async def get_transfer_client(request: Request): """This function forms globus transfer client with authentication present in session token""" tokens = request.session.get('tokens', False) authorizer = AccessTokenAuthorizer( tokens['transfer.api.globus.org']['access_token']) transfer_client = TransferClient(authorizer=authorizer) return transfer_client
def init(): tokens = None try: # if we already have tokens, load and use them tokens = load_tokens_from_db() except: pass if not tokens: # if we need to get tokens, start the Native App authentication process tokens = do_native_app_authentication(config.TRANSFER_CLIENT_ID, config.REDIRECT_URI, config.SCOPES) try: save_tokens_to_db(tokens) except: pass transfer_tokens = tokens['transfer.api.globus.org'] client = NativeAppAuthClient(client_id=config.TRANSFER_CLIENT_ID) authorizer = RefreshTokenAuthorizer( transfer_tokens['refresh_token'], client, access_token=transfer_tokens['access_token'], expires_at=transfer_tokens['expires_at_seconds'], on_refresh=update_tokens_file_on_refresh) transfer = TransferClient(authorizer=authorizer) prepare_call(transfer) return transfer
def getUserTransferClient(self, user): username = user['login'] authz = self.getAuthorizer(user) with self.userClientsLock: if username not in self.userClients: self.userClients[username] = TransferClient(authz) return self.userClients[username]
def ls_cc(self, name, id, pw): self.print_header(name, id) try: auth_client = ConfidentialAppAuthClient(client_id=id, client_secret=pw) scopes = "urn:globus:auth:scope:transfer.api.globus.org:all" cc_authorizer = ClientCredentialsAuthorizer(auth_client, scopes) transfer_client = TransferClient(authorizer=cc_authorizer) results = transfer_client.endpoint_search( filter_scope="my-endpoints") endpoint_list = list(results) if endpoint_list: print("Owned endpoints:") for ep in endpoint_list: print("{} ({})".format(ep['display_name'], ep['id'])) else: print("(No owned endpoints.)") results = transfer_client.endpoint_search( filter_scope="shared-with-me") endpoint_list = list(results) if endpoint_list: print("Shared endpoints:") for ep in endpoint_list: print("{} ({})".format(ep['display_name'], ep['id'])) else: print("(No shared endpoints.)") except AuthAPIError as e: print(e)
def getTransferData(): cfg = load_config() client_id = cfg['globus']['apps']['SDK Tutorial App']['client_id'] auth_client = NativeAppAuthClient(client_id) refresh_token = cfg['globus']['apps']['SDK Tutorial App']['refresh_token'] source_endpoint_id = cfg['globus']['apps']['SDK Tutorial App'][ 'win10_endpoint_id'] destination_endpoint_id = cfg['globus']['apps']['SDK Tutorial App'][ 'sdccfed_endpoint_id'] authorizer = RefreshTokenAuthorizer(refresh_token=refresh_token, auth_client=auth_client) tc = TransferClient(authorizer=authorizer) # as both endpoints are expected to be Globus Server endpoints, send auto-activate commands for both globus endpoints auto_activate_endpoint(tc, source_endpoint_id) auto_activate_endpoint(tc, destination_endpoint_id) # make job_label for task a timestamp x = datetime.now() job_label = x.strftime('%Y%m%d%H%M%s') # from Globus... sync_level=checksum means that before files are transferred, Globus will compute checksums on the source and destination files, # and only transfer files that have different checksums are transferred. verify_checksum=True means that after a file is transferred, Globus will # compute checksums on the source and destination files to verify that the file was transferred correctly. If the checksums do not match, it will # redo the transfer of that file. tdata = TransferData(tc, source_endpoint_id, destination_endpoint_id, label=job_label, sync_level="checksum", verify_checksum=True) return tdata
def create_shared_endpoint(globus_dict, host_endpoint, host_path, display_name='Globus endpoint', description='description'): globus_transfer_token = globus_dict['transfer_token'] scopes = "urn:globus:auth:scopes:transfer.api.globus.org:all" authorizer = globus_sdk.AccessTokenAuthorizer(globus_transfer_token) tc = TransferClient(authorizer=authorizer) # high level interface; provides iterators for list responses shared_ep_data = { "DATA_TYPE": "shared_endpoint", "host_endpoint": host_endpoint, "host_path": host_path, "display_name": display_name, # optionally specify additional endpoint fields "description": description } #r = tc.operation_mkdir(host_id, path=share_path) #TODO create the directory directly from here instead of at local level? tc.endpoint_autoactivate(host_endpoint, if_expires_in=3600) #necessary for real use? create_result = tc.create_shared_endpoint( shared_ep_data) #not the app's end point, so should fail endpoint_id = create_result['id'] globus_dict['endpoint_id'] = endpoint_id globus_dict['transfer_client'] = tc return globus_dict
def test_create_job(timer_client, start, interval): meta = load_response(timer_client.create_job).metadata transfer_client = TransferClient() transfer_client.get_submission_id = lambda *_0, **_1: {"value": "mock"} transfer_data = TransferData(transfer_client, GO_EP1_ID, GO_EP2_ID) timer_job = TimerJob.from_transfer_data(transfer_data, start, interval) response = timer_client.create_job(timer_job) assert response.http_status == 201 assert response.data["job_id"] == meta["job_id"] timer_job = TimerJob.from_transfer_data(dict(transfer_data), start, interval) response = timer_client.create_job(timer_job) assert response.http_status == 201 assert response.data["job_id"] == meta["job_id"] req_body = json.loads(get_last_request().body) if isinstance(start, datetime): assert req_body["start"] == start.isoformat() else: assert req_body["start"] == start if isinstance(interval, timedelta): assert req_body["interval"] == interval.total_seconds() else: assert req_body["interval"] == interval assert req_body["callback_url"] == slash_join(get_service_url("actions"), "/transfer/transfer/run")
def login(self): ''' fetch refresh token, store in dj.config['globus.token'] ''' auth_client = self.auth_client print('Please login via: {}'.format( auth_client.oauth2_get_authorize_url())) code = input('and enter code:').strip() tokens = auth_client.oauth2_exchange_code_for_tokens(code) xfer_auth_cfg = tokens.by_resource_server['transfer.api.globus.org'] xfer_rt = xfer_auth_cfg['refresh_token'] xfer_at = xfer_auth_cfg['access_token'] xfer_exp = xfer_auth_cfg['expires_at_seconds'] xfer_auth = RefreshTokenAuthorizer(xfer_rt, auth_client, access_token=xfer_at, expires_at=xfer_exp) self.xfer_client = TransferClient(authorizer=xfer_auth) custom = dj.config.get('custom', {}) custom['globus.token'] = xfer_rt dj.config['custom'] = custom
def browse(dataset_id=None, endpoint_id=None, endpoint_path=None): """ - Get list of files for the selected dataset or endpoint ID/path - Return a list of files to a browse view The target template (browse.jinja2) expects an `endpoint_uri` (if available for the endpoint), `target` (either `"dataset"` or `"endpoint"`), and 'file_list' (list of dictionaries) containing the following information about each file in the result: {'name': 'file name', 'size': 'file size', 'id': 'file uri/path'} If you want to display additional information about each file, you must add those keys to the dictionary and modify the browse.jinja2 template accordingly. """ assert bool(dataset_id) != bool(endpoint_id and endpoint_path) if dataset_id: try: dataset = next(ds for ds in datasets if ds['id'] == dataset_id) except StopIteration: abort(404) endpoint_id = app.config['DATASET_ENDPOINT_ID'] endpoint_path = app.config['DATASET_ENDPOINT_BASE'] + dataset['path'] else: endpoint_path = '/' + endpoint_path transfer = TransferClient(authorizer=RefreshTokenAuthorizer( session['tokens']['transfer.api.globus.org']['refresh_token'], load_portal_client())) try: transfer.endpoint_autoactivate(endpoint_id) listing = transfer.operation_ls(endpoint_id, path=endpoint_path) except TransferAPIError as err: flash('Error [{}]: {}'.format(err.code, err.message)) return redirect(url_for('transfer')) file_list = [e for e in listing if e['type'] == 'file'] ep = transfer.get_endpoint(endpoint_id) https_server = ep['https_server'] endpoint_uri = https_server + endpoint_path if https_server else None webapp_xfer = 'https://www.globus.org/app/transfer?' + \ urlencode(dict(origin_id=endpoint_id, origin_path=endpoint_path)) return render_template( 'browse.jinja2', endpoint_uri=endpoint_uri, target="dataset" if dataset_id else "endpoint", description=(dataset['name'] if dataset_id else ep['display_name']), file_list=file_list, webapp_xfer=webapp_xfer)
def __init__(self, config: UOCloudSyncConfig): confidential_client = ConfidentialAppAuthClient( client_id=config.get_client_id(), client_secret=config.get_client_secret()) scopes = "urn:globus:auth:scope:transfer.api.globus.org:all" cc_authorizer = ClientCredentialsAuthorizer(confidential_client, scopes) # create a new client self._transfer_client = TransferClient(authorizer=cc_authorizer) self._src_endpoint = None self._dest_endpoint = None
def refresh(self): ''' use refresh token to refresh access token ''' auth_client = self.auth_client xfer_auth = RefreshTokenAuthorizer( dj.config['custom']['globus.token'], auth_client, access_token=None, expires_at=None) self.xfer_client = TransferClient(authorizer=xfer_auth)
def getTransferClient(self, check: bool = False): if self.transferClient is None: authz = self.getAppTransferAuthorizer() self.transferClient = TransferClient(authz) if check: # almost dummy call as a sanity check self.transferClient.task_list(num_results=1) return self.transferClient
def login(): tok_path = os.path.expanduser('~/.mdf_agent_tokens.json') def _read_tokfile(): tokens = {} if os.path.exists(tok_path): with open(tok_path) as f: tokens = json.load(f) return tokens def _write_tokfile(new_tokens): # We have multiple tokens in our tokens file, but on update we only # get the currently updated token, so read current and update with the # input tokens cur_tokens = _read_tokfile() for key in new_tokens: cur_tokens[key] = new_tokens[key] # deny rwx to Group and World -- don't bother storing the returned old # mask value, since we'll never restore it anyway # do this on every call to ensure that we're always consistent about it os.umask(0o077) with open(tok_path, 'w') as f: f.write(json.dumps(cur_tokens)) def _update_tokfile(tokens): _write_tokfile(tokens.by_resource_server['transfer.api.globus.org']) tokens = _read_tokfile() client_id = "1e162bfc-ad52-4014-8844-b82841145fc4" native_client = NativeAppAuthClient(client_id, app_name='MDF Agents') if not tokens: # and do the Native App Grant flow native_client.oauth2_start_flow( requested_scopes='urn:globus:auth:scope:transfer.api.globus.org:all', refresh_tokens=True) linkprompt = 'Please login to Globus here' print('{0}:\n{1}\n{2}\n{1}\n' .format(linkprompt, '-' * len(linkprompt), native_client.oauth2_get_authorize_url()), flush=True) auth_code = input( 'Enter the resulting Authorization Code here').strip() tkns = native_client.oauth2_exchange_code_for_tokens(auth_code) tokens = tkns.by_resource_server['transfer.api.globus.org'] _write_tokfile(tokens) transfer_tokens = tokens transfer_authorizer = RefreshTokenAuthorizer( transfer_tokens['refresh_token'], native_client, transfer_tokens['access_token'], transfer_tokens['expires_at_seconds'], on_refresh=_update_tokfile) transfer_client = TransferClient(authorizer=transfer_authorizer) return transfer_client
