summaryrefslogtreecommitdiff
path: root/scripts/get-metadata.sh
blob: 26534d3c114635c3bfd70d19e3efc9d3b13ae168 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
#!/bin/bash
#
# Fetch Service Provider metadata and save into entityid filename
#

error()
{
	echo "Error: $*" 1>&2
	exit 1
}

metadataurl=$1
if [ -z "$metadataurl" ] ; then
	cat <<EOF
Usage: `basename $0` <metadataurl>
Ex:    `basename $0` https://shibsp.mysite.com/Shibboleth.sso/Metadata
       `basename $0` https://shibidp.mysite.com/idp/profile/Metadata/SAML
       `basename $0` some-downloaded-metadata.xml
       `basename $0` reep:<entityid>
       `basename $0` <hostname> (tries to pull from standard locations)
EOF
	exit 1
fi

if [ `uname -s` == "Darwin" ]; then
	SEDI="sed -i '' "
else
	SEDI="sed -i"
fi

script_cwd=`dirname "$0"`
if test -d swamid-2.0 ; then
	echo "Moving into swamid-2.0/"
	cd swamid-2.0
	echo "$script_cwd" | grep -q ^/ || script_cwd=../$script_cwd
fi

update_xml=true
if echo "$metadataurl" | grep -qE '^http://|^https://' ; then
	metadata=`curl -L -s -k -f "$metadataurl"`
elif echo "$metadataurl" | grep -qE '^reep:' ; then
	id=`echo -n "$metadataurl" | sed 's/^reep://' | sha1sum | awk '{print $1}'`
	metadataurl="http://md.reep.refeds.org/entities/%7Bsha1%7D$id"
	metadata=`curl -L -s -k -f "$metadataurl"`
else
	if [ -s "${metadataurl}" ]; then
		metadata=`cat "$metadataurl"`
	else
		case $metadataurl in
			[0-9][0-9]*)
				urls="https://metadata.swamid.se/?rawXML=${metadataurl}"
				update_xml=false
				;;
			http*)
				urls="$metadataurl"
				;;
			*)
				urls="https://${metadataurl}/idp/shibboleth https://${metadataurl}/Shibboleth.sso/Metadata https://${metadataurl}/saml/index/sp-metadata https://${metadataurl}/saml/metadata https://${metadataurl}/federationmetadata/2007-06/federationmetadata.xml"
				;;
		esac
		for i in ${urls}; do
			metadata=`curl -L -m 5 -s -k -f "${i}"`
			[ -n "${metadata}" ] && break
		done
	fi
fi
[ -n "$metadata" ] || error "Failed to fetch metadata from $metadataurl"

entityid=`echo "$metadata" | sed -n 's/.*entityID=['\''"]\([^"]*\)['\''"].*/\1/p'`
[ -n "$entityid" ] || error "Failed to find entityID in metadata"
[ `echo "$entityid" | wc -l` = 1 ] || error "Multiple entityid:s found: `echo $entityid`"

entityidfn=`echo "$entityid" | sed 's;.*://;;' | sed 's/[^a-zwA-ZW0-9_.-]/-/g' | sed 's/$/.xml/'`
[ -n "$entityidfn" ] || error "Failed to generate filename from entityid $entityid"

[ -r "$entityidfn" ] && new=false || new=true
if $new ; then
	echo -n "Save metadata into $entityidfn [Y/n]? "
else
	regdate=$(sed -n 's;.*RegistrationInfo.*registrationInstant="\([^"]*\)".*;\1;p' < "$entityidfn" | head -n 1)
	echo -n "Replace $entityidfn with metadata [Y/n]? "
fi
[ -n "$regdate" ] || regdate=$(perl $script_cwd/../scripts/now_date.pl)

read x
case $x in
	Y|y|"")
		if $new ; then
			echo -n "Add swamid-2.0/$entityidfn to swamid-sp-2.0.mxml [Y/n]? "
			read x
			case $x in
				Y|y|"")
					$SEDI "s;^</md:EntitiesDescriptor>;  <xi:include href=\"swamid-2.0/$entityidfn\"/>\n&;" ../swamid-sp-2.0.mxml
					echo --
					tail -n 10 ../swamid-sp-2.0.mxml | sed 's/^/  /'
					echo --
					;;
				*)
					echo "Not added"
					;;
			esac
		fi

		echo "$metadata" > $entityidfn
		tmp=`mktemp`
		if $update_xml ; then
			xsltproc --stringparam regDate "$regdate" $script_cwd/../xslt/add-rpi.xsl ${entityidfn} > ${tmp} && mv ${tmp} ${entityidfn}
		fi
		xsltproc $script_cwd/../xslt/clean-entitydescriptor.xsl ${entityidfn} > ${tmp} && mv ${tmp} ${entityidfn}

		if $new ; then
			echo -n "Add swamid-2.0/$entityidfn to git [Y/n]? "
			read x
			case $x in
				Y|y|"")
					git add $entityidfn
					;;
				*)
					echo "Not added"
					;;
			esac
		fi
		;;
	*)
		echo "Nothing done"
		;;
esac