From b1b2dd3bb1135f9a01c09764ec0e2cafcbefc4dc Mon Sep 17 00:00:00 2001
From: Marco Malavolti <marco.malavolti@gmail.com>
Date: Sun, 28 Jun 2020 02:35:39 +0200
Subject: [PATCH] Fixed storing URN into HTML page_source file
---
api.py | 40 +++++++++++++++++-----------------
eccs2.py | 53 ++++++++++++++++++++++++++++++----------------
eccs2properties.py | 25 ++++++++++++----------
web/script.js | 24 ++++++++++++++-------
4 files changed, 85 insertions(+), 57 deletions(-)
diff --git a/api.py b/api.py
index 75f5a53..04405ce 100755
--- a/api.py
+++ b/api.py
@@ -153,12 +153,12 @@ class EccsResults(Resource):
# IdP-RegAuth; check[2]
# IdP-tech-ctc-1,IdP-tech-ctc-2; check[3]
# IdP-supp-ctc-1,IdP-supp-ctc-2; check[4]
- # Status; check[5]
- # SP-entityID-1; check[6]
+ # ECCS Status; check[5]
+ # SP-wayfless-url-1; check[6]
# SP-check-time-1; check[7]
# SP-status-code-1; check[8]
# SP-status-1; check[9]
- # SP-entityID-2; check[10]
+ # SP-wayfless-url-2; check[10]
# SP-check-time-2; check[11]
# SP-status-code-2 check[12]
# SP-status-2 check[13]
@@ -169,19 +169,19 @@ class EccsResults(Resource):
idp_reg_auth = check[2]
idp_tech_ctcs = check[3]
idp_supp_ctcs = check[4]
- idp_checks_status = check[5]
- sp1_entity_id = check[6]
+ idp_eccs_status = check[5]
+ sp1_wayfless_url = check[6]
sp1_check_time = check[7]
sp1_status_code = check[8]
sp1_check_status = check[9]
- sp2_entity_id = check[10]
+ sp2_wayfless_url = check[10]
sp2_check_time = check[11]
sp2_status_code = check[12]
sp2_check_status = check[13].rstrip("\n\r")
if (idp and status):
app.logger.info("eccsresults: check for 'idp':'%s' with 'status':'%s'" % (idp, status))
- if (idp == idp_entity_id and status == idp_checks_status):
+ if (idp == idp_entity_id and status == idp_eccs_status):
result.append(
{
'displayName' : idp_displayname,
@@ -193,18 +193,18 @@ class EccsResults(Resource):
},
'date' : date,
'sp1' : {
- 'entityID' : sp1_entity_id,
+ 'wayfless_url' : sp1_wayfless_url,
'checkTime' : sp1_check_time,
'statusCode' : sp1_status_code,
'status' : sp1_check_status
},
'sp2' : {
- 'entityID' : sp2_entity_id,
+ 'wayflessUrl' : sp2_wayfless_url,
'checkTime' : sp2_check_time,
'statusCode' : sp2_status_code,
'status' : sp2_check_status
},
- 'status' : idp_checks_status
+ 'status' : idp_eccs_status
} )
elif (idp):
#app.logger.info(re.search(".*."+idp+".*.", idp_entity_id, re.IGNORECASE))
@@ -222,22 +222,22 @@ class EccsResults(Resource):
},
'date' : date,
'sp1' : {
- 'entityID' : sp1_entity_id,
+ 'wayflessUrl' : sp1_wayfless_url,
'checkTime' : sp1_check_time,
'statusCode' : sp1_status_code,
'status' : sp1_check_status
},
'sp2' : {
- 'entityID' : sp2_entity_id,
+ 'wayflessUrl' : sp2_wayfless_url,
'checkTime' : sp2_check_time,
'statusCode' : sp2_status_code,
'status' : sp2_check_status
},
- 'status' : idp_checks_status
+ 'status' : idp_eccs_status
} )
elif (status):
app.logger.info("eccsresults: Search for 'status':'%s'." % status)
- if (status == idp_checks_status):
+ if (status == idp_eccs_status):
result.append(
{
'displayName' : idp_displayname,
@@ -249,18 +249,18 @@ class EccsResults(Resource):
},
'date' : date,
'sp1' : {
- 'entityID' : sp1_entity_id,
+ 'wayflessUrl' : sp1_wayfless_url,
'checkTime' : sp1_check_time,
'statusCode' : sp1_status_code,
'status' : sp1_check_status
},
'sp2' : {
- 'entityID' : sp2_entity_id,
+ 'wayflessUrl' : sp2_wayfless_url,
'checkTime' : sp2_check_time,
'statusCode' : sp2_status_code,
'status' : sp2_check_status
},
- 'status' : idp_checks_status
+ 'status' : idp_eccs_status
} )
else:
result.append(
@@ -274,18 +274,18 @@ class EccsResults(Resource):
},
'date' : date,
'sp1' : {
- 'entityID' : sp1_entity_id,
+ 'wayflessUrl' : sp1_wayfless_url,
'checkTime' : sp1_check_time,
'statusCode' : sp1_status_code,
'status' : sp1_check_status
},
'sp2' : {
- 'entityID' : sp2_entity_id,
+ 'wayflessUrl' : sp2_wayfless_url,
'checkTime' : sp2_check_time,
'statusCode' : sp2_status_code,
'status' : sp2_check_status
},
- 'status' : idp_checks_status
+ 'status' : idp_eccs_status
} )
if (pretty):
diff --git a/eccs2.py b/eccs2.py
index 8836a65..8402bd6 100755
--- a/eccs2.py
+++ b/eccs2.py
@@ -25,6 +25,14 @@ The script has been written to simulate an user that inserts the IdP's entityID
If the IdP Login page presente the fields for both selected SP the test is passed, otherwise it is failed.
