tools/verify_metadata.py


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65

#!/usr/bin/env python

import argparse

from saml2.attribute_converter import ac_factory
from saml2.httpbase import HTTPBase

from saml2.sigver import _get_xmlsec_cryptobackend
from saml2.sigver import SecurityContext

from saml2.mdstore import MetaDataFile
from saml2.mdstore import MetaDataExtern

__author__ = 'rolandh'

"""
A script that imports and verifies metadata.
"""


parser = argparse.ArgumentParser()
parser.add_argument('-t', dest='type')
parser.add_argument('-u', dest='url')
parser.add_argument('-c', dest='cert')
parser.add_argument('-a', dest='attrsmap')
parser.add_argument('-o', dest='output')
parser.add_argument('-x', dest='xmlsec')
parser.add_argument('-i', dest='ignore_valid', action='store_true')
parser.add_argument(dest="item")
args = parser.parse_args()


metad = None

if args.ignore_valid:
    kwargs = {"check_validity": False}
else:
    kwargs = {}

if args.type == "local":
    if args.cert and args.xmlsec:
        crypto = _get_xmlsec_cryptobackend(args.xmlsec)
        sc = SecurityContext(crypto)
        metad = MetaDataFile(args.item, args.item, cert=args.cert, security=sc,
                             **kwargs)
    else:
        metad = MetaDataFile(args.item, args.item, **kwargs)
elif args.type == "external":
    ATTRCONV = ac_factory(args.attrsmap)
    httpc = HTTPBase()
    crypto = _get_xmlsec_cryptobackend(args.xmlsec)
    sc = SecurityContext(crypto)
    metad = MetaDataExtern(ATTRCONV, args.url, sc, cert=args.cert, http=httpc,
                           **kwargs)

if metad:
    try:
        metad.load()
    except:
        raise
    else:
        print("OK")