+ """
+ hrn, type = urn_to_hrn(slice_xrn)
+
+ hrn_auth = get_authority(hrn)
+
+ # Build up objects that an SFA registry would return if SFA
+ # could contact the slice's registry directly
+ reg_objects = None
+
+ if users:
+ reg_objects = {}
+
+ site = {}
+ site['site_id'] = 0
+ site['name'] = 'geni.%s' % hrn_auth
+ site['enabled'] = True
+ site['max_slices'] = 100
+
+ # Note:
+ # Is it okay if this login base is the same as one already at this myplc site?
+ # Do we need uniqueness? Should use hrn_auth instead of just the leaf perhaps?
+ site['login_base'] = get_leaf(hrn_auth)
+ site['abbreviated_name'] = hrn
+ site['max_slivers'] = 1000
+ reg_objects['site'] = site
+
+ slice = {}
+ slice['expires'] = int(mktime(Credential(string=creds[0]).get_lifetime().timetuple()))
+ slice['hrn'] = hrn
+ slice['name'] = site['login_base'] + "_" + get_leaf(hrn)
+ slice['url'] = hrn
+ slice['description'] = hrn
+ slice['pointer'] = 0
+ reg_objects['slice_record'] = slice
+
+ reg_objects['users'] = {}
+ for user in users:
+ user['key_ids'] = []
+ hrn, _ = urn_to_hrn(user['urn'])
+ user['email'] = hrn + "@geni.net"
+ user['first_name'] = hrn
+ user['last_name'] = hrn
+ reg_objects['users'][user['email']] = user
+
+ return reg_objects
+
+def get_ticket(api, xrn, rspec, origin_hrn=None, reg_objects=None):
+
+ slice_hrn, type = urn_to_hrn(xrn)
+ slices = Slices(api)
+ peer = slices.get_peer(slice_hrn)
+ sfa_peer = slices.get_sfa_peer(slice_hrn)
+
+ # get the slice record
+ registry = api.registries[api.hrn]
+ credential = api.getCredential()
+ records = registry.resolve(credential, xrn)
+
+ # similar to create_slice, we must verify that the required records exist
+ # at this aggregate before we can issue a ticket
+ site_id, remote_site_id = slices.verify_site(registry, credential, slice_hrn,
+ peer, sfa_peer, reg_objects)
+ slice = slices.verify_slice(registry, credential, slice_hrn, site_id,
+ remote_site_id, peer, sfa_peer, reg_objects)
+