From f1448420c0b2c6f5138119552fe4c7fd80321433 Mon Sep 17 00:00:00 2001 From: Johan Wassberg Date: Mon, 8 May 2023 10:10:25 +0200 Subject: Next generation of the SWAMID pyff configration --- metadata/swamid-prod-ng.fd | 76 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 76 insertions(+) create mode 100644 metadata/swamid-prod-ng.fd diff --git a/metadata/swamid-prod-ng.fd b/metadata/swamid-prod-ng.fd new file mode 100644 index 00000000..f09f9b54 --- /dev/null +++ b/metadata/swamid-prod-ng.fd @@ -0,0 +1,76 @@ +- when clean: + - xslt: + stylesheet: tidy.xsl + - check_xml_namespaces + - break +- when update: + - load: + - /opt/metadata/swamid-edugain as swamid-edugain-dir cleanup clean + - /opt/metadata/swamid-2.0 as swamid-2.0-dir cleanup clean + - /opt/metadata/swamid-interfederations-2.0 as swamid-interfederations-dir cleanup clean + - /opt/metadata/swamid-testing as swamid-testing-dir cleanup clean + + # Read dirs + - fork: + # swamid-2.0.xml + - select as swamid-2.0: + - swamid-edugain-dir + - swamid-2.0-dir + - swamid-interfederations-dir + - fork: + # swamid-edugain-1.0.xml + - select as swamid-edugain-1.0: + - swamid-edugain-dir + - fork: + # swamid-registered.xml swamid-discovery.xml + - select as swamid-registered: + - swamid-edugain-dir + - swamid-2.0-dir + # Read selectors + - fork: + # swamid-idp.xml + - select as swamid-idp: + - swamid-registered!//md:EntityDescriptor[md:IDPSSODescriptor] + - fork: + # swamid-idp-transitive.xml + - select as swamid-idp-transitive: + - swamid-2.0!//md:EntityDescriptor[md:IDPSSODescriptor] + - fork: + # swamid-sp.xml + - select as swamid-sp: + - swamid-registered!//md:EntityDescriptor[md:SPSSODescriptor] + - fork: + # swamid-sp-transitive.xml + - select as swamid-sp-transitive: + - swamid-2.0!//md:EntityDescriptor[md:SPSSODescriptor] + + # Testing + - fork: + # swamid-testing-1.0.xml + - select as swamid-testing-1.0: + - swamid-edugain-dir + - swamid-2.0-dir + - swamid-testing-dir + - fork: + # swamid-testing-idp-1.0.xml + - select as swamid-testing-idp-1.0: + - swamid-testning-1.0!//md:EntityDescriptor[md:IDPSSODescriptor] + - break +- when request: + - select + - pipe: + - when accept application/samlmetadata+xml application/xml: + - xslt: + stylesheet: tidy.xsl + - pubinfo: + publisher: https://mds.swamid.se/ + - first + - finalize: + baseURL: https://mds.swamid.se/ + cacheDuration: PT5H + validUntil: P10D + - sign: + key: http://pyff_luna_1:8000/swamidHA/swamid2 + cert: /etc/credentials/md-signer2.crt + - emit application/xml + - break -- cgit v1.2.3