Unbundle the check for entityID prefix.

internet2 · May 6, 2016 · 2d22f7b · 2d22f7b
1 parent 4f808bc
commit 2d22f7b
Show file tree

Hide file tree

Showing 4 changed files with 41 additions and 12 deletions.
diff --git a/mdx/_rules/check_entityid_prefix.xsl b/mdx/_rules/check_entityid_prefix.xsl
@@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+	check_entityid_prefix.xsl
+	
+	Checking that entityID attributes start with one of a whitelist of prefixes.
+	
+	Author: Ian A. Young <ian@iay.org.uk>
+
+-->
+<xsl:stylesheet version="1.0"
+	xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
+	xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
+	xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
+
+	<!--
+		Common support functions.
+	-->
+	<xsl:import href="check_framework.xsl"/>
+
+
+	<!--
+		Entity IDs should start with one of "http://", "https://" or "urn:mace:".
+	-->
+	<xsl:template match="md:EntityDescriptor[not(starts-with(@entityID, 'urn:mace:'))]
+		[not(starts-with(@entityID, 'http://'))]
+		[not(starts-with(@entityID, 'https://'))]">
+		<xsl:call-template name="error">
+			<xsl:with-param name="m">entity ID <xsl:value-of select="@entityID"/> does not start with acceptable prefix</xsl:with-param>
+		</xsl:call-template>
+	</xsl:template>
+
+</xsl:stylesheet>
diff --git a/mdx/_rules/check_misc.xsl b/mdx/_rules/check_misc.xsl
@@ -32,18 +32,6 @@
 	</xsl:template>
 
 
-	<!--
-		Entity IDs should start with one of "http://", "https://" or "urn:mace:".
-	-->
-	<xsl:template match="md:EntityDescriptor[not(starts-with(@entityID, 'urn:mace:'))]
-		[not(starts-with(@entityID, 'http://'))]
-		[not(starts-with(@entityID, 'https://'))]">
-		<xsl:call-template name="error">
-			<xsl:with-param name="m">entity ID <xsl:value-of select="@entityID"/> does not start with acceptable prefix</xsl:with-param>
-		</xsl:call-template>
-	</xsl:template>
-
-
 	<!--
 		Check for OrganizationDisplayName elements containing line breaks.
 	-->

diff --git a/mdx/uk/verbs.xml b/mdx/uk/verbs.xml
@@ -253,6 +253,7 @@
                 <ref bean="check_adfs"/>
                 <ref bean="check_algsupport"/>
                 <ref bean="check_bindings"/>
+                <ref bean="check_entityid_prefix"/>
                 <ref bean="check_hoksso"/>
                 <ref bean="check_idpdisc"/>
                 <ref bean="check_incmd"/>

diff --git a/mdx/validation-beans.xml b/mdx/validation-beans.xml
@@ -331,6 +331,12 @@
     -->
     <bean id="check_cr" parent="CRDetectionStage"/>
 
+    <!--
+        check_entityid_prefix
+    -->
+    <bean id="check_entityid_prefix" parent="XSLValidationStage"
+        p:XSLResource="classpath:_rules/check_entityid_prefix.xsl"/>
+
     <!--
         check_misc
     -->
@@ -572,6 +578,7 @@
                 <ref bean="check_algsupport"/>
                 <ref bean="check_bindings"/>
                 <ref bean="check_cr"/>
+                <ref bean="check_entityid_prefix"/>
                 <ref bean="check_hoksso"/>
                 <ref bean="check_idpdisc"/>
                 <ref bean="check_incmd"/>