Implement bankid in prod, SC-2563

This commit is contained in:
Patrik Holmqvist 2024-11-19 09:46:04 +01:00
parent 8e6949110d
commit c5ab1e56cf
Signed by: pahol
GPG key ID: 5D5B0D4E93F77273
7 changed files with 179 additions and 14 deletions

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

View file

@ -35,16 +35,18 @@ idp.freja.index=0
#idp.mobIdp.deriveDob=true
#idp.mobIdp.index=1
#idp.ccBankid.entityid=https://eid.identityhub.se/demo/bankid/
#idp.ccBankid.name.sv=BankID
#idp.ccBankid.name.en=BankID
#idp.ccBankid.logo.uri=img/disco/bankid_logo.png
#idp.ccBankid.logo.height=94
#idp.ccBankid.logo.width=100
#idp.ccBankid.loapolicy=natToEidasNotifiedMapping
#idp.ccBankid.consent=true
#idp.ccBankid.deriveDob=true
#idp.ccBankid.index=2
idp.bankid.entityid=https://oidc.bankid.com
idp.bankid.name.sv=BankID
idp.bankid.name.en=BankID
idp.bankid.logo.uri=https://www.bankid.com/assets/bankid/img/logo-bank-id.svg
idp.bankid.logo.height=150
idp.bankid.logo.width=159
idp.bankid.loapolicy=natToEidasNotifiedMapping
idp.bankid.consent=false
idp.bankid.deriveDob=false
idp.bankid.privateSpSupport=false
idp.bankid.index=2
idp.bankid.protocol=oidc
#idp.ccTelia.entityid=https://eid.identityhub.se/demo/teliabrowserplugin/
#idp.ccTelia.name.sv=Telia

View file

@ -1 +1,22 @@
oidc-enabled=false
oidc-enabled=true
# OIDC client metadata
client-metadata.client-key[0].alias=oidc-rp
client-metadata.client-key[0].key-store-location=file://${proxy-service.path.prefix}/keystore/oidc-rp.jks
client-metadata.client-key[0].password=S3cr3t
client-metadata.client-key[0].supported-jws-algos=PS256, RS256
client-metadata.preferred-userinfo-signed-response-algs=ES256,PS256,RS256
client-metadata.redirect-uris[0]=${proxy-service.domain.prefix}/oidc/return
client-metadata.redirect-uris[1]=https://proxy.eidas.swedenconnect.se/oidc/return
client-metadata.subject-type=pairwise
client-metadata.default-acr-values=http://id.elegnamnden.se/loa/1.0/loa3
# OIDC config
oidc-config.op.bid-op.client-id=swedenconnectprod
oidc-config.op.bid-op.op-metadata-location=file://${proxy-service.path.prefix}/metadata/oidc/bid-op-metadata.json
oidc-config.op.bid-op.op-jwks-metadata-location=file://${proxy-service.path.prefix}/metadata/oidc/bid-op-jwks.json
oidc-config.return-url=${proxy-service.domain.prefix}/oidc/return
# User messages
user-message.default.sv=Sveriges internationella nod för e-legitimering
user-message.default.en=Sweden Connect - Cross-border Digital Identification

