Merge branch 'master' of https://github.internet2.edu/InCommon/saml-i…

…dp-probe
InCommon · Dec 20, 2016 · b504000 · b504000
2 parents 782425d + 85cfb39
commit b504000
Showing 1 changed file with 28 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -30,9 +30,11 @@ $ ls -1 $LIB_DIR
 command_paths.sh
 compatible_date.sh
 compatible_mktemp.sh
+config_tools.sh
 extract_entity.xsl
 http_tools.sh
 md_tools.sh
+saml_tools.sh
 ```
 
 Next download the SAML IdP Probe project source, change directory to the source directory, and install the source on top of the previous installation:
@@ -41,29 +43,33 @@ Next download the SAML IdP Probe project source, change directory to the source
 $ ./install.sh $BIN_DIR $LIB_DIR
 ```
 
-The following files will be installed:
+Altogether the following files will be installed:
 
 ```Shell
 $ ls -1 $BIN_DIR
 cget.sh
 check_idp_error_urls.sh
 list_local_idp_error_urls.sh
-
+probe_saml_idp.sh
 
 $ ls -1 $LIB_DIR 
 command_paths.sh
 compatible_date.sh
 compatible_mktemp.sh
+config_tools.sh
 extract_IdP_entityIDs.xsl
 extract_IdP_names.xsl
 extract_InCommon_IdP_entityIDs.xsl
 extract_entity.xsl
 http_tools.sh
 md_tools.sh
+saml_tools.sh
 ```
 
 ## Overview
 
+### ``check_idp_error_urls.sh``
+
 Given a list of entityIDs and a metadata source, bash script ``check_idp_error_urls.sh`` probes each entity and determines which of the entityIDs correspond to SAML IdP deployments. For each such deployment, the script determines whether it has an ``errorURL`` in metadata and whether or not that URL is resolvable. For example:
 
 ```Shell
@@ -84,6 +90,26 @@ See the inline help file for details:
 $ $BIN_DIR/check_idp_error_urls.sh -h
 ```
 
+### ``probe_saml_idp.sh``
+
+Given a single IdP entityID, the ``probe_saml_idp.sh`` script probes all browser-facing SSO endpoints in IdP metadata.
+
+```Shell
+$ id=https://idp.incommonfederation.org/idp/shibboleth
+$ $BIN_DIR/probe_saml_idp.sh -a $id
+0 redirects:2;response:200;dns:0.000;tcp:0.062;ssl:0.141;total:1.047 https://idp.incommonfederation.org/idp/profile/SAML2/Redirect/SSO urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect https://idp.incommonfederation.org/idp/shibboleth https://incommon.org
+0 redirects:2;response:200;dns:0.000;tcp:0.062;ssl:0.149;total:1.140 https://idp.incommonfederation.org/idp/profile/SAML2/POST/SSO urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST https://idp.incommonfederation.org/idp/shibboleth https://incommon.org
+0 redirects:2;response:200;dns:0.000;tcp:0.062;ssl:0.142;total:1.070 https://idp.incommonfederation.org/idp/profile/Shibboleth/SSO urn:mace:shibboleth:1.0:profiles:AuthnRequest https://idp.incommonfederation.org/idp/shibboleth https://incommon.org
+```
+
+The ``-a`` option probes **all** browser-facing endpoints, including SAML1 endpoints.
+
+See the inline help file for details:
+
+```Shell
+$ $BIN_DIR/probe_saml_idp.sh -h
+```
+
 ## Compatibility
 
 The bash scripts are compatible with both GNU/Linux and Mac OS. The XSLT scripts are written in XSLT 1.0.