diff --git a/README.md b/README.md new file mode 100644 index 0000000..3c3d325 --- /dev/null +++ b/README.md @@ -0,0 +1,93 @@ +# SAML IdP Probe + +Probe a SAML IdP deployment + +## Installation + +Download the dependent [Bash Library](https://github.internet2.edu/InCommon/bash-library) source, change directory to the source directory, and install the source into ``/tmp`` as follows: + +```Shell +$ export BIN_DIR=/tmp/bin +$ export LIB_DIR=/tmp/lib +$ ./install.sh $BIN_DIR $LIB_DIR +``` + +or install into your home directory: + +```Shell +$ export BIN_DIR=$HOME/bin +$ export LIB_DIR=$HOME/lib +$ ./install.sh $BIN_DIR $LIB_DIR +``` + +A target directory will be created if one doesn't already exist. The following files will be installed: + +```Shell +$ ls -1 $BIN_DIR +cget.sh + +$ ls -1 $LIB_DIR +command_paths.sh +compatible_date.sh +compatible_mktemp.sh +extract_entity.xsl +http_tools.sh +md_tools.sh +``` + +Next download the SAML IdP Probe project source, change directory to the source directory, and install the source on top of the previous installation: + +```Shell +$ ./install.sh $BIN_DIR $LIB_DIR +``` + +The following files will be installed: + +```Shell +$ ls -1 $BIN_DIR +cget.sh +check_idp_error_urls.sh +list_local_idp_error_urls.sh + + +$ ls -1 $LIB_DIR +command_paths.sh +compatible_date.sh +compatible_mktemp.sh +extract_IdP_entityIDs.xsl +extract_IdP_names.xsl +extract_InCommon_IdP_entityIDs.xsl +extract_entity.xsl +http_tools.sh +md_tools.sh +``` + +## Overview + +Given a list of entityIDs and a metadata source, bash script ``check_idp_error_urls.sh`` probes each entity and determines which of the entityIDs correspond to SAML IdP deployments. For each such deployment, the script determines whether it has an ``errorURL`` in metadata and whether or not that URL is resolvable. For example: + +```Shell +# Fetch the main production metadata aggregate at md.incommon.org: +$ MD_LOCATION=http://md.incommon.org/InCommon/InCommon-metadata.xml +$ MD_PATH=$MD_DIR/InCommon-metadata.xml +$ /usr/bin/curl --silent $MD_LOCATION > $MD_PATH + +# Probe every errorURL in IdP metadata registered by InCommon +$ /bin/cat $MD_PATH \ + | /usr/bin/xsltproc $LIB_DIR/extract_InCommon_IdP_entityIDs.xsl - \ + | $BIN_DIR/check_idp_error_urls.sh -f $MD_PATH +``` + +See the inline help file for details: + +```Shell +$ $BIN_DIR/check_idp_error_urls.sh -h +``` + +## Compatibility + +The bash scripts are compatible with both GNU/Linux and Mac OS. The XSLT scripts are written in XSLT 1.0. + +## Dependencies + +* [Bash Library](https://github.internet2.edu/InCommon/bash-library)