def make_ms(desc, leaf, operator, sup=None):
"""
Construct a signed metadata statement
:param desc: A description of who wants who to signed what.
represented as a dictionary containing: 'request', 'requester',
'signer' and 'signer_add'.
:param leaf: if the requester is the entity operator/agent
:param operator: A dictionary containing Operator instance as values.
:param ms: Metadata statements to be added, dict. The values are
signed MetadataStatements.
:param ms_uris: Metadata Statement URIs to be added.
Note that ms and ms_uris can not be present at the same time.
It can be one of them or none.
:return: A dictionary with the FO ID as key and the signed metadata
statement as value.
"""
req = MetadataStatement(**desc['request'])
_requester = operator[desc['requester']]
req['signing_keys'] = _requester.signing_keys_as_jwks()
_signer = operator[desc['signer']]
if sup is None:
sup = {}
_fo = _signer.iss
try:
_ms = sup['ms']
except KeyError:
pass
else:
req['metadata_statements'] = dict(_ms.items())
if len(_ms):
_fo = list(_ms.keys())[0]
else:
_fo = ''
try:
_ms_uri = sup['ms_uri']
except KeyError:
pass
else:
req['metadata_statement_uris'] = dict(_ms_uri.items())
if len(_ms_uri):
_fo = list(_ms_uri.keys())[0]
else:
_fo = ''
req.update(desc['signer_add'])
if leaf:
jwt_args = {'aud': [_requester.iss]}
else:
jwt_args = {}
ms = _signer.pack_metadata_statement(req, jwt_args=jwt_args)
return {_fo: ms}
def ace(self, req, fos, context):
"""
Add signing keys, create metadata statement and extend request.
:param req: Request
:param fos: List of Federation Operator IDs
:param context: One of :py:data:`fedoidc.CONTEXTS`
"""
_cms = MetadataStatement()
_cms.update(req)
_cms = self.add_signing_keys(_cms)
sms = self.signer.create_signed_metadata_statement(_cms,
context,
fos=fos)
self.extend_with_ms(req, sms)