Add handling for Chile (COFRe).

InCommon · Oct 30, 2013 · 01dcd9e · 01dcd9e
1 parent 285eb52
commit 01dcd9e
Show file tree

Hide file tree

Showing 5 changed files with 248 additions and 1 deletion.
diff --git a/build.xml b/build.xml
@@ -993,6 +993,7 @@
         <CHANNEL.do verb="importEdugain" channel="br_cafe"/>
         <CHANNEL.do verb="importEdugain" channel="ca_caf"/>
         <CHANNEL.do verb="importEdugain" channel="ch_switchaai"/>
+    	<CHANNEL.do verb="importEdugain" channel="cl_cofre"/>
         <CHANNEL.do verb="importEdugain" channel="cz_eduid"/>
         <CHANNEL.do verb="importEdugain" channel="de_dfnaai"/>
         <CHANNEL.do verb="importEdugain" channel="dk_wayf"/>
@@ -1020,6 +1021,7 @@
         <CHANNEL.do verb="importEdugainRaw" channel="br_cafe"/>
         <CHANNEL.do verb="importEdugainRaw" channel="ca_caf"/>
         <CHANNEL.do verb="importEdugainRaw" channel="ch_switchaai"/>
+    	<CHANNEL.do verb="importEdugainRaw" channel="cl_cofre"/>
         <CHANNEL.do verb="importEdugainRaw" channel="cz_eduid"/>
         <CHANNEL.do verb="importEdugainRaw" channel="de_dfnaai"/>
         <CHANNEL.do verb="importEdugainRaw" channel="dk_wayf"/>
@@ -1058,6 +1060,7 @@
     -->
     <target name="flow.verifyEdugain.inputs">
         <CHANNEL.do verb="verifyEdugain" channel="at_aconet"/>
+    	<CHANNEL.do verb="verifyEdugain" channel="cl_cofre"/>
         <CHANNEL.do verb="verifyEdugain" channel="se_swamid"/>
     </target>
 

diff --git a/mdx/cl_cofre/beans.xml b/mdx/cl_cofre/beans.xml
@@ -0,0 +1,126 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    Common beans for this channel.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+    default-lazy-init="true"
+    xmlns:c="http://www.springframework.org/schema/c"
+    xmlns:p="http://www.springframework.org/schema/p"
+    xmlns:util="http://www.springframework.org/schema/util"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="
+        http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
+        http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.0.xsd">
+
+    <!--
+        Location of various resources.
+    -->
+    <!-- eduGAIN export aggregate -->
+    <bean id="cl_cofre_edugainAggregate_url" class="java.lang.String">
+        <constructor-arg value="http://cofre.reuna.cl/edugain/cofre-edugain.xml"/>
+    </bean>
+
+    <!--
+        Fetch the eduGAIN export aggregate.
+    -->
+    <bean id="cl_cofre_edugainAggregate" parent="DomResourceSourceStage"
+        p:id="cl_cofre_edugainAggregate">
+        <property name="domResource">
+            <bean class="net.shibboleth.utilities.java.support.httpclient.HttpResource">
+                <constructor-arg name="client" ref="httpClient"/>
+                <constructor-arg name="url"    ref="cl_cofre_edugainAggregate_url"/>
+            </bean>
+        </property>
+    </bean>
+
+    <!--
+        Signing certificate.
+    -->
+    <bean id="cl_cofre_signingCertificate" class="net.shibboleth.ext.spring.factory.X509CertificateFactoryBean">
+        <property name="certificateFile">
+            <bean class="java.io.File">
+                <constructor-arg value="#{ systemProperties['basedir'] }/mdx/cl_cofre/metadata-signer.crt"/>
+            </bean>
+        </property>
+    </bean>
+
+    <!--
+        Check signing signature.
+    -->
+    <bean id="cl_cofre_checkSignature" parent="stage_parent"
+        class="net.shibboleth.metadata.dom.XMLSignatureValidationStage"
+        p:id="cl_cofre_checkSignature">
+        <property name="verificationCertificate" ref="cl_cofre_signingCertificate"/>
+    </bean>
+
+    <!--
+        cl_cofre_registrar
+        
+        Unique ID for the registrar associated with this channel.
+    -->
+    <bean id="cl_cofre_registrar" class="java.lang.String">
+        <constructor-arg value="http://cofre.reuna.cl"/>
+    </bean>
+
+    <!--
+        cl_cofre_check_regauth
+        
+        Any registrationAuthority already present on an entity in this
+        channel must match the known registration authority value.
+    -->
+    <bean id="cl_cofre_check_regauth" parent="check_regauth_parent"
+        p:id="cl_cofre_check_regauth">
+        <property name="transformParameters">
+            <map>
+                <entry key="expectedAuthority" value-ref="cl_cofre_registrar"/>
+            </map>
+        </property>
+    </bean>
+
+    <!--
+        cl_cofre_default_regauth
+        
+        Provide a default registrationAuthority appropriate to
+        this channel.
+    -->
+    <bean id="cl_cofre_default_regauth" parent="default_regauth_parent"
+        p:id="cl_cofre_default_regauth">
+        <property name="transformParameters">
+            <map>
+                <entry key="defaultAuthority" value-ref="cl_cofre_registrar"/>
+            </map>
+        </property>
+    </bean>
+
+    <!--
+        Fetch the eduGAIN export entities as a collection.
+    -->
+    <bean id="cl_cofre_edugainEntities" parent="CompositeStage"
+        p:id="cl_cofre_edugainEntities">
+        <property name="composedStages">
+            <list>
+                <ref bean="cl_cofre_edugainAggregate"/>
+
+                <!--
+                    Check for fatal errors at the aggregate level:
+                        missing or expired validUntil attribute
+                        invalid signature
+                -->
+                <ref bean="check_validUntil"/>
+                <ref bean="cl_cofre_checkSignature"/>
+                <ref bean="errorTerminatingFilter"/>
+
+                <ref bean="disassemble"/>
+
+                <ref bean="check_hasreginfo"/>
+                <ref bean="cl_cofre_check_regauth"/>
+            </list>
+        </property>
+    </bean>
+
+    <!--
+        Select primary export aggregate.
+    -->
+    <alias alias="cl_cofre_exportedAggregate" name="at_aconet_edugainAggregate"/>
+    <alias alias="cl_cofre_exportedEntities"  name="at_aconet_edugainEntities"/>
+</beans>
diff --git a/mdx/cl_cofre/metadata-signer.crt b/mdx/cl_cofre/metadata-signer.crt
@@ -0,0 +1,48 @@
+-----BEGIN CERTIFICATE-----
+MIIIgzCCB2ugAwIBAgIDAQZWMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJ
+TDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0
+YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xhc3Mg
+MiBQcmltYXJ5IEludGVybWVkaWF0ZSBTZXJ2ZXIgQ0EwHhcNMTIxMDExMTM1NzAw
+WhcNMTQxMDEyMTYzMzA3WjCBxDEZMBcGA1UEDRMQZ3ZsR0hqdVByQTNUbzQ5TDEL
+MAkGA1UEBhMCQ0wxIjAgBgNVBAgTGU1ldHJvcG9saXRhbmEgZGUgU2FudGlhZ28x
+FDASBgNVBAcTC1Byb3ZpZGVuY2lhMSMwIQYDVQQKExpSZWQgVW5pdmVyc2l0YXJp
+YSBOYWNpb25hbDEXMBUGA1UEAxMOY29mcmUucmV1bmEuY2wxIjAgBgkqhkiG9w0B
+CQEWE2hvc3RtYXN0ZXJAcmV1bmEuY2wwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw
+ggIKAoICAQCg6Aj7YJRPVFeU8cjosBQq4/4vrq45ZGc8COVzn6o8NJQnHR3LHDrz
+xl2fsukUFFWuWmH8g6wobeEp+TqC6nfIwIX1qS0HVkrKIE0KFGUOhQGVY0zglXeK
+myvxqoHOJL/g+rBs80vGyqfHwSNwJIbiltQyRj1QH/0tYAlBaLQWu6k6elJy5+Md
+zsluE01OlNsrJgm96ZOii4fDwo//T9b8ChQDoHGVMWeo02DdMk0OfSMINv/2ylVo
+dVvgwkjFTcDTp03K/qX2TKvboY8J8RQM2aSproIVV+fP9UPRH4Bt0w0xjFL5Jueo
+x9k9MhtGhcmnMiRQJxnpu8mIEAKb+UXQ6cAjuNBH9Mek5pYNq743X4uecR4J7ve5
+sIc0gqyA6TgtTcMJtdLsmTzYd+MKZtM0PQPkK0lYSbKLbJ3fG3VnkD2g5hefUr0J
+i3ojEDTeGoz6GfKMjoL8Fsj8u0LlS/IfPVPXrO6iA/75HSXqqAf8G1RsyZoexvbi
+BUJ7Mos6vC0S5hAfQCSLQL4U/Bg91zgNjN2+Hp0mNNVDEKc6pj8oYTljXyd4GgMq
+9kpuWwbffXq16gjSRXhR9zgjoTVtdQezasNhZEGzh/w4UUCOHIC1xVxLbqbBUOOY
+YVl7q5BnfH9tMts9Go5yEms3lA/PHwTZlQHrCoDq93Nb2Ujh9edt9wIDAQABo4ID
+sjCCA64wCQYDVR0TBAIwADALBgNVHQ8EBAMCA6gwHQYDVR0lBBYwFAYIKwYBBQUH
+AwIGCCsGAQUFBwMBMB0GA1UdDgQWBBTR6KbKoB8AAVjbdr1b9QfHvqOhSTAfBgNV
+HSMEGDAWgBQR2yNF/VTManFvhIoD1773AS8mhjAjBgNVHREEHDAagg5jb2ZyZS5y
+ZXVuYS5jbIIIcmV1bmEuY2wwggIhBgNVHSAEggIYMIICFDCCAhAGCysGAQQBgbU3
+AQICMIIB/zAuBggrBgEFBQcCARYiaHR0cDovL3d3dy5zdGFydHNzbC5jb20vcG9s
+aWN5LnBkZjA0BggrBgEFBQcCARYoaHR0cDovL3d3dy5zdGFydHNzbC5jb20vaW50
+ZXJtZWRpYXRlLnBkZjCB9wYIKwYBBQUHAgIwgeowJxYgU3RhcnRDb20gQ2VydGlm
+aWNhdGlvbiBBdXRob3JpdHkwAwIBARqBvlRoaXMgY2VydGlmaWNhdGUgd2FzIGlz
+c3VlZCBhY2NvcmRpbmcgdG8gdGhlIENsYXNzIDIgVmFsaWRhdGlvbiByZXF1aXJl
+bWVudHMgb2YgdGhlIFN0YXJ0Q29tIENBIHBvbGljeSwgcmVsaWFuY2Ugb25seSBm
+b3IgdGhlIGludGVuZGVkIHB1cnBvc2UgaW4gY29tcGxpYW5jZSBvZiB0aGUgcmVs
+eWluZyBwYXJ0eSBvYmxpZ2F0aW9ucy4wgZwGCCsGAQUFBwICMIGPMCcWIFN0YXJ0
+Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MAMCAQIaZExpYWJpbGl0eSBhbmQg
+d2FycmFudGllcyBhcmUgbGltaXRlZCEgU2VlIHNlY3Rpb24gIkxlZ2FsIGFuZCBM
+aW1pdGF0aW9ucyIgb2YgdGhlIFN0YXJ0Q29tIENBIHBvbGljeS4wNQYDVR0fBC4w
+LDAqoCigJoYkaHR0cDovL2NybC5zdGFydHNzbC5jb20vY3J0Mi1jcmwuY3JsMIGO
+BggrBgEFBQcBAQSBgTB/MDkGCCsGAQUFBzABhi1odHRwOi8vb2NzcC5zdGFydHNz
+bC5jb20vc3ViL2NsYXNzMi9zZXJ2ZXIvY2EwQgYIKwYBBQUHMAKGNmh0dHA6Ly9h
+aWEuc3RhcnRzc2wuY29tL2NlcnRzL3N1Yi5jbGFzczIuc2VydmVyLmNhLmNydDAj
+BgNVHRIEHDAahhhodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS8wDQYJKoZIhvcNAQEF
+BQADggEBAAMGune/3WkQcgvjxMvqWmXG+0CxSRTS6mrtXWXsiC0JgBDRdbxr4liF
+ZgGhpuIrcNTb6EZs+arjqCJTrOraE55m7EBT7AlsuiXo3wTxG32PbLNKHGiilAO9
+7UBF9Ob9E11lAnUl04lWTmCzE0yS9ZvV+73EXigIJYcmZor6FQ8WHRT6EbgzcjeX
+RiwOkNxCJTvco+XpI70lddTvkSLYlZmxYic6hoIL5IL2H2IXsL/Owr103TFwbzRw
+7tH53R3+CVbY44V9ElfrCkLvtVVHd/c9f9TZvh4miDclzSB7MDfP75nXK6T3UC+l
+Cvir1rghmH6hMB5wu7fA4UUrG77FRHU=
+-----END CERTIFICATE-----
diff --git a/mdx/cl_cofre/verbs.xml b/mdx/cl_cofre/verbs.xml
@@ -0,0 +1,69 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    Verb definitions for this channel.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+    default-lazy-init="true"
+    xmlns:c="http://www.springframework.org/schema/c"
+    xmlns:p="http://www.springframework.org/schema/p"
+    xmlns:util="http://www.springframework.org/schema/util"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="
+        http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
+        http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.0.xsd">
+
+    <!--
+        Import commonly used beans.
+    -->
+    <import resource="classpath:common-beans.xml"/>
+
+    <!--
+        Import channel-specific beans.
+    -->
+    <import resource="classpath:cl_cofre/beans.xml"/>
+
+    <bean id="serializeImported" parent="SerializationStage"
+        p:id="serializeImported">
+        <property name="outputFile">
+            <bean class="java.io.File">
+                <constructor-arg value="#{ systemProperties['basedir'] }/mdx/cl_cofre/imported.xml"/>
+            </bean>
+        </property>
+    </bean>
+
+    <bean id="importEdugain" parent="SimplePipeline"
+        p:id="importEdugain">
+        <property name="stages">
+            <list>
+                <ref bean="cl_cofre_edugainEntities"/>
+                <ref bean="standardImportActions"/>
+                <ref bean="standardImportTail"/>
+                <ref bean="serializeImported"/>
+            </list>
+        </property>
+    </bean>
+
+    <bean id="importEdugainRaw" parent="SimplePipeline"
+        p:id="importEdugainRaw">
+        <property name="stages">
+            <list>
+                <ref bean="cl_cofre_edugainAggregate"/>
+                <ref bean="serializeImported"/>
+            </list>
+        </property>
+    </bean>
+
+    <bean id="verifyEdugain" parent="SimplePipeline"
+        p:id="verifyEdugain">
+        <property name="stages">
+            <list>
+                <ref bean="cl_cofre_edugainEntities"/>
+                <ref bean="standardImportActions"/>
+                <ref bean="errorTerminatingFilter"/>
+            </list>
+        </property>
+    </bean>
+
+    <alias alias="import"    name="importEdugain"/>
+    <alias alias="importRaw" name="importEdugainRaw"/>
+</beans>
diff --git a/mdx/common-beans.xml b/mdx/common-beans.xml
@@ -353,6 +353,7 @@
                     
                     http://www.edugain.org/technical/status.php
                 -->
+                <entry key="http://eduid.at"                  value="AT"/>
                 <entry key="http://federation.belnet.be/"     value="BE"/>
                 <entry key="http://cafe.rnp.br"               value="BR"/>
                 <entry key="http://www.canarie.ca"            value="CA"/>
@@ -374,7 +375,7 @@
                 <entry key="http://ukfederation.org.uk"       value="UK"/>
 
                 <!-- not yet eduGAIN members -->
-                <entry key="http://eduid.at"                  value="AT"/>
+                <entry key="http://cofre.reuna.cl"            value="CL"/>
                 <entry key="http://edugate.heanet.ie"         value="IE"/>
                 <entry key="https://incommon.org"             value="US"/>
             </map>