Skip to content
Snippets Groups Projects
Commit 45c4d248 authored by Armin Felder's avatar Armin Felder
Browse files

support idps with missing shibmd:Scope

parent c9ae8883
No related branches found
No related tags found
2 merge requests!11Jowenn docker,!10support idps with missing shibmd:Scope
......@@ -316,18 +316,27 @@ class Metadata_importer():
for idp in idps:
hints = set()
xmlstr = etree.tostring(idp, encoding='utf8', method='xml').decode("utf8")
discoHints = idp.xpath(".//mdui:DomainHint", namespaces=self.NS)
scope = idp.xpath(".//shibmd:Scope", namespaces=self.NS)[0].text
scopes = idp.xpath(".//shibmd:Scope", namespaces=self.NS)
displayName = idp.xpath(".//md:Extensions/mdui:UIInfo/mdui:DisplayName[@xml:lang='en']", namespaces=self.NS)[0].text
displayNames = idp.xpath(".//md:Extensions/mdui:UIInfo/mdui:DisplayName[@xml:lang='en']",
namespaces=self.NS)
displayName = ""
if len(displayNames) > 0:
displayName = displayNames[0].text
else:
OrgDisplayNames = idp.xpath(".//md:OrganizationDisplayName[@xml:lang='en']", namespaces=self.NS)
if len(OrgDisplayNames) > 0:
displayName = OrgDisplayNames[0].text
hints.add(scope)
for scope in scopes:
hints.add(scope.text)
for hint in discoHints:
hints.add(hint.text)
xmlstr = etree.tostring(idp, encoding='utf8', method='xml').decode("utf8")
idp_obj = dict()
alias = idp.get("entityID")
alias = alias.replace("https://", "")
......
test.xml 0 → 100644
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:xrd="http://docs.oasis-open.org/ns/xri/xrd-1.0" xmlns:pyff="http://pyff.io/NS" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ser="http://eidas.europa.eu/metadata/servicelist" xmlns:eidas="http://eidas.europa.eu/saml-extensions" xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:req-attr="urn:oasis:names:tc:SAML:protocol:ext:req-attr" xmlns:refeds="http://refeds.org/metadata" xmlns:hoksso="urn:oasis:names:tc:SAML:2.0:profiles:holder-of-key:SSO:browser" xmlns:remd="http://refeds.org/metadata" xmlns:xi="http://www.w3.org/2001/XInclude" xmlns:ukfedlabel="http://ukfederation.org.uk/2006/11/label" xmlns:oaf="http://schemas.eduserv.org.uk/openathens-federation/1.0" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xmlns:privacy="http://docs.oasis-open.org/wsfed/privacy/200706" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:disco="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" xmlns:mduri="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:elab="http://eduserv.org.uk/labels" xmlns:wayf="http://sdss.ac.uk/2006/06/WAYF" xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:taat="http://www.eenet.ee/EENet/urn" xmlns:saml1md="urn:mace:shibboleth:metadata:1.0" xmlns:ns1="http://www.w3.org/2000/09/xmldsig#" xmlns:ns2="urn:oasis:names:tc:SAML:metadata:attribute" xmlns:ns0="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ns4="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" xmlns:ns5="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