def bulk_submit_xfer(submitjob, recursive=False): cfg = load_config() client_id = cfg['globus']['apps'][GLOBUS_AUTH_APP]['client_id'] auth_client = NativeAppAuthClient(client_id) refresh_token = cfg['globus']['apps'][GLOBUS_AUTH_APP]['refresh_token'] source_endpoint_id = submitjob[0].get('metadata').get( 'source_globus_endpoint_id') destination_endpoint_id = submitjob[0].get('metadata').get( 'dest_globus_endpoint_id') authorizer = RefreshTokenAuthorizer(refresh_token=refresh_token, auth_client=auth_client) tc = TransferClient(authorizer=authorizer) # as both endpoints are expected to be Globus Server endpoints, send auto-activate commands for both globus endpoints a = auto_activate_endpoint(tc, source_endpoint_id) logging.debug('a: %s' % a) if a != 'AlreadyActivated': return None b = auto_activate_endpoint(tc, destination_endpoint_id) logging.debug('b: %s' % b) if b != 'AlreadyActivated': return None # make job_label for task a timestamp x = datetime.now() job_label = x.strftime('%Y%m%d%H%M%s') # from Globus... sync_level=checksum means that before files are transferred, Globus will compute checksums on the source # and destination files, and only transfer files that have different checksums are transferred. verify_checksum=True means # that after a file is transferred, Globus will compute checksums on the source and destination files to verify that the # file was transferred correctly. If the checksums do not match, it will redo the transfer of that file. tdata = TransferData(tc, source_endpoint_id, destination_endpoint_id, label=job_label, sync_level="checksum") for file in submitjob: source_path = file.get('sources')[0] dest_path = file.get('destinations')[0] filesize = file['metadata']['filesize'] # TODO: support passing a recursive parameter to Globus # md5 = file['metadata']['md5'] # tdata.add_item(source_path, dest_path, recursive=False, external_checksum=md5) tdata.add_item(source_path, dest_path, recursive=False) record_counter( 'daemons.conveyor.transfer_submitter.globus.transfers.submit.filesize', filesize) # logging.info('submitting transfer...') transfer_result = tc.submit_transfer(tdata) # logging.info("task_id =", transfer_result["task_id"]) return transfer_result["task_id"]
def __init__(self): # initialize a transfer_client if it has not been done already if Globus.transfer_client == None: native_client = NativeClient( client_id=settings.globus.get("client_id"), app_name="Globus Endpoint Performance Dashboard", default_scopes=settings.globus.get("scopes")) native_client.login(no_local_server=True, refresh_tokens=True) transfer_authorizer = native_client.get_authorizers().get( "transfer.api.globus.org") Globus.transfer_client = TransferClient(transfer_authorizer)
def get_transfer_client(): cfg = load_config() # cfg = yaml.safe_load(open("/opt/rucio/lib/rucio/transfertool/config.yml")) client_id = cfg['globus']['apps'][GLOBUS_AUTH_APP]['client_id'] auth_client = NativeAppAuthClient(client_id) refresh_token = cfg['globus']['apps'][GLOBUS_AUTH_APP]['refresh_token'] logging.info('authorizing token...') authorizer = RefreshTokenAuthorizer(refresh_token=refresh_token, auth_client=auth_client) logging.info('initializing TransferClient...') tc = TransferClient(authorizer=authorizer) return tc
def main(): current_time = datetime.utcnow().replace(microsecond=0).isoformat() last_cleanup_time = datetime.utcnow().replace(microsecond=0)\ - timedelta(hours=24) last_cleanup = last_cleanup_time.isoformat() completion_range = last_cleanup + "," + current_time print("Cleaning up source endpoint {} \nfor outbound transfers completed " "in range {}\n ".format(SOURCE_ENDPOINT_ID, completion_range)) transfer_token = do_client_authentication(CLIENT_ID, CLIENT_SECRET) authorizer = AccessTokenAuthorizer(access_token=transfer_token) tc = TransferClient(authorizer=authorizer) # print out a directory listing from an endpoint tc.endpoint_autoactivate(SOURCE_ENDPOINT_ID) try: task_fields = "task_id,source_endpoint,destination_endpoint," \ "source_host_path,owner_string,source_endpoint_id,type" tasks = tc.endpoint_manager_task_list( filter_status="SUCCEEDED", filter_endpoint=SOURCE_ENDPOINT_ID, filter_completion_time=completion_range, fields=task_fields) except TransferAPIError as tapie: if tapie.code == 'PermissionDenied': print('Permission denied! Give your app permission by going to ' '"globus.org/app/endpoints/{}/roles", and under ' '"Identity/E-mail adding "{}@clients.auth.globus.org" as ' 'an "AccessManager" and "Activity Manager"'.format( SOURCE_ENDPOINT_ID, CLIENT_ID)) sys.exit(1) # Nothing weird *should* happen here, but if so re-raise so the user # can deal with it. raise tasklist = tasks.data if not tasklist: print("No transfers from {} found in the last 24 hours, " "nothing to clean up".format(SOURCE_ENDPOINT_ID)) else: print("{} total transfers found from {} in the last 24 hours, " "some may not be of type TRANSFER".format( len(tasklist), SOURCE_ENDPOINT_ID)) delete_tasks = [ task.data for task in tasklist if task_delete_conditions_satisfied(task) ] for task in delete_tasks: files_list, common_dir = select_dir_to_delete(tc, task) delete_dir_and_acls(tc, task, files_list, common_dir)
def submit_transfer(): """ - Take the data returned by the Browse Endpoint helper page and make a Globus transfer request. - Send the user to the transfer status page with the task id from the transfer. """ browse_endpoint_form = request.form selected = session['form']['datasets'] filtered_datasets = [ds for ds in datasets if ds['id'] in selected] transfer_tokens = session['tokens']['transfer.api.globus.org'] authorizer = RefreshTokenAuthorizer( transfer_tokens['refresh_token'], load_portal_client(), access_token=transfer_tokens['access_token'], expires_at=transfer_tokens['expires_at_seconds']) transfer = TransferClient(authorizer=authorizer) source_endpoint_id = app.config['DATASET_ENDPOINT_ID'] source_endpoint_base = app.config['DATASET_ENDPOINT_BASE'] destination_endpoint_id = browse_endpoint_form['endpoint_id'] destination_folder = browse_endpoint_form.get('folder[0]') transfer_data = TransferData(transfer_client=transfer, source_endpoint=source_endpoint_id, destination_endpoint=destination_endpoint_id, label=browse_endpoint_form.get('label')) for ds in filtered_datasets: source_path = source_endpoint_base + ds['path'] dest_path = browse_endpoint_form['path'] if destination_folder: dest_path += destination_folder + '/' dest_path += ds['name'] + '/' transfer_data.add_item(source_path=source_path, destination_path=dest_path, recursive=True) transfer.endpoint_autoactivate(source_endpoint_id) transfer.endpoint_autoactivate(destination_endpoint_id) task_id = transfer.submit_transfer(transfer_data)['task_id'] flash('Transfer request submitted successfully. Task ID: ' + task_id) return (redirect(url_for('transfer_status', task_id=task_id)))
def bulk_submit_xfer(submitjob, recursive=False, logger=logging.log): cfg = load_config(logger=logger) client_id = cfg['globus']['apps'][GLOBUS_AUTH_APP]['client_id'] auth_client = NativeAppAuthClient(client_id) refresh_token = cfg['globus']['apps'][GLOBUS_AUTH_APP]['refresh_token'] source_endpoint_id = submitjob[0].get('metadata').get( 'source_globus_endpoint_id') destination_endpoint_id = submitjob[0].get('metadata').get( 'dest_globus_endpoint_id') authorizer = RefreshTokenAuthorizer(refresh_token=refresh_token, auth_client=auth_client) tc = TransferClient(authorizer=authorizer) # make job_label for task a timestamp now = datetime.datetime.now() job_label = now.strftime('%Y%m%d%H%M%s') # retrieve globus_task_deadline value to enforce time window to complete transfers # default is 2880 minutes or 48 hours globus_task_deadline = config_get_int('conveyor', 'globus_task_deadline', False, 2880) deadline = now + datetime.timedelta(minutes=globus_task_deadline) # from Globus... sync_level=checksum means that before files are transferred, Globus will compute checksums on the source # and destination files, and only transfer files that have different checksums are transferred. verify_checksum=True means # that after a file is transferred, Globus will compute checksums on the source and destination files to verify that the # file was transferred correctly. If the checksums do not match, it will redo the transfer of that file. tdata = TransferData(tc, source_endpoint_id, destination_endpoint_id, label=job_label, sync_level="checksum", deadline=str(deadline)) for file in submitjob: source_path = file.get('sources')[0] dest_path = file.get('destinations')[0] filesize = file['metadata']['filesize'] # TODO: support passing a recursive parameter to Globus # md5 = file['metadata']['md5'] # tdata.add_item(source_path, dest_path, recursive=False, external_checksum=md5) tdata.add_item(source_path, dest_path, recursive=False) record_counter( 'daemons.conveyor.transfer_submitter.globus.transfers.submit.filesize', filesize) # logging.info('submitting transfer...') transfer_result = tc.submit_transfer(tdata) logger(logging.INFO, "transfer_result: %s" % transfer_result) return transfer_result["task_id"]
def preactivate_globus(self): """ Read the local globus endpoint UUID from ~/.zstash.ini. If the ini file does not exist, create an ini file with empty values, and try to find the local endpoint UUID based on the FQDN """ local_endpoint = None ini_path = os.path.expanduser("~/.zstash.ini") ini = configparser.ConfigParser() if ini.read(ini_path): if "local" in ini.sections(): local_endpoint = ini["local"].get("globus_endpoint_uuid") else: ini["local"] = {"globus_endpoint_uuid": ""} try: with open(ini_path, "w") as f: ini.write(f) except Exception as e: self.fail(e) if not local_endpoint: fqdn = socket.getfqdn() for pattern in regex_endpoint_map.keys(): if re.fullmatch(pattern, fqdn): local_endpoint = regex_endpoint_map.get(pattern) break if not local_endpoint: # self.fail("{} does not have the local Globus endpoint set".format(ini_path)) self.skipTest( "{} does not have the local Globus endpoint set".format( ini_path)) native_client = NativeClient( client_id="6c1629cf-446c-49e7-af95-323c6412397f", app_name="Zstash", default_scopes= "openid urn:globus:auth:scope:transfer.api.globus.org:all", ) native_client.login(no_local_server=True, refresh_tokens=True) transfer_authorizer = native_client.get_authorizers().get( "transfer.api.globus.org") self.transfer_client = TransferClient(transfer_authorizer) for ep_id in [hpss_globus_endpoint, local_endpoint]: r = self.transfer_client.endpoint_autoactivate(ep_id, if_expires_in=600) if r.get("code") == "AutoActivationFailed": self.fail( "The {} endpoint is not activated or the current activation expires soon. Please go to https://app.globus.org/file-manager/collections/{} and (re)-activate the endpoint." .format(ep_id, ep_id))
def get_transfer_interface(self, auth_client): self.log.info("get_transfer_interface") if self.transfer_client: self.log.info("found transfer_client") return self.transfer_client self.log.info("did not found transfer_client") self.log.info("auth_client") self.log.info(auth_client) scopes = "urn:globus:auth:scope:transfer.api.globus.org:all" cc_authorizer = ClientCredentialsAuthorizer(auth_client, scopes) transfer_client = TransferClient(authorizer=cc_authorizer) self.log.info("get_transfer_interface - transfer_client") self.log.info(transfer_client) return transfer_client
def transfer_status(task_id): """ Call Globus to get status/details of transfer with task_id. The target template (tranfer_status.jinja2) expects a Transfer API 'task' object. 'task_id' is passed to the route in the URL as 'task_id'. """ transfer = TransferClient(authorizer=RefreshTokenAuthorizer( session['tokens']['transfer.api.globus.org']['refresh_token'], load_portal_client())) task = transfer.get_task(task_id) return render_template('transfer_status.jinja2', task=task)
