def get_slice_credentials(self):
client = self.get_client(self._sa_url)
fcn = eval('client.get_credentials')
suppress_errors = None
reason = "Testing"
(result, msg) = _do_ssl(self._framework, suppress_errors, reason,
fcn, self._slice_urn, [], {})
return result['value']
def get_credentials(opts):
config = {'cert' : opts.cert, 'key' : opts.key}
framework = ClientFramework(config, {})
suppress_errors = None
reason = "Testing"
ch_client = framework.make_client(opts.ch_url, opts.key, opts.cert,
allow_none=True,
verbose=False)
(result, msg) = _do_ssl(framework, suppress_errors, reason,
ch_client.get_credentials, opts.slice_urn, [], {})
cred = result['value'][0]['geni_value']
creds = [cred]
return creds
def get_aggregate_info(self):
client = self.get_client(self._sr_url)
fcn = eval('client.lookup_aggregates')
suppress_errors = None
reason = "Testing"
(result, msg) = _do_ssl(self._framework, suppress_errors, reason, fcn, {})
self._aggregate_info = result['value']
# Add additional aggregates not in SR
wix = {'SERVICE_URL' : 'http://wixam.maxgigapop.net:12346',
'SERVICE_NAME' : 'WIX',
'SERVICE_URN' : 'urn:publicid:IDN+wix.internet2.edu+authority+am'}
self._aggregate_info.append(wix)
def get_sliver_status(self, am_urn):
am_info = self.get_agg_info_for_urn(am_urn)
if am_info == None:
print "AM not registered: %s" % am_urn
return None
am_url = am_info['SERVICE_URL']
client = self.get_client(am_url)
fcn = eval('client.SliverStatus')
suppress_errors = None
reason = "Testing"
(result, msg) = _do_ssl(self._framework, suppress_errors, reason,
fcn, self._slice_urn, self._creds, {})
status = result['value']
return status
def get_credentials(opts):
config = {'cert': opts.cert, 'key': opts.key}
framework = ClientFramework(config, {})
suppress_errors = None
reason = "Testing"
ch_client = framework.make_client(opts.ch_url,
opts.key,
opts.cert,
allow_none=True,
verbose=False)
(result, msg) = _do_ssl(framework, suppress_errors, reason,
ch_client.get_credentials, opts.slice_urn, [], {})
cred = result['value'][0]['geni_value']
creds = [cred]
return creds
def get_sliver_info_for_slice(self):
client = self.get_client(self._sa_url)
fcn = eval('client.lookup_sliver_info')
suppress_errors = None
reason = "Testing"
options = {"match" : {"SLIVER_INFO_SLICE_URN" : self._slice_urn}}
(result, msg) = _do_ssl(self._framework, suppress_errors, reason, fcn,
self._creds, options)
self._sliver_info = result['value']
# Set up unique list of AM urn's
for sliver_urn, sliver_details in self._sliver_info.iteritems():
agg_urn = sliver_details['SLIVER_INFO_AGGREGATE_URN']
if agg_urn not in self._unique_agg_urns:
self._unique_agg_urns.append(agg_urn);
if agg_urn in self._sites_info:
self._unique_agg_urns_with_site_info.append(agg_urn)
def get_manifest(self, am_urn):
am_info = self.get_agg_info_for_urn(am_urn)
if am_info == None:
print "AM not registered: %s" % am_urn
return None
am_url = am_info['SERVICE_URL']
client = self.get_client(am_url)
fcn = eval('client.ListResources')
suppress_errors = None
reason = "Testing"
options = {'geni_slice_urn' : self._slice_urn,
'geni_rspec_version' : {'version' : '3', 'type' : 'GENI'},
'geni_compressed' : False}
(result, msg) = _do_ssl(self._framework, suppress_errors, reason,
fcn, self._creds, options)
if result['code']['geni_code'] != 0:
return None
status = result['value']
return status
def emulate_portal_page(opts, verbose=False):
suppress_errors = None
reason = "Testing"
config = {'cert': opts.cert, 'key': opts.key}
framework = MAClientFramework(config, {})
ma_url = opts.url
sa_url = opts.url.replace('/MA', '/SA')
cs_url = opts.url.replace('/MA', '/CS')
log_url = opts.url.replace('/MA', '/LOG')
ma_client = framework.make_client(ma_url, opts.key, opts.cert,
verbose=False)
sa_client = framework.make_client(sa_url, opts.key, opts.cert,
verbose=False)
cs_client = framework.make_client(cs_url, opts.key, opts.cert,
verbose=False)
log_client = framework.make_client(log_url, opts.key, opts.cert,
verbose=False)
if opts.page == "home":
print "Fetching home page for %s" % opts.eppn
# Lookup public member info by EPPN
client_options = {'match': {'_GENI_MEMBER_EPPN': opts.eppn}}
(public_info, msg) = _do_ssl(framework, suppress_errors, reason,
ma_client.lookup_public_member_info,
opts.credentials, client_options)
member_urn = public_info['value'].keys()[0]
member_uid = public_info['value'][member_urn]['MEMBER_UID']
# Lookup identifying info by UID
client_options = {'match': {'MEMBER_UID': [member_uid]}}
(identifying_info, msg) = _do_ssl(framework, suppress_errors, reason,
ma_client.lookup_identifying_member_info,
opts.credentials, client_options)
# Lookup private key by UID
client_options = {'match': {'MEMBER_UID': [member_uid]},
'filter': ['_GENI_MEMBER_INSIDE_PRIVATE_KEY']}
(private_info, msg) = _do_ssl(framework, suppress_errors, reason,
ma_client.lookup_private_member_info,
opts.credentials, client_options)
if verbose:
print "Result = %s " % public_info
print "Result = %s " % identifying_info
print "Result = %s " % private_info
# Lookup public inside cert by UID
client_options = {'match': {'MEMBER_UID': [member_uid]},
'filter': ['_GENI_MEMBER_INSIDE_CERTIFICATE']}
(public_info, msg) = _do_ssl(framework, suppress_errors, reason,
ma_client.lookup_public_member_info,
opts.credentials, client_options)
if verbose:
print "Result = %s " % public_info
# get_permissions
client_options = {'_dummy': ''}
(permissions, msg) = _do_ssl(framework, suppress_errors, reason,
cs_client.get_permissions,
member_uid,
opts.credentials, client_options)
if verbose:
print "Result = %s " % permissions
# Lookup projects for member
client_options = {'_dummy': ''}
(projects_info, msg) = _do_ssl(framework, suppress_errors, reason,
sa_client.lookup_projects_for_member,
member_urn,
opts.credentials, client_options)
if verbose:
print "Result = %s " % projects_info
# Lookup projects
project_uids = [project_info['PROJECT_UID']
for project_info in projects_info['value']
if not project_info['PROJECT_EXPIRED']]
client_options = {'match': {'PROJECT_UID': project_uids}}
(projects, msg) = _do_ssl(framework, suppress_errors, reason,
sa_client.lookup_projects,
opts.credentials, client_options)
if verbose:
print "Result = %s" % projects
# Lookup slices for member
client_options = {'_dummy': ''}
(slices_info, msg) = _do_ssl(framework, suppress_errors, reason,
sa_client.lookup_slices_for_member,
member_urn,
opts.credentials, client_options)
if verbose:
print "Result = %s " % slices_info
# Lookup slices
slice_uids = [slice_info['SLICE_UID']
for slice_info in slices_info['value']
if not slice_info['SLICE_EXPIRED']]
client_options = {'match': {'SLICE_UID': slice_uids}}
(slices, msg) = _do_ssl(framework, suppress_errors, reason,
sa_client.lookup_slices,
opts.credentials, client_options)
if verbose:
print "Result = %s " % slices
# Lookup public member info for all project leads, slice_owners
member_uids = []
for slice_urn, slice_data in slices['value'].items():
if slice_data['SLICE_EXPIRED']:
continue
slice_owner_uid = slice_data['_GENI_SLICE_OWNER']
if slice_owner_uid not in member_uids:
member_uids.append(slice_owner_uid)
for project_urn, project_data in projects['value'].items():
if project_data['PROJECT_EXPIRED']:
continue
project_lead_uid = project_data['_GENI_PROJECT_OWNER']
if project_lead_uid not in member_uids:
member_uids.append(project_lead_uid)
client_options = {'match': {'MEMBER_UID': member_uids}}
(members_public_info, msg) = _do_ssl(framework, suppress_errors,
reason,
ma_client.lookup_public_member_info,
opts.credentials, client_options)
if verbose:
print "Result = %s " % members_public_info
# Lookup identifying member info for all project leads, slice_owners
client_options = {'match': {'MEMBER_UID': member_uids}}
(members_identifying_info, msg) = _do_ssl(framework,
suppress_errors, reason,
ma_client.lookup_identifying_member_info,
opts.credentials, client_options)
if verbose:
print "Result = %s " % members_identifying_info
# Lookup pending requests for user
client_options = {'_dummy': ''}
(pending_requests, msg) = _do_ssl(framework, suppress_errors, reason,
sa_client.get_pending_requests_for_user,
member_uid, 1, '',
opts.credentials, client_options)
if verbose:
print "Result = %s " % pending_requests
# Lookup identifying member info for all project leads and slice owners
# *** Looks like we're doing this twice...
client_options = {'match': {'MEMBER_UID': member_uids}}
(members_identifying_info, msg) = _do_ssl(framework,
suppress_errors, reason,
ma_client.lookup_identifying_member_info,
opts.credentials, client_options)
if verbose:
print "Result = %s " % members_identifying_info
# Lookup requests by user
client_options = {'_dummy': ''}
(pending_requests, msg) = _do_ssl(framework,
suppress_errors, reason,
sa_client.get_requests_by_user,
member_uid, 1, '', 0,
opts.credentials, client_options)
if verbose:
print "Result = %s " % pending_requests
# Lookup projects for pending requests
project_uids = []
for pending_request in pending_requests['value']:
project_uid = pending_request['context_id']
project_uids.append(project_uid)
client_options = {'match': {'PROJECT_UID': project_uids}}
(pending_projects, msg) = _do_ssl(framework,
suppress_errors, reason,
sa_client.lookup_projects,
opts.credentials, client_options)
if verbose:
print "Result = %s " % pending_projects
# Lookup identifying info for leads of pending projects
member_uids = []
for pending_project_urn, pending_project_data in pending_projects['value'].items():
lead_uid = pending_project_data['_GENI_PROJECT_OWNER']
if lead_uid not in member_uids:
member_uids.append(lead_uid)
client_options = {'match': {'MEMBER_UID': member_uids}}
(pending_project_leads, msg) = _do_ssl(framework,
suppress_errors, reason,
ma_client.lookup_identifying_member_info,
opts.credentials,
client_options)
if verbose:
print "Result = %s " % pending_project_leads
# Lookup log entries for context
(log_entries, msg) = _do_ssl(framework,
suppress_errors, reason,
log_client.get_log_entries_for_context,
5, member_uid, 24, opts.credentials,
client_options)
if verbose:
print "Result = %s " % log_entries
# Lookup log entries for author
(log_entries, msg) = _do_ssl(framework,
suppress_errors, reason,
log_client.get_log_entries_by_author,
member_uid, 24, opts.credentials,
client_options)
if verbose:
print "Result = %s " % log_entries
print "Done fetching home page for %s" % opts.eppn
else:
print "Page not supported: %s" % page_name
def main(args = sys.argv, do_print=True):
opts, args = parseOptions(args)
client_options = json.loads(opts.options)
if opts.options_file:
client_options = json.load(open(opts.options_file, 'r'))
client_attributes = json.loads(opts.attributes)
if opts.attributes_file:
client_attributes = json.load(open(opts.attributes_file, 'r'))
if do_print:
print "CREDS = " + str(opts.credentials)
print "OPTIONS = " + str(client_options)
suppress_errors = None
reason = "Testing"
config = {'cert' : opts.cert, 'key' : opts.key}
framework = MAClientFramework(config, {})
client = framework.make_client(opts.url, opts.key, opts.cert,
allow_none=True,
verbose=False)
fcn = eval("client.%s" % opts.method)
# Methods that take no arguments
result = None
msg = None
if opts.page:
emulate_portal_page(opts)
elif opts.method in ['get_version', 'get_trust_roots']:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn)
# Methods that take options argument
elif opts.method in ['lookup_member_authorities', 'lookup_slice_authorities', \
'lookup_aggregates', \
'lookup_authorities_for_urns' ]:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
client_options)
# Methods that take a URN and an aggregate URL argument
elif opts.method in ['register_aggregate', 'remove_aggregate'] and opts.agg_url:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
opts.urn, opts.agg_url, opts.credentials, client_options)
elif opts.int_arg is not None and opts.method in ['get_services_of_type', 'get_first_service_of_type', 'get_service_by_id']:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
int(opts.int_arg))
elif opts.method in ['get_services']:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn)
# Logging methods (test)
elif opts.method in ['log_event']:
message = opts.string_arg
attributes = {}
add_attribute(attributes, opts.int_arg, opts.uuid_arg)
add_attribute(attributes, opts.int2_arg, opts.uuid2_arg)
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
message, attributes, opts.credentials,
client_options)
elif opts.method in [ 'get_log_entries_by_author']:
num_hours = 15*24
user_id = '8e405a75-3ff7-4288-bfa5-111552fa53ce'
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
user_id, num_hours, opts.credentials,
client_options)
elif opts.method in ['get_log_entries_for_context']:
context_type = 'SLICE'
context_id = '848e4a11-55eb-45df-a0e8-b79109fb0a88'
num_hours = 15*24
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
context_type, context_id, num_hours,
opts.credentials, client_options)
elif opts.method in ['get_log_entries_by_attributes']:
type1 = 'SLICE'
id1 = '848e4a11-55eb-45df-a0e8-b79109fb0a88'
type2 = 'PROJECT'
id2 = '8c042cf0-8389-48e0-aca1-782fd7a20794'
num_hours = 15*24
attribute_sets = [{type1 : id1}, {type2 : id2}]
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
attribute_sets, num_hours, opts.credentials,
client_options)
elif opts.method in ['get_attributes_for_log_entry']:
event_id = '20360';
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
event_id, opts.credentials,
client_options)
# Credential store methods
elif opts.method in ['get_permissions']:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
opts.uuid_arg, \
opts.credentials, client_options)
elif opts.method in ['get_attributes']:
context = 'None'
if opts.uuid2_arg: context = opts.uuid2_arg
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
opts.uuid_arg, \
opts.int_arg, context, \
opts.credentials, client_options)
elif opts.method in ['lookup_keys']:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
opts.credentials, client_options)
elif opts.method in ['delete_key', 'update_key'] \
and opts.string_arg and opts.urn:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
opts.string_arg, \
opts.credentials, client_options)
# Client Authorization methods
elif opts.method in ['list_clients']:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn)
elif opts.method in ['list_authorized_clients']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg)
elif opts.method in ['authorize_client']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg,
opts.urn, opts.int_arg)
# Sliver info methods
elif opts.method in ['delete_sliver_info', 'update_sliver_info']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.urn,
opts.credentials, client_options)
elif opts.method in ['create_sliver_info', 'lookup_sliver_info']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn,
opts.credentials, client_options)
# Project request methods
elif opts.method in ['create_request']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.int_arg,
opts.uuid_arg, opts.int2_arg, opts.string_arg, opts.string2_arg, \
opts.credentials, client_options)
elif opts.method in ['resolve_pending_request']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.int_arg,
opts.int2_arg, opts.int3_arg, opts.string_arg, \
opts.credentials, client_options)
elif opts.method in ['invite_member']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.int_arg,
opts.uuid_arg,
opts.credentials, client_options)
elif opts.method in ['accept_invitation']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn,
opts.uuid_arg, # invite_id
opts.uuid2_arg, # member_id
opts.credentials, client_options)
elif opts.method in ['get_requests_for_context']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.int_arg,
opts.uuid_arg, opts.int2_arg, opts.credentials, client_options)
elif opts.method in ['get_requests_by_user']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg,
opts.int_arg, opts.uuid2_arg, opts.int2_arg, opts.credentials, client_options)
elif opts.method in ['get_pending_requests_for_user', 'get_number_of_pending_requests_for_user']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg,
opts.int_arg, opts.uuid2_arg, opts.credentials, client_options)
elif opts.method in ['get_request_by_id']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn,
opts.int_arg, opts.int2_arg, opts.credentials, client_options)
# MA certificate methods
elif opts.method in ['create_certificate']:
options = {}
if opts.file_arg:
csr = open(opts.file_arg).read()
options = {'csr' : csr}
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.urn,
opts.credentials, options)
# MA add/revoke privilege methods
elif opts.method in ['add_member_privilege', 'revoke_member_privilege']:
options = {}
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg, \
opts.string_arg, \
opts.credentials, options)
# Methods that take urn, credentials, options
elif opts.method in ['get_credentials']:
options = {}
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.urn, \
opts.credentials, options)
# Generic Federation v2 API methods
elif opts.method in ['lookup', 'create']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.type, \
opts.credentials, client_options)
elif opts.method in ['update', 'delete', \
'modify_membership', 'lookup_members', 'lookup_for_member']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.type, \
opts.urn, opts.credentials, client_options)
# Portal query
elif opts.method in ['portal_query']:
options = {}
member_eppn = opts.string_arg
project_id = opts.uuid_arg
slice_id = opts.uuid2_arg
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, \
member_eppn, project_id, slice_id)
# def add_member_privilege(self, cert, member_uid, privilege, credentials, options):
# Methods that take attributes and options
elif client_attributes:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
client_attributes, \
opts.credentials, client_options)
# Methods that take credentials and options and urn arguments
elif opts.urn:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
opts.urn, \
opts.credentials, client_options)
# Methods that take credentials and options (and no urn) arguments
else:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
opts.credentials, client_options)
if do_print:
print "RESULT = " + str(result)
if msg:
print "MSG = " + str(msg)
def main(args=sys.argv, do_print=True):
logging.basicConfig()
opts, args = parseOptions(args)
client_options = json.loads(opts.options)
if opts.options_file:
client_options = json.load(open(opts.options_file, 'r'))
client_attributes = json.loads(opts.attributes)
if opts.attributes_file:
client_attributes = json.load(open(opts.attributes_file, 'r'))
if do_print:
print "CREDS = " + str(opts.credentials)
print "OPTIONS = " + str(client_options)
suppress_errors = None
reason = "Testing"
config = {'cert': opts.cert, 'key': opts.key}
framework = MAClientFramework(config, {})
client = framework.make_client(opts.url,
opts.key,
opts.cert,
allow_none=True,
verbose=False)
fcn = eval("client.%s" % opts.method)
# Methods that take no arguments
result = None
msg = None
if opts.page:
emulate_portal_page(opts)
elif opts.method in ['get_version', 'get_trust_roots']:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn)
# Methods that take options argument
elif opts.method in ['lookup_member_authorities', 'lookup_slice_authorities', \
'lookup_aggregates', \
'lookup_authorities_for_urns' ]:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
client_options)
# Methods that take a URN and an aggregate URL argument
elif opts.method in ['register_aggregate', 'remove_aggregate'
] and opts.agg_url:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
opts.urn, opts.agg_url, opts.credentials, client_options)
elif opts.int_arg is not None and opts.method in [
'get_services_of_type', 'get_first_service_of_type',
'get_service_by_id'
]:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
int(opts.int_arg))
elif opts.method in ['get_services']:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn)
# Logging methods (test)
elif opts.method in ['log_event']:
message = opts.string_arg
attributes = {}
add_attribute(attributes, opts.int_arg, opts.uuid_arg)
add_attribute(attributes, opts.int2_arg, opts.uuid2_arg)
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
message, attributes, opts.credentials,
client_options)
elif opts.method in ['get_log_entries_by_author']:
num_hours = 15 * 24
user_id = '8e405a75-3ff7-4288-bfa5-111552fa53ce'
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
user_id, num_hours, opts.credentials,
client_options)
elif opts.method in ['get_log_entries_for_context']:
context_type = 'SLICE'
context_id = '848e4a11-55eb-45df-a0e8-b79109fb0a88'
num_hours = 15 * 24
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
context_type, context_id, num_hours,
opts.credentials, client_options)
elif opts.method in ['get_log_entries_by_attributes']:
type1 = 'SLICE'
id1 = '848e4a11-55eb-45df-a0e8-b79109fb0a88'
type2 = 'PROJECT'
id2 = '8c042cf0-8389-48e0-aca1-782fd7a20794'
num_hours = 15 * 24
attribute_sets = [{type1: id1}, {type2: id2}]
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
attribute_sets, num_hours, opts.credentials,
client_options)
elif opts.method in ['get_attributes_for_log_entry']:
event_id = '20360'
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
event_id, opts.credentials,
client_options)
# Credential store methods
elif opts.method in ['get_permissions']:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
opts.uuid_arg, \
opts.credentials, client_options)
elif opts.method in ['get_attributes']:
context = 'None'
if opts.uuid2_arg: context = opts.uuid2_arg
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
opts.uuid_arg, \
opts.int_arg, context, \
opts.credentials, client_options)
elif opts.method in ['lookup_keys']:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
opts.credentials, client_options)
elif opts.method in ['delete_key', 'update_key'] \
and opts.string_arg and opts.urn:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
opts.string_arg, \
opts.credentials, client_options)
# Client Authorization methods
elif opts.method in ['list_clients']:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn)
