Skip to content

Add CBP GOES production config #1518

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
zachmargolis merged 1 commit into from
Jun 30, 2017
Merged

Add CBP GOES production config #1518

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
45 changes: 45 additions & 0 deletions certs/sp/cbp_goes_prod.crt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
-----BEGIN CERTIFICATE-----
MIIH8DCCBtigAwIBAgIEWRoIeDANBgkqhkiG9w0BAQsFADCBhzELMAkGA1UEBhMC
VVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEoMCYGA1UECxMfRGVwYXJ0bWVu
dCBvZiBIb21lbGFuZCBTZWN1cml0eTEiMCAGA1UECxMZQ2VydGlmaWNhdGlvbiBB
dXRob3JpdGllczEQMA4GA1UECxMHREhTIENBNDAeFw0xNzA2MjQxNDQ2MTlaFw0y
MDA2MjQxNTE2MTlaMIGPMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zl
cm5tZW50MSgwJgYDVQQLEx9EZXBhcnRtZW50IG9mIEhvbWVsYW5kIFNlY3VyaXR5
MQwwCgYDVQQLEwNDQlAxEDAOBgNVBAsTB0RldmljZXMxHDAaBgNVBAMTE3R0cC1h
cHAuY2JwLmRocy5nb3YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP
ubSOea85FVVr9Adn+mez7LjuPBs3aeMCEK9gM9xnV2tGFJra1Mh9ef/jnnO2ANur
jtRovws/ea/k+J54ngIv7ZXCZGUvZZoOtyFqX7Mjnj8gFvIrFCVAD4a/FySSiGNo
Z7+X/ypX1rFb8CNFSi/SxU+zH61ZS0i+OAZ2xAk3Gv+OkZ4DHRHXsGJn8rCJ2O1N
c/OyKpBOpkS5EjTAPw3OqD/U8CU9Hl6QbK52ovxFLgtkHGWv37dLc0Qojwa8Lqaa
FAxjWPyND2oo4aDfGtu7YtbGk0zRf97QNvfoqjkGYAaUK0ozCTMKZEVuXknhDtvy
a6C26kDVYA8RUn9RtFjNAgMBAAGjggRYMIIEVDAOBgNVHQ8BAf8EBAMCBaAwFwYD
VR0gBBAwDjAMBgpghkgBZQMCAQMIMIIBGwYIKwYBBQUHAQEEggENMIIBCTA0Bggr
BgEFBQcwAoYoaHR0cDovL3BraS5kaW1jLmRocy5nb3YvZGhzY2FfZWVfYWlhLnA3
YzCBqgYIKwYBBQUHMAKGgZ1sZGFwOi8vbGRhcDAxLmRpbWMuZGhzLmdvdi9vdT1E
SFMlMjBDQTQsb3U9Q2VydGlmaWNhdGlvbiUyMEF1dGhvcml0aWVzLG91PURlcGFy
dG1lbnQlMjBvZiUyMEhvbWVsYW5kJTIwU2VjdXJpdHksbz1VLlMuJTIwR292ZXJu
bWVudCxjPVVTP2NBQ2VydGlmaWNhdGU7YmluYXJ5MCQGCCsGAQUFBzABhhhodHRw
Oi8vb2NzcC5kaW1jLmRocy5nb3YwEwYDVR0lBAwwCgYIKwYBBQUHAwEwggEBBgNV
HREEgfkwgfaCE3R0cC1hcHAuY2JwLmRocy5nb3aCGHR0cC1pbnRlcm5hbC5jYnAu
ZGhzLmdvdoIcdHRwLWludGVybmFsLWFwcC5jYnAuZGhzLmdvdoIZdHRwLXNjaGVk
dWxlci5jYnAuZGhzLmdvdoIddHRwLXNjaGVkdWxlci1hcHAuY2JwLmRocy5nb3aC
F3R0cC1jcmVkc3ZjLmNicC5kaHMuZ292ght0dHAtY3JlZHN2Yy1hcHAuY2JwLmRo
cy5nb3aCF3R0cC1hZHMtYXBwLmNicC5kaHMuZ292gh50dHAtc2FwYWRhcHRlci1h
cHAuY2JwLmRocy5nb3YwggGTBgNVHR8EggGKMIIBhjCCAVegggFToIIBT6SBnDCB
mTELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEoMCYGA1UE
CxMfRGVwYXJ0bWVudCBvZiBIb21lbGFuZCBTZWN1cml0eTEiMCAGA1UECxMZQ2Vy
dGlmaWNhdGlvbiBBdXRob3JpdGllczEQMA4GA1UECxMHREhTIENBNDEQMA4GA1UE
AxMHQ1JMNTM5MYaBrWxkYXA6Ly9sZGFwMDEuZGltYy5kaHMuZ292L2NuPUNSTDUz
OTEsb3U9REhTJTIwQ0E0LG91PUNlcnRpZmljYXRpb24lMjBBdXRob3JpdGllcyxv
dT1EZXBhcnRtZW50JTIwb2YlMjBIb21lbGFuZCUyMFNlY3VyaXR5LG89VS5TLiUy
MEdvdmVybm1lbnQsYz1VUz9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0MCmgJ6Al
hiNodHRwOi8vcGtpLmRpbWMuZGhzLmdvdi9ESFNfQ0EyLmNybDAfBgNVHSMEGDAW
gBR8w0pcuh82q4NRffTg5Q6QfxwTQTAdBgNVHQ4EFgQUIWVxsBQWw5oIGgPYwrvG
o7c35EowGQYJKoZIhvZ9B0EABAwwChsEVjguMQMCA6gwDQYJKoZIhvcNAQELBQAD
ggEBAG3uUeSo89FY4HcDGGhO9mBjXuk7HRHGLnY8fAdqJoT1gA/oTHoV/fgw8QZu
D3X9FLgpEjQz43iHFrv/ps2tYwgSKiiovoeYyb68s5X9NuG5kNnn0dGp1TjnNlGX
9lQSBr4CReaJpCtSAPbOtuZ+8b7MA7ODnMg/1u1qNKovIqMV6eIq5vrD/+MeSG61
+c+MI6Gita5j6J6lzZqqwtAltfMFetc1Qkl2tjqdpce9u60Ch7yuVR3Xh1SEhaAa
jRJsbOuqNAfC038A6ASv3nxGao8AYUHt2aR9chXApKfBzfx6VYW0462UPqzeRi5l
RCa8sud1bb1pFRJv8LWiqOC/9yw=
-----END CERTIFICATE-----
10 changes: 10 additions & 0 deletions config/service_providers.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -387,3 +387,13 @@ production:
cert: 'cbp_goes_pre_prod'
redirect_uris:
- 'http://10.156.152.27/login'

'urn:gov:dhs.cbp.jobs:openidconnect:aws-cbp-ttp':
agency: 'DHS'
allow_on_prod_chef_env: 'true'
block_encryption: 'aes256-cbc'
cert: 'cbp_goes_prod'
friendly_name: 'CBP Trusted Traveler Programs'
logo: 'cbp.png'
redirect_uris:
- 'https://ttp.cbp.dhs.gov'
Copy link
Copy Markdown
Contributor

@hursey013 hursey013 Jun 30, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this url resolve to a website, or is it just a callback url?

Copy link
Copy Markdown
Contributor Author

@zachmargolis zachmargolis Jun 30, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We use it to prefix-match callback URLs, and right now their app is deployed only inside of their network so the name doesn't resolve for us yet I think