From b919b94ce27aa07def6a5ec080f3ab662b62cf0a Mon Sep 17 00:00:00 2001
From: peter <2031-peter-@users.noreply.git.fairkom.net>
Date: Wed, 31 May 2023 12:12:54 +0000
Subject: [PATCH] Add XML namespace declarations to extra file
---
analysis.py | 17 ++++++++++-------
attribute_mapping.json | 8 ++++++--
main.py | 25 +++++++++++++++----------
xml_namespaces.json | 5 +++++
4 files changed, 36 insertions(+), 19 deletions(-)
create mode 100644 xml_namespaces.json
diff --git a/analysis.py b/analysis.py
index eaa932f..0289f0e 100644
--- a/analysis.py
+++ b/analysis.py
@@ -21,6 +21,7 @@
from lxml import etree
import ecs_logging
+import json
import logging
import os
import requests as requests
@@ -34,6 +35,10 @@ handler.setFormatter(ecs_logging.StdlibFormatter())
logger.addHandler(handler)
+with open("./xml_namespaces.json") as f:
+ NS = json.load(f)
+
+
def get_metadata():
url = os.getenv('SAML2_METADATA_URL')
if not url:
@@ -46,7 +51,7 @@ def get_metadata():
def get_entity_descriptors():
root = get_metadata()
- entity_descriptors = root.xpath("//md:EntityDescriptor", namespaces={"md": "urn:oasis:names:tc:SAML:2.0:metadata"})
+ entity_descriptors = root.xpath("//md:EntityDescriptor", namespaces=NS)
return entity_descriptors
@@ -56,7 +61,7 @@ descriptors = get_entity_descriptors()
idps = list()
for descriptor in descriptors:
- idp_search = descriptor.xpath(".//md:IDPSSODescriptor", namespaces={"md": "urn:oasis:names:tc:SAML:2.0:metadata"})
+ idp_search = descriptor.xpath(".//md:IDPSSODescriptor", namespaces=NS)
idp = dict()
@@ -64,15 +69,13 @@ for descriptor in descriptors:
if len(idp_search):
- names = idp_search[0].xpath("./md:Extensions/mdui:UIInfo/mdui:DisplayName[@xml:lang='en']",
- namespaces={"md": "urn:oasis:names:tc:SAML:2.0:metadata",
- "mdui": "urn:oasis:names:tc:SAML:metadata:ui"})
+ names = idp_search[0].xpath("./md:Extensions/mdui:UIInfo/mdui:DisplayName[@xml:lang='en']", namespaces=NS)
idp["institution"] = ""
if len(names):
idp["institution"] = names[0].text
- disco_hints = idp_search[0].xpath("./md:Extensions/mdui:DiscoHints/mdui:DomainHint", namespaces={"md": "urn:oasis:names:tc:SAML:2.0:metadata", "mdui": "urn:oasis:names:tc:SAML:metadata:ui"})
+ disco_hints = idp_search[0].xpath("./md:Extensions/mdui:DiscoHints/mdui:DomainHint", namespaces=NS)
domains = []
@@ -81,7 +84,7 @@ for descriptor in descriptors:
idp["disco_hints"] = domains
- shib_scope = idp_search[0].xpath("./md:Extensions/shibmd:Scope", namespaces={"md": "urn:oasis:names:tc:SAML:2.0:metadata", "mdui": "urn:oasis:names:tc:SAML:metadata:ui", "shibmd": "urn:mace:shibboleth:metadata:1.0"})
+ shib_scope = idp_search[0].xpath("./md:Extensions/shibmd:Scope", namespaces=NS)
idp["shib_scope"] = ""
if len(shib_scope):
diff --git a/attribute_mapping.json b/attribute_mapping.json
index 01eda11..437264e 100644
--- a/attribute_mapping.json
+++ b/attribute_mapping.json
@@ -1,6 +1,10 @@
{
- "urn:oid:1.3.6.1.4.1.5923.1.1.1.6": "eduPersonPrincipalName",
+ "urn:oasis:names:tc:SAML:attribute:pairwise-id": "pairwise-id",
+ "urn:oasis:names:tc:SAML:attribute:subject-id": "subject-id",
"urn:oid:0.9.2342.19200300.100.1.3": "mail",
"urn:oid:2.16.840.1.113730.3.1.241": "displayName",
+ "urn:oid:2.5.4.4": "sn",
+ "urn:oid:2.5.4.42": "givenName",
+ "urn:oid:1.3.6.1.4.1.5923.1.1.1.6": "eduPersonPrincipalName",
"urn:oid:1.3.6.1.4.1.5923.1.1.1.9": "eduPersonScopedAffiliation"
-}
\ No newline at end of file
+}
diff --git a/main.py b/main.py
index 4f59e00..c0e7e58 100644
--- a/main.py
+++ b/main.py
@@ -50,6 +50,7 @@ class Metadata_importer():
self.__db = self.__get_sync_db()
self.__init_db()
self.__get_mappings()
+ self.__get_xmlns()
self.__get_excluded()
def __get_settings(self):
@@ -74,6 +75,10 @@ class Metadata_importer():
with open("./attribute_mapping.json") as f:
self.mappings = json.load(f)
+ def __get_xmlns(self):
+ with open("./xml_namespaces.json") as f:
+ self.NS = json.load(f)
+
def __get_excluded(self):
with open("./exclude.json") as f:
self.excluded = json.load(f)
@@ -192,7 +197,7 @@ class Metadata_importer():
def get_entity_descriptors(self):
root = self.get_metadata()
- entity_descriptors = root.xpath("//md:EntityDescriptor", namespaces={"md": "urn:oasis:names:tc:SAML:2.0:metadata"})
+ entity_descriptors = root.xpath("//md:EntityDescriptor", namespaces=self.NS)
return entity_descriptors
@@ -203,8 +208,8 @@ class Metadata_importer():
idps = list()
for entity_descriptor in entity_descriptors:
- idp_search = entity_descriptor.xpath(".//md:IDPSSODescriptor", namespaces={"md": "urn:oasis:names:tc:SAML:2.0:metadata"})
- sp_search = entity_descriptor.xpath(".//md:SPSSODescriptor", namespaces={"md": "urn:oasis:names:tc:SAML:2.0:metadata"})
+ idp_search = entity_descriptor.xpath(".//md:IDPSSODescriptor", namespaces=self.NS)
+ sp_search = entity_descriptor.xpath(".//md:SPSSODescriptor", namespaces=self.NS)
if len(idp_search):
idps.append(entity_descriptor)
elif len(sp_search):
@@ -254,10 +259,10 @@ class Metadata_importer():
logger.warning("failed", extra={"error": obj["error"]})
continue
obj = self.postprocess_client_obj(sp, obj)
- displayName_nodes = sp.xpath(".//md:Extensions/mdui:UIInfo/mdui:DisplayName[@xml:lang='en']", namespaces={"md": "urn:oasis:names:tc:SAML:2.0:metadata", "mdui": "urn:oasis:names:tc:SAML:metadata:ui"})
- description_nodes = sp.xpath(".//md:Extensions/mdui:UIInfo/mdui:Description[@xml:lang='en']", namespaces={"md": "urn:oasis:names:tc:SAML:2.0:metadata", "mdui": "urn:oasis:names:tc:SAML:metadata:ui"})
- # privacynote_nodes = sp.xpath(".//md:Extensions/mdui:UIInfo/mdui:PrivacyStatementURL[@xml:lang='en']", namespaces={"md": "urn:oasis:names:tc:SAML:2.0:metadata", "mdui": "urn:oasis:names:tc:SAML:metadata:ui"})
- logo_nodes = sp.xpath(".//md:Extensions/mdui:UIInfo/mdui:Logo", namespaces={"md": "urn:oasis:names:tc:SAML:2.0:metadata", "mdui": "urn:oasis:names:tc:SAML:metadata:ui"})
+ displayName_nodes = sp.xpath(".//md:Extensions/mdui:UIInfo/mdui:DisplayName[@xml:lang='en']", namespaces=self.NS)
+ description_nodes = sp.xpath(".//md:Extensions/mdui:UIInfo/mdui:Description[@xml:lang='en']", namespaces=self.NS)
+ # privacynote_nodes = sp.xpath(".//md:Extensions/mdui:UIInfo/mdui:PrivacyStatementURL[@xml:lang='en']", namespaces=self.NS)
+ logo_nodes = sp.xpath(".//md:Extensions/mdui:UIInfo/mdui:Logo", namespaces=self.NS)
if len(description_nodes):
obj["description"] = description_nodes[0].text[:255]
@@ -311,10 +316,10 @@ class Metadata_importer():
for idp in idps:
hints = set()
- discoHints = idp.xpath(".//mdui:DomainHint", namespaces={"md": "urn:oasis:names:tc:SAML:2.0:metadata", "mdui": "urn:oasis:names:tc:SAML:metadata:ui"})
- scope = idp.xpath(".//shibmd:Scope", namespaces={"md": "urn:oasis:names:tc:SAML:2.0:metadata", "mdui": "urn:oasis:names:tc:SAML:metadata:ui", "shibmd": "urn:mace:shibboleth:metadata:1.0"})[0].text
+ discoHints = idp.xpath(".//mdui:DomainHint", namespaces=self.NS)
+ scope = idp.xpath(".//shibmd:Scope", namespaces=self.NS)[0].text
- displayName = idp.xpath(".//md:Extensions/mdui:UIInfo/mdui:DisplayName[@xml:lang='en']", namespaces={"md": "urn:oasis:names:tc:SAML:2.0:metadata", "mdui": "urn:oasis:names:tc:SAML:metadata:ui"})[0].text
+ displayName = idp.xpath(".//md:Extensions/mdui:UIInfo/mdui:DisplayName[@xml:lang='en']", namespaces=self.NS)[0].text
hints.add(scope)
diff --git a/xml_namespaces.json b/xml_namespaces.json
new file mode 100644
index 0000000..a35945e
--- /dev/null
+++ b/xml_namespaces.json
@@ -0,0 +1,5 @@
+{
+ "md" : "urn:oasis:names:tc:SAML:2.0:metadata",
+ "mdui" : "urn:oasis:names:tc:SAML:metadata:ui",
+ "shibmd" : "urn:mace:shibboleth:metadata:1.0"
+}
--
GitLab