instead of just dropping timezone info, use sfa.util.sfatime.utcparse to correctly...

diff --git a/sfa/managers/aggregate_manager_pl.py b/sfa/managers/aggregate_manager_pl.py
index d33a002..5fcd6ef 100644 (file)
--- a/sfa/managers/aggregate_manager_pl.py
+++ b/sfa/managers/aggregate_manager_pl.py
@@ -79,7 +79,7 @@ def __get_registry_objects(slice_xrn, creds, users):
 
         slice = {}
         
-        extime = Credential(string=creds[0]).get_expiration().replace(tzinfo=None)
+        extime = utcparse(Credential(string=creds[0]).get_expiration())
         # If the expiration time is > 60 days from now, set the expiration time to 60 days from now
         if extime > datetime.datetime.utcnow() + datetime.timedelta(days=60):
             extime = datetime.datetime.utcnow() + datetime.timedelta(days=60)

diff --git a/sfa/trust/credential.py b/sfa/trust/credential.py
index 2fd3e92..5f980c9 100644 (file)
--- a/sfa/trust/credential.py
+++ b/sfa/trust/credential.py
@@ -31,12 +31,12 @@
 \r
 import os\r
 import datetime\r
+from sfa.util.sfatime import utcparse\r
 from tempfile import mkstemp\r
 from xml.dom.minidom import Document, parseString\r
 from lxml import etree\r
 from dateutil.parser import parse\r
 from StringIO import StringIO\r
-\r
 from sfa.util.faults import *\r
 from sfa.util.sfalogging import logger\r
 from sfa.trust.certificate import Keypair\r
@@ -760,7 +760,7 @@ class Credential(object):
             return True\r
         \r
         # make sure it is not expired\r
-        if self.get_expiration().replace(tzinfo=None) < datetime.datetime.utcnow():\r
+        if utcparse(self.get_expiration()) < datetime.datetime.utcnow():\r
             raise CredentialNotVerifiable("Credential expired at %s" % self.expiration.isoformat())\r
 \r
         # Verify the signatures\r