def is_initialize_ccache_necessary(context, ccache, principal):
''' Judge whether initializing credential cache is necessary.
In three cases, it is necessary to initialize credential cache.
- Credential cache file does not exist.
- Credential cache file has bad format.
- TGT expires.
When TGT expires, attemption that getting credentials will return error
``Match credentials not found``, whose error code is KRB5_CC_NOTFOUND.
Arguments:
- context, current context object.
- ccache, the CCache object that is associated with context.
- principal, the principal name that is being used for getting ticket.
'''
try:
cred_time = get_tgt_time(context, ccache, principal)
except krbV.Krb5Error, err:
# Credentials cache does not exist. In this case, initialize
# credential cache is required.
monitor_errors = (
krbV.KRB5_FCC_NOFILE,
krbV.KRB5_CC_FORMAT,
krbV.KRB5_CC_NOTFOUND,
)
err_code = err.args[0]
is_init_required = err_code in monitor_errors
if is_init_required:
return True
else:
# If error is unexpected, raise it to caller
raise
def is_initialize_ccache_necessary(context, ccache, principal):
''' Judge whether initializing credential cache is necessary.
In three cases, it is necessary to initialize credential cache.
- Credential cache file does not exist.
- Credential cache file has bad format.
- TGT expires.
When TGT expires, attemption that getting credentials will return error
``Match credentials not found``, whose error code is KRB5_CC_NOTFOUND.
Arguments:
- context, current context object.
- ccache, the CCache object that is associated with context.
- principal, the principal name that is being used for getting ticket.
'''
try:
cred_time = get_tgt_time(context, ccache, principal)
except krbV.Krb5Error, err:
# Credentials cache does not exist. In this case, initialize
# credential cache is required.
monitor_errors = (krbV.KRB5_FCC_NOFILE,
krbV.KRB5_CC_FORMAT,
krbV.KRB5_CC_NOTFOUND,)
err_code = err.args[0]
is_init_required = err_code in monitor_errors
if is_init_required:
return True
else:
# If error is unexpected, raise it to caller
raise
def is_initialize_ccache_necessary(context, ccache, principal):
"""Judge whether initializing credential cache is necessary
In following three cases, it is necessary to initialize credential cache.
- Credential cache file does not exist.
- Credential cache file has bad format.
- TGT expires.
When TGT expires, attemption that getting credentials will return error
``Match credentials not found``, its error code is KRB5_CC_NOTFOUND.
:param krbV.Context context: Kerberos context.
:param krbV.CCache ccache: the credential cache from which to determine if
it is necessary to initialize.
:param krbV.Principal principal: the principal name that is being used for
getting ticket from ``ccache``.
:return: a boolean that indicates if it is necessary to initialize a new
credential cache.
:rtype: bool
"""
try:
cred_time = get_tgt_time(context, ccache, principal)
except krbV.Krb5Error as err:
# Credentials cache does not exist. In this case, initialize
# credential cache is required.
monitor_errors = (krbV.KRB5_FCC_NOFILE,
krbV.KRB5_CC_FORMAT,
krbV.KRB5_CC_NOTFOUND)
err_code = err.args[0]
is_init_required = err_code in monitor_errors
if is_init_required:
return True
else:
# If error is unexpected, raise it to caller
raise
except:
# Just like the above raise statement
raise
return datetime.now() >= cred_time.endtime
def get_tgt_time_from_ccache(principal_name):
context = krbV.default_context()
principal = krbV.Principal(principal_name, context=context)
ccache = krbV.CCache(config.user_ccache_file, context=context)
ct = get_tgt_time(context, ccache, principal)
return ct.endtime
