rcmfPjvHw1MGKb0X56nF5_s3b7FAtH_3XgZP71j_Qf3ez6Go_RuCob74oN-jlUdSNmilYda2w40uYB49J3ZbpIoH9GcPz6KC3qyZjg17Rk2m7_SnERNvZxjn_nd5uC-qfcpRXS2_I7Zu3VPg4TvjU8Zxe5Z6U9a0zmQoco0DLYMbt1mi707EkCjMooTILDKZR9uk_QWGBQKxwmMs8pNag0s9kLzWX1CD7bToWR1637wDv-NjSz3_kHkws0nLEWBYm0cmtXuU51R6OrcOif5Lh9j38P8MQUUC72dv8LwMgT_42DxAyZsbVXn5n-xwjeyVvtZVLfInU8rgdHXmcQ"
+  } ]
+}

eidas-qa-proxy/overlay/opt/se/metadata/oidc/bid-op-metadata.json

@@ -0,0 +1,35 @@
+{
+  "issuer" : "https://oidc.test.bankid.com",
+  "authorization_endpoint" : "https://oidc.test.bankid.com/authorize",
+  "token_endpoint" : "https://oidc.test.bankid.com/token",
+  "userinfo_endpoint" : "https://oidc.test.bankid.com/userinfo",
+  "jwks_uri" : "https://oidc.test.bankid.com/jwks",
+  "scopes_supported" : [ "openid", "profile", "https://id.oidc.se/scope/naturalPersonNumber", "https://id.oidc.se/scope/naturalPersonName", "https://id.oidc.se/scope/authnInfo", "https://id.oidc.se/scope/sign" ],
+  "response_types_supported" : [ "code" ],
+  "response_modes_supported" : [ "query" ],
+  "grant_types_supported" : [ "authorization_code" ],
+  "acr_values_supported" : [ "http://id.elegnamnden.se/loa/1.0/loa3" ],
+  "subject_types_supported" : [ "public", "pairwise" ],
+  "id_token_signing_alg_values_supported" : [ "RS256", "RS384", "RS512", "PS256", "PS384", "PS512" ],
+  "userinfo_signing_alg_values_supported" : [ "RS256", "RS384", "RS512", "PS256", "PS384", "PS512" ],
+  "request_object_signing_alg_values_supported" : [ "none", "RS256", "ES256", "PS256" ],
+  "request_object_encryption_alg_values_supported" : [ "RSA1_5", "RSA-OAEP", "RSA-OAEP-256" ],
+  "request_object_encryption_enc_values_supported" : [ "A128CBC-HS256", "A128GCM", "A192CBC-HS384", "A192GCM", "A256CBC-HS512", "A256GCM" ],
+  "token_endpoint_auth_methods_supported" : [ "client_secret_post", "client_secret_basic", "private_key_jwt" ],
+  "token_endpoint_auth_signing_alg_values_supported" : [ "RS256", "ES256", "PS256" ],
+  "display_values_supported" : [ "page", "popup", "touch", "wap" ],
+  "claim_types_supported" : [ "normal" ],
+  "claims_supported" : [ "sub", "name", "given_name", "family_name", "txn", "auth_time", "https://id.oidc.se/claim/personalIdentityNumber", "https://id.oidc.se/claim/userCertificate", "https://id.oidc.se/claim/userSignature", "https://id.oidc.se/claim/credentialValidFrom", "https://id.oidc.se/claim/credentialValidTo", "https://id.oidc.se/claim/deviceIp", "https://id.oidc.se/claim/authnEvidence", "https://id.oidc.se/claim/age" ],
+  "service_documentation" : "https://oidc.test.bankid.com/about",
+  "claims_parameter_supported" : true,
+  "request_parameter_supported" : true,
+  "request_uri_parameter_supported" : false,
+  "require_request_uri_registration" : false,
+  "op_policy_uri" : "https://oidc.test.bankid.com/about",
+  "op_tos_uri" : "https://oidc.test.bankid.com/about",
+  "introspection_endpoint" : "https://oidc.test.bankid.com/introspect",
+  "code_challenge_methods_supported" : [ "S256" ],
+  "https://id.oidc.se/disco/userMessageSupported" : true,
+  "https://id.oidc.se/disco/userMessageSupportedMimeTypes" : [ "text/plain", "text/markdown" ],
+  "https://id.oidc.se/disco/authnProviderSupported" : false
+}