View file

@ -0,0 +1,18 @@
{
"keys": [
{
"e": "AQAB",
"kid": "QjvwPyTk-Kw4DbFRI182_A8eE2FLiAvZ7-ToPVedjiU",
"kty": "RSA",
"n": "wfmqxHaOfkQ0FSkK0fvygcDwdk_HxS5YUPSQmzVdm7Cv2MZo2gt6XHhava318rNYb6IJMFsKdMzOb9IHIaUlFwqBebHnApshOXGm5q-tL8TXZQL4g8Dwn5aSlZmbQaCisCfOn1hA4CuYWhGFKHTNSsdN71hmlENis4_TGd4kKTOmGKSKhqC4A6gc09d0qawEnxqzrkmRvpD2y12I_2RKXsWpZ98vg6X2EZ1Ve-GcQYOK6IPNTa-AlLrBnO_u_UsvqupgCByspwchFqnYOPHc4lcP7Lo1aoSqeKoRXdya08VJBeTWhKMRY_OlPbwlatOyUILBY4ikeEg5D_CyqX67yPCVLUpYy07JXZgoBqeBuZcqjMmZCabcdkOYx-D1Uqqp9B5WwRgtRQNfocp99-kIbe5VZ_iilGgm1yqT3nzgg1ce2uubIlDyIuUW0p2KZImL15SyZI0BxJaKexful885BfL59dWSyxeK1Ek84NN-rZc7xEfyuRZ-j6v5fstMRxgOEhIaSmQzblKXa5Zzaiqr-Xf4HSGvH1jLcQVK1Z-4qFT9G3ij7fbrj4C8-QhBkFHcE0vhGegxhyNKxRUcgMT1oOmJcBppWeGdhI2rHa8jMd3FBQjEJeGLQf9DB1wTnyok-I-UDVMcap1CQwpeU6ys1gnEfDL1gCfh1DCPBWJYnoM",
"use": "sig"
},
{
"e": "AQAB",
"kid": "weSK9f5lBbyg9wRcX4MWcA2SOYfw8CKzBrnqqg57Tug",
"kty": "RSA",
"n": "pmPyVw5nbez_EPfVKWszpTw5DlZjN09hF0_2xSTT0hlTc3mMGRLXmu-X7nfUF_vnWRncjKQd5u4EHBNUm9mmSPywvzRebTEfRHYzuoylk91CqXYKK68yqY7vBkAGCA3P8YYZ_vBSlvv7jcuUyeIN_mvRCJqzB6AWZ2IQiBpq-HGUsrS6_qqKDG0-ru9oXf9xEQxXQe8cEbN3959fbfckRYDo5dR4DFfrZ3bCSLc3MuZIZYsKIiH_PEAWSqncffPkvFTn1tuCJa2gp7UK1VZ_nIEjqgsn7gTcJ2jQ6gTBfO_OTedZCshrk7elZQrKIVmi8QKea4ghJwpF5-4qvzlerXHnlZ6pqxiqamNqIC_WNqvoJzwsU6_ofOCh1cwf7_o6tFpyURFuknm7T4YzHrE_Dv7LCI6yBMImM-7waLm83bpXfSwVk1h3tF4CtVJ9W9CgJB_0O_z5u7Ri7HpQuBtjbORyJymolmds5AwH_kMkOAWc9-_YqcdyyjW7A8GFy2kGFPaW3R3yJbkKUScgld-_zKInL-N94ivi-YifoCO-K8iiw8n8ChnMTH_YnVIcDJ7n6f4HEEulLfSLh2yRX21pMmyLZLqhr7l9MuOx0FhH87fBies1bj6G_BDLb41HdoxUQhijOGwg2kw814OH_RPYFoSY0rydLxDALmRQJ44svhM",
"use": "enc"
}
]
}

View file

@ -0,0 +1,121 @@
{
"request_parameter_supported": true,
"request_object_signing_alg_values_supported": [
"none",
"RS256",
"ES256",
"PS256"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP"
],
"request_object_encryption_enc_values_supported": [
"A128CBC-HS256",
"A128GCM",
"A192CBC-HS384",
"A192GCM",
"A256CBC-HS512",
"A256GCM"
],
"token_endpoint": "https://oidc.bankid.com/token",
"request_uri_parameter_supported": false,
"token_endpoint_auth_methods_supported": [
"client_secret_post",
"client_secret_basic",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"RS256",
"ES256",
"PS256"
],
"subject_types_supported": [
"public",
"pairwise"
],
"claims_parameter_supported": true,
"jwks_uri": "https://oidc.bankid.com/jwks",
"id_token_signing_alg_values_supported": [
"RS256",
"RS384",
"RS512",
"PS256",
"PS384",
"PS512"
],
"authorization_endpoint": "https://oidc.bankid.com/authorize",
"require_request_uri_registration": false,
"introspection_endpoint": "https://oidc.bankid.com/introspect",
"service_documentation": "https://oidc.bankid.com/about",
"response_types_supported": [
"code"
],
"response_modes_supported": [
"query"
],
"grant_types_supported": [
"authorization_code"
],
"scopes_supported": [
"openid",
"profile",
"https://id.oidc.se/scope/naturalPersonNumber",
"https://id.oidc.se/scope/naturalPersonInfo",
"https://id.oidc.se/scope/sign",
"https://id.oidc.bankid.com/scope/authnInfo"
],
"acr_values_supported": [
"http://id.elegnamnden.se/loa/1.0/loa3"
],
"userinfo_endpoint": "https://oidc.bankid.com/userinfo",
"userinfo_signing_alg_values_supported": [
"RS256",
"RS384",
"RS512",
"PS256",
"PS384",
"PS512"
],
"op_tos_uri": "https://oidc.bankid.com/about",
"issuer": "https://oidc.bankid.com",
"op_policy_uri": "https://oidc.bankid.com/about",
"claim_types_supported": [
"normal"
],
"claims_supported": [
"sub",
"name",
"given_name",
"family_name",
"txn",
"auth_time",
"https://id.oidc.se/claim/personalIdentityNumber",
"https://id.oidc.se/claim/userCertificate",
"https://id.oidc.se/claim/userSignature",
"https://id.oidc.se/claim/credentialValidFrom",
"https://id.oidc.se/claim/credentialValidTo",
"https://id.oidc.se/claim/deviceIp",
"https://id.oidc.se/claim/authnEvidence",
"https://id.oidc.bankid.com/claim/age"
],
"display_values_supported": [
"page",
"popup",
"touch",
"wap"
],
"code_challenge_methods_supported": [
"S256"
],
"ui_locales_supported": [
"sv",
"en"
],
"https://id.oidc.se/disco/userMessageSupported": true,
"https://id.oidc.se/disco/userMessageSupportedMimeTypes": [
"text/plain",
"text/markdown"
],
"https://id.oidc.se/disco/authnProviderSupported": false
}