2019-11-21 07:42:45 -05:00
|
|
|
'use strict'
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Run with: node metadata-processor /path/ukamf.xml http://idp/entity/id
|
|
|
|
|
*
|
2020-03-18 10:26:34 -04:00
|
|
|
* `npm install` must be run for scripts/ukamf first.
|
|
|
|
|
*
|
2019-11-21 07:42:45 -05:00
|
|
|
* The ukamf metadata xml file can be downloaded from:
|
|
|
|
|
* http://metadata.ukfederation.org.uk/
|
|
|
|
|
*
|
|
|
|
|
* The entity id should be provided by the university.
|
|
|
|
|
*/
|
|
|
|
|
|
2020-03-18 10:26:34 -04:00
|
|
|
const { Certificate } = require('@fidm/x509')
|
|
|
|
|
const moment = require('moment')
|
|
|
|
|
|
2019-11-21 07:42:45 -05:00
|
|
|
const UKAMFDB = require('./ukamf-db')
|
|
|
|
|
|
|
|
|
|
main().catch(err => {
|
|
|
|
|
console.error(err.stack)
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
async function main() {
|
|
|
|
|
const [, , file, entityId] = process.argv
|
|
|
|
|
|
2020-03-18 10:26:34 -04:00
|
|
|
console.log(`loading file ${file}...\n`)
|
2019-11-21 07:42:45 -05:00
|
|
|
|
|
|
|
|
const ukamfDB = new UKAMFDB(file)
|
|
|
|
|
await ukamfDB.init()
|
|
|
|
|
|
|
|
|
|
const entity = ukamfDB.findByEntityID(entityId)
|
|
|
|
|
if (!entity) {
|
|
|
|
|
throw new Error(`could not find entity for ${entityId}`)
|
|
|
|
|
}
|
|
|
|
|
const samlConfig = entity.getSamlConfig()
|
|
|
|
|
|
2020-03-18 10:26:34 -04:00
|
|
|
const certificate = Certificate.fromPEM(
|
|
|
|
|
Buffer.from(
|
2020-12-15 05:23:54 -05:00
|
|
|
`-----BEGIN CERTIFICATE-----\n${samlConfig.cert}\n-----END CERTIFICATE-----`,
|
2020-03-18 10:26:34 -04:00
|
|
|
'utf8'
|
|
|
|
|
)
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
const validFrom = moment(certificate.validFrom)
|
|
|
|
|
const validTo = moment(certificate.validTo)
|
|
|
|
|
|
|
|
|
|
if (validFrom.isAfter(moment())) {
|
|
|
|
|
throw new Error(`certificate not valid till: ${validFrom.format('LLL')}`)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (validTo.isBefore(moment())) {
|
|
|
|
|
throw new Error(`certificate expired: ${validTo.format('LLL')}`)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
console.log(
|
|
|
|
|
`!!!!!!!!!!!!!\nCERTIFICATE EXPIRES: ${validTo.format(
|
|
|
|
|
'LLL'
|
|
|
|
|
)}\n!!!!!!!!!!!!!\n`
|
|
|
|
|
)
|
|
|
|
|
|
2020-04-27 11:59:54 -04:00
|
|
|
console.log(`SSO Entity ID: ${samlConfig.entityId}\n`)
|
|
|
|
|
console.log(`SSO Entry Point: ${samlConfig.entryPoint}\n`)
|
|
|
|
|
console.log(`SSO Certificate: ${samlConfig.cert}\n`)
|
2021-05-11 10:08:42 -04:00
|
|
|
if (samlConfig.hiddenIdP) {
|
|
|
|
|
console.log('!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!')
|
|
|
|
|
console.log('!!!!!!!!!!!!!!! WARNING !!!!!!!!!!!!!!!')
|
|
|
|
|
console.log(
|
|
|
|
|
`The IdP metadata indicates it should be\nhidden from discovery. Check this is\nthe correct entity ID before using.`
|
|
|
|
|
)
|
|
|
|
|
console.log('!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!')
|
|
|
|
|
console.log('!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!')
|
|
|
|
|
}
|
2019-11-21 07:42:45 -05:00
|
|
|
}
|
