Class: MDQT::CLI::Check

Inherits:
Base
  • Object
show all
Defined in:
lib/mdqt/cli/check.rb

Instance Method Summary collapse

Methods inherited from Base

#advise_on_xml_signing_support, #args, #btw, check_requirements, #colour_shell?, #explain, #extract_certificate_paths, #get_stdin, #halt!, #hey, #initialize, introduce, #options, #options=, #output, #pastel, #pipeable?, run, #say, #service_url, service_url, #yay

Constructor Details

This class inherits a constructor from MDQT::CLI::Base

Instance Method Details

#runObject 



9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
 
# File 'lib/mdqt/cli/check.rb', line 9

def run

  options.validate = true

  advise_on_xml_signing_support
  halt!("Cannot check a metadata file without XML support: please install additional gems") unless MDQT::Client.verification_available?

  client = MDQT::Client.new(
    service_url(options),
    verbose: options.verbose,
    explain: options.explain ? true : false,
  )

  cert_paths = options.verify_with ? extract_certificate_paths(options.verify_with) : []

  args.each do |filename|

    filename = File.absolute_path(filename)
    file = client.open_metadata(filename)

    halt!("Cannot access file #{filename}") unless file.readable?

    halt!("XML validation failed for #{filename}:\n#{file.validation_error}") unless file.valid?
    btw "File #{filename} is valid SAML Metadata XML"

    if options.verify_with
      halt! "XML in #{filename} is not signed, cannot verify!" unless file.signed?
      halt! "The signed XML for #{filename} cannot be verified using #{cert_paths.to_sentence}" unless file.verified_signature?(cert_paths)
      btw "Signed XML for #{filename} has been verified using '#{cert_paths.to_sentence}'"
    end

    yay "#{filename} OK"
  end

end

#verify_results(results) ⇒ Object 



45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
 
# File 'lib/mdqt/cli/check.rb', line 45

def verify_results(results)

  # if options.validate
  #   results.each do |result|
  #     next unless result.ok?
  #     halt! "The data for #{result.identifier} is not valid when checked against schema:\n#{result.validation_error}" unless result.valid?
  #     btw "Data for #{result.identifier.empty? ? 'aggregate' : result.identifier } has been validated against schema" ## FIXME - needs constistent #label maybe?
  #   end
  # end
  #
  # return results unless options.verify_with
  #
  # cert_paths = extract_certificate_paths(options.verify_with)
  #
  # results.each do |result|
  #   next unless result.ok?
  #   halt! "Data from #{options.service} is not signed, cannot verify!" unless result.signed?
  #   halt! "The data for #{result.identifier} cannot be verified using #{cert_paths.to_sentence}" unless result.verified_signature?(cert_paths)
  #   btw "Data for #{result.identifier.empty? ? 'aggregate' : result.identifier } has been verified using '#{cert_paths.to_sentence}'" ## FIXME - needs constistent #label maybe?
  # end
  #
  # results

end