#!/bin/bash URL=$1 DIR=$2 CERT=$3 if echo "$DIR" | grep -q "mds.swamid.se" ; then publish_name=mds.swamid.se else publish_name=md.swamid.se fi TMPF=`mktemp` curl -s -m 120 -k -L $URL > $TMPF if [ $? -ne 0 ]; then echo "Unable to download $URL: $?" exit 1 fi if [ "x$CERT" != "x" ]; then xmlsec1 --verify --pubkey-cert-pem $CERT --id-attr:ID urn:oasis:names:tc:SAML:2.0:metadata:EntitiesDescriptor $TMPF #samlsign -c $CERT -f $TMPF if [ $? -ne 0 ]; then echo "Unable to verify $URL with $CERT: $?" exit 1 fi fi TMPD=`mktemp -d` xsltproc --stringparam output $TMPD xslt/import-metadata.xsl $TMPF if [ $? -ne 0 ]; then echo "Unable to import metadata from $URL: $?" exit 1 fi rsync -avz $TMPD/ $DIR ( echo '<?xml version="1.0"?>' echo "<EntitiesDescriptor xmlns=\"urn:oasis:names:tc:SAML:2.0:metadata\" xmlns:xi=\"http://www.w3.org/2001/XInclude\" Name=\"http://$publish_name/md/$DIR.xml\">" T=`mktemp` for md in $DIR/*.xml; do xsltproc xslt/clean-entitydescriptor.xsl $md > $T && mv $T $md test=`echo $md | cut -d/ -f2-` if [ ! -f "swamid-2.0/$test" -a ! -f "swamid-2.0-obsolete/$test" ]; then echo "<xi:include href=\"$md\"/>" fi done rm -f $T echo "</EntitiesDescriptor>" ) > $DIR.mxml #git add $DIR.mxml $DIR #git commit -m "$URL into $DIR" $DIR.mxml $DIR rm -rf $TMPF $TMPD