detecting those empty metadata elements

Mak, Steve makst at
Thu May 21 12:58:08 UTC 2020


This is probably overkill for your problem, but this is how we found our invalid SP metadata files.

In upgrading from v3 to v4 we had to find any attribute differences and we used a brute force method: we aacli tested every single SP with AACLI json output.

This script assumes you are inputing a file with two fields separated by comma, and outputs to sha-named files for later diffing, but you could probably trim it down a bit.

cat sp_list.txt | sort -suf | perl -pe "s/^'//; s/'$//;" | perl "-F/','/" -lane 'open O, ">", "$DIR/$F[1].out" or die "open $DIR/$F[1].out: $!"; print O qx{$IDPHOME/bin/ --url=http://localhost:8080/idp -n $USERNAME -r $F[0] | jq ".attributes|=sort_by(.name)"} or die "exec: $!";' &

It's assumed that sp_list.txt has 'entityID','sha'. (you could drop the first perl substitution if you drop the ')
$DIR is where you want it to dump your files.
$IDPHOME is the location of your idp.
$USERNAME is the uid you want to use.
--url you might be able to drop if you accept AACLI from outside localhost, and obviously might need to change the port.

In the end, we had a bunch of files of various sizes. The files with size 0 or 1 were the problem SPs.

More information about the users mailing list