summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBjörn Mattsson <Bjorn.Mattsson@bth.se>2017-11-15 13:15:20 +0100
committerBjörn Mattsson <Bjorn.Mattsson@bth.se>2017-11-15 13:15:20 +0100
commit97c0df9e991602f5020c321f87164278af23022a (patch)
tree346030c0006a3e00aaa6e360bb57115f967a87fc
parent7937609f7e61032c9b07aceb048c5af6c736964f (diff)
Addes some more checks in Makefile. And fixed probles found by those checks.
-rw-r--r--Makefile18
-rw-r--r--swamid-2.0/lingon.ladok.umu.se-8087-re_nren_hei-sp.xml12
-rw-r--r--swamid-2.0/lingon.ladok.umu.se-8087-re_nren_sfs-sp.xml12
-rw-r--r--swamid-2.0/verify-l.myunidays.com-shibboleth.xml2
-rw-r--r--swamid-2.0/vfu-dev.su.se-shibboleth.sso.xml2
-rw-r--r--swamid-2.0/xenosmilus2.umdc.umu.se-8086-coc-sp.xml2
6 files changed, 24 insertions, 24 deletions
diff --git a/Makefile b/Makefile
index 0c0243eb..2b3e6887 100644
--- a/Makefile
+++ b/Makefile
@@ -183,13 +183,23 @@ testOrgData:
testEntCat:
@echo "Checking for entity-categories in SPSSODescriptors that should be moved to EntityDescriptor/Extensions"
- @for x in `find $(SRCDIRS) -name \*.xml`; do if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath /EntityDescriptor/SPSSODescriptor/Extensions/EntityAttributes - 2>/dev/null | grep -q entity-category ; then echo " $$x" | sed 's/.*/&/' ; fi ; done
+ @for x in `find $(SRCDIRS) -name \*.xml`; do if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath /EntityDescriptor/SPSSODescriptor/Extensions/EntityAttributes - 2>/dev/null | grep -q entity-category ; then echo " $$x" | sed 's/.*/&/' ; fi ; done | grep . && exit 1 || true
@echo "Checking for entity-categories in IDPSSODescriptor that should be moved to EntityDescriptor/Extensions"
- @for x in `find $(SRCDIRS) -name \*.xml`; do if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath /EntityDescriptor/IDPSSODescriptor/Extensions/EntityAttributes - 2>/dev/null | grep -q entity-category ; then echo " $$x" | sed 's/.*/&/' ; fi ; done
+ @for x in `find $(SRCDIRS) -name \*.xml`; do if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath /EntityDescriptor/IDPSSODescriptor/Extensions/EntityAttributes - 2>/dev/null | grep -q entity-category ; then echo " $$x" | sed 's/.*/&/' ; fi ; done | grep . && exit 1 || true
@echo "Checking for MDUI in EntityDescriptor/Extensions"
- @for x in `find $(SRCDIRS) -name \*.xml`; do if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath /EntityDescriptor/Extensions/UIInfo - 2>/dev/null | grep -q . ; then echo " $$x" | sed 's/.*/&/' ; exit 1 ; fi ; done
+ @for x in `find $(SRCDIRS) -name \*.xml`; do if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath /EntityDescriptor/Extensions/UIInfo - 2>/dev/null | grep -q . ; then echo " $$x" | sed 's/.*/&/' ; fi ; done | grep . && exit 1 || true
@echo "Checking for entitycategories for IdPs that should be entity-category-support"
- @for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l IDPSSODescriptor` ; do if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath '/EntityDescriptor/Extensions/EntityAttributes/Attribute[attribute::Name="http://macedir.org/entity-category"]/AttributeValue/text()' - 2>/dev/null | grep -q http://refeds.org/category/research-and-scholarship ; then echo " $$x" | sed 's/.*/&/' ; fi ; done
+ @for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l IDPSSODescriptor` ; do if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath '/EntityDescriptor/Extensions/EntityAttributes/Attribute[attribute::Name="http://macedir.org/entity-category"]/AttributeValue/text()' - 2>/dev/null | grep -q http://refeds.org/category/research-and-scholarship ; then echo " $$x" | sed 's/.*/&/' ; fi ; done | grep . && exit 1 || true
+ @echo "Checking for wrong Name in EntityAttributes/Attribute"
+ @for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l "Attribute "` ; do if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath '/EntityDescriptor/Extensions/EntityAttributes/Attribute' - 2>/dev/null | grep "Attribute " | sed 's/.* Name="//' | sed -e 's/ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"//' -e 's/">//' | egrep -v "http://macedir.org/entity-category|http://macedir.org/entity-category-support|urn:oasis:names:tc:SAML:attribute:assurance-certification|http://www.swamid.se/assurance-requirement" ; then echo " $$x" | sed 's/.*/&/' ; fi ; done | grep . && exit 1 || true
+ @echo "Checking for wrong AttributeValue in EntityAttributes/Attribute http://macedir.org/entity-category"
+ @for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l "http://macedir.org/entity-category"` ; do if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath '/EntityDescriptor/Extensions/EntityAttributes/Attribute[attribute::Name="http://macedir.org/entity-category"]' - 2>/dev/null | grep "AttributeValue" | egrep -v ">http://refeds.org/category/research-and-scholarship<|>http://www.geant.net/uri/dataprotection-code-of-conduct/v1<|>http://www.swamid.se/category/research-and-education<|>http://www.swamid.se/category/hei-service<|>http://www.swamid.se/category/nren-service<|>http://www.swamid.se/category/sfs-1993-1153<|>http://www.swamid.se/category/eu-adequate-protection<|>http://refeds.org/category/hide-from-discovery<" ; then echo " $$x" | sed 's/.*/&/' ; fi ; done | grep . && exit 1 || true
+ @echo "Checking for wrong AttributeValue in EntityAttributes/Attribute http://macedir.org/entity-category-support"
+ @for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l "http://macedir.org/entity-category-support"` ; do if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath '/EntityDescriptor/Extensions/EntityAttributes/Attribute[attribute::Name="http://macedir.org/entity-category-support"]' - 2>/dev/null | grep "AttributeValue" | egrep -v ">http://refeds.org/category/research-and-scholarship<|>http://www.geant.net/uri/dataprotection-code-of-conduct/v1<" ; then echo " $$x" | sed 's/.*/&/' ; fi ; done | grep . && exit 1 || true
+ @echo "Checking for wrong AttributeValue in EntityAttributes/Attribute http://www.swamid.se/assurance-requirement"
+ @for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l "http://www.swamid.se/assurance-requirement"` ; do if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath '/EntityDescriptor/Extensions/EntityAttributes/Attribute[attribute::Name="http://www.swamid.se/assurance-requirement"]' - 2>/dev/null | grep "AttributeValue" | egrep -v ">http://www.swamid.se/policy/assurance/al1<|>http://www.swamid.se/policy/assurance/al2<" ; then echo " $$x" | sed 's/.*/&/' ; fi ; done | grep . && exit 1 || true
+ @echo "Checking for wrong AttributeValue in EntityAttributes/Attribute urn:oasis:names:tc:SAML:attribute:assurance-certification"
+ @for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l "urn:oasis:names:tc:SAML:attribute:assurance-certification"` ; do if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath '/EntityDescriptor/Extensions/EntityAttributes/Attribute[attribute::Name="urn:oasis:names:tc:SAML:attribute:assurance-certification"]' - 2>/dev/null | grep "AttributeValue" | egrep -v ">https://refeds.org/sirtfi<|>http://www.swamid.se/policy/assurance/al1<|>http://www.swamid.se/policy/assurance/al2<" ; then echo " $$x" | sed 's/.*/&/' ; fi ; done | grep . && exit 1 || true
testSimpleSign:
@echo "Check for new SP:s with SimpleSign (breaks ADFS IdP:s with Shib SP 2.5+)"
diff --git a/swamid-2.0/lingon.ladok.umu.se-8087-re_nren_hei-sp.xml b/swamid-2.0/lingon.ladok.umu.se-8087-re_nren_hei-sp.xml
index af8c34a3..3517a623 100644
--- a/swamid-2.0/lingon.ladok.umu.se-8087-re_nren_hei-sp.xml
+++ b/swamid-2.0/lingon.ladok.umu.se-8087-re_nren_hei-sp.xml
@@ -3,15 +3,9 @@
<ns0:Extensions>
<ns1:EntityAttributes>
<ns2:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
- <ns2:AttributeValue xsi:type="xs:string">
- http://www.swamid.se/category/research-and-education
- </ns2:AttributeValue>
- <ns2:AttributeValue xsi:type="xs:string">
- http://www.swamid.se/category/nren-service
