blob: 26534d3c114635c3bfd70d19e3efc9d3b13ae168 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
#!/bin/bash
#
# Fetch Service Provider metadata and save into entityid filename
#
error()
{
echo "Error: $*" 1>&2
exit 1
}
metadataurl=$1
if [ -z "$metadataurl" ] ; then
cat <<EOF
Usage: `basename $0` <metadataurl>
Ex: `basename $0` https://shibsp.mysite.com/Shibboleth.sso/Metadata
`basename $0` https://shibidp.mysite.com/idp/profile/Metadata/SAML
`basename $0` some-downloaded-metadata.xml
`basename $0` reep:<entityid>
`basename $0` <hostname> (tries to pull from standard locations)
EOF
exit 1
fi
if [ `uname -s` == "Darwin" ]; then
SEDI="sed -i '' "
else
SEDI="sed -i"
fi
script_cwd=`dirname "$0"`
if test -d swamid-2.0 ; then
echo "Moving into swamid-2.0/"
cd swamid-2.0
echo "$script_cwd" | grep -q ^/ || script_cwd=../$script_cwd
fi
update_xml=true
if echo "$metadataurl" | grep -qE '^http://|^https://' ; then
metadata=`curl -L -s -k -f "$metadataurl"`
elif echo "$metadataurl" | grep -qE '^reep:' ; then
id=`echo -n "$metadataurl" | sed 's/^reep://' | sha1sum | awk '{print $1}'`
metadataurl="http://md.reep.refeds.org/entities/%7Bsha1%7D$id"
metadata=`curl -L -s -k -f "$metadataurl"`
else
if [ -s "${metadataurl}" ]; then
metadata=`cat "$metadataurl"`
else
case $metadataurl in
[0-9][0-9]*)
urls="https://metadata.swamid.se/?rawXML=${metadataurl}"
update_xml=false
;;
http*)
urls="$metadataurl"
;;
*)
urls="https://${metadataurl}/idp/shibboleth https://${metadataurl}/Shibboleth.sso/Metadata https://${metadataurl}/saml/index/sp-metadata https://${metadataurl}/saml/metadata https://${metadataurl}/federationmetadata/2007-06/federationmetadata.xml"
;;
esac
for i in ${urls}; do
metadata=`curl -L -m 5 -s -k -f "${i}"`
[ -n "${metadata}" ] && break
done
fi
fi
[ -n "$metadata" ] || error "Failed to fetch metadata from $metadataurl"
entityid=`echo "$metadata" | sed -n 's/.*entityID=['\''"]\([^"]*\)['\''"].*/\1/p'`
[ -n "$entityid" ] || error "Failed to find entityID in metadata"
[ `echo "$entityid" | wc -l` = 1 ] || error "Multiple entityid:s found: `echo $entityid`"
entityidfn=`echo "$entityid" | sed 's;.*://;;' | sed 's/[^a-zwA-ZW0-9_.-]/-/g' | sed 's/$/.xml/'`
[ -n "$entityidfn" ] || error "Failed to generate filename from entityid $entityid"
[ -r "$entityidfn" ] && new=false || new=true
if $new ; then
echo -n "Save metadata into $entityidfn [Y/n]? "
else
regdate=$(sed -n 's;.*RegistrationInfo.*registrationInstant="\([^"]*\)".*;\1;p' < "$entityidfn" | head -n 1)
echo -n "Replace $entityidfn with metadata [Y/n]? "
fi
[ -n "$regdate" ] || regdate=$(perl $script_cwd/../scripts/now_date.pl)
read x
case $x in
Y|y|"")
if $new ; then
echo -n "Add swamid-2.0/$entityidfn to swamid-sp-2.0.mxml [Y/n]? "
read x
case $x in
Y|y|"")
$SEDI "s;^</md:EntitiesDescriptor>; <xi:include href=\"swamid-2.0/$entityidfn\"/>\n&;" ../swamid-sp-2.0.mxml
echo --
tail -n 10 ../swamid-sp-2.0.mxml | sed 's/^/ /'
echo --
;;
*)
echo "Not added"
;;
esac
fi
echo "$metadata" > $entityidfn
tmp=`mktemp`
if $update_xml ; then
xsltproc --stringparam regDate "$regdate" $script_cwd/../xslt/add-rpi.xsl ${entityidfn} > ${tmp} && mv ${tmp} ${entityidfn}
fi
xsltproc $script_cwd/../xslt/clean-entitydescriptor.xsl ${entityidfn} > ${tmp} && mv ${tmp} ${entityidfn}
if $new ; then
echo -n "Add swamid-2.0/$entityidfn to git [Y/n]? "
read x
case $x in
Y|y|"")
git add $entityidfn
;;
*)
echo "Not added"
;;
esac
fi
;;
*)
echo "Nothing done"
;;
esac
|