config/get-ADFSTkManualSPSettings.ps1

function get-ADFSTkManualSPSettings
{

# HOW TO USE THIS FILE
#
# As of 0.9.45, this file purposely abstracts out overrides to user managed PowerShell.
# Please see the help section.
#

# We attempt to detect existance of the function which should contain the collection
# of service provider

    $ManualSPSettings = @{}

    #Get All paths
    if ([string]::IsNullOrEmpty($Global:ADFSTkPaths))
    {
        $Global:ADFSTkPaths = Get-ADFSTKPaths
    }

    try {
        #Attempt to Get local override
        if ([string]::IsNullOrEmpty($Settings.configuration.LocalRelyingPartyFile))
        {
            Write-ADFSTkLog (Get-ADFSTkLanguageText msNoConfiguredFile) -EntryType Information
        }
        else
        {
            # build the file path, source the file, invoke the function/method that the file is named
            $localRelyingPartyFileFullPath = Join-Path $Global:ADFSTkPaths.institutionDir $Settings.configuration.LocalRelyingPartyFile
              
            $myRelyingPartyMethodToInvoke = [IO.Path]::GetFileNameWithoutExtension($localRelyingPartyFileFullPath)

            if (Test-Path -Path $localRelyingPartyFileFullPath )
            {
                . $localRelyingPartyFileFullPath
                $ManualSPSettings = & $myRelyingPartyMethodToInvoke

            }
            else
            {
                Write-ADFSTkLog (Get-ADFSTkLanguageText msNoFileFound -f $Settings.configuration.LocalRelyingPartyFile) -EntryType Information 
            }
        }


    # ADFSToolkit ships with empty RP/SP settings now
    #
    # Sites can pass in their settings by $ADFSTkSiteSPSettings
    # Examples are below.
    
    # This returns the hashtable of hashtables to whomever invoked this function
    
    $ManualSPSettings

}
    Catch
    {
        Throw $_
    }



<#
.SYNOPSIS
As of 0.9.45 and later, this file detects the existance of a site's Relying Party/Service provider attribute release definitions.
If the variable: ADFSTkSiteSPSettings exists, we will import these site specific settings.
 
 
.DESCRIPTION
 
This file is a harness to allow a site admin to configure per RP/SP attribute release policies for ADFSToolkit.
ADFSToolkit's default behaviour for Entity Categories such as Research and Scholarship are handled elsewhere in the ADFSToolkit Module.
 
 
How this Powershell Cmdlet works:
 
This file is delivered code complete, but returns an empty result.
 
Creation of this file:
 
Usually created when get-ADFSTkConfiguration is invoked which uses this file as a template (minus signature):
 
 (Get-Module -Name ADFSToolkit).ModuleBase\config\default\en-US\get-ADFSTkManualSPSettings-dist.ps1
 
Alternatively, it can be created by hand and placed in c:\ADFSToolkit\<version>\config and sourced by command:
 
c:\ADFSToolkit\sync-ADFSTkAggregates.ps1
 
In the site specific file, for each entity we want to change the attribute handling policy of ADFS, we:
   - create an empty TransformRules Hashtable
   - assign 1 or more specific transform rules that have a corelating TransformRules Object
   - When all transform rules are described, the set of transforms is inserted into the Hashtable we return
 
    Clever transforms can be used as well to supercede or inject elements into RP/SP settings. Some are detailed in the examples.
 
    To see example code blocks invoke detailed help by: get-help get-ADFSTkManualSPSettings -Detailed
    
.INPUTS
 
none
 
.OUTPUTS
 
a Powershell Hashtable structured such that ADFSToolkit may ingest and perform attribute release.
 
.EXAMPLE
### CAF test Federation Validator service attribute release
# $IssuanceTransformRuleManualSP = @{} uncomment when testing example. Needed only once per file to contain set of changes
 
$TransformRules = [Ordered]@{}
$TransformRules.givenName = $AllTransformRules.givenName
$TransformRules.sn = $AllTransformRules.sn
$TransformRules.cn = $AllTransformRules.cn
$TransformRules.eduPersonPrincipalName = $AllTransformRules.eduPersonPrincipalName
$TransformRules.mail = $AllTransformRules.mail
$TransformRules.eduPersonScopedAffiliation = $AllTransformRules.eduPersonScopedAffiliation
$IssuanceTransformRuleManualSP["https://validator.caftest.canarie.ca/shibboleth"] = $TransformRules
 
     
.EXAMPLE
### Lynda.com attribute release
# $IssuanceTransformRuleManualSP = @{} uncomment when testing example. Needed only once per file to contain set of changes
 
     
$TransformRules = [Ordered]@{}
$TransformRules.givenName = $AllTransformRules.givenName
$TransformRules.sn = $AllTransformRules.sn
$TransformRules.cn = $AllTransformRules.cn
$TransformRules.eduPersonPrincipalName = $AllTransformRules.eduPersonPrincipalName
$TransformRules.mail = $AllTransformRules.mail
$TransformRules.eduPersonScopedAffiliation = $AllTransformRules.eduPersonScopedAffiliation
$IssuanceTransformRuleManualSP["https://shib.lynda.com/shibboleth-sp"] = $TransformRules
 
.EXAMPLE
### advanced ADFS Transform rule #1 'from AD'
# $IssuanceTransformRuleManualSP = @{} uncomment when testing example. Needed only once per file to contain set of changes
 
$TransformRules = [Ordered]@{}
$TransformRules."From AD" = @"
 c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname",
 Issuer == "AD AUTHORITY"]
  => issue(store = "Active Directory",
 types = ("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn",
 "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name",
 "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
 "http://liu.se/claims/eduPersonScopedAffiliation",
 "http://liu.se/claims/Department"),
 query = ";userPrincipalName,displayName,mail,eduPersonScopedAffiliation,department;{0}", param = c.Value);
 "@
$IssuanceTransformRuleManualSP."advanced.entity.id.org" = $TransformRules
 
.EXAMPLE
### advanced ADFS Transform rule #2
# $IssuanceTransformRuleManualSP = @{} uncomment when testing example. Needed only once per file to contain set of changes
 
$TransformRules = [Ordered]@{}
$TransformRules.mail = [PSCustomObject]@{
Rule=@"
@RuleName = "compose mail address as name@schacHomeOrganization"
c:[Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name", Value !~ "^.+\\"]
=> issue(Type = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", Value = c.Value + "@$($Settings.configuration.StaticValues.schacHomeOrganization)");
"@
Attribute="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"
     }
$IssuanceTransformRuleManualSP["https://advanced.rule.two.org"] = $TransformRules
     
.EXAMPLE
### verify-i.myunidays.com
# $IssuanceTransformRuleManualSP = @{} uncomment when testing example. Needed only once per file to contain set of changes
 
$TransformRules = [Ordered]@{}
$TransformRules["eduPersonScopedAffiliation"] = $AllTransformRules["eduPersonScopedAffiliation"]
$TransformRules["eduPersonTargetedID"] = $AllTransformRules["eduPersonTargetedID"]
$IssuanceTransformRuleManualSP["https://verify-i.myunidays.com/shibboleth"] = $TransformRules
 
.EXAMPLE
### Release just transient-id
# $IssuanceTransformRuleManualSP = @{} uncomment when testing example. Needed only once per file to contain set of changes
 
$TransformRules = [Ordered]@{}
$TransformRules.'transient-id' = $AllTransformRules.'transient-id'
$IssuanceTransformRuleManualSP["https://just-transientid.org"] = $TransformRules
 
.NOTES
 
Details about Research and Scholarship Entity Category: https://refeds.org/category/research-and-scholarship
 
#>


}
# SIG # Begin signature block
# MIIRbgYJKoZIhvcNAQcCoIIRXzCCEVsCAQExCzAJBgUrDgMCGgUAMGkGCisGAQQB
# gjcCAQSgWzBZMDQGCisGAQQBgjcCAR4wJgIDAQAABBAfzDtgWUsITrck0sYpfvNR
# AgEAAgEAAgEAAgEAAgEAMCEwCQYFKw4DAhoFAAQUMEGBJex2Ti/bzxE3JIFReAAK
# MBKggg51MIIEfTCCA2WgAwIBAgIDG+cVMA0GCSqGSIb3DQEBCwUAMGMxCzAJBgNV
# BAYTAlVTMSEwHwYDVQQKExhUaGUgR28gRGFkZHkgR3JvdXAsIEluYy4xMTAvBgNV
# BAsTKEdvIERhZGR5IENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcN
# MTQwMTAxMDcwMDAwWhcNMzEwNTMwMDcwMDAwWjCBgzELMAkGA1UEBhMCVVMxEDAO
# BgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoTEUdv
# RGFkZHkuY29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRpZmlj
# YXRlIEF1dGhvcml0eSAtIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
# AQEAv3FiCPH6WTT3G8kYo/eASVjpIoMTpsUgQwE7hPHmhUmfJ+r2hBtOoLTbcJjH
# MgGxBT4HTu70+k8vWTAi56sZVmvigAf88xZ1gDlRe+X5NbZ0TqmNghPktj+pA4P6
# or6KFWp/3gvDthkUBcrqw6gElDtGfDIN8wBmIsiNaW02jBEYt9OyHGC0OPoCjM7T
# 3UYH3go+6118yHz7sCtTpJJiaVElBWEaRIGMLKlDliPfrDqBmg4pxRyp6V0etp6e
# MAo5zvGIgPtLXcwy7IViQyU0AlYnAZG0O3AqP26x6JyIAX2f1PnbU21gnb8s51ir
# uF9G/M7EGwM8CetJMVxpRrPgRwIDAQABo4IBFzCCARMwDwYDVR0TAQH/BAUwAwEB
# /zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFDqahQcQZyi27/a9BUFuIMGU2g/e
# MB8GA1UdIwQYMBaAFNLEsNKR1EwRcbNhyz2h/t2oatTjMDQGCCsGAQUFBwEBBCgw
# JjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZ29kYWRkeS5jb20vMDIGA1UdHwQr
# MCkwJ6AloCOGIWh0dHA6Ly9jcmwuZ29kYWRkeS5jb20vZ2Ryb290LmNybDBGBgNV
# HSAEPzA9MDsGBFUdIAAwMzAxBggrBgEFBQcCARYlaHR0cHM6Ly9jZXJ0cy5nb2Rh
# ZGR5LmNvbS9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAWQtTvZKGEack
# e+1bMc8dH2xwxbhuvk679r6XUOEwf7ooXGKUwuN+M/f7QnaF25UcjCJYdQkMiGVn
# OQoWCcWgOJekxSOTP7QYpgEGRJHjp2kntFolfzq3Ms3dhP8qOCkzpN1nsoX+oYgg
# HFCJyNwq9kIDN0zmiN/VryTyscPfzLXs4Jlet0lUIDyUGAzHHFIYSaRt4bNYC8nY
# 7NmuHDKOKHAN4v6mF56ED71XcLNa6R+ghlO773z/aQvgSMO3kwvIClTErF0UZzds
# yqUvMQg3qm5vjLyb4lddJIGvl5echK1srDdMZvNhkREg5L4wn3qkKQmw4TRfZHcY
# QFHfjDCmrzCCBNAwggO4oAMCAQICAQcwDQYJKoZIhvcNAQELBQAwgYMxCzAJBgNV
# BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRow
# GAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjExMC8GA1UEAxMoR28gRGFkZHkgUm9v
# dCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjAeFw0xMTA1MDMwNzAwMDBaFw0z
# MTA1MDMwNzAwMDBaMIG0MQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTET
# MBEGA1UEBxMKU2NvdHRzZGFsZTEaMBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4x
# LTArBgNVBAsTJGh0dHA6Ly9jZXJ0cy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5LzEz
# MDEGA1UEAxMqR28gRGFkZHkgU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAt
# IEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueDLENSvdr3Uk2Lr
# MGS4gQhswwTZYheOL/8+Zc+PzmLmPFIc2hZFS1WreGtjg2KQzg9pbJnIGhSLTMxF
# M+qI3J6jryv+gGGdeVfEzy70PzA8XUf8mha8wzeWQVGOEUtU+Ci+0Iy+8DA4HvOw
# JvhmR2Nt3nEmR484R1PRRh2049wA6kWsvbxx2apvANvbzTA6eU9fTEf4He9bwsSd
# YDuxskOR2KQzTuqz1idPrSWKpcb01dCmrnQFZFeItURV1C0qOj74uL3pMgoClGTE
# FjpQ8Uqu53kzrwwgB3/o3wQ5wmkCbGNS+nfBG8h0h8i5kxhQVDVLaU68O9NJLh/c
# wdJS+wIDAQABo4IBGjCCARYwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
# AQYwHQYDVR0OBBYEFEDCvSeOzDSDMKIz1/tss/C0LIDOMB8GA1UdIwQYMBaAFDqa
# hQcQZyi27/a9BUFuIMGU2g/eMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY
# aHR0cDovL29jc3AuZ29kYWRkeS5jb20vMDUGA1UdHwQuMCwwKqAooCaGJGh0dHA6
# Ly9jcmwuZ29kYWRkeS5jb20vZ2Ryb290LWcyLmNybDBGBgNVHSAEPzA9MDsGBFUd
# IAAwMzAxBggrBgEFBQcCARYlaHR0cHM6Ly9jZXJ0cy5nb2RhZGR5LmNvbS9yZXBv
# c2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEACH5skxDIOLiWqZBL/6FfTwTvbD6c
# iAbJUI+mc/dXMRu+vOQv2/i601vgtOfmeWIODKLXamNzMbX1qEikOwgtol2Q17R8
# JU8RVjDEtkSdeyyd5V7m7wxhqr/kKhvuhJ64g33BQ85EpxNwDZEf9MgTrYNg2dhy
# qHMkHrWsIg7KF4liWEQbq4klAQAPzcQbYttRtNMPUSqb9Lxz/HbONqTN2dgs6q6b
# 9SqykNFNdRiKP4pBkCN9W0v+pANYm0ayw2Bgg/h9UEHOwqGQw7vvAi/SFVTuRBXZ
# Cq6nijPtsS12NibcBOuf92EfFdyHb+5GliitoSZ9CgmnLgSjjbz4vAQwATCCBRww
# ggQEoAMCAQICCDeMqUwECkf0MA0GCSqGSIb3DQEBCwUAMIG0MQswCQYDVQQGEwJV
# UzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEaMBgGA1UE
# ChMRR29EYWRkeS5jb20sIEluYy4xLTArBgNVBAsTJGh0dHA6Ly9jZXJ0cy5nb2Rh
# ZGR5LmNvbS9yZXBvc2l0b3J5LzEzMDEGA1UEAxMqR28gRGFkZHkgU2VjdXJlIENl
# cnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTIwMDEwODExMjIyNFoXDTIxMDMw
# ODE4NTgwMFowXjELMAkGA1UEBhMCQ0ExEDAOBgNVBAgTB09udGFyaW8xDzANBgNV
# BAcTBk90dGF3YTEVMBMGA1UEChMMQ0FOQVJJRSBJbmMuMRUwEwYDVQQDEwxDQU5B
# UklFIEluYy4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZhfCjFqiT
# mN1uLoySixnwaOjf/ZAL9P6SvjlCaBA2mutoorEgnzUP8HnOIcvMRgEMPmpaZ8eg
# M93Bmx9d41xoarsQpCN3DhYOo+b3fWnPucVtpxbul2OFePv63mw/uvr+dqkv4b/f
# 3Tg+ilQbpsNonbvh9MKEFv8Pn9koj0ySV+qxz34PxTVAe6g//pel3/3i9fqilCnI
# Ecx4zg/+NKBeOWROSs4oXo3IvBjVrunmz+YuieSr78TqIE6hD8JF2q1wKwfMB3+x
# 7dEXZAus9WtIU/qITATtEfO9QAgrrYL4F1MLN+osSp8my5eCOjnLTQc47q574V3z
# QhsIHW7yBXLdAgMBAAGjggGFMIIBgTAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoG
# CCsGAQUFBwMDMA4GA1UdDwEB/wQEAwIHgDA1BgNVHR8ELjAsMCqgKKAmhiRodHRw
# Oi8vY3JsLmdvZGFkZHkuY29tL2dkaWcyczUtNS5jcmwwXQYDVR0gBFYwVDBIBgtg
# hkgBhv1tAQcXAjA5MDcGCCsGAQUFBwIBFitodHRwOi8vY2VydGlmaWNhdGVzLmdv
# ZGFkZHkuY29tL3JlcG9zaXRvcnkvMAgGBmeBDAEEATB2BggrBgEFBQcBAQRqMGgw
# JAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmdvZGFkZHkuY29tLzBABggrBgEFBQcw
# AoY0aHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5L2dk
# aWcyLmNydDAfBgNVHSMEGDAWgBRAwr0njsw0gzCiM9f7bLPwtCyAzjAdBgNVHQ4E
# FgQUUPnMg2nmYS8l7rmax3weVkrgz5AwDQYJKoZIhvcNAQELBQADggEBAIYabiAR
# aY4KhO6oWgNHPOBjoHuqUH7NwRGN/ztYJznRBZbdD50smoK5GR0FvUZ8TXhYoZOa
# zXe4NlFM4e6YcudU+EA/OF+sZHFBWziz1VS6U3sS+cGyJcxvelSoid0q3W3i9/Zy
# 6Nv2kk/DEJp49O47mPNovpL15yykX3Vo26GwC9peo4s/cKMzthmgrcF2uLkT+LW4
# 4xKhaL7nBTGDMhjno+a3t00SWCId7wzgQadIJ1QlFOKm0xgmuiW3LIqCG0apvaOf
# vWKTPKq68q+FbDPOO48oKrvw1c9K/m8gcnBLz6PX1REVIs5u3pvdOYBCz6uXyKxn
# t+Q5jDEK0NskLu0xggJjMIICXwIBATCBwTCBtDELMAkGA1UEBhMCVVMxEDAOBgNV
# BAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoTEUdvRGFk
# ZHkuY29tLCBJbmMuMS0wKwYDVQQLEyRodHRwOi8vY2VydHMuZ29kYWRkeS5jb20v
# cmVwb3NpdG9yeS8xMzAxBgNVBAMTKkdvIERhZGR5IFNlY3VyZSBDZXJ0aWZpY2F0
# ZSBBdXRob3JpdHkgLSBHMgIIN4ypTAQKR/QwCQYFKw4DAhoFAKB4MBgGCisGAQQB
# gjcCAQwxCjAIoAKAAKECgAAwGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQwHAYK
# KwYBBAGCNwIBCzEOMAwGCisGAQQBgjcCARUwIwYJKoZIhvcNAQkEMRYEFPm2MqhA
# mv5Jxm6Pb/KwgyvSu7MSMA0GCSqGSIb3DQEBAQUABIIBACudwCkGOnPuR9beFNXy
# GciardbjRiJ6vxB5rIS7PZesWZ6iDOiNd47X510OwYnlxLh5FLuBqikiJ7tZARZv
# j6Rw9KtxO5L/qBIr1cokIOOa0n8U1ZN+QKzCqe8T9Yyg7SKkey3os8nIdUGYDUFo
# 3kjMjAITFu/Dt4BsDg5AAGSIBPPJ5dmUpmwnoemYyia5vQ235EMOLoqZ8N41LZp+
# ngFNV24DUHX2MIHitQYMovBfQuHPioOdB+YioqadtlgiMJu9xrce5ZolrJBvJLIB
# O30Bdc62k2+buSpEqcA4xwOr8bGWzeNV6LeDOmYC7RwpzQQpupssJcCTqTPb61HL
# EvQ=
# SIG # End signature block