Added AL-check for IdP:s

2 files changed, 106 insertions, 4 deletions

diff --git a/metadata/Makefile b/metadata/Makefile
index 06e2eae7..a8affdfc 100644
--- a/metadata/Makefile
+++ b/metadata/Makefile
@@ -45,11 +45,21 @@ testMDUI:
 	@for lang in `find $(SRCDIRS) -name \*.xml -exec cat {} \; | sed -n 's/.*xml:lang="\([^"]*\)".*/\1/p' | sort -u` ; do for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l IDPSSODescriptor` ; do cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/IDPSSODescriptor/Extensions/UIInfo/DisplayName[@xml:lang='$$lang']" - 2>/dev/null | sed 's/^[       ]*//;s/[        ]*$$//' | tr -d '\n' | sed 's;<[^>]*>\([^<]*\)</[^>]*>;\1\n;g' | sed "s;^;  $$x $$lang ;" | sed 's/.*/&/' ; done | sort -k 3 | uniq -d -f 2 ; done | grep . && exit 1 || true
 
 testALlevel:
+	@echo "Check for IdP:s with AL3"
+	@for x in `grep -rl http://www.swamid.se/policy/assurance/al3 $(SRCDIRS)`; do \
+		if ! grep -q http://www.swamid.se/policy/assurance/al2 $$x ; then echo "  $$x missing AL2 in assurance-certification" ; fi ; \
+		if [ ! "$$(awk '$$1 > 2 && $$2 == "'$$x'" {print $$2}' MaxALofIDP.txt)" == "$$x" ]; then echo "  $$x missing in MaxALofIDP.txt verify with SWAMID-Policy and update efter that!" ; fi ; \
+	done
+	@echo "Check for IdP:s with AL2"
+	@for x in `grep -rl http://www.swamid.se/policy/assurance/al2 $(SRCDIRS)`; do \
+		if ! grep -q http://www.swamid.se/policy/assurance/al1 $$x ; then echo "  $$x missing AL1 in assurance-certification" ; fi ; \
+		if [ ! "$$(awk '$$1 > 1 && $$2 == "'$$x'" {print $$2}' MaxALofIDP.txt)" == "$$x" ]; then echo "  $$x missing in MaxALofIDP.txt verify with SWAMID-Policy and update efter that!" ; fi ; \
+	done
+	@echo "Check for IdP:s with AL1"
+	@for x in `grep -rl http://www.swamid.se/policy/assurance/al1 $(SRCDIRS)`; do \
+		if [ ! "$$(awk '$$1 > 0 && $$2 == "'$$x'" {print $$2}' MaxALofIDP.txt)" == "$$x" ]; then echo "  $$x missing in MaxALofIDP.txt verify with SWAMID-Policy and update efter that!" ; fi ; \
+	done
 	@echo Fixa så att vi kollar!!!!!
-	@echo "Check for IdP:s with AL3 without AL2"
-	@for x in `find $(SRCDIRS) -name \*.xml`; do if grep -q http://www.swamid.se/policy/assurance/al3 $$x && ! grep -q http://www.swamid.se/policy/assurance/al2 $$x ; then echo "  $$x" | sed 's/.*/&/' ; fi ; done
-	@echo "Check for IdP:s with AL2 without AL1"
-	@for x in `find $(SRCDIRS) -name \*.xml`; do if grep -q http://www.swamid.se/policy/assurance/al2 $$x && ! grep -q http://www.swamid.se/policy/assurance/al1 $$x ; then echo "  $$x" | sed 's/.*/&/' ; fi ; done
 
