Add the get-sp-metadata action

The get-sp-metadata action will display the service provider metadata generated by the charm.
2019-03-15 11:29:50 -07:00 · 2019-03-15 11:29:50 -07:00 · b6cd90dade
commit b6cd90dade
parent 76b3bb0035
6 changed files with 69 additions and 4 deletions
--- a/src/README.md
+++ b/src/README.md
@ -141,6 +141,7 @@ The key PEM file is the resource file for sp-private-key.pem. The certificate
 PEM data will be placed in an XML document and will become the
 sp-signing-keyinfo.xml resource file.

+```
 <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
    <ds:X509Data>
        <ds:X509Certificate>
@ -153,7 +154,7 @@ sp-signing-keyinfo.xml resource file.
        </ds:X509Certificate>
    </ds:X509Data>
 </ds:KeyInfo>
-
+```

 Set the protocol. This must match the protocol used in the post-deployment
 configuration steps. We recommend the protocol "mapped."
@ -177,7 +178,7 @@ Attach resources

 Get keystones SP metadata XML and exchange it with your idP

- juju run --unit keystone/0 "cat /etc/apache2/mellon/sp-meta.keystone-saml-mellon.xml"
+ juju run-action keystone-saml-mellon/0 get-sp-metadata

 # Post-deployment Configuration

--- a/src/actions.yaml
+++ b/src/actions.yaml
@ -0,0 +1,4 @@
+get-sp-metadata:
+  description: |
+    Display the Service Provider metadata to be exchanged with the Identity
+    Provider.
--- a/src/actions/actions.py
+++ b/src/actions/actions.py
@ -0,0 +1,60 @@
+#!/usr/local/sbin/charm-env python3
+# Copyright 2019 Canonical Ltd
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#  http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import os
+import sys
+import charmhelpers.core.hookenv as hookenv
+
+
+SP_METADATA_FILE = "/etc/apache2/mellon/sp-meta.keystone-saml-mellon.xml"
+
+
+def get_sp_metadata(*args):
+    if not os.path.exists(SP_METADATA_FILE):
+        return hookenv.action_fail(
+            "The SP metadata file {} does not exist"
+            .format(SP_METADATA_FILE))
+    sp_metadata = ""
+    # By stripping double new lines and tabs we get human readable xml
+    # Otherwise, show-action-status is a garbled mess
+    with open(SP_METADATA_FILE, 'r') as f:
+        for line in f.readlines():
+            line = line.replace("\t", "  ")
+            if line.strip(" ") == "\n":
+                continue
+            sp_metadata += line
+    return hookenv.action_set({"output": sp_metadata})
+
+
+ACTIONS = {
+    'get-sp-metadata': get_sp_metadata,
+}
+
+
+def main(args):
+    action_name = os.path.basename(args[0])
+    try:
+        action = ACTIONS[action_name]
+    except KeyError:
+        return 'Action {} undefined'.format(action_name)
+    else:
+        try:
+            action(args)
+        except Exception as e:
+            hookenv.action_fail(str(e))
+
+
+if __name__ == '__main__':
+    sys.exit(main(sys.argv))
--- a/src/actions/get-sp-metadata
+++ b/src/actions/get-sp-metadata
@ -0,0 +1 @@
+actions.py
--- a/src/layer.yaml
+++ b/src/layer.yaml
@ -5,4 +5,3 @@ options:
    use_venv: True
    include_system_packages: True
    packages: ['python3-lxml', 'python3-cryptography']
-    repo: https://github.com/dshcherb/charm-keystone-saml-mellon
--- a/src/tox.ini
+++ b/src/tox.ini
@ -1,4 +1,4 @@
-# Classic charm: ./tox.ini
+# Source charm: ./src/tox.ini
 # This file is managed centrally by release-tools and should not be modified
 # within individual charm repos.
 [tox]