summaryrefslogtreecommitdiff
path: root/metadata/Makefile
blob: e4fe6cf450a7d28f0a72224dc71383a73168db4e (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112


SRCDIRS=swamid-2.0 swamid-edugain swamid-testing

NOW=$(shell perl scripts/now_date.pl)

tag:
	cd ..; make tag

EDUGAINXML=$(patsubst swamid-edugain/%.xml,.time/%.time,$(wildcard swamid-edugain/*.xml))
SWAMID20XML=$(patsubst swamid-2.0/%.xml,.time/%.time,$(wildcard swamid-2.0/*.xml))
TESTINGXML=$(patsubst swamid-testing/%.xml,.time/%.time,$(wildcard swamid-testing/*.xml))

testRefedsRnS:
	@echo "Checking for refeds R&S compatibillity for entities exported to eduGAIN"
	@for x in `grep -l SPSSODescriptor swamid-edugain/*` ; do \
	got_refeds_RnS=`cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/Extensions/EntityAttributes/Attribute[@Name='http://macedir.org/entity-category']/AttributeValue" - 2>/dev/null | grep 'http://refeds.org/category/research-and-scholarship'` ; \
	if [ -n "$$got_refeds_RnS" ] ; then \
	http_post=`cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/SPSSODescriptor/AssertionConsumerService" - 2>/dev/null | grep 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST'` ; \
	if [ -z "$$http_post" ] ; then echo "  $$x: Missing HTTP-POST binding." | sed 's/.*/&/' ; fi ; \
	mdui_DisplayName=`cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/SPSSODescriptor/Extensions/UIInfo/DisplayName" - 2>/dev/null | grep 'DisplayName'` ; \
	if [ -z "$$mdui_DisplayName" ] ; then echo "  $$x: Missing mdui:DisplayName." | sed 's/.*/&/' ; fi ; \
	mdui_InformationURL=`cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/SPSSODescriptor/Extensions/UIInfo/InformationURL" - 2>/dev/null | grep 'InformationURL'` ; \
	if [ -z "$$mdui_InformationURL" ] ; then echo "  $$x: Missing mdui:InformationURL." | sed 's/.*/&/' ; fi ; \
	tech_contact=`cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/ContactPerson[@contactType='technical']" - 2>/dev/null | grep 'EmailAddress'` ; \
	if [ -z "$$tech_contact" ] ; then echo "  $$x: Missing ContactPerson contactType='technical'." | sed 's/.*/&/' ; fi ; \
	fi ; \
	done

testEduGAINchecks:
	@echo "Checking for attributes not allowed in entities exported to eduGAIN"
	@for x in `grep -l SPSSODescriptor swamid-edugain/*` ; do \
		if ( grep -q "AssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" $$x ); then \
			echo "  $$x: AssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" not allowed";  \
		fi ;  \
	done
	@for x in `ls swamid-edugain/*` ; do \
		sed 's;\(</*\)[a-z0-9]*:;\1;g' $$x | sed 's/xmlns="[^"]*"//' | xmllint --xpath '/EntityDescriptor/Organization/OrganizationName' - 2>/dev/null | grep -vq "^$$" || echo "  $$x missing OrganizationName" | sed 's/.*/&/' ; \
		sed 's;\(</*\)[a-z0-9]*:;\1;g' $$x | sed 's/xmlns="[^"]*"//' | xmllint --xpath '/EntityDescriptor/Organization/OrganizationDisplayName' - 2>/dev/null | grep -vq "^$$" || echo "  $$x missing OrganizationDisplayName" | sed 's/.*/&/' ; \
		sed 's;\(</*\)[a-z0-9]*:;\1;g' $$x | sed 's/xmlns="[^"]*"//' | xmllint --xpath '/EntityDescriptor/Organization/OrganizationURL' - 2>/dev/null | grep -vq "^$$" || echo "  $$x missing OrganizationURL" | sed 's/.*/&/' ; \
	done


testMDUI:
	@echo "Checking for uniq IdP MDUI DisplayName"
	@for lang in `find $(SRCDIRS) -name \*.xml -exec cat {} \; | sed -n 's/.*xml:lang="\([^"]*\)".*/\1/p' | sort -u` ; do for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l IDPSSODescriptor` ; do cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/IDPSSODescriptor/Extensions/UIInfo/DisplayName[@xml:lang='$$lang']" - 2>/dev/null | sed 's/^[       ]*//;s/[        ]*$$//' | tr -d '\n' | sed 's;<[^>]*>\([^<]*\)</[^>]*>;\1\n;g' | sed "s;^;  $$x $$lang ;" | sed 's/.*/&/' ; done | sort -k 3 | uniq -d -f 2 ; done | grep . && exit 1 || true