- </ns2:AttributeValue>
- <ns2:AttributeValue xsi:type="xs:string">
- http://www.swamid.se/category/hei-service
- </ns2:AttributeValue>
+ <ns2:AttributeValue xsi:type="xs:string">http://www.swamid.se/category/research-and-education</ns2:AttributeValue>
+ <ns2:AttributeValue xsi:type="xs:string">http://www.swamid.se/category/nren-service</ns2:AttributeValue>
+ <ns2:AttributeValue xsi:type="xs:string">http://www.swamid.se/category/hei-service</ns2:AttributeValue>
</ns2:Attribute>
</ns1:EntityAttributes>
<ns4:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#md5"/>
diff --git a/swamid-2.0/lingon.ladok.umu.se-8087-re_nren_sfs-sp.xml b/swamid-2.0/lingon.ladok.umu.se-8087-re_nren_sfs-sp.xml
index 9418c984..87459ebf 100644
--- a/swamid-2.0/lingon.ladok.umu.se-8087-re_nren_sfs-sp.xml
+++ b/swamid-2.0/lingon.ladok.umu.se-8087-re_nren_sfs-sp.xml
@@ -3,15 +3,9 @@
<ns0:Extensions>
<ns1:EntityAttributes>
<ns2:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
- <ns2:AttributeValue xsi:type="xs:string">
- http://www.swamid.se/category/research-and-education
- </ns2:AttributeValue>
- <ns2:AttributeValue xsi:type="xs:string">
- http://www.swamid.se/category/nren-service
- </ns2:AttributeValue>
- <ns2:AttributeValue xsi:type="xs:string">
- http://www.swamid.se/category/sfs-1993-1153
- </ns2:AttributeValue>
+ <ns2:AttributeValue xsi:type="xs:string">http://www.swamid.se/category/research-and-education</ns2:AttributeValue>
+ <ns2:AttributeValue xsi:type="xs:string">http://www.swamid.se/category/nren-service</ns2:AttributeValue>
+ <ns2:AttributeValue xsi:type="xs:string">http://www.swamid.se/category/sfs-1993-1153</ns2:AttributeValue>
</ns2:Attribute>
</ns1:EntityAttributes>
<ns4:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#md5"/>
diff --git a/swamid-2.0/verify-l.myunidays.com-shibboleth.xml b/swamid-2.0/verify-l.myunidays.com-shibboleth.xml
index 37abc1b4..641e44e1 100644
--- a/swamid-2.0/verify-l.myunidays.com-shibboleth.xml
+++ b/swamid-2.0/verify-l.myunidays.com-shibboleth.xml
@@ -20,6 +20,8 @@
<mdattr:EntityAttributes>
<saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
<saml:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oasis:names:tc:SAML:attribute:assurance-certification">
<saml:AttributeValue>https://refeds.org/sirtfi</saml:AttributeValue>
</saml:Attribute>
</mdattr:EntityAttributes>
diff --git a/swamid-2.0/vfu-dev.su.se-shibboleth.sso.xml b/swamid-2.0/vfu-dev.su.se-shibboleth.sso.xml
index 3bae9088..cb01011e 100644
--- a/swamid-2.0/vfu-dev.su.se-shibboleth.sso.xml
+++ b/swamid-2.0/vfu-dev.su.se-shibboleth.sso.xml
@@ -18,7 +18,7 @@
<alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
<mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
- <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir. org/entity-category">
+ <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
<samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
<samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
<samla:AttributeValue>http://www.swamid.se/category/sfs-1993-1153</samla:AttributeValue>
diff --git a/swamid-2.0/xenosmilus2.umdc.umu.se-8086-coc-sp.xml b/swamid-2.0/xenosmilus2.umdc.umu.se-8086-coc-sp.xml
index a085e78f..00898f3e 100644
--- a/swamid-2.0/xenosmilus2.umdc.umu.se-8086-coc-sp.xml
+++ b/swamid-2.0/xenosmilus2.umdc.umu.se-8086-coc-sp.xml
@@ -3,7 +3,7 @@
<ns0:Extensions>
<ns1:EntityAttributes xmlns:ns1="urn:oasis:names:tc:SAML:metadata:attribute">
<ns2:Attribute xmlns:ns2="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://macedir.org/entity-category">
- <ns2:AttributeValue xmlns:ns3="http://www.w3.org/2001/XMLSchema-instance" ns3:type="xs:string">http://www.edugain.org/dataprotection/coc-eu-01-draft</ns2:AttributeValue>
+ <ns2:AttributeValue xmlns:ns3="http://www.w3.org/2001/XMLSchema-instance" ns3:type="xs:string">http://www.geant.net/uri/dataprotection-code-of-conduct/v1</ns2:AttributeValue>
</ns2:Attribute>
</ns1:EntityAttributes>
</ns0:Extensions>