#!/bin/bash # # Fetch Service Provider metadata and save into entityid filename # error() { echo "Error: $*" 1>&2 exit 1 } metadataurl=$1 if [ -z "$metadataurl" ] ; then cat <<EOF Usage: `basename $0` <metadataurl> Ex: `basename $0` https://shibsp.mysite.com/Shibboleth.sso/Metadata `basename $0` https://shibidp.mysite.com/idp/profile/Metadata/SAML `basename $0` some-downloaded-metadata.xml `basename $0` reep:<entityid> `basename $0` <hostname> (tries to pull from standard locations) EOF exit 1 fi if [ `uname -s` == "Darwin" ]; then SEDI='sed -i "" ' else SEDI='sed -i' fi script_cwd=`dirname "$0"` if test -d swamid-2.0 ; then echo "Moving into swamid-2.0/" cd swamid-2.0 echo "$script_cwd" | grep -q ^/ || script_cwd=../$script_cwd fi if echo "$metadataurl" | grep -qE '^http://|^https://' ; then metadata=`curl -L -s -k -f "$metadataurl"` elif echo "$metadataurl" | grep -qE '^reep:' ; then id=`echo -n "$metadataurl" | sed 's/^reep://' | sha1sum | awk '{print $1}'` metadataurl="http://md.reep.refeds.org/entities/%7Bsha1%7D$id" metadata=`curl -L -s -k -f "$metadataurl"` else if [ -s "${metadataurl}" ]; then metadata=`cat "$metadataurl"` else urls="https://${metadataurl}/idp/shibboleth https://${metadataurl}/Shibboleth.sso/Metadata https://${metadataurl}/saml/index/sp-metadata https://${metadataurl}/saml/metadata" for i in ${urls}; do metadata=`curl -L -s -k -f "${i}"` [ -n "${metadata}" ] && break done fi fi [ -n "$metadata" ] || error "Failed to fetch metadata from $metadataurl" entityid=`echo "$metadata" | sed -n 's/.*entityID=['\''"]\([^"]*\)['\''"].*/\1/p'` [ -n "$entityid" ] || error "Failed to find entityID in metadata" [ `echo "$entityid" | wc -l` = 1 ] || error "Multiple entityid:s found: `echo $entityid`" entityidfn=`echo "$entityid" | sed 's;https*://;;' | tr 'A-Z' 'a-z' | sed 's/[^a-z0-9_.-]/-/g' | sed 's/\.xml$//;s/$/.xml/'` [ -n "$entityidfn" ] || error "Failed to generate filename from entityid $entityid" [ -r "$entityidfn" ] && new=false || new=true if $new ; then echo -n "Save metadata into $entityidfn [Y/n]? " else echo -n "Replace $entityidfn with metadata [Y/n]? " fi read x case $x in Y|y|"") if $new ; then echo -n "Add swamid-2.0/$entityidfn to swamid-sp-2.0.mxml [Y/n]? " read x case $x in Y|y|"") $SEDI "s;^</md:EntitiesDescriptor>; <xi:include href=\"swamid-2.0/$entityidfn\"/>\n&;" ../swamid-sp-2.0.mxml echo -- tail -n 10 ../swamid-sp-2.0.mxml | sed 's/^/ /' echo -- ;; *) echo "Not added" ;; esac fi echo "$metadata" > $entityidfn tmp=`mktemp` xsltproc $script_cwd/../xslt/clean-entitydescriptor.xsl ${entityidfn} > ${tmp} && mv ${tmp} ${entityidfn} if $new ; then echo -n "Add swamid-2.0/$entityidfn to git [Y/n]? " read x case $x in Y|y|"") git add $entityidfn ;; *) echo "Not added" ;; esac fi ;; *) echo "Nothing done" ;; esac