From 6bf8a94b53fc67a4a420037141b90635d8ed1f48 Mon Sep 17 00:00:00 2001
From: Tony Mack <tmack@cs.princeton.edu>
Date: Wed, 14 Oct 2009 00:22:40 +0000
Subject: [PATCH] initial checkin of get_gid method

---
 sfa/client/sfi.py       | 31 ++++++++++++++++++++----
 sfa/methods/__init__.py |  1 +
 sfa/methods/get_gid.py  | 52 +++++++++++++++++++++++++++++++++++++++++
 sfa/util/geniclient.py  | 42 +++++++++++++++++++--------------
 4 files changed, 105 insertions(+), 21 deletions(-)
 create mode 100644 sfa/methods/get_gid.py

diff --git a/sfa/client/sfi.py b/sfa/client/sfi.py
index 9a116ae8..7c5cf101 100755
--- a/sfa/client/sfi.py
+++ b/sfa/client/sfi.py
@@ -89,6 +89,7 @@ class Sfi:
        # Get key and certificate
        key_file = self.get_key_file()
        cert_file = self.get_cert_file(key_file)
+       self.key = Keypair(filename=key_file) 
        self.key_file = key_file
        self.cert_file = cert_file 
        # Establish connection to server(s)
@@ -137,7 +138,23 @@ class Sfi:
              print "Writing self-signed certificate to", file
           cert.save_to_file(file)
           return file
-    
+   
+    def get_gid(self):
+        file = os.path.join(self.options.sfi_dir, self.get_leaf(self.user) + ".gid")
+        if (os.path.isfile(file)):
+            gid = GID(filename=file)
+            return gid
+        else:
+            cert = Certificate(self.cert_file)
+            cert_str = cert.save_to_string(save_parents=True)
+            request_hash = self.key.compute_hash([cert_str, self.user, "user"])
+            gid_str = self.registry.get_gid(cert, self.user, "user", request_hash)
+            gid = GID(string=gid_str)
+            if self.options.verbose:
+                print "Writing user gid to", file
+            gid.save_to_file(file, save_parents=True)
+            return gid       
+ 
     def get_user_cred(self):
        file = os.path.join(self.options.sfi_dir, self.get_leaf(self.user) + ".cred")
        if (os.path.isfile(file)):
@@ -272,7 +289,8 @@ class Sfi:
     # Generate sub-command parser
     #
     def create_cmd_parser(self,command, additional_cmdargs = None):
-       cmdargs = {"list": "name",
+       cmdargs = {"gid": "",
+                  "list": "name",
                   "show": "name",
                   "remove": "name",
                   "add": "record",
@@ -341,7 +359,7 @@ class Sfi:
 