def __init__(self): """Initiate an OAuth2() object. Initiate OAuth2 flow with Globus credentaials to obtain access tokens. Refresh the tokens automatically so another login is not required. Examples -------- Create an OAuth2 object: >>> from archeion.models import OAuth2 >>> authorizer = OAuth2() """ self.client = NativeAppAuthClient(CLIENT_ID) self.client.oauth2_start_flow(refresh_tokens=True) logger.info("Opening browser window for Globus Authentication") webbrowser.open_new(self.client.oauth2_get_authorize_url()) get_input = getattr(__builtins__, "raw_input", input) auth_code = get_input( "Please enter the code you get after login here: " ).strip() logger.debug("User has input authentication code") token_response = self.client.oauth2_exchange_code_for_tokens(auth_code) self.access_token = token_response.by_resource_server["auth.globus.org"][ "access_token" ] transfer_response = token_response.by_resource_server["transfer.api.globus.org"] self.transfer_token = transfer_response["access_token"] self.transfer_refresh_token = transfer_response["refresh_token"] self.transfer_expiry_seconds = transfer_response["expires_at_seconds"] authorizer = RefreshTokenAuthorizer( self.transfer_refresh_token, self.client, access_token=self.transfer_token, expires_at=self.transfer_expiry_seconds, ) self.transfer_client = TransferClient( AccessTokenAuthorizer(self.transfer_token) ) self.authorisation_client = AuthClient(authorizer=authorizer)
def cleanup(): user_identity_name = request.form.get('user_identity_name') dependent_tokens = get_dependent_tokens(g.req_token) transfer_token = dependent_tokens.by_resource_server[ 'transfer.api.globus.org']['access_token'] dest_ep = app.config['GRAPH_ENDPOINT_ID'] dest_base = app.config['GRAPH_ENDPOINT_BASE'] dest_path = '%sGraphs for %s/' % (dest_base, user_identity_name) transfer = TransferClient(authorizer=AccessTokenAuthorizer(transfer_token)) transfer.endpoint_autoactivate(dest_ep) try: acl = next(acl for acl in transfer.endpoint_acl_list(dest_ep) if dest_path == acl['path']) except StopIteration: pass except TransferAPIError as ex: # PermissionDenied can happen if a new Portal client is swapped # in and it doesn't have endpoint manager on the dest_ep. # The /portal/processed directory has been set to to writeable # for all users so the delete task will succeed even if an ACL # can't be set. if ex.code == 'PermissionDenied': pass else: transfer.delete_endpoint_acl_rule(dest_ep, acl['id']) delete_request = DeleteData(transfer_client=transfer, endpoint=dest_ep, label="Delete Graphs from the Service Demo", recursive=True) delete_request.add_item(dest_path) try: task = transfer.submit_delete(delete_request) except TransferAPIError as ex: raise InternalServerError(message=ex.message) else: return jsonify(dict(task_id=task['task_id']))
def __init__(self): self.log = logging.getLogger(self.__class__.__name__) self.log.debug(" init - started") self.client_user = os.environ.get('MC_CONFIDENTIAL_CLIENT_USER') self.client_token = os.environ.get('MC_CONFIDENTIAL_CLIENT_PW') if (not self.client_user) or (not self.client_token): missing = [] if not self.client_user: missing.append('MC_CONFIDENTIAL_CLIENT_USER') if not self.client_token: missing.append('MC_CONFIDENTIAL_CLIENT_PW') message = "Missing environment values: {}".format( ", ".join(missing)) raise EnvironmentError(message) self.log.info("Env variables are ok") self.log.info(" -- MC_CONFIDENTIAL_CLIENT_USER = {}".format( self.client_user)) auth_client = ConfidentialAppAuthClient( client_id=self.client_user, client_secret=self.client_token) if not auth_client: error = "No Authentication Client" self.log.error("Error: " + str(error)) raise AuthenticationException(error) self.log.info("set_transfer_client - auth_client = {}".format( auth_client.client_id)) scopes = "urn:globus:auth:scope:transfer.api.globus.org:all" cc_authorizer = ClientCredentialsAuthorizer(auth_client, scopes) transfer_client = TransferClient(authorizer=cc_authorizer) self.log.debug("get_transfer_interface - transfer_client") self.log.debug(transfer_client) if not transfer_client: error = "No transfer interface" self.log.error("Error: " + str(error)) raise AuthenticationException(error) self.log.debug(" init - done") self._auth_client = auth_client self._transfer_client = transfer_client
