#!/bin/bash # # Fetch Service Provider metadata and save into entityid filename # error() { echo "Error: $*" 1>&2 exit 1 } metadataurl=$1 if [ -z "$metadataurl" ] ; then cat <<EOF Usage: $0 <metadataurl> Ex: $0 https://metadata.swamid.se/?showEntity=5271 $0 5271 $0 https://shibsp.mysite.com/Shibboleth.sso/Metadata $0 https://shibidp.mysite.com/idp/profile/Metadata/SAML $0 some-downloaded-metadata.xml $0 reep:<entityid> $0 <hostname> (tries to pull from standard locations) EOF exit 1 fi xmldir=swamid-2.0 if [ -s "${metadataurl}" ]; then metadata=$(cat "$metadataurl") else case $metadataurl in [0-9][0-9]*) id=$metadataurl xmldir=$(curl -L -m 5 -s -k -f "https://metadata.swamid.se/?show=feed&id=${id}") urls="https://metadata.swamid.se/?rawXML=${id}" ;; https://metadata.swamid.se/?showEntity=*) id=$(echo "$metadataurl" | sed -n 's;^https://metadata.swamid.se/?showEntity=;;p') xmldir=$(curl -L -m 5 -s -k -f "https://metadata.swamid.se/?show=feed&id=${id}") urls="https://metadata.swamid.se/?rawXML=${id}" ;; http://*|https://*) urls="$metadataurl" ;; reep://*) id=$(echo -n "$metadataurl" | sed 's/^reep://' | sha1sum | awk '{print $1}') metadataurl="http://md.reep.refeds.org/entities/%7Bsha1%7D$id" urls="$metadataurl" ;; http*) urls="$metadataurl" ;; *) urls="https://${metadataurl}/idp/shibboleth https://${metadataurl}/Shibboleth.sso/Metadata https://${metadataurl}/saml/index/sp-metadata https://${metadataurl}/saml/metadata https://${metadataurl}/federationmetadata/2007-06/federationmetadata.xml" ;; esac for i in ${urls}; do metadata=$(curl -L -m 5 -s -k -f "${i}") [ -n "${metadata}" ] && break done fi [ -n "$metadata" ] || error "Failed to fetch metadata from $metadataurl" script_cwd=$(dirname "$0") if test -d "$xmldir" ; then echo "Moving into $xmldir/" cd "$xmldir" || exit 1 echo "$script_cwd" | grep -q ^/ || script_cwd=../$script_cwd fi entityid=$(echo "$metadata" | sed -n 's/.*entityID=['\''"]\([^"]*\)['\''"].*/\1/p') [ -n "$entityid" ] || error "Failed to find entityID in metadata" # shellcheck disable=SC2046,SC2086 [ $(echo "$entityid" | wc -l) = 1 ] || error "Multiple entityid:s found:" $entityid entityidfn=$(echo "$entityid" | sed 's;.*://;;' | sed 's/[^a-zwA-ZW0-9_.-]/-/g' | sed 's/$/.xml/') [ -n "$entityidfn" ] || error "Failed to generate filename from entityid $entityid" OLDFILE=$(find ../swamid-2.0 ../swamid-edugain -name "$entityidfn" | grep -v "$xmldir") if [ -n "$OLDFILE" ]; then echo "Moving $OLDFILE into $xmldir" git mv "$OLDFILE" "$entityidfn" fi [ -r "$entityidfn" ] && new=false || new=true if "$new" ; then echo -n "Save metadata into $entityidfn [Y/n]? " else regdate=$(sed -n 's;.*RegistrationInfo.*registrationInstant="\([^"]*\)".*;\1;p' < "$entityidfn" | head -n 1) echo -n "Replace $entityidfn with metadata [Y/n]? " fi [ -n "$regdate" ] || regdate=$(perl "$script_cwd/../scripts/now_date.pl") read -r x case $x in Y|y|"") echo "$metadata" > "$entityidfn" tmp=$(mktemp) xsltproc --stringparam regDate "$regdate" "$script_cwd/../xslt/add-rpi.xsl" "${entityidfn}" > "${tmp}" && mv "${tmp}" "${entityidfn}" xsltproc "$script_cwd/../xslt/clean-entitydescriptor.xsl" "${entityidfn}" > "${tmp}" && mv "${tmp}" "${entityidfn}" if $new ; then echo -n "Add ${xmldir}/$entityidfn to git [Y/n]? " read -r x case $x in Y|y|"") git add "$entityidfn" ;; *) echo "Not added" ;; esac fi ;; *) echo "Nothing done" ;; esac