def create_slice_credential(self, user_gid, slice_gid, duration):
'''Create a Slice credential object for this user_gid (object) on given slice gid (object)'''
# FIXME: Validate the user_gid and slice_gid
# are my user and slice
return cred_util.create_credential(user_gid, slice_gid, duration,
'slice', self.keyfile,
self.certfile,
self.trusted_root_files)
def CreateUserCredential(self, user_gid):
'''Return string representation of a user credential
issued by this CH with caller/object this user_gid (string)
with user privileges'''
# FIXME: Validate arg - non empty, my user
user_gid = gid.GID(string=user_gid)
self.logger.info("Called CreateUserCredential for GID %s" % user_gid.get_hrn())
expiration = datetime.datetime.utcnow() + datetime.timedelta(seconds=USER_CRED_LIFE)
try:
ucred = cred_util.create_credential(user_gid, user_gid, expiration, 'user', self.keyfile, self.certfile, self.trusted_root_files)
except Exception, exc:
self.logger.error("Failed to create user credential for %s: %s", user_gid.get_hrn(), traceback.format_exc())
raise Exception("Failed to create user credential for %s" % user_gid.get_hrn(), exc)
def CreateUserCredential(self, user_gid):
'''Return string representation of a user credential
issued by this CH with caller/object this user_gid (string)
with user privileges'''
# FIXME: Validate arg - non empty, my user
user_gid = gid.GID(string=user_gid)
self.logger.info("Called CreateUserCredential for GID %s" % user_gid.get_hrn())
expiration = datetime.datetime.utcnow() + datetime.timedelta(seconds=USER_CRED_LIFE)
try:
ucred = cred_util.create_credential(user_gid, user_gid, expiration, 'user', self.keyfile, self.certfile, self.trusted_root_files)
except Exception, exc:
self.logger.error("Failed to create user credential for %s: %s", user_gid.get_hrn(), traceback.format_exc())
raise Exception("Failed to create user credential for %s" % user_gid.get_hrn(), exc)
def create_user_credential(user_gid):
'''Create a user credential object for this user_gid
@param user_gid: The user's cert
@type user_gid: C{sfa.trust.gid.GID}
@return: The credential
@rtype: C{sfa.trust.credential.Credential}
'''
return cred_util.create_credential(
user_gid, user_gid, settings.GCF_USER_CRED_LIFE,
'user',
settings.GCF_X509_CH_KEY, settings.GCF_X509_CH_CERT,
get_trusted_cert_filenames(),
)
def create_slice_credential(user_gid, slice_gid):
'''Create a Slice credential object for this user_gid (object) on given slice gid (object)
@param user_gid: The user's cert
@type user_gid: C{sfa.trust.gid.GID}
@param slice_gid: The slice's gid
@type slice_gid: C{sfa.trust.gid.GID}
@return: The credential
@rtype: C{sfa.trust.credential.Credential}
'''
return cred_util.create_credential(
user_gid, slice_gid, settings.GCF_SLICE_CRED_LIFE,
'slice',
settings.GCF_X509_CH_KEY, settings.GCF_X509_CH_CERT,
get_trusted_cert_filenames(),
)
def create_user_credential(user_gid):
'''Create a user credential object for this user_gid
@param user_gid: The user's cert
@type user_gid: C{sfa.trust.gid.GID}
@return: The credential
@rtype: C{sfa.trust.credential.Credential}
'''
return cred_util.create_credential(
user_gid,
user_gid,
settings.GCF_USER_CRED_LIFE,
'user',
settings.GCF_X509_CH_KEY,
settings.GCF_X509_CH_CERT,
get_trusted_cert_filenames(),
)
def create_slice_credential(user_gid, slice_gid):
'''Create a Slice credential object for this user_gid (object) on given slice gid (object)
@param user_gid: The user's cert
@type user_gid: C{sfa.trust.gid.GID}
@param slice_gid: The slice's gid
@type slice_gid: C{sfa.trust.gid.GID}
@return: The credential
@rtype: C{sfa.trust.credential.Credential}
'''
return cred_util.create_credential(
user_gid,
slice_gid,
settings.GCF_SLICE_CRED_LIFE,
'slice',
settings.GCF_X509_CH_KEY,
settings.GCF_X509_CH_CERT,
get_trusted_cert_filenames(),
)
def create_slice_credential(self, user_gid, slice_gid, expiration, delegatable=False):
'''Create a Slice credential object for this user_gid (object) on given slice gid (object)'''
# FIXME: Validate the user_gid and slice_gid
# are my user and slice
return cred_util.create_credential(user_gid, slice_gid, expiration, 'slice', self.keyfile, self.certfile, self.trusted_root_files, delegatable)