return record_dicts
-
def CreateGid(self, api, xrn, cert):
# get the authority
authority = Xrn(xrn=xrn).get_authority_hrn()
else:
certificate = Certificate(string=cert)
pkey = certificate.get_pubkey()
- gid = api.auth.hierarchy.create_gid(xrn, create_uuid(), pkey)
+
+ # Add the email of the user to SubjectAltName in the GID
+ email = None
+ hrn = Xrn(xrn).get_hrn()
+ dbsession=api.dbsession()
+ record=dbsession.query(RegUser).filter_by(hrn=hrn).first()
+ if record:
+ email=getattr(record,'email',None)
+ gid = api.auth.hierarchy.create_gid(xrn, create_uuid(), pkey, email = email)
return gid.save_to_string(save_parents=True)
####################
if not record.gid:
uuid = create_uuid()
pkey = Keypair(create=True)
- pub_key=record_dict.get('reg-keys',None)
+ pub_key=getattr(record,'reg-keys',None)
if pub_key is not None:
# use only first key in record
if pub_key and isinstance(pub_key, types.ListType): pub_key = pub_key[0]
pkey = convert_public_key(pub_key)
- gid_object = api.auth.hierarchy.create_gid(urn, uuid, pkey)
+ email=getattr(record,'email',None)
+ gid_object = api.auth.hierarchy.create_gid(urn, uuid, pkey, email = email)
gid = gid_object.save_to_string(save_parents=True)
record.gid = gid
elif isinstance (record, RegUser):
# create RegKey objects for incoming keys
- if hasattr(record,'reg_keys'):
- logger.debug ("creating %d keys for user %s"%(len(record.reg_keys),record.hrn))
- record.reg_keys = [ RegKey (key) for key in record.reg_keys ]
+ if hasattr(record,'reg-keys'):
+ keys=getattr(record,'reg-keys')
+ # some people send the key as a string instead of a list of strings
+ if isinstance(keys,types.StringTypes): keys=[keys]
+ logger.debug ("creating %d keys for user %s"%(len(keys),record.hrn))
+ record.reg_keys = [ RegKey (key) for key in keys ]
# update testbed-specific data if needed
pointer = api.driver.register (record.__dict__, hrn, pub_key)
# Use the pointer from the existing record, not the one that the user
# gave us. This prevents the user from inserting a forged pointer
pointer = record.pointer
-
+
# is there a change in keys ?
new_key=None
if type=='user':
pkey = convert_public_key(new_key)
uuid = create_uuid()
urn = hrn_to_urn(hrn,type)
- gid_object = api.auth.hierarchy.create_gid(urn, uuid, pkey)
+
+ email=getattr(new_record,'email',None)
+ if email is None:
+ email=getattr(record,'email',None)
+ gid_object = api.auth.hierarchy.create_gid(urn, uuid, pkey, email = email)
gid = gid_object.save_to_string(save_parents=True)
# xxx should do side effects from new_record to record
uuid = create_uuid()
pkey = Keypair(create=True)
urn = hrn_to_urn(record.hrn, record.type)
- gid_object = api.auth.hierarchy.create_gid(urn, uuid, pkey)
+
+ email=getattr(record,'email',None)
+ gid_object = api.auth.hierarchy.create_gid(urn, uuid, pkey, email)
gid = gid_object.save_to_string(save_parents=True)
record.gid = gid