Commit 8492b67d authored by Guillaume Rousse's avatar Guillaume Rousse

allow remote metadata support

parent 047801fd
...@@ -17,6 +17,9 @@ php update-metadata.php -help|-h ...@@ -17,6 +17,9 @@ php update-metadata.php -help|-h
php update-metadata.php --metadata-file <file> \ php update-metadata.php --metadata-file <file> \
--metadata-idp-file <file> --metadata-sp-file <file> \ --metadata-idp-file <file> --metadata-sp-file <file> \
[--verbose | -v] [--verbose | -v]
php update-metadata.php --metadata-url <url> \
--metadata-idp-file <file> --metadata-sp-file <file> \
[--verbose | -v]
Example usage: Example usage:
...@@ -28,6 +31,7 @@ php update-metadata.php \ ...@@ -28,6 +31,7 @@ php update-metadata.php \
Argument Description Argument Description
------------------- -------------------
--metadata-url <url> SAML2 metadata URL
--metadata-file <file> SAML2 metadata file --metadata-file <file> SAML2 metadata file
--metadata-idp-file <file> File containing Service Providers --metadata-idp-file <file> File containing Service Providers
--metadata-sp-file <file> File containing Identity Providers --metadata-sp-file <file> File containing Identity Providers
...@@ -43,6 +47,7 @@ require_once('readMetadata.php'); ...@@ -43,6 +47,7 @@ require_once('readMetadata.php');
// Script options // Script options
$longopts = array( $longopts = array(
"metadata-url:",
"metadata-file:", "metadata-file:",
"metadata-idp-file:", "metadata-idp-file:",
"metadata-sp-file:", "metadata-sp-file:",
...@@ -57,10 +62,12 @@ if (isset($options['help']) || isset($options['h'])) { ...@@ -57,10 +62,12 @@ if (isset($options['help']) || isset($options['h'])) {
exit($MAN); exit($MAN);
} }
if (!isset($options['metadata-file'])) { if (isset($options['metadata-url'])) {
exit("Exiting: mandatory --metadata-file parameter missing\n"); $metadataURL = $options['metadata-url'];
} else { } elseif (isset($options['metadata-file'])) {
$metadataFile = $options['metadata-file']; $metadataFile = $options['metadata-file'];
} else {
exit("Exiting: both --metadata-url and --metadata-file parameters missing\n");
} }
if (!isset($options['metadata-sp-file'])) { if (!isset($options['metadata-sp-file'])) {
...@@ -82,15 +89,30 @@ $language = isset($options['language']) ? $options['language'] : 'en'; ...@@ -82,15 +89,30 @@ $language = isset($options['language']) ? $options['language'] : 'en';
$verbose = isset($options['verbose']) || isset($options['v']) ? true : false; $verbose = isset($options['verbose']) || isset($options['v']) ? true : false;
// Input validation // Input validation
if ( if ($metadataURL) {
$metadataFile = tempnam(sys_get_temp_dir(), 'metadata');
if (!ini_get('allow_url_fopen')) {
exit("Exiting: allow_url_fopen disabled, unabled to download $metadataURL\n");
}
if ($verbose) {
echo "Downloading metadata from $metadataURL to $metadataFile\n";
}
$result = copy($metadataURL, $metadataFile);
if (!$result) {
$error = error_get_last();
exit("Exiting: could not download $metadataURL: $error\n");
}
} else {
if (
!file_exists($metadataFile) !file_exists($metadataFile)
|| filesize($metadataFile) == 0 || filesize($metadataFile) == 0
) { ) {
exit("Exiting: File $metadataFile is empty or does not exist\n"); exit("Exiting: File $metadataFile is empty or does not exist\n");
} }
if (!is_readable($metadataFile)){ if (!is_readable($metadataFile)){
exit("Exiting: File $metadataFile is not readable\n"); exit("Exiting: File $metadataFile is not readable\n");
}
} }
if ($verbose) { if ($verbose) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment