From 0d3e129646fcf3bb6fd2d283c4fad8345fff3936 Mon Sep 17 00:00:00 2001 From: Tony Mack Date: Tue, 26 Oct 2010 16:49:56 -0400 Subject: [PATCH] fix bug in the code that generated the credential for the registry interface. Creds no longer have parents unless they are delegated. Refatored getCredential() code for interfaces requesting credentials --- sfa/plc/api.py | 64 ++++++++++++++++++++++++++------------------------ 1 file changed, 33 insertions(+), 31 deletions(-) diff --git a/sfa/plc/api.py b/sfa/plc/api.py index 9e77ddaa..af416d71 100644 --- a/sfa/plc/api.py +++ b/sfa/plc/api.py @@ -6,6 +6,7 @@ import sys import os import traceback import string +import datetime import xmlrpclib from sfa.util.faults import * @@ -126,10 +127,27 @@ class SfaAPI(BaseAPI): """ Return a valid credential for this interface. """ + type = 'authority' + path = self.config.SFA_DATA_DIR + filename = ".".join([self.interface, self.hrn, type, "cred"]) + cred_filename = path + os.sep + filename + cred = None + if os.path.isfile(cred_filename): + cred = Credential(filename = cred_filename) + # make sure cred isnt expired + if not cred.get_expiration or \ + datetime.datetime.today() < cred.get_expiration(): + return cred.save_to_string(save_parents=True) + + # get a new credential if self.interface in ['registry']: - return self.getCredentialFromLocalRegistry() + cred = self.__getCredentialRaw() else: - return self.getCredentialFromRegistry() + cred = self.__getCredential() + cred.save_to_file(cred_filename, save_parents=True) + + return cred.save_to_string(save_parents=True) + def getDelegatedCredential(self, creds): """ @@ -143,32 +161,21 @@ class SfaAPI(BaseAPI): return None return delegated_creds[0] - def getCredentialFromRegistry(self): + def __getCredential(self): """ Get our credential from a remote registry """ - type = 'authority' - path = self.config.SFA_DATA_DIR - filename = ".".join([self.interface, self.hrn, type, "cred"]) - cred_filename = path + os.sep + filename - try: - credential = Credential(filename = cred_filename) - return credential.save_to_string(save_parents=True) - except IOError: - from sfa.server.registry import Registries - registries = Registries(self) - registry = registries[self.hrn] - cert_string=self.cert.save_to_string(save_parents=True) - # get self credential - self_cred = registry.GetSelfCredential(cert_string, self.hrn, type) - # get credential - cred = registry.GetCredential(self_cred, self.hrn, type) - - # save cred to file - Credential(string=cred).save_to_file(cred_filename, save_parents=True) - return cred - - def getCredentialFromLocalRegistry(self): + from sfa.server.registry import Registries + registries = Registries(self) + registry = registries[self.hrn] + cert_string=self.cert.save_to_string(save_parents=True) + # get self credential + self_cred = registry.GetSelfCredential(cert_string, self.hrn, type) + # get credential + cred = registry.GetCredential(self_cred, self.hrn, type) + return Credential(string=cred) + + def __getCredentialRaw(self): """ Get our current credential directly from the local registry. """ @@ -194,15 +201,10 @@ class SfaAPI(BaseAPI): r1 = determine_rights(type, hrn) new_cred.set_privileges(r1) - - auth_kind = "authority,ma,sa" - - new_cred.set_parent(self.auth.hierarchy.get_auth_cred(auth_hrn, kind=auth_kind)) - new_cred.encode() new_cred.sign() - return new_cred.save_to_string(save_parents=True) + return new_cred def loadCredential (self): -- 2.47.0