Open FlorisFokkinga opened 2 days ago
@FlorisFokkinga When I look up this user in the SBS test database, I see the following schac_home:
mysql> select uid, name, email, schac_home_organisation from users where name like '%SRAM%';
+----------------------------------------------------------------+-----------+----------------------+-------------------------+
| uid | name | email | schac_home_organisation |
+----------------------------------------------------------------+-----------+----------------------+-------------------------+
| c46818640d83ec0355837ba66624b24a90ab619d@acc.sram.eduteams.org | SRAM Demo | sramdemo@hotmail.com | eduid.nl |
+----------------------------------------------------------------+-----------+----------------------+-------------------------+
The schac_home organisation eduid.nl
does not resolve to a description in the https://metadata.surfconext.nl/signed/2023/edugain-downstream-idp.xml feed, and therefore the schac_home is show. What were you expecting and why?
Sorry, the screenshot is only an example. The problem is with domain knaw.nl.
This is caused by the use of a regular expression for the Scope. Currently in de edugain feed of ~25MB there is one use of a regexp in the Scope element:
curl 'httpscurl 'https://metadata.surfconext.nl/signed/2023/edugain-downstream-idp.xml' | grep 'regexp="1"'
<shibmd:Scope regexp="1">.*\.knaw\.nl$</shibmd:Scope>
Currently we don't support regular expressions in the shibmd:Scope
element. In the future we might.
Fix made in https://github.com/SURFscz/SBS/commit/329a704712df4bcf0cb19077001cd904755ced8d#diff-746877e1e4e470b1adee1436c6c7d330a23ae29b2f65a6234479bf6792363a13. Pending on merge branch.
So the name, here shown as 'eduid.nl', is wrong.
Resolved from eduGAIN: