import sys
from sfa.util.faults import InsufficientRights, MissingCallerGID, MissingTrustedRoots, PermissionError, \
- BadRequestHash, ConnectionKeyGIDMismatch, SfaPermissionDenied, CredentialNotVerifiable, Forbidden
+ BadRequestHash, ConnectionKeyGIDMismatch, SfaPermissionDenied, CredentialNotVerifiable, Forbidden, \
+ BadArgs
from sfa.util.sfalogging import logger
from sfa.util.config import Config
from sfa.util.xrn import Xrn, get_authority
self.trusted_cert_file_list = TrustedRoots(self.config.get_trustedroots_dir()).get_file_list()
def checkCredentials(self, creds, operation, xrns=[], check_sliver_callback=None):
+ # if xrns are specified they cannot be None or empty string
+ if xrns:
+ for xrn in xrns:
+ if not xrn:
+ raise BadArgs("Invalid urn or hrn")
+
+
if not isinstance(xrns, list):
xrns = [xrns]
check_sliver_callback(valid, sliver_xrns)
if not len(valid):
- msg = "Valid credential not found for method: %s" % operation
- if xrns:
- msg += " target: %s" % xrns
- raise Forbidden(msg)
+ raise Forbidden("Invalid credential")
return valid