testALlevel:
	@echo Fixa så att vi kollar!!!!!
	@echo "Check for IdP:s with AL3 without AL2"
	@for x in `find $(SRCDIRS) -name \*.xml`; do if grep -q http://www.swamid.se/policy/assurance/al3 $$x && ! grep -q http://www.swamid.se/policy/assurance/al2 $$x ; then echo "  $$x" | sed 's/.*/&/' ; fi ; done
	@echo "Check for IdP:s with AL2 without AL1"
	@for x in `find $(SRCDIRS) -name \*.xml`; do if grep -q http://www.swamid.se/policy/assurance/al2 $$x && ! grep -q http://www.swamid.se/policy/assurance/al1 $$x ; then echo "  $$x" | sed 's/.*/&/' ; fi ; done

testBadStrings:
	@echo "Check for bad strings in metadata"
	@for x in `find $(SRCDIRS) -name \*.xml`; do grep -E 'ServiceName xml:lang="[^"]*"/>' $$x | sed 's/^/  /' ; done | grep . && exit 1 || exit 0

testRegistrationAuthority:
	@echo "Check for registrationAuthority="http://www.swamid.se/" in EntityDescriptor/Extensions"
	@for x in `find $(SRCDIRS) -name \*.xml`; do \
		if ! cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/Extensions" - 2>/dev/null | grep -qE 'registrationAuthority="http://www.swamid.se/"|registrationAuthority="http://www.swamid.se/loop"' ; then \
			echo "  $$x" | sed 's/.*/&/' ;\
		fi;\
	done | grep . && exit 1 || exit 0

checkInvalidChars:
	@echo "Check for invalid characters"
	@for x in `find $(SRCDIRS) -name \*.xml`; do \
		if grep -q "&#13;" $$x ; then \
			echo "  $$x" | sed 's/.*/&/' ;\
		fi;\
	done | grep . && exit 1 || exit 0

checkUKalgorithms:
	@echo "Check for invalid algorithms in swamid-edugain"
	@xsltproc --xinclude xslt/check_uk_algorithms.xsl swamid-edugain/* 2>&1 | sed 's/.*/&/' | grep . && exit 1 || exit 0

test: $(EDUGAINXML) $(SWAMID20XML) $(TESTINGXML) testMDUI testALlevel testEduGAINchecks testRefedsRnS testBadStrings testRegistrationAuthority checkInvalidChars checkUKalgorithms

.time/%.time: swamid-edugain/%.xml
	@xsltproc --stringparam regDate $(NOW) xslt/add-rpi.xsl $< > $<.c && mv $<.c $<
	@xsltproc xslt/clean-entitydescriptor.xsl $< > $<.c && mv $<.c $<

	@xmllint --xinclude --nowarning --noout --path schema --schema schema.xsd $< 2>&1

	@echo $< done
	@touch -r $< $@

.time/%.time: swamid-2.0/%.xml
	@xsltproc --stringparam regDate $(NOW) xslt/add-rpi.xsl $< > $<.c && mv $<.c $<
	@xsltproc xslt/clean-entitydescriptor.xsl $< > $<.c && mv $<.c $<

	@xmllint --xinclude --nowarning --noout --path schema --schema schema.xsd $< 2>&1

	@echo $< done
	@touch -r $< $@

.time/%.time: swamid-testing/%.xml
	@xsltproc --stringparam regDate $(NOW) xslt/add-rpi.xsl $< > $<.c && mv $<.c $<
	@xsltproc xslt/clean-entitydescriptor.xsl $< > $<.c && mv $<.c $<

	@xmllint --xinclude --nowarning --noout --path schema --schema schema.xsd $< 2>&1

	@echo $< done
	@touch -r $< $@

commit: test
	@git diff --color || true
	@echo ; echo -n "Run 'git commit -av'? [Y/n/skip] " ; read x ; case $$x in "Y"|"y"|"") git commit -av ;; s|skip) ;; *) exit 1 ;; esac
	@git status -u
	@echo "Checking for not committed files in swamid-*/" ; if git status --porcelain --ignored | awk '{print $$2}' | egrep "^swamid-edugain|^swamid-2.0/|^swamid-testing/" | sed 's/^/  /' | grep . ; then echo "Not committed files in swamid-*/, aborting" ; exit 1 ; fi
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-14 22:01:54 +0000