From 992c6c9487c5ef2b554d11c8e345158908646a94 Mon Sep 17 00:00:00 2001
From: Tony Mack <tmack@paris.CS.Princeton.EDU>
Date: Thu, 17 Jan 2013 14:58:35 -0500
Subject: [PATCH] check xrns arg at beginning of method

---
 sfa/trust/auth.py | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/sfa/trust/auth.py b/sfa/trust/auth.py
index da7e91fe..4eedb09d 100644
--- a/sfa/trust/auth.py
+++ b/sfa/trust/auth.py
@@ -36,6 +36,13 @@ class Auth:
         self.trusted_cert_file_list = TrustedRoots(self.config.get_trustedroots_dir()).get_file_list()
 
     def checkCredentials(self, creds, operation, xrns=[], check_sliver_callback=None):
+        # if xrns are specified they cannot be None or empty string
+        if xrns:
+            for xrn in xrns:
+                if not xrn:
+                    raise BadArgs("Invalid urn or hrn: %s" % hrn)
+
+        
         if not isinstance(xrns, list):
             xrns = [xrns]
 
@@ -54,10 +61,6 @@ class Auth:
         if not hrns: hrns = [None]
         for cred in creds:
             for hrn in hrns:
-                # if an hrn is specified it cannot be None or empty string
-                if not hrn:
-                    raise BadArgs("Invalid urn or hrn: %s" % hrn)
-                    
                 try:
                     self.check(cred, operation, hrn)
                     valid.append(cred)
-- 
2.47.0