 testBadStrings:
 	@echo "Check for bad strings in metadata"
diff --git a/metadata/MaxALofIDP.txt b/metadata/MaxALofIDP.txt
new file mode 100644
index 00000000..e36d8362
--- /dev/null
+++ b/metadata/MaxALofIDP.txt
@@ -0,0 +1,92 @@
+3 swamid-edugain/fs.liu.se-adfs-services-trust.xml
+3 swamid-edugain/idpv4.lu.se-idp-shibboleth.xml
+3 swamid-edugain/login.idp.eduid.se-idp.xml.xml
+3 swamid-edugain/adfs.umu.se-adfs-services-trust.xml
+3 swamid-edugain/connect.eduid.se-sunet.xml
+3 swamid-edugain/idp.oru.se-idp-shibboleth.xml
+3 swamid-edugain/weblogin.kau.se-idp-shibboleth.xml
+3 swamid-testing/idp.dev.eduid.se-idp.xml.xml
+3 swamid-testing/testidpv4.lu.se-idp-shibboleth.xml
+3 swamid-testing/weblogin-test.kau.se-idp-shibboleth.xml
+1 swamid-testing/fs.test.ad.liu.se-adfs-services-trust.xml
+3 swamid-testing/adfs.test.umu.se-adfs-services-trust.xml
+2 swamid-2.0/shibboleth.uhr.se-idp-shibboleth.xml
+2 swamid-2.0/idp.qa.lnu.se-idp-shibboleth.xml
+2 swamid-2.0/fs.uka.se-adfs-services-trust.xml
+2 swamid-2.0/sts.vinnova.se-adfs-services-trust.xml
+2 swamid-2.0/idp.antagning.se-aws-idp.xml
+2 swamid-2.0/idp.test.antagning.se-aws-idp.xml
+2 swamid-edugain/idp2.kkh.se-idp-shibboleth.xml
+2 swamid-edugain/sts.mau.se-adfs-services-trust.xml
+2 swamid-edugain/idp.his.se-idp-shibboleth.xml
+2 swamid-edugain/idp.kva.se-idp-shibboleth.xml
+2 swamid-edugain/saml.sys.kth.se-idp-shibboleth.xml
+2 swamid-edugain/weblogin.uu.se-idp-shibboleth.xml
+2 swamid-edugain/sso.kb.se-adfs-services-trust.xml
+2 swamid-edugain/idp.chalmers.se-adfs-services-trust.xml
+2 swamid-edugain/idp-shib.slu.se-idp.xml
+2 swamid-edugain/weblogin.smhi.se-idp-shibboleth.xml
+2 swamid-edugain/login2.fhs.se-adfs-services-trust.xml
+2 swamid-edugain/idp3.hig.se-idp-shibboleth.xml
+2 swamid-edugain/webproxysrv.uniarts.se-adfs-services-trust.xml
+2 swamid-edugain/fs.bth.se-adfs-services-trust.xml
+2 swamid-edugain/idp.lnu.se-idp-shibboleth.xml
+2 swamid-edugain/adfs.hv.se-adfs-services-trust.xml
+2 swamid-edugain/adfs.ju.se-adfs-services-trust.xml
+2 swamid-edugain/swamid2.shh.se-idp-shibboleth.xml
+2 swamid-edugain/idp.kmh.se-idp-shibboleth.xml
+2 swamid-edugain/idpshibboleth.irf.se-idp-shibboleth.xml
+2 swamid-edugain/idp.esh.se-idp-shibboleth.xml
+2 swamid-edugain/login.du.se-idp-shibboleth.xml
+2 swamid-edugain/adfs.rkh.se-adfs-services-trust.xml
+2 swamid-edugain/idp.hh.se-idp-shibboleth.xml
+2 swamid-edugain/idp01.gih.se-idp-shibboleth.xml
+2 swamid-edugain/idp-v2.suni.se-adfs-services-trust.xml
+2 swamid-edugain/idp.ths.se-idp-shibboleth.xml
+2 swamid-edugain/idp.mdh.se-idp-shibboleth.xml
+2 swamid-edugain/idp.hb.se-idp-shibboleth.xml
+2 swamid-edugain/idp3.it.gu.se-idp-shibboleth.xml
+2 swamid-edugain/idp-v2.konstfack.se-adfs-services-trust.xml
+2 swamid-edugain/idp.it.su.se-idp-shibboleth.xml
+2 swamid-edugain/idp.ltu.se-idp-shibboleth.xml
+2 swamid-edugain/idp.hkr.se-idp-shibboleth.xml
+2 swamid-edugain/idp.mah.se-idp-shibboleth.xml
+2 swamid-edugain/idp.nordu.net-idp-shibboleth.xml
+2 swamid-edugain/login.ki.se-idp-shibboleth.xml
+2 swamid-edugain/miunidp.miun.se-idp-shibboleth.xml
+2 swamid-testing/kitstlogin03.user.ki.se-idp-shibboleth.xml
+2 swamid-testing/idp3.mdu.se-idp-shibboleth.xml
+2 swamid-testing/hbidp-test.test.hb.se-idp-shibboleth.xml
+2 swamid-testing/miunidptest.miun.se-idp-shibboleth.xml
+2 swamid-testing/connect.dev.eduid.se-sunet.xml
+2 swamid-testing/idp02.gih.se-idp-shibboleth.xml
+2 swamid-testing/weblogin.test.uu.se-idp-shibboleth.xml
+2 swamid-testing/idp.auth.gu.se-adfs-services-trust.xml
+2 swamid-testing/login-dev.du.se-idp-shibboleth.xml
+2 swamid-testing/idp.hubbletest.antagning.se-aws-idp.xml
+2 swamid-testing/idp-test.it.su.se-idp-shibboleth.xml
+2 swamid-testing/adfs.tad.hv.se-adfs-services-trust.xml
+2 swamid-testing/fs.test.bth.se-adfs-services-trust.xml
+2 swamid-testing/idp-test.suni.se-adfs-services-trust.xml
+2 swamid-testing/shibboleth-test.uhr.se-idp-shibboleth.xml
+2 swamid-testing/flax.nettst.chalmers.se-adfs-services-trust.xml
+2 swamid-testing/idp-shibtest.slu.se-idp.xml
+2 swamid-testing/idp.uhr.se-idp-shibboleth.xml
+2 swamid-testing/shibbo3test.ltu.se-idp-shibboleth.xml
+2 swamid-testing/idp2.it.gu.se-idp-shibboleth.xml
+2 swamid-testing/idp.demo.antagning.se-aws-idp.xml
+2 swamid-testing/idptest.it.gu.se-adfs-services-trust.xml
+2 swamid-testing/idpproxy.dev.eduid.se-idp.xml
+2 swamid-testing/login.tst.ki.se-idp-shibboleth.xml
+2 swamid-testing/stslab.mah.se-adfs-services-trust.xml
+2 swamid-testing/adfs.test.rkh.se-adfs-services-trust.xml
+1 swamid-2.0/fs.nrm.se-adfs-services-trust.xml
+1 swamid-2.0/bankid-idp.sunet.se-bankid-idp.xml
+1 swamid-edugain/idp.vr.se-adfs-services-trust.xml
+1 swamid-edugain/idp.sunet.se-idp.xml
+1 swamid-edugain/fds.idp.hhs.se-adfs-services-trust.xml
+1 swamid-edugain/adfs.sp.se-adfs-services-trust.xml
+1 swamid-edugain/login.idp.hhs.se-idp-shibboleth.xml
+1 swamid-testing/login2.temp1235.hhs.se-idp-shibboleth.xml
+1 swamid-testing/login.temp1235.hhs.se-adfs-services-trust.xml
+1 swamid-testing/idp.test.sunet.se-idp.xml