summaryrefslogtreecommitdiff
path: root/src/saml2/tools/merge_metadata.py
blob: d31361a38a6279d42748232b27c3a4abbf95152b (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81

#!/usr/bin/env python
import argparse

from saml2.attribute_converter import ac_factory
from saml2.httpbase import HTTPBase
from saml2.mdstore import MetaDataExtern
from saml2.mdstore import MetaDataFile
from saml2.mdstore import MetadataStore
from saml2.sigver import SecurityContext
from saml2.sigver import _get_xmlsec_cryptobackend


__author__ = "rolandh"

"""
A script that imports and verifies metadata.
"""


def main():
    parser = argparse.ArgumentParser()
    parser.add_argument("-a", dest="attrsmap")
    parser.add_argument("-o", dest="output", default="local")
    parser.add_argument("-x", dest="xmlsec")
    parser.add_argument("-i", dest="ignore_valid", action="store_true")
    parser.add_argument(dest="conf")
    args = parser.parse_args()

    metad = None

    # config file format
    #
    # local <local file name>
    # remote <url> <local file name for certificate use to verify signature>
    #
    # for instance
    #
    # local metadata_sp_1.xml
    # local InCommon-metadata.xml
    # remote https://kalmar2.org/simplesaml/module.php/aggregator/?id=kalmarcentral2&set=saml2 kalmar2.pem
    #

    ATTRCONV = ac_factory(args.attrsmap)

    mds = MetadataStore(None, None)

    for line in open(args.conf).readlines():
        line = line.strip()
        if len(line) == 0:
            continue
        elif line[0] == "#":
            continue
        spec = line.split(" ")

        if args.ignore_valid:
            kwargs = {"check_validity": False}
        else:
            kwargs = {}

        if spec[0] == "local":
            metad = MetaDataFile(spec[1], spec[1], **kwargs)
        elif spec[0] == "remote":
            ATTRCONV = ac_factory(args.attrsmap)
            httpc = HTTPBase()
            crypto = _get_xmlsec_cryptobackend(args.xmlsec)
            sc = SecurityContext(crypto, key_type="", cert_type="")
            metad = MetaDataExtern(ATTRCONV, spec[1], sc, cert=spec[2], http=httpc, **kwargs)

        if metad is not None:
            try:
                metad.load()
            except:
                raise

        mds.metadata[spec[1]] = metad

    print(mds.dumps(args.output))


if __name__ == "__main__":
    main()
View Lorry Controller Status