1 # * require certificate as an argument
3 # * get pubkey from gid
4 # * if certifacate matches pubkey from gid, return gid, else raise exception
5 # if not peer.is_pubkey(gid.get_pubkey()):
6 # raise ConnectionKeyGIDMismatch(gid.get_subject())
8 from sfa.util.faults import *
9 from sfa.util.method import Method
10 from sfa.util.parameter import Parameter, Mixed
11 from sfa.trust.auth import Auth
12 from sfa.trust.gid import GID
13 from sfa.trust.certificate import Certificate
14 from sfa.util.genitable import GeniTable
16 class get_gid(Method):
18 Returns the client's gid if one exists
20 @param cert certificate string
24 interfaces = ['registry']
27 Parameter(str, "Certificate string"),
28 Parameter(str, "Human readable name (hrn)"),
29 Parameter(str, "Object type")
32 returns = Parameter(str, "GID string")
34 def call(self, cert, hrn, type):
36 self.api.auth.verify_object_belongs_to_me(hrn)
37 certificate = Certificate(string=cert)
39 records = table.find({'hrn': hrn, 'type': type})
41 raise RecordNotFound(hrn)
43 gidStr = record['gid']
44 gid = GID(string=gidStr)
46 if not certificate.is_pubkey(gid.get_pubkey()):
47 raise ConnectionKeyGIDMismatch(gid.get_subject())