# Credentials are signed XML files that assign a subject gid privileges to an object gid
##
+from __future__ import print_function
+
import os, os.path
import subprocess
-from types import StringTypes
import datetime
from StringIO import StringIO
from tempfile import mkstemp
from xml.dom.minidom import Document, parseString
+from sfa.util.py23 import StringType
+
HAVELXML = False
try:
from lxml import etree
self.gid = gid
def decode(self):
+ # Helper function to pull characters off the front of a string if present
+ def remove_prefix(text, prefix):
+ if text and prefix and text.startswith(prefix):
+ return text[len(prefix):]
+ return text
+
try:
doc = parseString(self.xml)
- except ExpatError,e:
+ except ExpatError as e:
logger.log_exc ("Failed to parse credential, %s"%self.xml)
raise
sig = doc.getElementsByTagName("Signature")[0]
## This code until the end of function rewritten by Aaron Helsinger
- ref_id = sig.getAttribute("xml:id").strip().strip("Sig_")
+ ref_id = remove_prefix(sig.getAttribute("xml:id").strip(), "Sig_")
# The xml:id tag is optional, and could be in a
# Reference xml:id or Reference UID sub element instead
if not ref_id or ref_id == '':
reference = sig.getElementsByTagName('Reference')[0]
- ref_id = reference.getAttribute('xml:id').strip().strip('Sig_')
+ ref_id = remove_prefix(reference.getAttribute('xml:id').strip(), "Sig_")
if not ref_id or ref_id == '':
- ref_id = reference.getAttribute('URI').strip().strip('#')
+ ref_id = remove_prefix(reference.getAttribute('URI').strip(), "#")
self.set_refid(ref_id)
keyinfos = sig.getElementsByTagName("X509Data")
gids = None
self.version = None
if cred:
- if isinstance(cred, StringTypes):
+ if isinstance(cred, StringType):
string = cred
self.type = Credential.SFA_CREDENTIAL_TYPE
self.version = '3'
str = file(filename).read()
# if this is a legacy credential, write error and bail out
- if isinstance (str, StringTypes) and str.strip().startswith("-----"):
+ if isinstance (str, StringType) and str.strip().startswith("-----"):
logger.error("Legacy credentials not supported any more - giving up with %s..."%str[:10])
return
else:
doc = None
try:
doc = parseString(self.xml)
- except ExpatError,e:
+ except ExpatError as e:
raise CredentialNotVerifiable("Malformed credential")
doc = parseString(self.xml)
sigs = []
# or non PEM files
trusted_cert_objects.append(GID(filename=f))
ok_trusted_certs.append(f)
- except Exception, exc:
+ except Exception as exc:
logger.error("Failed to load trusted cert from %s: %r"%( f, exc))
trusted_certs = ok_trusted_certs
#
# @param dump_parents If true, also dump the parent certificates
def dump (self, *args, **kwargs):
- print self.dump_string(*args, **kwargs)
+ print(self.dump_string(*args, **kwargs))
# SFA code ignores show_xml and disables printing the cred xml
def dump_string(self, dump_parents=False, show_xml=False):
result += "\nEnd XML\n"
except:
import traceback
- print "exc. Credential.dump_string / XML"
+ print("exc. Credential.dump_string / XML")
traceback.print_exc()
return result