Blame view

bin/mergeMetadata.php 3.06 KB
e2d01488a   Esmeralda Pires   1ºVersão
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
  #!/usr/bin/env php
  <?php
  
  define('SIMPLESAMLPATH', dirname(dirname(dirname(dirname(__FILE__)))));
  define('MODULEPATH', (dirname(dirname(__FILE__))));
  ini_set('error_level', E_ALL & E_STRICT);
  ini_set('display_errors', true);
  
  /*
   Merge metadata-generated/saml20-sp-remote.php with ../config/saml20-sp-mixin.php
   and drop superfluous fields.
   Templates may be specified by entityID or by category (http://macedir.org/entity-category).
   If specified by entity-category fields in the metadata dominate otherwise the template
   fields overwrite fields in the imported metadata.
   Merged metadata are written to metadata-generated/saml20-sp-merged.php.
   */
  
  require(MODULEPATH.'/config/config.php');
  
  require_once(SIMPLESAMLPATH.'/lib/_autoload.php');
  require(SIMPLESAMLPATH.'/'.$destinationgenerated.'/saml20-sp-remote.php');
  require(MODULEPATH.'/config/saml20-sp-mixin.php');
  
  foreach($template as $url => $mdata) {
  	if(!isset($metadata[$url])) {
  		passthru("logger -t IDP-METADATA-DIFF 'INFO: template url not found in metadata array: $url'");
  	}
  }
  
  if(!($fh = @fopen(SIMPLESAMLPATH.'/'.$destinationgenerated.'/saml20-sp-merged.php', 'w'))) {
  	echo("cannot open/create output file
  ");
  	exit(1);
  }
  @fwrite($fh, "<?php
  ");
  
  foreach($metadata as $url => $mdata) {
  	foreach($fieldsToStrip as $field) unset($mdata[$field]);
  
  // 	map "attributes" and "attributes.required" from OIDs to friendly names
   	$mapper = new sspmod_core_Auth_Process_AttributeMap(array('oid2name'), NULL);
   	foreach(['attributes', 'attributes.required'] as $field) {
   		if(isset($mdata[$field])) {
   			$tmp = array('Attributes' => array_fill_keys($mdata[$field], 0));
   			$mapper->process($tmp);
   			$mdata[$field] = array_keys($tmp['Attributes']);
   		}
   	}
  
  	$templateWins = true;
  	if(isset($template[$url])) $currentTemplate = $template[$url];
  	else $currentTemplate = NULL;
  
  	if($currentTemplate == NULL && isset($mdata['EntityAttributes']['http://macedir.org/entity-category'])) {
  		foreach($mdata['EntityAttributes']['http://macedir.org/entity-category'] as $category) {
  			if(isset($template[$category])) {
  				$currentTemplate = $template[$category];
  				$templateWins = false;
  			}
  		}
  	}
  	if($currentTemplate == NULL) $currentTemplate = $defaultTemplate;
  
  	foreach($currentTemplate as $field => $value) {
  		if($templateWins || !isset($mdata[$field])) $mdata[$field] = $value;
  	}
  
  	if(isset($mdata['attributes.allowed'])) {
  		$mdata['attributes'] = array_intersect($mdata['attributes'], $mdata['attributes.allowed']);
  		unset($mdata['attributes.allowed']);
  	}
  	if(isset($mdata['attributes.required']) && isset($mdata['attributes.allowed.ifRequired'])) {
  		$allowed = array_intersect($mdata['attributes.required'], $mdata['attributes.allowed.ifRequired']);
  		$mdata['attributes'] = $mdata['attributes'] + $allowed;
  	}
  	unset($mdata['attributes.allowed.ifRequired']);
  	unset($mdata['attributes.required']);
  
  	// output
  	if(!@fwrite($fh, "
  \$metadata['$url'] = ".var_export($mdata, true).";
  ")) {
  		echo("cannot write to output file
  ");
  		exit(1);
  	}
  }
  
  @fwrite($fh, "
  ?>");
  if(!@fclose($fh)) {
  	echo("cannot close output file
  ");
  	exit(1);
  }
  
  exit(0);
  
  ?>