diff options
Diffstat (limited to 'xslt')
| -rw-r--r-- | xslt/normalize.xsl | 20 | ||||
| -rw-r--r-- | xslt/sign.xsl | 6 | ||||
| -rw-r--r-- | xslt/swamid-sign.xsl | 123 |
3 files changed, 20 insertions, 129 deletions
diff --git a/xslt/normalize.xsl b/xslt/normalize.xsl index 031acbcb..9cbebd1d 100644 --- a/xslt/normalize.xsl +++ b/xslt/normalize.xsl @@ -22,7 +22,7 @@ the use of the Metadata. By accessing or using the Metadata You accept that the use will be on and subject to these Terms. These Terms will be binding and enforceable on You as contractual obligations. -The Terms are available at +The SWAMID Metadata Terms of Access and Use can be found here: - http://md.swamid.se/md/swamid-tou-sv.txt Swedish version - Legally Binding! - http://md.swamid.se/md/swamid-tou-en.txt English version - Non-normative translation @@ -31,6 +31,7 @@ If You do not accept these Terms, then You must not continue to use this Metadat </xsl:comment></xsl:if> <md:EntitiesDescriptor> + <xsl:attribute name="ID"><xsl:value-of select="$ID"/></xsl:attribute> <xsl:attribute name="Name"><xsl:value-of select="@Name"/></xsl:attribute> <xsl:if test="@cacheDuration"> <xsl:attribute name="cacheDuration"><xsl:value-of select="@cacheDuration"/></xsl:attribute> @@ -40,6 +41,9 @@ If You do not accept these Terms, then You must not continue to use this Metadat </xsl:if> <xsl:apply-templates/> </md:EntitiesDescriptor> + <xsl:if test="$target='true'"> + <md:Extensions><xsl:call-template name="add-swamid-pi"/></md:Extensions> + </xsl:if> </xsl:template> <xsl:template match="md:EntityDescriptor"> @@ -61,7 +65,7 @@ If You do not accept these Terms, then You must not continue to use this Metadat <md:EntityDescriptor> <xsl:apply-templates select="@*"/> <xsl:if test="$rpi='true' and not(md:Extensions)"> - <md:Extensions><xsl:call-template name="add-swamid-rpi"/></md:Extensions> + <md:Extensions><xsl:call-template name="add-swamid-ri"/></md:Extensions> </xsl:if> <xsl:apply-templates select="text()|comment()|md:Extensions|md:RoleDescriptor|md:IDPSSODescriptor|md:SPSSODescriptor|md:AuthnAuthorityDescriptor|md:AttributeAuthorityDescriptor|md:PDPDescriptor|md:AffiliationDescriptor"/> <xsl:if test="$org='true' and not(md:Organization)"> @@ -78,12 +82,12 @@ If You do not accept these Terms, then You must not continue to use this Metadat <xsl:template match="md:EntityDescriptor/md:Extensions"> <md:Extensions> - <xsl:call-template name="add-swamid-rpi"/> + <xsl:call-template name="add-swamid-ri"/> <xsl:apply-templates select="text()|comment()|node()"/> </md:Extensions> </xsl:template> - <xsl:template name="add-swamid-rpi"> + <xsl:template name="add-swamid-ri"> <xsl:if test="$rpi='true' and not(mdrpi:RegistrationInfo[@registrationAuthority='http://swamid.se/'])"> <mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/"> <mdrpi:RegistrationPolicy xml:lang="en">http://www.swamid.se/download/18.248ad5af12aa8136533800012293/SWAMID+Metadata+Registration+Practice+Statement-20110714.pdf</mdrpi:RegistrationPolicy> @@ -91,6 +95,14 @@ If You do not accept these Terms, then You must not continue to use this Metadat </xsl:if> </xsl:template> + <xsl:template name="add-swamid-pi"> + <mdrpi:PublicationInfo> + <xsl:attribute Name="creationInstant"><xsl:value-of select="$now"/></xsl:attribute> + <xsl:attribute Name="publisher"><xsl:value-of select="$target"/></xsl:attribute> + <mdrpi:UsagePolicy xml:lang="en">https://www.sunet.se/wp-content/uploads/2015/12/SWAMID-Terms-of-Use-20110714.pdf</mdrpi:UsagePolicy> + </mdrpi:PublicationInfo> + </xsl:template> + <xsl:template match="@xml:base|@ID|@validUntil|@cacheDuration"/> <xsl:template match="text()|comment()|@*"> diff --git a/xslt/sign.xsl b/xslt/sign.xsl index 19aa9c55..51d2492a 100644 --- a/xslt/sign.xsl +++ b/xslt/sign.xsl @@ -3,6 +3,7 @@ xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:exsl="http://exslt.org/common" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" @@ -18,10 +19,11 @@ <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" /> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> - <ds:Reference URI=""> + <ds:Reference> + <xsl:attribute name="URI"><xsl:text>#</xsl:text><xsl:value-of select="@ID"/></xsl:attribute> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> - <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/> + <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <ds:DigestValue></ds:DigestValue> diff --git a/xslt/swamid-sign.xsl b/xslt/swamid-sign.xsl deleted file mode 100644 index 350dc87a..00000000 --- a/xslt/swamid-sign.xsl +++ /dev/null @@ -1,123 +0,0 @@ -<?xml version="1.0"?