Commit 16f454fc authored by Martin van Es's avatar Martin van Es
Browse files

Make mdproxy domain aware

parent 1eed7c39
......@@ -15,32 +15,32 @@ app = Flask(__name__)
# Find all IdP's in edugain metadata
cached = {}
signer_url = 'http://localhost:5001/sign'
signer_url = 'http://localhost:5001'
@app.route('/cache/<path:eid>', methods=['GET'])
def cache(eid):
global cached
@app.route('/<domain>/entities/<path:eid>', methods=['GET'])
def serve(domain, eid):
entityID = unquote(eid)
if entityID[:6] == "{sha1}":
entityID = entityID[6:]
else:
entityID = hasher(entityID)
if entityID in cached:
if cached[entityID].valid_until > datetime.now(tz.tzutc()):
cached[domain] = cached.get(domain, {})
if entityID in cached[domain]:
if cached[domain][entityID].valid_until > datetime.now(tz.tzutc()):
print(f"serve {entityID}")
return cached[entityID].md
return cached[domain][entityID].md
else:
print(f"request {entityID}")
result = requests.get(f"{signer_url}/{{sha1}}{entityID}").text
result = requests.get(f"{signer_url}/{domain}/entities/{{sha1}}{entityID}").text
parsed = ET.fromstring(result)
validUntil = parsed.get('validUntil')
# cacheDuration = parsed.get('cacheDuration')
cached_entity = Entity()
cached_entity.md = result
cached_entity.valid_until = parser.isoparse(validUntil)
cached[entityID] = cached_entity
cached[domain][entityID] = cached_entity
return result
......
......@@ -8,13 +8,14 @@ from datetime import datetime
import traceback
from utils import read_config, read_domain, hasher, idps, \
signed, signer, Signers, Entity
signed, signer, Signers, Entity, event_notifier
signers = Signers()
app = Flask(__name__)
@app.route('/<domain>/entities/<path:eid>', methods=['GET'])
def sign(domain, eid):
def serve(domain, eid):
entityID = unquote(eid)
if entityID[:6] == "{sha1}":
sha1 = entityID[6:]
......@@ -34,7 +35,7 @@ def sign(domain, eid):
print(f"sign {domain} {sha1}")
valid_until = idps[domain][sha1].valid_until
if valid_until > datetime.now(tz.tzutc()):
signed_element = Signers()[signer[domain]](idps[domain][sha1].md)
signed_element = signers[signer[domain]](idps[domain][sha1].md)
signed_xml = ET.tostring(signed_element, pretty_print=True).decode()
signed_entity = Entity()
signed_entity.md = signed_xml
......@@ -62,4 +63,6 @@ for domain, values in config.items():
read_domain(domain, values)
signer[domain] = values['signer']
app.run(host='127.0.0.1', port=5001)
event_notifier.start()
......@@ -6,7 +6,7 @@ from concurrent.futures import ThreadPoolExecutor
from lxml import etree as ET
# import traceback
from utils import hasher, signer
from utils import hasher, Signers
# Find all IdP's in edugain metadata
......@@ -14,9 +14,7 @@ idps = []
success = 0
failed = 0
maxthreads = 8
cert = open("meta.crt").read()
key = open("meta.key").read()
signer = Signers()['normal_signer']
def sign(xml, name):
......@@ -24,7 +22,7 @@ def sign(xml, name):
# print("Signer")
try:
sha1 = hasher(name)
signed = signer(xml, cert, key)
signed = signer(xml)
out = ET.tostring(signed, pretty_print=True).decode()
# XMLVerifier().verify(out, x509_cert=cert)
with open(f'output/{sha1}.xml', 'w') as f:
......
......@@ -21,6 +21,13 @@ signed = {}
signer = {}
def hasher(entity_id):
sha1 = hashlib.sha1()
sha1.update(entity_id.encode())
sha1_digest = sha1.hexdigest()
return sha1_digest
class Entity(object):
md = None
valid_until = 0
......@@ -112,13 +119,4 @@ def read_config():
return config
def hasher(entity_id):
sha1 = hashlib.sha1()
sha1.update(entity_id.encode())
sha1_digest = sha1.hexdigest()
return sha1_digest
event_notifier = pyinotify.ThreadedNotifier(watch_manager, EventProcessor())
event_notifier.start()
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment