3 # inspired from tophat/bin/uploadcredential.py
5 # the purpose here is to let people upload their delegated credentials
6 # to a manifold/myslice infrastructure, without the need for having to
7 # install a separate tool; so duplicating this code is suboptimal in
8 # terms of code sharing but acceptable for hopefully easier use
10 # As of Nov. 2013, the signature for the forward API call has changed
11 # and now requires authentication to be passed as an annotation
12 # We take this chance to make things much simpler here by dropping
13 # support for multiple API versions/flavours
15 # As of April 2013, manifold is moving from old-fashioned API known as
16 # v1, that offers an AddCredential API call, towards a new API v2 that
17 # manages credentials with the same set of Get/Update calls as other
21 # mostly this is intended to be used through 'sfi myslice'
22 # so the defaults below are of no real importance
23 # this for now points at demo.myslice.info, but sounds like a
24 # better default for the long run
25 DEFAULT_URL = "http://myslice.onelab.eu:7080"
26 DEFAULT_PLATFORM = 'ple'
31 class ManifoldUploader:
32 """A utility class for uploading delegated credentials to a manifold/MySlice infrastructure"""
34 # platform is a name internal to the manifold deployment,
35 # that maps to a testbed, like e.g. 'ple'
36 def __init__ (self, logger, url=None, platform=None, username=None, password=None, ):
38 self._platform=platform
39 self._username=username
40 self._password=password
45 if not self._username:
46 self._username=raw_input("Enter your manifold username: ")
50 if not self._password:
51 username=self.username()
52 self._password=getpass.getpass("Enter password for manifold user %s: "%username)
56 if not self._platform:
57 self._platform=raw_input("Enter your manifold platform [%s]: "%DEFAULT_PLATFORM)
58 if self._platform.strip()=="": self._platform = DEFAULT_PLATFORM
63 self._url=raw_input("Enter the URL for your manifold API [%s]: "%DEFAULT_URL)
64 if self._url.strip()=="": self._url = DEFAULT_URL
68 self.username(); self.password(); self.platform(); self.url()
70 # looks like the current implementation of manifold server
71 # won't be happy with several calls issued in the same session
72 # so we do not cache this one
76 # self.logger.info("Connecting manifold url %s"%url)
77 # self._proxy = xmlrpclib.ServerProxy(url, allow_none = True)
80 self.logger.debug("Connecting manifold url %s"%url)
81 return xmlrpclib.ServerProxy(url, allow_none = True)
83 # does the job for one credential
84 # expects the credential (string) and an optional message (e.g. hrn) for reporting
85 # return True upon success and False otherwise
86 def upload (self, delegated_credential, message=None):
87 platform=self.platform()
88 username=self.username()
89 password=self.password()
90 auth = {'AuthMethod': 'password', 'Username': username, 'AuthString': password}
91 if not message: message=""
95 # the code for a V2 interface
96 query = { 'action': 'update',
97 'object': 'local:account',
98 'filters': [ ['platform', '=', platform] ] ,
99 'params': {'credential': delegated_credential, },
101 annotation = {'authentication': auth, }
102 # in principle the xmlrpc call should not raise an exception
103 # but fill in error code and messages instead
104 # however this is only theoretical so let's be on the safe side
106 self.logger.debug("Using new v2 method forward+annotation@%s %s"%(platform,message))
107 retcod2=manifold.forward (query, annotation)
109 # xxx we need a constant constant for UNKNOWN, how about using 1
111 retcod2={'code':MANIFOLD_UNKNOWN,'description':"%s"%e}
112 if retcod2['code']==0:
114 if message: info += message+" "
115 info += 'v2 upload OK'
116 self.logger.info(info)
118 # everything has failed, let's report
119 self.logger.error("Could not upload %s"%(message if message else "credential"))
120 self.logger.info(" V2 Update returned code %s and error >>%s<<"%(retcod2['code'],retcod2['description']))
121 self.logger.debug("****** full retcod2")
122 for (k,v) in retcod2.items(): self.logger.debug("**** %s: %s"%(k,v))
125 if message: self.logger.error("Could not upload %s %s"%(message,e))
126 else: self.logger.error("Could not upload credential %s"%e)
127 if self.logger.debugEnabled():
129 traceback.print_exc()
132 ### this is mainly for unit testing this class but can come in handy as well
134 from argparse import ArgumentParser
135 parser = ArgumentParser (description="manifoldupoader simple tester.")
136 parser.add_argument ('credential_files',metavar='FILE',type=str,nargs='+',
137 help="the filenames to upload")
138 parser.add_argument ('-u','--url',dest='url', action='store',default=None,
139 help='the URL of the manifold API')
140 parser.add_argument ('-p','--platform',dest='platform',action='store',default=None,
141 help='the manifold platform name')
142 parser.add_argument ('-U','--user',dest='username',action='store',default=None,
143 help='the manifold username')
144 parser.add_argument ('-P','--password',dest='password',action='store',default=None,
145 help='the manifold password')
146 parser.add_argument ('-v','--verbose',dest='verbose',action='count',default=0,
147 help='more and more verbose')
148 args = parser.parse_args ()
150 from sfa.util.sfalogging import sfi_logger
151 sfi_logger.enable_console()
152 sfi_logger.setLevelFromOptVerbose(args.verbose)
153 uploader = ManifoldUploader (url=args.url, platform=args.platform,
154 username=args.username, password=args.password,
157 for filename in args.credential_files:
158 with file(filename) as f:
159 result=uploader.upload (f.read(),filename)
160 sfi_logger.info('... result=%s'%result)
162 if __name__ == '__main__':