"""
+# Returns the FQDN to use on the HTML page_source files
+def getIDPfqdn(entityIDidp):
+ if entityIDidp.startswith('http'):
+ return parse_url(entityIDidp)[2]
+ else:
+ return entityIDidp.split(":")[-1]
+
+
# The function check that the IdP recognized the SP by presenting its Login page.
# If the IdP Login page contains "username" and "password" fields, than the test is passed.
def checkIdP(sp,idp):
@@ -45,32 +53,40 @@ def checkIdP(sp,idp):
federation_blacklist = FEDS_BLACKLIST
entities_blacklist = IDPS_BLACKLIST
+ fqdn_idp = getIDPfqdn(idp['entityID'])
+ fqdn_sp = parse_url(sp)[2]
+ wayfless_url = sp + idp['entityID']
+
if (idp['registrationAuthority'] in federation_blacklist):
check_time = datetime.datetime.utcnow().strftime('%Y-%m-%dT%H:%M:%S') + 'Z'
- return (idp['entityID'],sp,check_time,"NULL","DISABLED")
+
+ with open("%s/%s/%s---%s.html" % (ECCS2HTMLDIR,DAY,fqdn_idp,fqdn_sp),"w") as html:
+ html.write("Federation excluded from check")
+ return (idp['entityID'],wayfless_url,check_time,"NULL","DISABLED")
if (idp['entityID'] in entities_blacklist):
check_time = datetime.datetime.utcnow().strftime('%Y-%m-%dT%H:%M:%S') + 'Z'
- return (idp['entityID'],sp,check_time,"NULL","DISABLED")
+
+ with open("%s/%s/%s---%s.html" % (ECCS2HTMLDIR,DAY,fqdn_idp,fqdn_sp),"w") as html:
+ html.write("Identity Provider excluded from check")
+ return (idp['entityID'],wayfless_url,check_time,"NULL","DISABLED")
# Open SP, select the IDP from the EDS and press 'Enter' to reach the IdP login page to check
try:
check_time = datetime.datetime.utcnow().strftime('%Y-%m-%dT%H:%M:%S') + 'Z'
- driver.get(sp)
- element = WebDriverWait(driver, 50).until(EC.presence_of_element_located((By.ID,"idpSelectInput")))
- element.send_keys(idp['entityID'] + Keys.ENTER)
+ driver.get(wayfless_url)
page_source = driver.page_source
samlrequest_url = driver.current_url
- # Put the page_source into its HTML file
- Path("%s/%s" % (ECCS2HTMLDIR,DAY)).mkdir(parents=True, exist_ok=True)
- fqdn_idp = parse_url(idp['entityID'])[2]
- fqdn_sp = parse_url(sp)[2]
+ # Put the page_source into an appropriate HTML file
with open("%s/%s/%s---%s.html" % (ECCS2HTMLDIR,DAY,fqdn_idp,fqdn_sp),"w") as html:
html.write(page_source)
except TimeoutException as e:
- return (idp['entityID'],sp,check_time,"(failed)","Timeout")
+ # Put an empty string into the page_source file
+ with open("%s/%s/%s---%s.html" % (ECCS2HTMLDIR,DAY,fqdn_idp,fqdn_sp),"w") as html:
+ html.write("")
+ return (idp['entityID'],wayfless_url,check_time,"(failed)","Timeout")
except NoSuchElementException as e:
# The input of the bootstrap tables are provided by "eccs2" and "eccs2checks" log.
@@ -142,13 +158,14 @@ def checkIdP(sp,idp):
status_code = "555"
if(metadata_not_found):
- return (idp['entityID'],sp,check_time,status_code,"No-eduGAIN-Metadata")
+ return (idp['entityID'],wayfless_url,check_time,status_code,"No-eduGAIN-Metadata")
elif not username_found or not password_found:
- return (idp['entityID'],sp,check_time,status_code,"Invalid-Form")
+ return (idp['entityID'],wayfless_url,check_time,status_code,"Invalid-Form")
else:
- return (idp['entityID'],sp,check_time,status_code,"OK")
+ return (idp['entityID'],wayfless_url,check_time,status_code,"OK")
+# Extract IdP DisplayName by fixing input string
def getDisplayName(display_name):
display_name_equal_splitted = display_name.split('==')
for elem in display_name_equal_splitted:
@@ -170,7 +187,7 @@ def storeECCS2result(idp,check_results,idp_status):
str_technical_contacts = ','.join(list_technical_contacts)
str_support_contacts = ','.join(list_support_contacts)
- # IdP-DisplayName;IdP-entityID;IdP-RegAuth;IdP-tech-ctc-1,IdP-tech-ctc-2;IdP-supp-ctc-1,IdP-supp-ctc-2;Status;SP-entityID-1;SP-check-time-1;SP-status-code-1;SP-result-1;SP-entityID-2;SP-check-time-2;SP-status-code-2;SP-result-2
+ # IdP-DisplayName;IdP-entityID;IdP-RegAuth;IdP-tech-ctc-1,IdP-tech-ctc-2;IdP-supp-ctc-1,IdP-supp-ctc-2;Status;SP-wayfless-url-1;SP-check-time-1;SP-status-code-1;SP-result-1;SP-wayfless-url-2;SP-check-time-2;SP-status-code-2;SP-result-2
with open("%s/%s" % (ECCS2OUTPUTDIR,ECCS2RESULTSLOG), 'a') as f:
f.write("%s;%s;%s;%s;%s;%s;%s;%s;%s;%s;%s;%s;%s;%s\n" % (
getDisplayName(idp['displayname']), # IdP-DisplayName
@@ -179,11 +196,11 @@ def storeECCS2result(idp,check_results,idp_status):
str_technical_contacts, # IdP-TechCtcsList
str_support_contacts, # IdP-SuppCtcsList
idp_status, # IdP-ECCS-Status
- check_results[0][1], # SP-entityID-1
+ check_results[0][1], # SP-wayfless-url-1
check_results[0][2], # SP-check-time-1
check_results[0][3], # SP-status-code-1
check_results[0][4], # SP-result-1
- check_results[1][1], # SP-entityID-2
+ check_results[1][1], # SP-wayfless-url-2
check_results[1][2], # SP-check-time-2
check_results[1][3], # SP-status-code-2
check_results[1][4])) # SP-result-2
@@ -194,8 +211,6 @@ def check(idp,sps):
check_results = []
for sp in sps:
result = checkIdP(sp,idp)
- # Se il checkIdP ha successo, aggiungo alla lista dei check
- # altrimenti no.
if result is not None:
check_results.append(result)
@@ -228,4 +243,6 @@ if __name__=="__main__":
idp = json.loads(args.idpJson[0])
+ Path("%s/%s" % (ECCS2HTMLDIR,DAY)).mkdir(parents=True, exist_ok=True) # Create dir needed to page_source content
+
check(idp,sps)
diff --git a/eccs2properties.py b/eccs2properties.py
index 416cb8c..066a388 100644
--- a/eccs2properties.py
+++ b/eccs2properties.py
@@ -32,10 +32,10 @@ ECCS2STDERR = "%s/stderr_%s.log" % (ECCS2LOGSDIR,DAY)
ECCS2FAILEDCMD = "%s/failed-cmd.sh" % ECCS2LOGSDIR
# Number of processes to run in parallel
-ECCS2NUMPROCESSES = 20
+ECCS2NUMPROCESSES = 25
# The 2 SPs that will be used to test each IdP
-ECCS2SPS = ["https://sp24-test.garr.it/secure", "https://attribute-viewer.aai.switch.ch/eds/"]
+ECCS2SPS = ["https://sp24-test.garr.it/Shibboleth.sso/Login?entityID=", "https://attribute-viewer.aai.switch.ch/Shibboleth.sso/Login?entityID="]
# Registration Authority of Federations to exclude from the check
FEDS_BLACKLIST = [
@@ -46,21 +46,24 @@ FEDS_BLACKLIST = [
# EntityID of IDPs to exclude from the check
IDPS_BLACKLIST = [
- 'https://iif.iucc.ac.il/idp/saml2/idp/metadata.php',
+ 'https://idp.eie.gr/idp/shibboleth',
+ 'https://edugain-proxy.igtf.net/simplesaml/saml2/idp/metadata.php',
+ 'https://gn-vho.grnet.gr/idp/shibboleth',
+ 'https://wtc.tu-chemnitz.de/shibboleth',
+ 'https://idp.utorauth.utoronto.ca/shibboleth',
'https://login.lstonline.ac.uk/idp/pingfederate',
- 'https://idp.pearsoncollege.com/openathens',
'https://idp.cambria.ac.uk/openathens',
- 'https://idp.wnsc.ac.uk/idp/shibboleth',
'https://indiid.net/idp/shibboleth',
'https://idp.nulc.ac.uk/openathens',
'https://lc-idp.lincolncollege.ac.uk/shibboleth',
- 'https://oa-idp.wlv.ac.uk/oala/metadata',
- 'https://idp.uel.ac.uk/shibboleth',
+ 'https://boleth.chi.ac.uk/idp/shibboleth',
+ 'https://idp.wnsc.ac.uk/idp/shibboleth',
+ 'https://idp.strodes.ac.uk/shibboleth',
'https://idp.ucreative.ac.uk/shibboleth',
'https://idp.llandrillo.ac.uk/shibboleth',
+ 'https://idp.uel.ac.uk/shibboleth',
'https://idp-dev.cardiff.ac.uk/idp/shibboleth',
- 'https://idp.kingston.ac.uk/shibboleth', # iframe to load
- 'https://shibboleth.aber.ac.uk/shibboleth',
- 'https://sso.vu.lt/SSO/saml2/idp/metadata.php', # no standard login page
- 'urn:mace:federation.org.au:testfed:uq.edu.au'
+ 'https://sso.vu.lt/SSO/saml2/idp/metadata.php',
+ #'https://ssl.education.lu/saml/saml2/idp/metadata.php',
+ 'https://iif.iucc.ac.il/idp/saml2/idp/metadata.php'
]
diff --git a/web/script.js b/web/script.js
index 8460a72..817f2b9 100644
--- a/web/script.js
+++ b/web/script.js
@@ -1,7 +1,12 @@
// use URL constructor and return hostname
function getHostname(url) {
const urlNew = new URL(url);
- return urlNew.hostname;
+ if (urlNew.hostname){
+ return urlNew.hostname;
+ }
+ else {
+ return url.replace(/.+:/g, '');
+ }
}
/* Formatting function for row details - modify as you need */
@@ -20,25 +25,28 @@ function format ( d ) {
'<td>Support Contacts:</td>'+
'<td>'+d.contacts.support+'</td>'+
'<td>Check Time</td>'+
- '<td>Status Code</td>'+
'<td>Result Check</td>'+
+ '<td>Status Code</td>'+
'<td>Page Source</td>'+
+ '<td>Retry Check</td>'+
'</tr>'+
'<tr>'+
'<td>SP1:</td>'+
- '<td>'+d.sp1.entityID+'</td>'+
+ '<td>https://'+getHostname(d.sp1.wayflessUrl)+'</td>'+
'<td>'+d.sp1.checkTime+'</td>'+
- '<td>'+d.sp1.statusCode+'</td>'+
'<td>'+d.sp1.status+'</td>'+
- '<td><a href="/eccs2html/'+d.date+'/'+getHostname(d.entityID)+'---'+getHostname(d.sp1.entityID)+'.html" target="_blank">Click to open</a></td>'+
+ '<td>'+d.sp1.statusCode+'</td>'+
+ '<td><a href="/eccs2html/'+d.date+'/'+getHostname(d.entityID)+'---'+getHostname(d.sp1.wayflessUrl)+'.html" target="_blank">Click to open</a></td>'+
+ '<td><a href="'+d.sp1.wayflessUrl+'" target="_blank">Click to retry</a></td>'+
'</tr>'+
'<tr>'+
'<td>SP2:</td>'+
- '<td>'+d.sp2.entityID+'</td>'+
+ '<td>https://'+getHostname(d.sp2.wayflessUrl)+'</td>'+
'<td>'+d.sp2.checkTime+'</td>'+
- '<td>'+d.sp2.statusCode+'</td>'+
'<td>'+d.sp2.status+'</td>'+
- '<td><a href="/eccs2html/'+d.date+'/'+getHostname(d.entityID)+'---'+getHostname(d.sp2.entityID)+'.html" target="_blank">Click to open</a></td>'+
+ '<td>'+d.sp2.statusCode+'</td>'+
+ '<td><a href="/eccs2html/'+d.date+'/'+getHostname(d.entityID)+'---'+getHostname(d.sp2.wayflessUrl)+'.html" target="_blank">Click to open</a></td>'+
+ '<td><a href="'+d.sp2.wayflessUrl+'" target="_blank">Click to retry</a></td>'+
'</tr>'+
'</table>';
}
--
GitLab