dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

tidy

Browse Source
This commit is contained in:
Maxime Besson 2021-06-29 15:23:02 +02:00
parent ff09c8856f
commit 2c7ba2d057
1 changed files with 165 additions and 149 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

314
lemonldap-ng-common/scripts/importMetadata
View File

@ -7,18 +7,16 @@ use LWP::UserAgent;
use MIME::Base64;
use XML::LibXML;
sub toEntityIDkey {
my ($prefix, $entityID) = @_;
my ( $prefix, $entityID ) = @_;
my $entityIDKey = $entityID;
$entityIDKey =~ s/^https?:\/\///;
$entityIDKey =~ s/[^a-zA-Z0-9]/-/g;
$entityIDKey =~ s/-+$//g;
return($prefix . $entityIDKey);
my $entityIDKey = $entityID;
$entityIDKey =~ s/^https?:\/\///;
$entityIDKey =~ s/[^a-zA-Z0-9]/-/g;
$entityIDKey =~ s/-+$//g;
return ( $prefix . $entityIDKey );
}
#==============================================================================
# Get command line options
#==============================================================================
@ -53,7 +51,8 @@ if ( $opts{help} or !$opts{metadata} ) {
print STDERR "\t-a (--nagios) : output statistics in Nagios format\n";
print STDERR "\t-n (--dry-run): do nothing\n";
print STDERR "\t-v (--verbose): display all actions\n";
print STDERR "\t-r (--remove): remove entityID inside LemonLDAP if was remove inside remote metadata\n";
print STDERR
"\t-r (--remove): remove entityID inside LemonLDAP if was remove inside remote metadata\n";
exit 1;
}
@ -61,15 +60,12 @@ if ( $opts{help} or !$opts{metadata} ) {
# Default values
#==============================================================================
my $spConfKeyPrefix = $opts{spconfprefix} || "sp-";
my $idpConfKeyPrefix = $opts{idpconfprefix} || "idp-";
# Set here attributes that are declared for your SP in the federation
# They will be set as exported attributes for all IDP
#
#
my $exportedAttributes = {
'cn' => '0;cn',
'eduPersonPrincipalName' => '0;eduPersonAffiliation',
@ -235,55 +231,57 @@ foreach
# test if IDP entityID is inside the block list
if ( $entityID ~~ @idpIgnorelist ) {
if ( grep { $entityID eq $_ } @idpIgnorelist ) {
if ( $opts{verbose} ) {
print "IDP $entityID won't be update/added \n";
}
$idpCounter->{ignored}++;
}else{
# Check if entityID already in configuration
if ( defined $idpList->{$entityID} ) {
# Update metadata
$lastConf->{samlIDPMetaDataXML}->{ $idpList->{$entityID} }
->{samlIDPMetaDataXML} = $partner_metadata;
# Update attributes
$lastConf->{samlIDPMetaDataExportedAttributes}
->{ $idpList->{$entityID} } = $exportedAttributes;
# Update options
$lastConf->{samlIDPMetaDataOptions}->{ $idpList->{$entityID} }
= $idpOptions;
if ( $opts{verbose} ) {
print "Update IDP $entityID in configuration\n";
}
$idpCounter->{updated}++;
}
else {
# Create a new partner
my $confKey = toEntityIDkey($idpConfKeyPrefix, $entityID);
# Metadata
$lastConf->{samlIDPMetaDataXML}->{$confKey}
->{samlIDPMetaDataXML} = $partner_metadata;
# Attributes
$lastConf->{samlIDPMetaDataExportedAttributes}->{$confKey} =
$exportedAttributes;
# Options
$lastConf->{samlIDPMetaDataOptions}->{$confKey} = $idpOptions;
if ( $opts{verbose} ) {
print
"Declare new IDP $entityID (configuration key $confKey)\n";
}
$idpCounter->{created}++;
}
}
else {
# Check if entityID already in configuration
if ( defined $idpList->{$entityID} ) {
# Update metadata
$lastConf->{samlIDPMetaDataXML}->{ $idpList->{$entityID} }
->{samlIDPMetaDataXML} = $partner_metadata;
# Update attributes
$lastConf->{samlIDPMetaDataExportedAttributes}
->{ $idpList->{$entityID} } = $exportedAttributes;
# Update options
$lastConf->{samlIDPMetaDataOptions}
->{ $idpList->{$entityID} } = $idpOptions;
if ( $opts{verbose} ) {
print "Update IDP $entityID in configuration\n";
}
$idpCounter->{updated}++;
}
else {
# Create a new partner
my $confKey = toEntityIDkey( $idpConfKeyPrefix, $entityID );
# Metadata
$lastConf->{samlIDPMetaDataXML}->{$confKey}
->{samlIDPMetaDataXML} = $partner_metadata;
# Attributes
$lastConf->{samlIDPMetaDataExportedAttributes}->{$confKey}
= $exportedAttributes;
# Options
$lastConf->{samlIDPMetaDataOptions}->{$confKey} =
$idpOptions;
if ( $opts{verbose} ) {
print
"Declare new IDP $entityID (configuration key $confKey)\n";
}
$idpCounter->{created}++;
}
}
}
else {
print STDERR
@ -352,66 +350,70 @@ foreach
my $partner_metadata = $partner->toString;
$partner_metadata =~ s/\n//g;
# test if IDP entityID is inside the block list
if ( $entityID ~~ @spIgnorelist ) {
if ( grep { $entityID eq $_ } @spIgnorelist ) {
if ( $opts{verbose} ) {
print "SP $entityID won't be update/added \n";
}
print "SP $entityID won't be update/added \n";
}
$spCounter->{ignored}++;
}else{
# Check if entityID already in configuration
if ( defined $spList->{$entityID} ) {
# Update metadata
$lastConf->{samlSPMetaDataXML}->{ $spList->{$entityID} }
->{samlSPMetaDataXML} = $partner_metadata;
}
else {
# Check if entityID already in configuration
if ( defined $spList->{$entityID} ) {
# Update attributes
$lastConf->{samlSPMetaDataExportedAttributes}
->{ $spList->{$entityID} } = $requestedAttributes;
# Update metadata
$lastConf->{samlSPMetaDataXML}->{ $spList->{$entityID} }
->{samlSPMetaDataXML} = $partner_metadata;
# Update options
# Update attributes
$lastConf->{samlSPMetaDataExportedAttributes}
->{ $spList->{$entityID} } = $requestedAttributes;
# Update options
# $lastConf->{samlSPMetaDataOptions}->{ $spList->{$entityID} } =
# $spOptions;
# FIX AGA
$lastConf->{samlSPMetaDataOptions}->{ $spList->{$entityID} } =
{ %{$spOptions } };
$lastConf->{samlSPMetaDataOptions}->{ $spList->{$entityID} }
= { %{$spOptions} };
if ( $opts{verbose} ) {
print "Update SP $entityID in configuration\n";
}
$spCounter->{updated}++;
}
else {
# Create a new partner
my $confKey = toEntityIDkey($spConfKeyPrefix, $entityID);
if ( $opts{verbose} ) {
print "Update SP $entityID in configuration\n";
}
$spCounter->{updated}++;
}
else {
# Create a new partner
my $confKey = toEntityIDkey( $spConfKeyPrefix, $entityID );
# Metadata
$lastConf->{samlSPMetaDataXML}->{$confKey}->{samlSPMetaDataXML}
= $partner_metadata;
# Metadata
$lastConf->{samlSPMetaDataXML}->{$confKey}
->{samlSPMetaDataXML} = $partner_metadata;
# Attributes
$lastConf->{samlSPMetaDataExportedAttributes}->{$confKey} =
$requestedAttributes;
# Attributes
$lastConf->{samlSPMetaDataExportedAttributes}->{$confKey} =
$requestedAttributes;
# Options
# $lastConf->{samlSPMetaDataOptions}->{$confKey} = $spOptions;
# FIX AGA
$lastConf->{samlSPMetaDataOptions}->{$confKey} = { %{$spOptions } };
# FIX AGA
$lastConf->{samlSPMetaDataOptions}->{$confKey} =
{ %{$spOptions} };
if ( $opts{verbose} ) {
print
"Declare new SP $entityID (configuration key $confKey)\n";
}
$spCounter->{created}++;
}
# handle eduPersonTargetedID
if ( $requestedAttributes->{eduPersonTargetedID} ) {
delete $requestedAttributes->{eduPersonTargetedID};
$lastConf->{samlSPMetaDataOptions}->{ $spList->{$entityID} }->{samlSPMetaDataOptionsNameIDFormat} = 'persistent';
}
if ( $opts{verbose} ) {
print
"Declare new SP $entityID (configuration key $confKey)\n";
}
$spCounter->{created}++;
}
# handle eduPersonTargetedID
if ( $requestedAttributes->{eduPersonTargetedID} ) {
delete $requestedAttributes->{eduPersonTargetedID};
$lastConf->{samlSPMetaDataOptions}->{ $spList->{$entityID} }
->{samlSPMetaDataOptionsNameIDFormat} = 'persistent';
}
}
@ -429,10 +431,10 @@ foreach
# Remove partners
if ( $opts{remove} ) {
foreach ( keys %$idpList ) {
my $idpConfKey = $idpList->{$_};
unless ( defined $mdIdpList->{$_} ) {
if ( $_ ~~ @idpIgnorelist ) {
foreach my $entityID ( keys %$idpList ) {
my $idpConfKey = $idpList->{$entityID};
unless ( defined $mdIdpList->{$entityID} ) {
if ( grep { $entityID eq $_ } @idpIgnorelist ) {
$idpCounter->{ignored}++;
if ( $opts{verbose} ) {
print "IDP $idpConfKey won't be deleted \n";
@ -451,10 +453,10 @@ if ( $opts{remove} ) {
}
}
foreach ( keys %$spList ) {
my $spConfKey = $spList->{$_};
unless ( defined $mdSpList->{$_} ) {
if ( $_ ~~ @spIgnorelist ) {
foreach my $entityID ( keys %$spList ) {
my $spConfKey = $spList->{$entityID};
unless ( defined $mdSpList->{$entityID} ) {
if ( grep { $entityID eq $_ } @spIgnorelist ) {
$spCounter->{ignored}++;
if ( $opts{verbose} ) {
print "SP $spConfKey won't be deleted \n";
@ -462,7 +464,8 @@ if ( $opts{remove} ) {
}
else {
delete $lastConf->{samlSPMetaDataXML}->{$spConfKey};
delete $lastConf->{samlSPMetaDataExportedAttributes}->{$spConfKey};
delete $lastConf->{samlSPMetaDataExportedAttributes}
->{$spConfKey};
delete $lastConf->{samlSPMetaDataOptions}->{$spConfKey};
$spCounter->{removed}++;
if ( $opts{verbose} ) {
@ -473,7 +476,7 @@ if ( $opts{remove} ) {
}
}
my $numConf = "DRY-RUN";
my $numConf = "DRY-RUN";
my $exitCode = 0;
if ( !$opts{'dry-run'} ) {
@ -498,47 +501,60 @@ else {
}
}
if ( $opts{nagios} ) {
print "Metadata loaded inside Conf: [".$numConf."]|idp_found=".$idpCounter->{found}
.", idp_updated=".$idpCounter->{updated}
.", idp_created=".$idpCounter->{created}
.", idp_removed=".$idpCounter->{removed}
.", idp_rejected=".$idpCounter->{rejected}
.", idp_ignored=".$idpCounter->{ignored}
.", sp_found=".$spCounter->{found}
.", sp_updated=".$spCounter->{updated}
.", sp_created=".$spCounter->{created}
.", sp_removed=".$spCounter->{removed}
.", sp_rejected=".$spCounter->{rejected}
.", sp_ignored=".$spCounter->{ignored}."\n";
}else{
print "[IDP]\tFound: "
. $idpCounter->{found}
. "\tUpdated: "
. $idpCounter->{updated}
. "\tCreated: "
. $idpCounter->{created}
. "\tRemoved: "
. $idpCounter->{removed}
. "\tRejected: "
. $idpCounter->{rejected}
. "\tIgnored: "
. $idpCounter->{ignored} . "\n";
print "[SP]\tFound: "
. $spCounter->{found}
. "\tUpdated: "
. $spCounter->{updated}
. "\tCreated: "
. $spCounter->{created}
. "\tRemoved: "
. $spCounter->{removed}
. "\tRejected: "
. $spCounter->{rejected}
. "\tIgnored: "
. $spCounter->{ignored} . "\n";
print "Metadata loaded inside Conf: ["
. $numConf
. "]|idp_found="
. $idpCounter->{found}
. ", idp_updated="
. $idpCounter->{updated}
. ", idp_created="
. $idpCounter->{created}
. ", idp_removed="
. $idpCounter->{removed}
. ", idp_rejected="
. $idpCounter->{rejected}
. ", idp_ignored="
. $idpCounter->{ignored}
. ", sp_found="
. $spCounter->{found}
. ", sp_updated="
. $spCounter->{updated}
. ", sp_created="
. $spCounter->{created}
. ", sp_removed="
. $spCounter->{removed}
. ", sp_rejected="
. $spCounter->{rejected}
. ", sp_ignored="
. $spCounter->{ignored} . "\n";
}
else {
print "[IDP]\tFound: "
. $idpCounter->{found}
. "\tUpdated: "
. $idpCounter->{updated}
. "\tCreated: "
. $idpCounter->{created}
. "\tRemoved: "
. $idpCounter->{removed}
. "\tRejected: "
. $idpCounter->{rejected}
. "\tIgnored: "
. $idpCounter->{ignored} . "\n";
print "[SP]\tFound: "
. $spCounter->{found}
. "\tUpdated: "
. $spCounter->{updated}
. "\tCreated: "
. $spCounter->{created}
. "\tRemoved: "
. $spCounter->{removed}
. "\tRejected: "
. $spCounter->{rejected}
. "\tIgnored: "
. $spCounter->{ignored} . "\n";
}
exit $exitCode;