def create_globus_transfer_client(tmpLog, globus_client_id, globus_refresh_token): """ create Globus Transfer Client and return the transfer client """ # get logger tmpLog.info('Creating instance of GlobusTransferClient') # start the Native App authentication process # use the refresh token to get authorizer # create the Globus Transfer Client tc = None ErrStat = True try: client = NativeAppAuthClient(client_id=globus_client_id) authorizer = RefreshTokenAuthorizer(refresh_token=globus_refresh_token, auth_client=client) tc = TransferClient(authorizer=authorizer) except: errStat, errMsg = handle_globus_exception(tmpLog) return ErrStat, tc
def setup_transfer_client(transfer_tokens): authorizer = RefreshTokenAuthorizer( transfer_tokens['refresh_token'], NativeAppAuthClient(client_id=CLIENT_ID), access_token=transfer_tokens['access_token'], expires_at=transfer_tokens['expires_at_seconds']) transfer_client = TransferClient(authorizer=authorizer) try: transfer_client.endpoint_autoactivate(SOURCE_ENDPOINT) transfer_client.endpoint_autoactivate(DESTINATION_ENDPOINT) except GlobusAPIError as ex: if ex.http_status == 401: sys.exit('Refresh token has expired. ' 'Please delete the `tokens` object from ' '{} and try again.'.format(DATA_FILE)) else: raise ex return transfer_client
def copy_data(self, ori, destiny): """ copy data using globus :param ori: path where the data is in the source machine :type ori: str :param destiny: path where the data will be put on the destiny machine :type destiny: str :raises Exception: a problem occurred during the transference """ authorizer = AccessTokenAuthorizer(GlobusManager.TRANSFER_TOKEN) tc = TransferClient(authorizer=authorizer) res = self.copy_directory(ori, destiny, tc) if res == "NOT_A_DIRECTORY": res = self.copy_file(ori, destiny, tc) if res is not "OK": raise Exception(res)
def setup_transfer_client(transfer_tokens, source_endpoint, destination_endpoint): authorizer = RefreshTokenAuthorizer( transfer_tokens['refresh_token'], NativeAppAuthClient(client_id=CLIENT_ID), access_token=transfer_tokens['access_token'], expires_at=transfer_tokens['expires_at_seconds'], on_refresh=update_tokens_file_on_refresh) transfer_client = TransferClient(authorizer=authorizer) try: transfer_client.endpoint_autoactivate(source_endpoint) transfer_client.endpoint_autoactivate(destination_endpoint) except GlobusAPIError as ex: if ex.http_status == 401: sys.exit('Refresh token has expired. ' 'Please delete the `tokens` object from ' '{} and try again.'.format(DATA_FILE)) else: raise ex return transfer_client
def status(self): token = TokenStore.get_transfer_token(self.user) tc = TransferClient(authorizer=AccessTokenAuthorizer(token)) old = json.loads(self.task_catalog or '{}') tasks = { t: tc.get_task(t).data for t in json.loads(self.transfer_task_ids) if not old.get(t) or old[t]['status'] == 'ACTIVE' } old.update(tasks) tasks = old transferred = [t['files_transferred'] for t in tasks.values()] log.debug(transferred) self.files_transferred = reduce(lambda x, y: x + y, transferred) log.debug(self.files_transferred) self.task_catalog = json.dumps(tasks) self.save() statuses = [s['status'] for s in tasks.values()] if any(filter(lambda stat: stat in ['INACTIVE', 'FAILED'], statuses)): return 'FAILED' if any(filter(lambda stat: stat == 'ACTIVE', statuses)): return 'ACTIVE' return 'SUCCEEDED'