forked from clarin-eric/SAML_metadata_QA_validator
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbuild.xml
executable file
·91 lines (90 loc) · 3.94 KB
/
build.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
<project
name="SAML_metadata_QA_validator"
default="validate"
basedir=".">
<description>
SAML metadata QA validator for the CLARIN Service Provider Federation. Checks for common weaknesses in Security Assertion Markup Language metadata. Currently focused on SAML metadata about Service Providers. The guidelines to prevent these weaknesses can be read at https://www.clarin.eu/content/guidelines-saml-metadata-about-your-sp .
</description>
<property
name="Schematron_dir_path"
location="/opt/Schematron/iso-schematron-xslt2/"/>
<property
name="Saxon_JAR_path"
location="/opt/Saxon/SaxonHE9-6-0-6J/saxon9he.jar"/>
<target
name="validate">
<echo>Schematron directory path: ${Schematron_dir_path}</echo>
<echo>Saxon JAR path: ${Saxon_JAR_path}</echo>
<get
src="https://infra.clarin.eu/aai/prod_md_about_spf_sps.xml"
dest="out/prod_md_about_spf_sps.xml"
verbose="true"
usetimestamp="true"/>
<get
src="https://infra.clarin.eu/aai/md_about_spf_sps.xml"
dest="out/md_about_spf_sps.xml"
verbose="true"
usetimestamp="true"/>
<!-- A bug in the quasi-reference implementation of ISO Schematron (https://code.google.com/p/schematron/issues/detail?can=2&start=0&num=100&q=&colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary&groupby=&sort=&id=6) prevents parameter identifiers from being expanded within let-bindings in abstract patterns. It appeared impossible to circumvent this issue without either changing that implementation or having a lot of duplication (no abstract rules) or not using abstract rules but an include (fragile, unclear). The patch is in agreement with the ISO Schematron standard and since the original implementation hasn't been updated since 2008, this patch is not only warranted but is also unlikely to cause maintenance issues. -->
<xslt
basedir="."
style="iso_abstract_expand_patched.xsl"
in="SAML_metadata_QA_validator.sch"
out="out/SAML_metadata_QA_validator.concrete.sch">
<classpath>
<pathelement
location="${Saxon_JAR_path}"/>
</classpath>
</xslt>
<xslt
basedir="."
style="${Schematron_dir_path}/iso_svrl_for_xslt2.xsl"
in="out/SAML_metadata_QA_validator.concrete.sch"
out="out/SAML_metadata_QA_validator.xsl">
<classpath>
<pathelement
location="${Saxon_JAR_path}"/>
</classpath>
</xslt>
<xslt
basedir="."
style="out/SAML_metadata_QA_validator.xsl"
in="out/md_about_spf_sps.xml"
out="out/md_about_spf_sps.svrlt">
<classpath>
<pathelement
location="${Saxon_JAR_path}"/>
</classpath>
</xslt>
<xslt
basedir="."
style="svrlt_to_simple_xml.xsl"
in="out/md_about_spf_sps.svrlt"
out="out/md_about_spf_sps_qa.xml">
<classpath>
<pathelement
location="${Saxon_JAR_path}"/>
</classpath>
</xslt>
<xslt
basedir="."
style="out/SAML_metadata_QA_validator.xsl"
in="out/prod_md_about_spf_sps.xml"
out="out/prod_md_about_spf_sps.svrlt">
<classpath>
<pathelement
location="${Saxon_JAR_path}"/>
</classpath>
</xslt>
<xslt
basedir="."
style="svrlt_to_simple_xml.xsl"
in="out/prod_md_about_spf_sps.svrlt"
out="out/prod_md_about_spf_sps_qa.xml">
<classpath>
<pathelement
location="${Saxon_JAR_path}"/>
</classpath>
</xslt>
</target>
</project>