1 # * require certificate as an argument
3 # * get pubkey from gid
4 # * if certifacate matches pubkey from gid, return gid, else raise exception
5 # if not peer.is_pubkey(gid.get_pubkey()):
6 # raise ConnectionKeyGIDMismatch(gid.get_subject())
8 from sfa.util.faults import *
9 from sfa.util.misc import *
10 from sfa.util.method import Method
11 from sfa.util.parameter import Parameter, Mixed
12 from sfa.trust.auth import Auth
13 from sfa.trust.gid import GID
14 from sfa.trust.certificate import Certificate
15 from sfa.util.genitable import GeniTable
17 class get_gid(Method):
19 Returns the client's gid if one exists
21 @param cert certificate string
25 interfaces = ['registry']
28 Parameter(str, "Certificate string"),
29 Parameter(str, "Human readable name (hrn)"),
30 Mixed(Parameter(str, "Request hash"),
31 Parameter(None, "Request hash not specified"))
34 returns = [Parameter(dict, "Aggregate interface information")]
36 def call(self, cert, hrn, type, request_hash=None):
38 self.api.auth.verify_object_belongs_to_me(hrn)
39 certificate = Certificate(string=cert)
41 records = table.find({'hrn': hrn, 'type': type})
43 raise RecordNotFound(hrn)
45 gidStr = record['gid']
46 gid = GID(string=gidStr)
48 if not certificate.is_pubkey(gid.get_pubkey()):
49 raise ConnectionKeyGIDMismatch(gid.get_subject())
51 # authenticate the gid
52 self.api.auth.authenticateGid(gidStr, [cert, hrn, type], request_hash)