80 lines
2.6 KiB
Python
Executable File
80 lines
2.6 KiB
Python
Executable File
#!/usr/bin/env python
|
|
import argparse
|
|
import os
|
|
import sys
|
|
from saml2.metadata import entity_descriptor
|
|
from saml2.metadata import entities_descriptor
|
|
from saml2.metadata import sign_entity_descriptor
|
|
|
|
from saml2.sigver import security_context
|
|
from saml2.validate import valid_instance
|
|
from saml2.config import Config
|
|
|
|
# =============================================================================
|
|
# Script that creates a SAML2 metadata file from a pysaml2 entity configuration
|
|
# file
|
|
# =============================================================================
|
|
|
|
parser = argparse.ArgumentParser()
|
|
parser.add_argument('-v', dest='valid',
|
|
help="How long, in days, the metadata is valid from the time of creation")
|
|
parser.add_argument('-c', dest='cert', help='certificate')
|
|
parser.add_argument('-e', dest='ed', action='store_true',
|
|
help="Wrap the whole thing in an EntitiesDescriptor")
|
|
parser.add_argument('-i', dest='id',
|
|
help="The ID of the entities descriptor")
|
|
parser.add_argument('-k', dest='keyfile',
|
|
help="A file with a key to sign the metadata with")
|
|
parser.add_argument('-n', dest='name', default="")
|
|
parser.add_argument('-p', dest='path',
|
|
help="path to the configuration file")
|
|
parser.add_argument('-s', dest='sign', action='store_true',
|
|
help="sign the metadata")
|
|
parser.add_argument('-x', dest='xmlsec',
|
|
help="xmlsec binaries to be used for the signing")
|
|
parser.add_argument('-w', dest='wellknown',
|
|
help="Use wellknown namespace prefixes")
|
|
parser.add_argument(dest="config", nargs="+")
|
|
args = parser.parse_args()
|
|
|
|
valid_for = 0
|
|
nspair = {"xs": "http://www.w3.org/2001/XMLSchema"}
|
|
paths = [".", "/opt/local/bin"]
|
|
|
|
if args.valid:
|
|
# translate into hours
|
|
valid_for = int(args.valid) * 24
|
|
|
|
|
|
eds = []
|
|
for filespec in args.config:
|
|
bas, fil = os.path.split(filespec)
|
|
if bas != "":
|
|
sys.path.insert(0, bas)
|
|
if fil.endswith(".py"):
|
|
fil = fil[:-3]
|
|
cnf = Config().load_file(fil, metadata_construction=True)
|
|
eds.append(entity_descriptor(cnf))
|
|
|
|
conf = Config()
|
|
conf.key_file = args.keyfile
|
|
conf.cert_file = args.cert
|
|
conf.debug = 1
|
|
conf.xmlsec_binary = args.xmlsec
|
|
secc = security_context(conf)
|
|
|
|
if args.id:
|
|
desc = entities_descriptor(eds, valid_for, args.name, args.id,
|
|
args.sign, secc)
|
|
valid_instance(desc)
|
|
print desc.to_string(nspair)
|
|
else:
|
|
for eid in eds:
|
|
if args.sign:
|
|
desc = sign_entity_descriptor(eid, id, secc)
|
|
else:
|
|
desc = eid
|
|
valid_instance(desc)
|
|
print desc.to_string(nspair)
|
|
|