Python ABACCredential Beispiele

Programmiersprache: Python

Namespace / Paketname: sfa.trust.abac_credential

Klasse / Typ: ABACCredential

Beispiele auf hotexamples.com: 2

Python ABACCredential - 2 Beispiele gefunden. Dies sind die am besten bewerteten Python Beispiele für die sfa.trust.abac_credential.ABACCredential, die aus Open Source-Projekten extrahiert wurden. Sie können Beispiele bewerten, um die Qualität der Beispiele zu verbessern.

Häufig verwendete Methoden

Anzeigen Verbergen

ABACCredential(1)

encode(1)

expiration(1)

get_signature(1)

get_summary_tostring(1)

get_tails(1)

head(1)

pretty_cred(1)

save_to_file(1)

set_expiration(1)

set_issuer_keys(1)

sign(1)

Beispiel #1

Datei anzeigen

Datei: auth.py Projekt: christina-n/unis

    def handle_sf_cred(self, user, xml_cred):
        try:
            # XX: libabac segfaults on the GENI abac creds for some reason
            # XX: will use ABACCredential instead
            #tmpctx = ABAC.Context()
            #tmpctx.load_id_chunk(user.cert_chunk())
            #ret = tmpctx.load_attribute_chunk(xml_cred)
            #if ret < 0:
            #    raise AbacError("Could not read the speaks-for cert given client cert")

            sf_cred = ABACCredential(string=xml_cred)
            # also can't verify abac creds...sigh
            #sf_cred.verify(trusted_certs=[settings.SSL_OPTIONS['ca_certs']])
            #print sf_cred.dump_string()

            sf_cert = sf_cred.get_signature().get_issuer_gid().save_to_string()
            sf_user = ABAC.ID_chunk(sf_cert)
            sf_req = sf_cred.get_tails()[0]
        except Exception, e:
            raise AbacError("Could not read the speaks-for cert: %s" % e)

Beispiel #2

Datei anzeigen

Datei: speaksfor_util.py Projekt: nfvproject/SFA

def create_sign_abaccred(tool_gid, user_gid, ma_gid, user_key_file, cred_filename, dur_days=365):
    print "Creating ABAC SpeaksFor using ABACCredential...\n"
    # Write out the user cert
    from tempfile import mkstemp
    ma_str = ma_gid.save_to_string()
    user_cert_str = user_gid.save_to_string()
    if not user_cert_str.endswith(ma_str):
        user_cert_str += ma_str
    fp, user_cert_filename = mkstemp(suffix='cred', text=True)
    fp = os.fdopen(fp, "w")
    fp.write(user_cert_str)
    fp.close()

    # Create the cred
    cred = ABACCredential()
    cred.set_issuer_keys(user_key_file, user_cert_filename)
    tool_urn = tool_gid.get_urn()
    user_urn = user_gid.get_urn()
    user_keyid = get_cert_keyid(user_gid)
    tool_keyid = get_cert_keyid(tool_gid)
    cred.head = ABACElement(user_keyid, user_urn, "speaks_for_%s" % user_keyid)
    cred.tails.append(ABACElement(tool_keyid, tool_urn))
    cred.set_expiration(datetime.datetime.utcnow() + datetime.timedelta(days=dur_days))
    cred.expiration = cred.expiration.replace(microsecond=0)

    # Produce the cred XML
    cred.encode()

    # Sign it
    cred.sign()
    # Save it
    cred.save_to_file(cred_filename)
    print "Created ABAC credential: '%s' in file %s" % \
            (cred.get_summary_tostring(), cred_filename)