> -<xsl:stylesheet version="1.0" - xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" - xmlns:xsl="http://www.w3.org/1999/XSL/Transform" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xmlns:ds="http://www.w3.org/2000/09/xmldsig#" - xmlns:exsl="http://exslt.org/common" - xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" - extension-element-prefixes="exsl" - xmlns:shibmd="urn:mace:shibboleth:metadata:1.0"> - - <xsl:output method="xml" indent="yes" encoding="UTF-8"/> - - <xsl:template match="/md:EntitiesDescriptor"> - <xsl:comment> - - IMPORTANT NOTICE: READ CAREFULLY - -You are reading this because You wish to use the technical information (the “Metadata”) -published on behalf of the Registrars. These Terms of Access and Use (these “Terms”) govern -the use of the Metadata. By accessing or using the Metadata You accept that the access and -use will be on and subject to these Terms. These Terms will be binding and enforceable on -You as contractual obligations. - -The Terms are available at: - -- http://md.swamid.se/md/swamid-tou-sv.txt Swedish version - Legally Binding! -- http://md.swamid.se/md/swamid-tou-en.txt English version - Non-normative translation - -If You do not accept these Terms, then You must not continue to use this Metadata. - - </xsl:comment> - <md:EntitiesDescriptor> - <xsl:attribute name="Name"><xsl:value-of select="@Name"/></xsl:attribute> - <xsl:if test="@cacheDuration"> - <xsl:attribute name="cacheDuration"><xsl:value-of select="@cacheDuration"/></xsl:attribute> - </xsl:if> - <xsl:if test="@validUntil"> - <xsl:attribute name="validUntil"><xsl:value-of select="$date"/></xsl:attribute> - </xsl:if> - <ds:Signature> - <ds:SignedInfo> - <ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" /> - <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> - <ds:Reference URI=""> - <ds:Transforms> - <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> - <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/> - </ds:Transforms> - <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> - <ds:DigestValue></ds:DigestValue> - </ds:Reference> - </ds:SignedInfo> - <ds:SignatureValue/> - <ds:KeyInfo> - <ds:X509Data> - </ds:X509Data> - </ds:KeyInfo> - </ds:Signature> - <xsl:apply-templates/> - </md:EntitiesDescriptor> - </xsl:template> - - <xsl:template match="md:EntityDescriptor"> - <xsl:variable name="path"><xsl:value-of select="substring-after(@entityID,'://')"/></xsl:variable> - <xsl:variable name="host"> - <xsl:if test="contains($path,'/')"> - <xsl:value-of select="substring-before($path,'/')"/> - </xsl:if> - <xsl:if test="not(contains($path,'/'))"> - <xsl:value-of select="$path"/> - </xsl:if> - </xsl:variable> - <xsl:variable name="domain"> - <xsl:value-of select="substring-after($host,'.')"/> - </xsl:variable> - <xsl:variable name="orginfo"> - <xsl:value-of select="concat('../organization','/',$domain,'.xml')"/> - </xsl:variable> - <md:EntityDescriptor> - <xsl:apply-templates select="@*"/> - <xsl:if test="$rpi='true' and not(md:Extensions)"> - <md:Extensions><xsl:call-template name="add-swamid-rpi"/></md:Extensions> - </xsl:if> - <xsl:apply-templates select="text()|comment()|md:Extensions|md:RoleDescriptor|md:IDPSSODescriptor|md:SPSSODescriptor|md:AuthnAuthorityDescriptor|md:AttributeAuthorityDescriptor|md:PDPDescriptor|md:AffiliationDescriptor"/> - <xsl:if test="not(md:Organization)"> - <xsl:apply-templates select="document($orginfo)"/> - </xsl:if> - <xsl:if test="$defaultContact='true' and not(md:ContactPerson)"> - <md:ContactPerson contactType="technical"><md:EmailAddress>operations@swamid.se</md:EmailAddress></md:ContactPerson> - </xsl:if> - <xsl:apply-templates select="md:Organization|md:ContactPerson|md:AdditionalMetadataLocation"/> - </md:EntityDescriptor> - </xsl:template> - - <xsl:template match="md:EntityDescriptor/md:Extensions"> - <md:Extensions> - <xsl:call-template name="add-swamid-rpi"/> - <xsl:apply-templates select="text()|comment()|node()"/> - </md:Extensions> - </xsl:template> - - <xsl:template name="add-swamid-rpi"> - <xsl:if test="$rpi='true' and not(mdrpi:RegistrationInfo[@registrationAuthority='http://swamid.se/'])"> - <mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/"> - <mdrpi:RegistrationPolicy xml:lang="en">http://www.swamid.se/download/18.248ad5af12aa8136533800012293/SWAMID+Metadata+Registration+Practice+Statement-20110714.pdf</mdrpi:RegistrationPolicy> - </mdrpi:RegistrationInfo> - </xsl:if> - </xsl:template> - - <xsl:template match="@xml:base|@ID"/> - - <xsl:template match="text()|comment()|@*"> - <xsl:copy/> - </xsl:template> - - <xsl:template match="*"> - <xsl:copy> - <xsl:apply-templates select="node()|@*"/> - </xsl:copy> - </xsl:template> - -</xsl:stylesheet> |