X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Fclient%2Fmanifolduploader.py;h=3b9de1670970820ebf5e200e654b1f68aa9cca2f;hb=5a6cbf4fa6837c81354b616d4cfa0352ec5367be;hp=b27d99d7351417591a06e84757f875836503a086;hpb=157eeb8215ed998d71607a044aec876616e8aa88;p=sfa.git

diff --git a/sfa/client/manifolduploader.py b/sfa/client/manifolduploader.py
index b27d99d7..3b9de167 100755
--- a/sfa/client/manifolduploader.py
+++ b/sfa/client/manifolduploader.py
@@ -7,23 +7,33 @@
 # install a separate tool; so duplicating this code is suboptimal in
 # terms of code sharing but acceptable for hopefully easier use
 #
+# As of Nov. 2013, the signature for the forward API call has changed
+# and now requires authentication to be passed as an annotation
+# We take this chance to make things much simpler here by dropping
+# support for multiple API versions/flavours
+#
 # As of April 2013, manifold is moving from old-fashioned API known as
 # v1, that offers an AddCredential API call, towards a new API v2 that
 # manages credentials with the same set of Get/Update calls as other
 # objects
 # 
-# Since this code targets the future we favour v2, however in case
-# this won't work the v1 way is attempted too
-#
 
-## this for now points at demo.myslice.info, but sounds like a
-## better default for the long run
+# mostly this is intended to be used through 'sfi myslice'
+# so the defaults below are of no real importance
+# this for now points at demo.myslice.info, but sounds like a
+# better default for the long run
 DEFAULT_URL = "http://myslice.onelab.eu:7080"
 DEFAULT_PLATFORM = 'ple'
 
-import xmlrpclib
+# starting with 2.7.9 we need to turn off server verification
+import ssl
+try:    turn_off_server_verify = { 'context' : ssl._create_unverified_context() } 
+except: turn_off_server_verify = {}
+
 import getpass
 
+from sfa.util.py23 import xmlrpc_client
+
 class ManifoldUploader:
     """A utility class for uploading delegated credentials to a manifold/MySlice infrastructure"""
 
@@ -63,15 +73,24 @@ class ManifoldUploader:
     def prompt_all(self):
         self.username(); self.password(); self.platform(); self.url()
 
+    # looks like the current implementation of manifold server
+    # won't be happy with several calls issued in the same session
+    # so we do not cache this one
     def proxy (self):
-        if not self._proxy:
-            url=self.url()
-            self.logger.debug("Connecting manifold url %s"%url)
-            self._proxy = xmlrpclib.ServerProxy(url, allow_none = True)
-        return self._proxy
+#        if not self._proxy:
+#            url=self.url()
+#            self.logger.info("Connecting manifold url %s"%url)
+#            self._proxy = xmlrpc_client.ServerProxy(url, allow_none = True)
+#        return self._proxy
+        url=self.url()
+        self.logger.debug("Connecting manifold url %s"%url)
+        proxy = xmlrpc_client.ServerProxy(url, allow_none = True,
+                                          **turn_off_server_verify)
+
+        return proxy
 
     # does the job for one credential
-    # expects the credential (string) and an optional message for reporting
+    # expects the credential (string) and an optional message (e.g. hrn) for reporting
     # return True upon success and False otherwise
     def upload (self, delegated_credential, message=None):
         platform=self.platform()
@@ -81,22 +100,21 @@ class ManifoldUploader:
         if not message: message=""
 
         try:
-            # looks like the current implementation of manifold server
-            # won't be happy with several calls issued in the same session
-#            manifold=self.proxy()
-            url=self.url()
-            self.logger.debug("Connecting manifold url %s"%url)
-            manifold = xmlrpclib.ServerProxy(url, allow_none = True)
+            manifold=self.proxy()
             # the code for a V2 interface
-            query= { 'action':     'update',
+            query = { 'action':     'update',
                      'object':     'local:account',
                      'filters':    [ ['platform', '=', platform] ] ,
                      'params':     {'credential': delegated_credential, },
                      }
+            annotation = {'authentication': auth, }
+            # in principle the xmlrpc call should not raise an exception
+            # but fill in error code and messages instead
+            # however this is only theoretical so let's be on the safe side
             try:
-                self.logger.debug("Trying v2 method Update@%s %s"%(platform,message))
-                retcod2=manifold.Update (auth, query)
-            except Exception,e:
+                self.logger.debug("Using new v2 method forward+annotation@%s %s"%(platform,message))
+                retcod2=manifold.forward (query, annotation)
+            except Exception as e:
                 # xxx we need a constant constant for UNKNOWN, how about using 1
                 MANIFOLD_UNKNOWN=1
                 retcod2={'code':MANIFOLD_UNKNOWN,'description':"%s"%e}
@@ -106,32 +124,13 @@ class ManifoldUploader:
                 info += 'v2 upload OK'
                 self.logger.info(info)
                 return True
-            #print delegated_credential, "upload failed,",retcod['description'], \
-            #    "with code",retcod['code']
-            # the code for V1
-            try:
-                self.logger.debug("Trying v1 method AddCredential@%s %s"%(platform,message))
-                retcod1=manifold.AddCredential(auth, delegated_credential, platform)
-            except Exception,e:
-                retcod1=e
-            if retcod1==1:
-                info=""
-                if message: info += message+" "
-                info += 'v1 upload OK'
-                self.logger.info(message)
-                return True
             # everything has failed, let's report
-            if message: self.logger.error("Could not upload %s"%message)
-            else: self.logger.error("Could not upload credential")
-            if 'code' in retcod2 and 'description' in retcod2:
-                self.logger.info("  V2 Update returned code %s and error >>%s<<"%(retcod2['code'],retcod2['description']))
-                self.logger.debug("****** full retcod2")
-                for (k,v) in retcod2.items(): self.logger.debug("**** %s: %s"%(k,v))
-            else:
-                self.logger.info("  V2 Update returned %s"%retcod2)
-            self.logger.info("  V1 AddCredential returned code %s (expected 1)"%retcod1)
+            self.logger.error("Could not upload %s"%(message if message else "credential"))
+            self.logger.info("  V2 Update returned code %s and error >>%s<<"%(retcod2['code'],retcod2['description']))
+            self.logger.debug("****** full retcod2")
+            for (k,v) in retcod2.items(): self.logger.debug("**** %s: %s"%(k,v))
             return False
-        except Exception, e:
+        except Exception as e:
             if message: self.logger.error("Could not upload %s %s"%(message,e))
             else:        self.logger.error("Could not upload credential %s"%e)
             if self.logger.debugEnabled():
@@ -165,7 +164,7 @@ def main ():
                                  logger=sfi_logger)
 
     for filename in args.credential_files:
-        with file(filename) as f:
+        with open(filename) as f:
             result=uploader.upload (f.read(),filename)
             sfi_logger.info('... result=%s'%result)