Skip to content
Snippets Groups Projects
Commit 4d706927 authored by Martin van Es's avatar Martin van Es
Browse files

Add md expiration based on validUntil

parent 3ae6aa8d
Branches
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
mdproxy.py
+ 20
6
View file @ 4d706927
#!/usr/bin/env python
import requests
from flask import Flask, request
from lxml import etree as ET
from flask import Flask
from urllib.parse import unquote
import requests
# import traceback
from dateutil import parser, tz
from datetime import datetime
app = Flask(__name__)
......@@ -13,18 +15,30 @@ cached = {}
signer = 'http://localhost:5001/sign'
class Entity(object):
md = None
valid_until = 0
@app.route('/cache/<path:eid>', methods=['GET'])
def cache(eid):
global cached
entity = unquote(eid)
print(f"entity: {entity}")
if entity in cached:
print(f"serve {entity}")
return cached[entity]
if cached[entity].valid_until > datetime.now(tz.tzutc()):
print(f"serve {entity}")
return cached[entity].md
else:
print(f"request {entity}")
result = requests.get(f"{signer}/{entity}").text
cached[entity] = result
parsed = ET.fromstring(result)
validUntil = parsed.get('validUntil')
# cacheDuration = parsed.get('cacheDuration')
cached_entity = Entity
cached_entity.md = result
cached_entity.valid_until = parser.isoparse(validUntil)
cached[entity] = cached_entity
return result
......
mdserver.py
+ 38
19
View file @ 4d706927
......@@ -3,12 +3,13 @@ import sys
import copy
from lxml import etree as ET
from signxml import XMLSigner, XMLVerifier
# import hashlib
from flask import Flask, request
from signxml import XMLSigner
from flask import Flask
from urllib.parse import unquote
# import traceback
from dateutil import parser, tz
from datetime import datetime
# import hashlib
app = Flask(__name__)
......@@ -22,24 +23,36 @@ cert = open("meta.crt").read()
key = open("meta.key").read()
class Entity(object):
md = None
valid_until = 0
@app.route('/sign/<path:eid>', methods=['GET'])
def sign(eid):
global idps, signed, cert
entity = unquote(eid)
try:
if entity in signed:
if entity in signed:
signed_entity = signed[entity]
if signed_entity.valid_until > datetime.now(tz.tzutc()):
print(f"serve {entity}")
return signed[entity]
elif entity in idps:
return signed[entity].md
if entity in idps:
try:
print(f"sign {entity}")
signed_element = XMLSigner().sign(idps[entity], key=key, cert=cert)
signed_element = XMLSigner().sign(idps[entity].md, key=key, cert=cert)
signed_xml = ET.tostring(signed_element, pretty_print=True).decode()
signed[entity] = signed_xml
signed_entity = Entity
signed_entity.md = signed_xml
signed_entity.valid_until = idps[entity].valid_until
signed[entity] = signed_entity
return signed_xml
except Exception as e:
print(entity)
print(f" {e}")
# traceback.print_exc()
except Exception as e:
print(entity)
print(f" {e}")
return "No valid metadata\n", 404
for mdfile in sys.argv[1:]:
......@@ -47,12 +60,18 @@ for mdfile in sys.argv[1:]:
root = tree.getroot()
ns = copy.deepcopy(root.nsmap)
ns['xml'] = 'http://www.w3.org/XML/1998/namespace'
for idp in root.findall('md:EntityDescriptor', ns):
entityID = idp.attrib.get('entityID', 'none')
validUntil = root.get('validUntil')
cacheDuration = root.get('cacheDuration')
for entity_descriptor in root.findall('md:EntityDescriptor', ns):
entityID = entity_descriptor.attrib.get('entityID', 'none')
entity_descriptor.set('validUntil', validUntil)
entity_descriptor.set('cacheDuration', cacheDuration)
entity = Entity
entity.md = entity_descriptor
entity.valid_until = parser.isoparse(validUntil)
if entityID not in idps:
print(entityID)
idps[entityID] = idp
idps[entityID] = entity
found += 1
print(f"Found: {found}")
......
requirements.txt
+ 1
0
View file @ 4d706927
......@@ -2,3 +2,4 @@ lxml
signxml
flask
requests
python-dateutil
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment