From c7029684f95cd06b786e2f04ba415e4078903441 Mon Sep 17 00:00:00 2001
From: Marco Malavolti <marco.malavolti@gmail.com>
Date: Wed, 27 Apr 2022 18:01:33 +0200
Subject: [PATCH] Added PyFF instructions to automate download of
 sps-metadata.xml

---
 README-SPS-METADATA.xml      | 60 ++++++++++++++++++++++++++++++++++++
 pyff-config/sps-metadata.xml |  6 ++++
 2 files changed, 66 insertions(+)
 create mode 100644 README-SPS-METADATA.xml
 create mode 100644 pyff-config/sps-metadata.xml

diff --git a/README-SPS-METADATA.xml b/README-SPS-METADATA.xml
new file mode 100644
index 0000000..ec21654
--- /dev/null
+++ b/README-SPS-METADATA.xml
@@ -0,0 +1,60 @@
+# HOWTO Automating ECCS SPs Metadata download with PyFF Metadata Aggregator
+
+1. [Introduction](#introduction)
+2. [Install](#install)
+3. [Configure](#configure)
+4. [Automating SPs metadata download](#automating-sps-metadata-download)
+5. [Authors](#authors)
+
+## Introduction
+
+The eduGAIN Connectivity Check Service (ECCS), uses two Service Provider belonging to different NREN that are members of eduGAIN interfederation.
+The ECCS Python script gets the SPs' HTTP-Post AssertionConsumerService URL from the "sps-metadata.xml" file placed into "input" directory.
+The mechanism chosen to update regularly the "sps-metadata.xml" file involves the PyFF Metadata Aggregator because it allows to download the eduGAIN metadata, validate it with eduGAIN metadata certificate, consider only two SP interested by ECCS and create the "sps-metadata.xml" file as output.
+The following instruction will help to install, configure and use PyFF for ECCS.
+
+## Requirements
+
+* Python >= 3.7
+
+## Install
+
+1) Create another Virtualenv for PyFF:
+   * `$HOME/eccs/python/bin/virtualenv --python=$HOME/eccs/python/bin/python3 pyff-venv`
+
+2) Upgrade PIP:
+   * `$HOME/eccs/pyff-venv/bin/python3 -m pip install --upgrade pip`
+
+3) Activate PyFF Virtualenv:
+   * `source $HOME/eccs/pyff-venv/bin/activate`
+   
+4) Install PyFF:
+   * `pip install -U pyff`
+   
+## Configure
+
+1) For Python 3.10:
+   * `vim $HOME/eccs/pyff-venv/lib/python3.10/site-packages/xmlsec/crypto.py`
+
+     "from collections import MutableMapping as DictMixin" have to be:
+     "from collections.abc import MutableMapping as DictMixin"
+     
+2) Download eduGAIN metadata certificate:
+   * `cd $HOME/eccs/pyff-config`
+   * `wget "https://technical.edugain.org/mds-v2.cer" -O edugain-signer.crt`
+
+## Automating SPs metadata download
+
+Configure the cron job for the local user to automate downloading SPs metadata:
+
+   * `crontab -e`
+
+     ```bash
+     00 7 * * * $HOME/eccs/pyff-venv/bin/pyff $HOME/eccs/pyff-config/sps-metadata.xml
+     ```
+
+## Authors
+
+### Original Author
+
+   * Marco Malavolti (marco.malavolti@garr.it)
diff --git a/pyff-config/sps-metadata.xml b/pyff-config/sps-metadata.xml
new file mode 100644
index 0000000..55ee675
--- /dev/null
+++ b/pyff-config/sps-metadata.xml
@@ -0,0 +1,6 @@
+- load:
+   - https://mds.edugain.org/edugain-v2.xml /srv/eccs/pyff-config/edugain-signer.crt
+- select:
+   - "https://sp-demo.idem.garr.it/shibboleth"
+   - "https://attribute-viewer.aai.switch.ch/interfederation-test/shibboleth"
+- publish: "/srv/eccs/input/sps-metadata.xml"
-- 
GitLab