From 8d526853f1ee8304cfe90aadab5e62cd6364129a Mon Sep 17 00:00:00 2001 From: Tom Scavo Date: Fri, 11 Nov 2016 15:58:13 -0500 Subject: [PATCH 1/3] Create README.md --- README.md | 83 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 83 insertions(+) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..a9aeda4 --- /dev/null +++ b/README.md @@ -0,0 +1,83 @@ +# SAML IdP Probe + +Probe a SAML IdP deployment + +## Installation + +Download the dependent [Bash Library](https://github.internet2.edu/InCommon/bash-library) source, change directory to the source directory, and install the source into ``/tmp`` as follows: + +```Shell +$ export BIN_DIR=/tmp/bin +$ export LIB_DIR=/tmp/lib +$ ./install.sh $BIN_DIR $LIB_DIR +``` + +or install into your home directory: + +```Shell +$ export BIN_DIR=$HOME/bin +$ export LIB_DIR=$HOME/lib +$ ./install.sh $BIN_DIR $LIB_DIR +``` + +A target directory will be created if one doesn't already exist. The following files will be installed: + +```Shell +$ ls -1 $BIN_DIR +cget.sh + +$ ls -1 $LIB_DIR +command_paths.sh +compatible_date.sh +compatible_mktemp.sh +extract_entity.xsl +http_tools.sh +md_tools.sh +``` + +Next download the SAML IdP Probe project source, change directory to the source directory, and install the source on top of the previous installation: + +```Shell +$ ./install.sh $BIN_DIR $LIB_DIR +``` + +The following files will be installed: + +```Shell +$ ls -1 $BIN_DIR +cget.sh +check_idp_error_urls.sh +list_local_idp_error_urls.sh + + +$ ls -1 $LIB_DIR +command_paths.sh +compatible_date.sh +compatible_mktemp.sh +extract_IdP_entityIDs.xsl +extract_IdP_names.xsl +extract_InCommon_IdP_entityIDs.xsl +extract_entity.xsl +http_tools.sh +md_tools.sh +``` + +## Overview + +Given a list of entityIDs and a metadata source, bash script ``check_idp_error_urls.sh`` probes each entity and determines which of the entityIDs correspond to SAML IdP deployments. For each such deployment, the script determines whether it has an ``errorURL`` in metadata and whether or not that URL is resolvable. + +See the inline help file for details: + +```Shell +$ $BIN_DIR/check_idp_error_urls.sh -h +``` + +For additional documentation, including numerous examples, see the [Shibboleth IdP Probe](https://wiki.shibboleth.net/confluence/x/rIBEAQ) topic in the Shibboleth wiki. + +## Compatibility + +The bash scripts are compatible with both GNU/Linux and Mac OS. The XSLT scripts are written in XSLT 1.0. + +## Dependencies + +* [Bash Library](https://github.internet2.edu/InCommon/bash-library) From 71c012d8a84164ea4396e74e7241359027e6d3d3 Mon Sep 17 00:00:00 2001 From: Tom Scavo Date: Fri, 11 Nov 2016 16:00:00 -0500 Subject: [PATCH 2/3] Remove bogus reference --- README.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/README.md b/README.md index a9aeda4..d5c1511 100644 --- a/README.md +++ b/README.md @@ -72,8 +72,6 @@ See the inline help file for details: $ $BIN_DIR/check_idp_error_urls.sh -h ``` -For additional documentation, including numerous examples, see the [Shibboleth IdP Probe](https://wiki.shibboleth.net/confluence/x/rIBEAQ) topic in the Shibboleth wiki. - ## Compatibility The bash scripts are compatible with both GNU/Linux and Mac OS. The XSLT scripts are written in XSLT 1.0. From dbaa96e462ac3df14110832296f13269ff817dd4 Mon Sep 17 00:00:00 2001 From: Tom Scavo Date: Fri, 11 Nov 2016 16:22:02 -0500 Subject: [PATCH 3/3] Add example to overview section --- README.md | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index d5c1511..3c3d325 100644 --- a/README.md +++ b/README.md @@ -64,7 +64,19 @@ md_tools.sh ## Overview -Given a list of entityIDs and a metadata source, bash script ``check_idp_error_urls.sh`` probes each entity and determines which of the entityIDs correspond to SAML IdP deployments. For each such deployment, the script determines whether it has an ``errorURL`` in metadata and whether or not that URL is resolvable. +Given a list of entityIDs and a metadata source, bash script ``check_idp_error_urls.sh`` probes each entity and determines which of the entityIDs correspond to SAML IdP deployments. For each such deployment, the script determines whether it has an ``errorURL`` in metadata and whether or not that URL is resolvable. For example: + +```Shell +# Fetch the main production metadata aggregate at md.incommon.org: +$ MD_LOCATION=http://md.incommon.org/InCommon/InCommon-metadata.xml +$ MD_PATH=$MD_DIR/InCommon-metadata.xml +$ /usr/bin/curl --silent $MD_LOCATION > $MD_PATH + +# Probe every errorURL in IdP metadata registered by InCommon +$ /bin/cat $MD_PATH \ + | /usr/bin/xsltproc $LIB_DIR/extract_InCommon_IdP_entityIDs.xsl - \ + | $BIN_DIR/check_idp_error_urls.sh -f $MD_PATH +``` See the inline help file for details: