<value>false</value>
<description>Flag to turn debug on.</description>
</variable>
+
+ <variable id="max_slice_renew" type="int">
+ <name>Max Slice Renew</name>
+ <value>60</value>
+ <description>Maximum amout of days a user can extend/renew their slices to</description>
+ </variable>
<variable id="session_key_path" type="string">
<name>User Session Keys Path </name>
# Validate that the time does not go beyond the credential's expiration time
requested_time = utcparse(expiration_time)
+ max_renew_days = int(self.api.config.SFA_MAX_SLICE_RENEW)
if requested_time > Credential(string=valid_creds[0]).get_expiration():
raise InsufficientRights('Renewsliver: Credential expires before requested expiration time')
- if requested_time > datetime.datetime.utcnow() + datetime.timedelta(days=60):
- raise Exception('Cannot renew > 60 days from now')
+ if requested_time > datetime.datetime.utcnow() + datetime.timedelta(days=max_renew_days):
+ raise Exception('Cannot renew > %s days from now' % max_renew_days)
manager = self.api.get_interface_manager()
return manager.RenewSliver(self.api, slice_xrn, valid_creds, expiration_time, call_id)
if not hasattr(self, 'SFA_CM_TYPE'):
self.SFA_COMPONENT_TYPE='pl'
+ if not hasattr(self, 'SFA_MAX_SLICE_RENEW'):
+ self.SFA_MAX_SLICE_RENEW=60
+
# create the data directory if it doesnt exist
if not os.path.isdir(self.SFA_DATA_DIR):
try:
# host may be a string, or a (host, x509-dict) tuple
host, extra_headers, x509 = self.get_host_info(host)
if need_HTTPSConnection:
- conn = HTTPSConnection(host, None, key_file=self.key_file, cert_file=self.cert_file, timeout=self.timeout) #**(x509 or {}))
+ #conn = HTTPSConnection(host, None, key_file=self.key_file, cert_file=self.cert_file, timeout=self.timeout) #**(x509 or {}))
+ conn = HTTPSConnection(host, None, key_file=self.key_file, cert_file=self.cert_file) #**(x509 or {}))
else:
try:
conn = HTTPS(host, None, key_file=self.key_file, cert_file=self.cert_file, timeout=self.timeout) #**(x509 or {}))