elif opts.method in ['list_authorized_clients']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg)
elif opts.method in ['authorize_client']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg,
opts.urn, opts.int_arg)
# Sliver info methods
elif opts.method in ['delete_sliver_info', 'update_sliver_info']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.urn,
opts.credentials, client_options)
elif opts.method in ['create_sliver_info', 'lookup_sliver_info']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn,
opts.credentials, client_options)
# Project request methods
elif opts.method in ['create_request']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.int_arg,
opts.uuid_arg, opts.int2_arg, opts.string_arg, opts.string2_arg, \
opts.credentials, client_options)
elif opts.method in ['resolve_pending_request']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.int_arg,
opts.int2_arg, opts.int3_arg, opts.string_arg, \
opts.credentials, client_options)
elif opts.method in ['invite_member']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.int_arg,
opts.uuid_arg,
opts.credentials, client_options)
elif opts.method in ['accept_invitation']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn,
opts.uuid_arg, # invite_id
opts.uuid2_arg, # member_id
opts.credentials, client_options)
elif opts.method in ['get_requests_for_context']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.int_arg,
opts.uuid_arg, opts.int2_arg, opts.credentials, client_options)
elif opts.method in ['get_requests_by_user']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg,
opts.int_arg, opts.uuid2_arg, opts.int2_arg, opts.credentials, client_options)
elif opts.method in [
'get_pending_requests_for_user',
'get_number_of_pending_requests_for_user'
]:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg,
opts.int_arg, opts.uuid2_arg, opts.credentials, client_options)
elif opts.method in ['get_request_by_id']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn,
opts.int_arg, opts.int2_arg, opts.credentials, client_options)
# MA certificate methods
elif opts.method in ['create_certificate']:
options = {}
if opts.file_arg:
csr = open(opts.file_arg).read()
options = {'csr': csr}
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.urn,
opts.credentials, options)
# MA add/revoke privilege methods
elif opts.method in ['add_member_privilege', 'revoke_member_privilege']:
options = {}
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg, \
opts.string_arg, \
opts.credentials, options)
# Methods that take urn, credentials, options
elif opts.method in ['get_credentials']:
options = {}
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.urn, \
opts.credentials, options)
# Generic Federation v2 API methods
elif opts.method in ['lookup', 'create']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.type, \
opts.credentials, client_options)
elif opts.method in ['update', 'delete', \
'modify_membership', 'lookup_members', 'lookup_for_member']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.type, \
opts.urn, opts.credentials, client_options)
# Portal query
elif opts.method in ['portal_query']:
options = {}
member_eppn = opts.string_arg
project_id = opts.uuid_arg
slice_id = opts.uuid2_arg
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, \
member_eppn, project_id, slice_id)
# def add_member_privilege(self, cert, member_uid, privilege, credentials, options):
# Methods that take attributes and options
elif client_attributes:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
client_attributes, \
opts.credentials, client_options)
# Methods that take credentials and options and urn arguments
elif opts.urn:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
opts.urn, \
opts.credentials, client_options)
# Methods that take credentials and options (and no urn) arguments
else:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
opts.credentials, client_options)
if do_print:
print "RESULT = " + str(result)
if msg:
print "MSG = " + str(msg)
def main(args=sys.argv, do_print=True):
logging.basicConfig()
opts, args = parseOptions(args)
client_options = json.loads(opts.options)
if opts.options_file:
client_options = json.load(open(opts.options_file, 'r'))
client_attributes = json.loads(opts.attributes)
if opts.attributes_file:
client_attributes = json.load(open(opts.attributes_file, 'r'))
if do_print and not opts.raw_output:
print "CREDS = " + str(opts.credentials)
print "OPTIONS = " + str(client_options)
suppress_errors = None
reason = "Testing"
config = {'cert': opts.cert, 'key': opts.key}
framework = MAClientFramework(config, {})
client = framework.make_client(opts.url, opts.key, opts.cert,
allow_none=True,
verbose=False)
fcn = getattr(client, opts.method)
# Methods that take no arguments
result = None
msg = None
if opts.page:
emulate_portal_page(opts)
elif opts.method in ['get_version', 'get_trust_roots']:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn)
# Methods that take options argument
elif opts.method in ['lookup_member_authorities',
'lookup_slice_authorities',
'lookup_aggregates',
'lookup_authorities_for_urns']:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
client_options)
# Methods that take a URN and an aggregate URL argument
elif opts.method in ['register_aggregate', 'remove_aggregate'] and \
opts.agg_url:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
opts.urn, opts.agg_url, opts.credentials,
client_options)
elif (opts.int_arg is not None and
opts.method in ['get_services_of_type', 'get_first_service_of_type',
'get_service_by_id']):
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
int(opts.int_arg))
elif opts.method in ['get_services']:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn)
# Logging methods (test)
elif opts.method in ['log_event']:
message = opts.string_arg
attributes = {}
add_attribute(attributes, opts.int_arg, opts.uuid_arg)
add_attribute(attributes, opts.int2_arg, opts.uuid2_arg)
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
message, attributes, opts.credentials,
client_options)
elif opts.method in ['get_log_entries_by_author']:
num_hours = 15 * 24
user_id = '8e405a75-3ff7-4288-bfa5-111552fa53ce'
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
user_id, num_hours, opts.credentials,
client_options)
elif opts.method in ['get_log_entries_for_context']:
context_type = 'SLICE'
context_id = '848e4a11-55eb-45df-a0e8-b79109fb0a88'
num_hours = 15 * 24
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
context_type, context_id, num_hours,
opts.credentials, client_options)
elif opts.method in ['get_log_entries_by_attributes']:
type1 = 'SLICE'
id1 = '848e4a11-55eb-45df-a0e8-b79109fb0a88'
type2 = 'PROJECT'
id2 = '8c042cf0-8389-48e0-aca1-782fd7a20794'
num_hours = 15 * 24
attribute_sets = [{type1: id1}, {type2: id2}]
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
attribute_sets, num_hours, opts.credentials,
client_options)
elif opts.method in ['get_attributes_for_log_entry']:
event_id = '20360'
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
event_id, opts.credentials,
client_options)
# Credential store methods
elif opts.method in ['get_permissions']:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
opts.uuid_arg,
opts.credentials, client_options)
elif opts.method in ['get_attributes']:
context = 'None'
if opts.uuid2_arg:
context = opts.uuid2_arg
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
opts.uuid_arg,
opts.int_arg, context,
opts.credentials, client_options)
elif opts.method in ['lookup_keys']:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
opts.credentials, client_options)
elif opts.method in ['delete_key', 'update_key'] \
and opts.string_arg and opts.urn:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
opts.string_arg,
opts.credentials, client_options)
# Client Authorization methods
elif opts.method in ['list_clients']:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn)
elif opts.method in ['list_authorized_clients']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg)
elif opts.method in ['authorize_client']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg,
opts.urn, opts.int_arg)
# Sliver info methods
elif opts.method in ['delete_sliver_info', 'update_sliver_info']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.urn,
opts.credentials, client_options)
elif opts.method in ['create_sliver_info', 'lookup_sliver_info']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn,
opts.credentials, client_options)
# Project request methods
elif opts.method in ['create_request']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.int_arg,
opts.uuid_arg, opts.int2_arg, opts.string_arg,
opts.string2_arg,
opts.credentials, client_options)
elif opts.method in ['resolve_pending_request']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.int_arg,
opts.int2_arg, opts.int3_arg, opts.string_arg,
opts.credentials, client_options)
elif opts.method in ['invite_member']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.int_arg,
opts.uuid_arg,
opts.credentials, client_options)
elif opts.method in ['accept_invitation']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn,
opts.uuid_arg, # invite_id
opts.uuid2_arg, # member_id
opts.credentials, client_options)
elif opts.method in ['get_requests_for_context']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.int_arg,
opts.uuid_arg, opts.int2_arg, opts.credentials,
client_options)
elif opts.method in ['get_requests_by_user']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg,
opts.int_arg, opts.uuid2_arg, opts.int2_arg,
opts.credentials, client_options)
elif opts.method in ['get_pending_requests_for_user',
'get_number_of_pending_requests_for_user']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg,
opts.int_arg, opts.uuid2_arg, opts.credentials,
client_options)
elif opts.method in ['get_request_by_id']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn,
opts.int_arg, opts.int2_arg, opts.credentials,
client_options)
# MA certificate methods
elif opts.method in ['create_certificate']:
options = {}
if opts.file_arg:
csr = open(opts.file_arg).read()
options = {'csr': csr}
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.urn,
opts.credentials, options)
# Method to create members
elif opts.method in ['create_member'] and opts.string_arg:
# Use the entered string_arg as the email to register a member
attributes = [{"value": opts.string_arg,
"name": "email_address",
"self_asserted": False},
{"value": opts.string_arg,
"name": "eppn",
"self_asserted": False}]
options = {}
# Send query message and retrieve the result and response message
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
attributes, opts.credentials, options)
# Method to lookup for members
elif opts.method in ['lookup_public_member_info',
'lookup_private_member_info',
'lookup_allowed_member_info',
'lookup_identifying_member_info'] and \
(opts.urn or opts.uuid_arg):
# Create client options dictionary
client_options = {"match": {}}
# If the user entered an UUID
if opts.uuid_arg:
# Uptade the client options dictionary with the entered UUID
client_options["match"].update({"MEMBER_UID": opts.uuid_arg})
# If the user entered an URN
if opts.urn:
# Uptade the client options dictionary with the entered URN
client_options["match"].update({"MEMBER_URN": opts.urn})
# Send query message and retrieve the result and response message
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
opts.credentials, client_options)
# MA add/revoke privilege methods
elif opts.method in ['add_member_privilege', 'revoke_member_privilege']:
options = {}
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg,
opts.string_arg,
opts.credentials, options)
# Methods that take urn, credentials, options
elif opts.method in ['get_credentials']:
options = {}
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.urn,
opts.credentials, options)
# Generic Federation v2 API methods
elif opts.method in ['lookup', 'create']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.type,
opts.credentials, client_options)
elif opts.method in ['lookup_slice_members', 'lookup_slices_for_member',
'lookup_project_members',
'lookup_projects_for_member']:
urn = None
if ('match' in client_options and
'SLICE_URN' in client_options['match']):
urn = client_options['match']['SLICE_URN']
if ('match' in client_options and
'PROJECT_URN' in client_options['match']):
urn = client_options['match']['PROJECT_URN']
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn,
urn, opts.credentials, client_options)
elif opts.method in ['update', 'delete', 'modify_membership',
'lookup_members', 'lookup_for_member']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.type,
opts.urn, opts.credentials, client_options)
# Lookup login info (authorities only)
elif opts.method in ['lookup_login_info']:
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn,
opts.credentials, client_options)
# Portal query
elif opts.method in ['portal_query']:
options = {}
member_eppn = opts.string_arg
project_id = opts.uuid_arg
slice_id = opts.uuid2_arg
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn,
member_eppn, project_id, slice_id)
# MA Swap nonce method
elif opts.method in ['swap_identities']:
options = {}
(result, msg) = \
_do_ssl(framework, suppress_errors, reason, fcn, opts.urn,
opts.urn2_arg, opts.credentials, options)
# Methods that take attributes and options
elif client_attributes:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
client_attributes,
opts.credentials, client_options)
# Methods that take credentials and options and urn arguments
elif opts.urn:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
opts.urn,
opts.credentials, client_options)
# Methods that take credentials and options (and no urn) arguments
else:
(result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
opts.credentials, client_options)
if do_print:
if opts.raw_output:
print json.dumps(result)
else:
print "RESULT = " + str(result)
if msg:
print "MSG = " + str(msg)