From f39077101d7c2664b5c609a47f7b733b268e5807 Mon Sep 17 00:00:00 2001
From: Tony Mack <tmack@paris.CS.Princeton.EDU>
Date: Wed, 5 Dec 2012 13:39:57 -0500
Subject: [PATCH] raise exception if we don't support credential type

---
 sfa/trust/auth.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/sfa/trust/auth.py b/sfa/trust/auth.py
index 449f1cf1..4a2fd62b 100644
--- a/sfa/trust/auth.py
+++ b/sfa/trust/auth.py
@@ -4,7 +4,7 @@
 import sys
 
 from sfa.util.faults import InsufficientRights, MissingCallerGID, MissingTrustedRoots, PermissionError, \
-    BadRequestHash, ConnectionKeyGIDMismatch, SfaPermissionDenied
+    BadRequestHash, ConnectionKeyGIDMismatch, SfaPermissionDenied, CredentialNotVerifiable
 from sfa.util.sfalogging import logger
 from sfa.util.config import Config
 from sfa.util.xrn import Xrn, get_authority
@@ -75,6 +75,9 @@ class Auth:
         self.client_cred = cred
         logger.debug("Auth.check: handling hrn=%s and credential=%s"%\
                          (hrn,cred.get_summary_tostring()))
+
+        if cred.type not in ['geni_sfa']:
+            raise CredentialNotVerifiable(cred.type, "%s not supported" % cred.type)
         self.client_gid = self.client_cred.get_gid_caller()
         self.object_gid = self.client_cred.get_gid_object()
         
-- 
2.47.0