ns6="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:algsupport="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:req="urn:oasis:names:tc:SAML:profiles:SSO:request-init" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:eduidmd="http://eduid.cz/schema/metadata/1.0" xmlns:ns3="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ns7="urn:oasis:names:tc:SAML:metadata:ui" xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" entityID="https://idp.redclara.net/saml2/idp/metadata.php">
<md:Extensions>
<mdrpi:RegistrationInfo registrationAuthority="https://mds.redclara.net/" registrationInstant="2023-01-17T11:28:03Z">
<mdrpi:RegistrationPolicy xml:lang="en">https://www.redclara.net/index.php/en/servicios-rc/federaciones-de-identidad</mdrpi:RegistrationPolicy>
<mdrpi:RegistrationPolicy xml:lang="es">https://www.redclara.net/index.php/es/servicios-rc/federaciones-de-identidad</mdrpi:RegistrationPolicy>
</mdrpi:RegistrationInfo>
</md:Extensions>
<md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:KeyDescriptor use="signing">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>MIIE6zCCA1OgAwIBAgIUb1ABshSGJNFEwaoCyP07ufLgZcYwDQYJKoZIhvcNAQELBQAwgYQxCzAJBgNVBAYTAkNIMRMwEQYDVQQIDApTb21lLVN0YXRlMREwDwYDVQQKDAhSZWRDbGFyYTERMA8GA1UECwwIUmVkQ0xBUkExGTAXBgNVBAMMEGlkcC5yZWRjbGFyYS5uZXQxHzAdBgkqhkiG9w0BCQEWEHNlZ0ByZWRjbGFyYS5uZXQwHhcNMjEwNTI3MTgxOTI2WhcNMzEwNTI3MTgxOTI2WjCBhDELMAkGA1UEBhMCQ0gxEzARBgNVBAgMClNvbWUtU3RhdGUxETAPBgNVBAoMCFJlZENsYXJhMREwDwYDVQQLDAhSZWRDTEFSQTEZMBcGA1UEAwwQaWRwLnJlZGNsYXJhLm5ldDEfMB0GCSqGSIb3DQEJARYQc2VnQHJlZGNsYXJhLm5ldDCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAMYUoF+n89sO6HMhMBIHgZEOuV45D5jkfv2NH1nV4mkuBvklSBPL8SFcZqliIT0sqsrlK4B4oENwJSUL60e/FRNQ/Z7EqoOUiQ46ZJ2sIS8cGgqrGKjtrES9CGqURV6qDOpWgJyoJTif50ctPX56Zmxmbg0xS6CLRrYGLSYG32HIBDLLgas3isuIi1WUzV3lpE0NvbMOSnn86O0mcPGQG8Ahv72t5TAaxiA4eZeSyugXibd/BVAiyXkJ+hprikwtXBf19pyyn41juwtVkUzjld/0xUcGjoRUOHJe/WCmOeaIDvUqAipLLhayT+WB/0uDwCV6hT5vvt6q1b+8H1yHccOPS/qcZl3APjmBqUID9hK4N8BRmFk11I5GjbbeLveXZMD9JOKAXZ2z9x7aEV/CHcjKJaByQOAj/Ei3idt8qJ+Z/dl2gDSrJZgr6wfFa3CUYzymz3SeLTXiLbB8eo1aKaArE06CjTaA/kxh/ODKkGVIFktNLUYISqF2kDGlDGKYQQIDAQABo1MwUTAdBgNVHQ4EFgQUAJ7zvFGDDkqz/VCjCan4E8TGCE8wHwYDVR0jBBgwFoAUAJ7zvFGDDkqz/VCjCan4E8TGCE8wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAYEAK9qv7KS1w3JgceZUrU5CjtGaMrwpUQR7t90yCaUjNLQjvanSowDLzv4kUNRSHwUzgLF6g1D8IzK2YB6oNGt/cpccL65cdzsyh4aXFOk4vgu1p8Sqavd6LyXr38t8KyjRjMuWHbB49mLEoNyvr4ggz4fa2Jb2yYhC2umgmQAcPBlehv70PGFGmVfoGzcwOGCvWLBK+Y7P3Ted3hsboqOqy29y8uLCcPAIbsekkvzegq29SbxNkvZn3oeqLVb3cxzsgs+oLH5MhbFuzx+O+MmdlBk8BS7caJrOA5cHgpmI5dLyEbQVMLriaHxjSHMzJTvp5HJPWqY02WWcAUcXGq2hcseVvRqsFu/GvfxMIQtAs+0QHnIa01BZq8LPTd6DNG5yPdGdI3ohEZSeafhD4witzYuJCRSr7ZC1b7hLGlGqBdltfPmB2YfMr6dbKNaaQRpX2SoCNXUSTKehghZjU9Wx5gEmu3a9U0rV8N8fjSEkvhle3wh1H/WyPmaSZpJs4A3c</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:KeyDescriptor