# Thierry Parmentelat -- INRIA
-#
-# a minimal library for writing "lightweight" SFA clients
-#
+"""
+a minimal library for writing "lightweight" SFA clients
+"""
+
+from __future__ import print_function
# xxx todo
# this library should probably check for the expiration date of the various
######################################## *_produce methods
### step1
# unconditionnally create a self-signed certificate
- def self_signed_cert_produce (self,output):
+ def self_signed_cert_produce (self, output):
self.assert_private_key()
private_key_filename = self.private_key_filename()
keypair=Keypair(filename=private_key_filename)
self_signed.sign ()
self_signed.save_to_file (output)
self.logger.debug("SfaClientBootstrap: Created self-signed certificate for %s in %s"%\
- (self.hrn,output))
+ (self.hrn, output))
return output
### step2
certificate_filename = self.self_signed_cert_filename()
certificate_string = self.plain_read (certificate_filename)
self.assert_private_key()
- registry_proxy = SfaServerProxy (self.registry_url, self.private_key_filename(),
+ registry_proxy = SfaServerProxy (self.registry_url,
+ self.private_key_filename(),
certificate_filename)
try:
credential_string=registry_proxy.GetSelfCredential (certificate_string, self.hrn, "user")
records = registry_proxy.Resolve (hrn, credential_string)
records=[record for record in records if record['type']==type]
if not records:
- raise RecordNotFound, "hrn %s (%s) unknown to registry %s"%(hrn,type,self.registry_url)
+ raise RecordNotFound("hrn %s (%s) unknown to registry %s"%(hrn,type,self.registry_url))
record=records[0]
self.plain_write (output, record['gid'])
self.logger.debug("SfaClientBootstrap: Wrote GID for %s (%s) in %s"% (hrn,type,output))
openssl_command += [ "-in", self.my_gid_filename()]
openssl_command += [ "-out", filename ]
if subprocess.call(openssl_command) ==0:
- print "Successfully created %s"%filename
+ print("Successfully created %s"%filename)
else:
- print "Failed to create %s"%filename
+ print("Failed to create %s"%filename)
# Returns True if credential file is valid. Otherwise return false.
def validate_credential(self, filename):
return self.fullpath ("%s.sscert"%self.hrn)
def my_credential_filename (self):
return self.credential_filename (self.hrn, "user")
+ # the tests use sfi -u <pi-user>; meaning that the slice credential filename
+ # needs to keep track of the user too
def credential_filename (self, hrn, type):
- return self.fullpath ("%s.%s.cred"%(hrn,type))
+ if type in ['user']:
+ basename="%s.%s.cred"%(hrn,type)
+ else:
+ basename="%s-%s.%s.cred"%(self.hrn,hrn,type)
+ return self.fullpath (basename)
def slice_credential_filename (self, hrn):
return self.credential_filename(hrn,'slice')
def authority_credential_filename (self, hrn):
def assert_filename (self, filename, kind):
if not os.path.isfile (filename):
- raise IOError,"Missing %s file %s"%(kind,filename)
+ raise IOError("Missing %s file %s"%(kind,filename))
return True
- def assert_private_key (self): return self.assert_filename (self.private_key_filename(),"private key")
- def assert_self_signed_cert (self): return self.assert_filename (self.self_signed_cert_filename(),"self-signed certificate")
- def assert_my_credential (self): return self.assert_filename (self.my_credential_filename(),"user's credential")
- def assert_my_gid (self): return self.assert_filename (self.my_gid_filename(),"user's GID")
+ def assert_private_key (self):
+ return self.assert_filename (self.private_key_filename(),"private key")
+ def assert_self_signed_cert (self):
+ return self.assert_filename (self.self_signed_cert_filename(),"self-signed certificate")
+ def assert_my_credential (self):
+ return self.assert_filename (self.my_credential_filename(),"user's credential")
+ def assert_my_gid (self):
+ return self.assert_filename (self.my_gid_filename(),"user's GID")
# decorator to make up the other methods
message="Could not produce/retrieve %s (%s -- %s)"%\
(filename,error[0],error[1])
self.logger.log_exc(message)
- raise Exception, message
+ raise Exception(message)
return wrapped
return wrap
git://git.onelab.eu / sfa.git / blobdiff