        # Generate command line parser
        parser = OptionParser(usage="sfi [options] command [command_options] [command_args]",
-                             description="Commands: list,show,remove,add,update,nodes,slices,resources,create,delete,start,stop,reset")
+                             description="Commands: gid,list,show,remove,add,update,nodes,slices,resources,create,delete,start,stop,reset")
        parser.add_option("-r", "--registry", dest="registry",
                          help="root registry", metavar="URL", default=None)
        parser.add_option("-s", "--slicemgr", dest="sm",
@@ -372,7 +390,12 @@ class Sfi:
     #
     # Registry-related commands
     #
-    
+   
+    def gid(self, opts, args):
+       gid = self.get_gid()
+       print "GID: %s" % (gid.save_to_string(save_parents=True))
+       return   
+ 
     # list entires in named authority registry
     def list(self,opts, args):
        user_cred = self.get_user_cred()
diff --git a/sfa/methods/__init__.py b/sfa/methods/__init__.py
index c76da45c..aa3cdd43 100644
--- a/sfa/methods/__init__.py
+++ b/sfa/methods/__init__.py
@@ -5,6 +5,7 @@ create_slice
 delete_slice
 get_aggregates
 get_credential
+get_gid
 get_registries
 get_resources
 get_slices
diff --git a/sfa/methods/get_gid.py b/sfa/methods/get_gid.py
new file mode 100644
index 00000000..b6bf56a9
--- /dev/null
+++ b/sfa/methods/get_gid.py
@@ -0,0 +1,52 @@
+# * require certificate as an argument
+# * lookup gid in db
+# * get pubkey from gid
+# * if certifacate matches pubkey from gid, return gid, else raise exception
+#  if not peer.is_pubkey(gid.get_pubkey()):
+#            raise ConnectionKeyGIDMismatch(gid.get_subject())
+
+from sfa.util.faults import *
+from sfa.util.misc import *
+from sfa.util.method import Method
+from sfa.util.parameter import Parameter, Mixed
+from sfa.trust.auth import Auth
+from sfa.trust.gid import GID
+from sfa.trust.certificate import Certificate
+from sfa.util.genitable import GeniTable
+
+class get_gid(Method):
+    """
+    Returns the client's gid if one exists      
+
+    @param cert certificate string 
+    @return client gid  
+    """
+
+    interfaces = ['registry']
+    
+    accepts = [
+        Parameter(str, "Certificate string"),
+        
+        Parameter(str, "Human readable name (hrn)")  
+        ]
+
+    returns = [Parameter(dict, "Aggregate interface information")]
+    
+    def call(self, cert, hrn, type, requestHash):
+      
+        certificate = Certificate(string=cert) 
+        table = GeniTable()
+        records = table.find({'hrn': hrn, 'type': type})
+        if not records:
+            raise RecordNotFound(hrn)
+        record = records[0]
+        gidStr = record['gid']
+        gid = GID(string=gidStr)
+         
+        #if not certificate.is_pubkey(gid.get_pubkey()):
+        #    raise ConnectionKeyGIDMismatch(gid.get_subject())
+        
+        # authenticate the gid
+        self.api.auth.authenticateGid(gidStr, [cert, hrn, type], requestHash)
+        
+        return gidStr 
diff --git a/sfa/util/geniclient.py b/sfa/util/geniclient.py
index 268c0415..d591daca 100644
--- a/sfa/util/geniclient.py
+++ b/sfa/util/geniclient.py
@@ -9,6 +9,7 @@
 ### $Id$
 ### $URL$
 
+from sfa.trust.certificate import *
 from sfa.trust.gid import *
 from sfa.trust.credential import *
 from sfa.util.record import *
@@ -35,18 +36,20 @@ class GeniClient:
     # @param protocol The ORPC protocol to use. Can be "soap" or "xmlrpc"
 
     def __init__(self, url, key_file, cert_file, protocol="xmlrpc"):
-       self.url = url
-       self.key_file = key_file
-       self.cert_file = cert_file
+        self.url = url
+        self.key_file = key_file
+        self.cert_file = cert_file
+        self.key = Keypair(filename = self.key_file)
+    
 
-       if (protocol=="xmlrpc"):
-           import xmlrpcprotocol  
-           self.server = xmlrpcprotocol.get_server(self.url, self.key_file, self.cert_file)
-       elif (protocol=="soap"):
-           import soapprotocol
-           self.server = soapprotocol.get_server(self.url, self.key_file, self.cert_file)
-       else:
-           raise Exception("Attempted use of undefined protocol %s"%protocol)
+        if (protocol=="xmlrpc"):
+            import xmlrpcprotocol  
+            self.server = xmlrpcprotocol.get_server(self.url, self.key_file, self.cert_file)
+        elif (protocol=="soap"):
+            import soapprotocol
+            self.server = soapprotocol.get_server(self.url, self.key_file, self.cert_file)
+        else:
+            raise Exception("Attempted use of undefined protocol %s"%protocol)
 
 
     # -------------------------------------------------------------------------
@@ -78,13 +81,18 @@ class GeniClient:
     #
     # @return a GID object
 
-    def get_gid(self, name):
-       gid_str_list = self.server.get_gid(name)
-       gid_list = []
-       for str in gid_str_list:
-           gid_list.append(GID(string=str))
-       return gid_list
+    #def get_gid(self, name):
+    #   gid_str_list = self.server.get_gid(name)
+    #   gid_list = []
+    #   for str in gid_str_list:
+    #       gid_list.append(GID(string=str))
+    #  return gid_list
+
 
+    def get_gid(self, cert, hrn, type, request_hash):
+        cert_string = cert.save_to_string(save_parents=True)
+        gid_str = self.server.get_gid(cert_string, hrn, type, request_hash)
+        return GID(string=gid_str)
     ##
     # Get_self_credential a degenerate version of get_credential used by a
     # client to get his initial credential when he doesn't have one. This is
-- 
2.47.0