use="encryption">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>MIIE6zCCA1OgAwIBAgIUb1ABshSGJNFEwaoCyP07ufLgZcYwDQYJKoZIhvcNAQELBQAwgYQxCzAJBgNVBAYTAkNIMRMwEQYDVQQIDApTb21lLVN0YXRlMREwDwYDVQQKDAhSZWRDbGFyYTERMA8GA1UECwwIUmVkQ0xBUkExGTAXBgNVBAMMEGlkcC5yZWRjbGFyYS5uZXQxHzAdBgkqhkiG9w0BCQEWEHNlZ0ByZWRjbGFyYS5uZXQwHhcNMjEwNTI3MTgxOTI2WhcNMzEwNTI3MTgxOTI2WjCBhDELMAkGA1UEBhMCQ0gxEzARBgNVBAgMClNvbWUtU3RhdGUxETAPBgNVBAoMCFJlZENsYXJhMREwDwYDVQQLDAhSZWRDTEFSQTEZMBcGA1UEAwwQaWRwLnJlZGNsYXJhLm5ldDEfMB0GCSqGSIb3DQEJARYQc2VnQHJlZGNsYXJhLm5ldDCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAMYUoF+n89sO6HMhMBIHgZEOuV45D5jkfv2NH1nV4mkuBvklSBPL8SFcZqliIT0sqsrlK4B4oENwJSUL60e/FRNQ/Z7EqoOUiQ46ZJ2sIS8cGgqrGKjtrES9CGqURV6qDOpWgJyoJTif50ctPX56Zmxmbg0xS6CLRrYGLSYG32HIBDLLgas3isuIi1WUzV3lpE0NvbMOSnn86O0mcPGQG8Ahv72t5TAaxiA4eZeSyugXibd/BVAiyXkJ+hprikwtXBf19pyyn41juwtVkUzjld/0xUcGjoRUOHJe/WCmOeaIDvUqAipLLhayT+WB/0uDwCV6hT5vvt6q1b+8H1yHccOPS/qcZl3APjmBqUID9hK4N8BRmFk11I5GjbbeLveXZMD9JOKAXZ2z9x7aEV/CHcjKJaByQOAj/Ei3idt8qJ+Z/dl2gDSrJZgr6wfFa3CUYzymz3SeLTXiLbB8eo1aKaArE06CjTaA/kxh/ODKkGVIFktNLUYISqF2kDGlDGKYQQIDAQABo1MwUTAdBgNVHQ4EFgQUAJ7zvFGDDkqz/VCjCan4E8TGCE8wHwYDVR0jBBgwFoAUAJ7zvFGDDkqz/VCjCan4E8TGCE8wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAYEAK9qv7KS1w3JgceZUrU5CjtGaMrwpUQR7t90yCaUjNLQjvanSowDLzv4kUNRSHwUzgLF6g1D8IzK2YB6oNGt/cpccL65cdzsyh4aXFOk4vgu1p8Sqavd6LyXr38t8KyjRjMuWHbB49mLEoNyvr4ggz4fa2Jb2yYhC2umgmQAcPBlehv70PGFGmVfoGzcwOGCvWLBK+Y7P3Ted3hsboqOqy29y8uLCcPAIbsekkvzegq29SbxNkvZn3oeqLVb3cxzsgs+oLH5MhbFuzx+O+MmdlBk8BS7caJrOA5cHgpmI5dLyEbQVMLriaHxjSHMzJTvp5HJPWqY02WWcAUcXGq2hcseVvRqsFu/GvfxMIQtAs+0QHnIa01BZq8LPTd6DNG5yPdGdI3ohEZSeafhD4witzYuJCRSr7ZC1b7hLGlGqBdltfPmB2YfMr6dbKNaaQRpX2SoCNXUSTKehghZjU9Wx5gEmu3a9U0rV8N8fjSEkvhle3wh1H/WyPmaSZpJs4A3c</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.redclara.net/saml2/idp/SingleLogoutService.php"/>
<md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
<md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.redclara.net/saml2/idp/SSOService.php"/>
</md:IDPSSODescriptor>
<md:Organization>
<md:OrganizationName xml:lang="en">RedCLARA - Cooperacion Latino Americana de Redes Avanzadas</md:OrganizationName>
<md:OrganizationName xml:lang="es">RedCLARA - Cooperacion Latino Americana de Redes Avanzadas</md:OrganizationName>
<md:OrganizationDisplayName xml:lang="en">RedCLARA - Cooperacion Latino Americana de Redes Avanzadas</md:OrganizationDisplayName>
<md:OrganizationDisplayName xml:lang="es">RedCLARA - Cooperacion Latino Americana de Redes Avanzadas</md:OrganizationDisplayName>
<md:OrganizationURL xml:lang="en">https://redclara.net/index.php/en/</md:OrganizationURL>
<md:OrganizationURL xml:lang="es">https://redclara.net/index.php/es/</md:OrganizationURL>
</md:Organization>
<md:ContactPerson contactType="technical">
<md:GivenName>Administrator</md:GivenName>
<md:EmailAddress>mailto:seg@redclara.net</md:EmailAddress>
</md:ContactPerson>
</md:EntityDescriptor>
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment