When an entity is loaded from 2 sources, entity data from the 1st source is lost #289
Comments
|
Adding a test pipeline to reproduce the issue. Put the 3 files in a directory, adjust the paths in Both XML files are identical except for the RegistrationInfo. The RegistrationInfo from the 1st surce is lost. Well, github does not allow me to attach yaml or xml files, so I'll paste them below. test.yaml - load:
- file:///path/to/test/directory/test-idp-1.xml
- file:///path/to/test/directory/test-idp-2.xml
- select dedup False
- discojson
- publish:
output: "./test.json"
raw: true
update_store: falsetest-idp-1.xml <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi"
entityID="https://idp.example.com/saml2/idp/metadata.php">
<md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:Extensions>
<mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/" registrationInstant="2015-02-11T11:09:51Z">
<mdrpi:RegistrationPolicy xml:lang="en">http://swamid.se/policy/mdrps</mdrpi:RegistrationPolicy>
</mdrpi:RegistrationInfo>
<shibmd:Scope regexp="false">example.com</shibmd:Scope>
<mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
<mdui:DisplayName xml:lang="sv">Example universitet</mdui:DisplayName>
<mdui:DisplayName xml:lang="en">Example University</mdui:DisplayName>
<mdui:Description xml:lang="sv">Identity Provider för Example universitet</mdui:Description>
<mdui:Description xml:lang="en">Identity Provider for Example University</mdui:Description>
<mdui:InformationURL xml:lang="sv">http://www.example.com/</mdui:InformationURL>
<mdui:InformationURL xml:lang="en">http://www.example.com/english/</mdui:InformationURL>
<mdui:Logo height="63" width="358">https://www.example.com/static/images/umu_logo.jpg</mdui:Logo>
<mdui:Logo xml:lang="sv" height="63" width="358">https://www.example.com/static/images/logo.jpg</mdui:Logo>
<mdui:Logo xml:lang="en" height="63" width="350">https://www.example.com/static/images/logo_eng.jpg</mdui:Logo>
<mdui:Keywords xml:lang="sv">exempel</mdui:Keywords>
<mdui:Keywords xml:lang="en">example</mdui:Keywords>
</mdui:UIInfo>
<mdui:DiscoHints xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
<mdui:DomainHint>example.com</mdui:DomainHint>
<mdui:DomainHint>example.net</mdui:DomainHint>
<mdui:IPHint>10.0.0.0/8</mdui:IPHint>
</mdui:DiscoHints>
</md:Extensions>
<md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.example.com/saml2/idp/ArtifactResolutionService.php" index="0"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.example.com/saml2/idp/SingleLogoutService.php"/>
<md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
<md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.example.com/saml2/idp/SSOService.php"/>
</md:IDPSSODescriptor>
<md:Organization>
<md:OrganizationName xml:lang="sv">ExempelU</md:OrganizationName>
<md:OrganizationName xml:lang="en">ExampleU</md:OrganizationName>
<md:OrganizationDisplayName xml:lang="sv">Exempel Universitetet</md:OrganizationDisplayName>
<md:OrganizationDisplayName xml:lang="en">The Example University</md:OrganizationDisplayName>
<md:OrganizationURL xml:lang="sv">http://www.example.com</md:OrganizationURL>
<md:OrganizationURL xml:lang="en">http://www.example.com/english</md:OrganizationURL>
</md:Organization>
<md:ContactPerson contactType="administrative">
<md:Company>Example University</md:Company>
<md:SurName>Example helpdesk</md:SurName>
<md:EmailAddress>[email protected]</md:EmailAddress>
</md:ContactPerson>
<md:ContactPerson contactType="technical">
<md:Company>Example University</md:Company>
<md:SurName>Example helpdesk</md:SurName>
<md:EmailAddress>[email protected]</md:EmailAddress>
</md:ContactPerson>
<md:ContactPerson contactType="support">
<md:Company>Example University</md:Company>
<md:SurName>Servicedesk Example universitet</md:SurName>
<md:EmailAddress>[email protected]</md:EmailAddress>
</md:ContactPerson>
</md:EntityDescriptor>test-idp-2.xml <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi"
entityID="https://idp.example.com/saml2/idp/metadata.php">
<md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:Extensions>
<mdrpi:RegistrationInfo registrationAuthority="https://www.carsi.edu.cn" registrationInstant="2020-03-27T09:48:13Z">
<mdrpi:RegistrationPolicy xml:lang="zh">https://www.carsi.edu.cn/index_zh.htm</mdrpi:RegistrationPolicy>
</mdrpi:RegistrationInfo>
<shibmd:Scope regexp="false">example.com</shibmd:Scope>
<mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
<mdui:DisplayName xml:lang="sv">Example universitet</mdui:DisplayName>
<mdui:DisplayName xml:lang="en">Example University</mdui:DisplayName>
<mdui:Description xml:lang="sv">Identity Provider för Example universitet</mdui:Description>
<mdui:Description xml:lang="en">Identity Provider for Example University</mdui:Description>
<mdui:InformationURL xml:lang="sv">http://www.example.com/</mdui:InformationURL>
<mdui:InformationURL xml:lang="en">http://www.example.com/english/</mdui:InformationURL>
<mdui:Logo height="63" width="358">https://www.example.com/static/images/umu_logo.jpg</mdui:Logo>
<mdui:Logo xml:lang="sv" height="63" width="358">https://www.example.com/static/images/logo.jpg</mdui:Logo>
<mdui:Logo xml:lang="en" height="63" width="350">https://www.example.com/static/images/logo_eng.jpg</mdui:Logo>
<mdui:Keywords xml:lang="sv">exempel</mdui:Keywords>
<mdui:Keywords xml:lang="en">example</mdui:Keywords>
</mdui:UIInfo>
<mdui:DiscoHints xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
<mdui:DomainHint>example.com</mdui:DomainHint>
<mdui:DomainHint>example.net</mdui:DomainHint>
<mdui:IPHint>10.0.0.0/8</mdui:IPHint>
</mdui:DiscoHints>
</md:Extensions>
<md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.example.com/saml2/idp/ArtifactResolutionService.php" index="0"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.example.com/saml2/idp/SingleLogoutService.php"/>
<md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
<md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.example.com/saml2/idp/SSOService.php"/>
</md:IDPSSODescriptor>
<md:Organization>
<md:OrganizationName xml:lang="sv">ExempelU</md:OrganizationName>
<md:OrganizationName xml:lang="en">ExampleU</md:OrganizationName>
<md:OrganizationDisplayName xml:lang="sv">Exempel Universitetet</md:OrganizationDisplayName>
<md:OrganizationDisplayName xml:lang="en">The Example University</md:OrganizationDisplayName>
<md:OrganizationURL xml:lang="sv">http://www.example.com</md:OrganizationURL>
<md:OrganizationURL xml:lang="en">http://www.example.com/english</md:OrganizationURL>
</md:Organization>
<md:ContactPerson contactType="administrative">
<md:Company>Example University</md:Company>
<md:SurName>Example helpdesk</md:SurName>
<md:EmailAddress>[email protected]</md:EmailAddress>
</md:ContactPerson>
<md:ContactPerson contactType="technical">
<md:Company>Example University</md:Company>
<md:SurName>Example helpdesk</md:SurName>
<md:EmailAddress>[email protected]</md:EmailAddress>
</md:ContactPerson>
<md:ContactPerson contactType="support">
<md:Company>Example University</md:Company>
<md:SurName>Servicedesk Example universitet</md:SurName>
<md:EmailAddress>[email protected]</md:EmailAddress>
</md:ContactPerson>
</md:EntityDescriptor> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
For filtering with trust info, we need to add a few attributes to the discojson format: registrationAutority, the attributes entity-category, entity-category-support, assurance-certification, for IdPs, and DiscoveryResponses for SPs.
When the load pipe loads several sources, it accumulates all entities in a single dictionary keyed by entityID, here. This means that only the data in the last source loaded is going to be kept. There is a comment there saying "TODO: merge", but what we have there are EntityDescriptor XML elements, which for example can only carry at most one RegistrationInfo element.
Code Version
master
Expected Behavior
We would want to keep all the data in each entity until it is used by discojson.
Current Behavior
Data that is different accross sources is lost.
Possible Solution
One possibility would be to parse the entities e.g. around the line of code referenced above, and keep the loosable information in a new dictionary attached to the store, that could then be accessed in the discojson pipe.
Steps to Reproduce
The text was updated successfully, but these errors were encountered: