useful tool

2009-11-09 16:49:53 +01:00
parent 3b9f85184d
commit 6768f8177c
1 changed files with 77 additions and 0 deletions
--- a/tools/make_metadata.py
+++ b/tools/make_metadata.py
@@ -0,0 +1,77 @@
+#!/usr/bin/env python
+import os 
+from saml2 import utils, md, samlp, BINDING_HTTP_POST, BINDING_HTTP_REDIRECT
+from saml2.time_util import in_a_while
+
+
+def entity_descriptor(confd):
+    mycert = "".join(open(confd["cert_file"]).readlines()[1:-1])
+    
+    ed = {
+        "name": "http://%s/saml/test" % os.uname()[1],
+        "valid_until": in_a_while(days=30),
+        "entity_id": confd["entityid"],
+    }
+
+    if "organization" in confd:
+        org = {}
+        for prop in ["name","display_name","url"]:
+            if prop in confd["organization"]:
+                org["organization_%s" % prop] = confd["organization"][prop]
+        ed["organization"] = org
+
+    if "contact" in confd:
+        contacts = []
+        for dic in confd["contact"]:
+            cont = {}
+            for prop in ["given_name","sur_name","email_address",
+                        "contact_type","company","telephone_number"]:
+                if prop in dic:
+                    cont[prop] = dic[prop]
+            contacts.append(cont)
+        ed["contact_person"] = contacts
+        
+    if "sp" in confd["service"]:
+        # The SP
+        ed["sp_sso_descriptor"] = {
+            "protocol_support_enumeration": samlp.NAMESPACE,
+            "want_assertions_signed": True,
+            "authn_requests_signed": False,
+            "assertion_consumer_service": {
+                "binding": BINDING_HTTP_POST ,
+                "location": confd["service_url"],
+                "index": 0,
+                },
+            "key_descriptor":{
+                "key_info": {
+                    "x509_data": {
+                        "x509_certificate": mycert
+                        }
+                    }
+                },
+            }
+    elif "idp" in confd["service"]:
+        ed["idp_sso_descriptor"] = {
+            "protocol_support_enumeration": samlp.NAMESPACE,
+            "want_authn_requests_signed": True,
+            "single_sign_on_service": {
+                "binding": BINDING_HTTP_REDIRECT ,
+                "location": confd["service_url"],
+                },
+            "key_descriptor":{
+                "key_info": {
+                    "x509_data": {
+                        "x509_certificate": mycert
+                        }
+                    }
+                },
+            }
+            
+    return ed
+
+if __name__ == "__main__":
+    import sys
+    for conf in sys.argv[1:]:
+        confd = eval(open(conf).read())
+        print utils.make_instance(md.EntityDescriptor, 
+                                    entity_descriptor(confd))