- cert_str = self.cert.save_to_string(save_parents=True)
- gid_str = self.registry.get_gid(cert_str, self.user, "user")
- gid = GID(string=gid_str)
- if self.options.verbose:
- print "Writing user gid to", file
- gid.save_to_file(file, save_parents=True)
- return gid
+ try:
+ # attempt to use gid as the cert.
+ gid = self._get_gid()
+ self.logger.info("Writing certificate to %s"%file)
+ gid.save_to_file(file)
+ except:
+ # generate self signed certificate
+ k = Keypair(filename=key_file)
+ cert = Certificate(subject=self.user)
+ cert.set_pubkey(k)
+ cert.set_issuer(k, self.user)
+ cert.sign()
+ self.logger.info("Writing self-signed certificate to %s"%file)
+ cert.save_to_file(file)
+
+ return file
+
+ def get_cached_gid(self, file):
+ """
+ Return a cached gid
+ """
+ gid = None
+ if (os.path.isfile(file)):
+ gid = GID(filename=file)
+ return gid
+
+ # xxx opts unused
+ def get_gid(self, opts, args):
+ """
+ Get the specify gid and save it to file
+ """
+ hrn = None
+ if args:
+ hrn = args[0]
+ gid = self._get_gid(hrn)
+ self.logger.debug("Sfi.get_gid-> %s",gid.save_to_string(save_parents=True))
+ return gid
+
+ def _get_gid(self, hrn=None):
+ """
+ git_gid helper. Retrive the gid from the registry and save it to file.
+ """
+
+ if not hrn:
+ hrn = self.user
+
+ gidfile = os.path.join(self.options.sfi_dir, hrn + ".gid")
+ gid = self.get_cached_gid(gidfile)
+ if not gid:
+ user_cred = self.get_user_cred()
+ records = self.registry.Resolve(hrn, user_cred.save_to_string(save_parents=True))
+ if not records:
+ raise RecordNotFound(args[0])
+ gid = GID(string=records[0]['gid'])
+ self.logger.info("Writing gid to %s"%gidfile)
+ gid.save_to_file(filename=gidfile)
+ return gid
+
+
+ def get_cached_credential(self, file):
+ """
+ Return a cached credential only if it hasn't expired.
+ """
+ if (os.path.isfile(file)):
+ credential = Credential(filename=file)
+ # make sure it isnt expired
+ if not credential.get_expiration or \
+ datetime.datetime.today() < credential.get_expiration():
+ return credential
+ return None