def redeem_ticket(self, opts, args): ticket_file = args[0] # get slice hrn from the ticket # use this to get the right slice credential ticket = SfaTicket(filename=ticket_file) ticket.decode() slice_hrn = ticket.gidObject.get_hrn() slice_urn = hrn_to_urn(slice_hrn, 'slice') #slice_hrn = ticket.attributes['slivers'][0]['hrn'] user_cred = self.get_user_cred() slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True) # get a list of node hostnames from the RSpec tree = etree.parse(StringIO(ticket.rspec)) root = tree.getroot() hostnames = root.xpath("./network/site/node/hostname/text()") # create an xmlrpc connection to the component manager at each of these # components and gall redeem_ticket connections = {} for hostname in hostnames: try: self.logger.info("Calling redeem_ticket at %(hostname)s " % locals()) server = self.get_server(hostname, CM_PORT, self.key_file, \ self.cert_file, self.options.debug) server.RedeemTicket(ticket.save_to_string(save_parents=True), slice_cred) self.logger.info("Success") except socket.gaierror: self.logger.error("redeem_ticket failed: Component Manager not accepting requests") except Exception, e: self.logger.log_exc(e.message)
def get_ticket(api, xrn, creds, rspec, users): reg_objects = __get_registry_objects(xrn, creds, users) slice_hrn, type = urn_to_hrn(xrn) slices = Slices(api) peer = slices.get_peer(slice_hrn) sfa_peer = slices.get_sfa_peer(slice_hrn) # get the slice record registry = api.registries[api.hrn] credential = api.getCredential() records = registry.Resolve(xrn, credential) # similar to CreateSliver, we must verify that the required records exist # at this aggregate before we can issue a ticket site_id, remote_site_id = slices.verify_site(registry, credential, slice_hrn, peer, sfa_peer, reg_objects) slice = slices.verify_slice(registry, credential, slice_hrn, site_id, remote_site_id, peer, sfa_peer, reg_objects) # make sure we get a local slice record record = None for tmp_record in records: if tmp_record['type'] == 'slice' and \ not tmp_record['peer_authority']: record = SliceRecord(dict=tmp_record) if not record: raise RecordNotFound(slice_hrn) # get sliver info slivers = Slices(api).get_slivers(slice_hrn) if not slivers: raise SliverDoesNotExist(slice_hrn) # get initscripts initscripts = [] data = { 'timestamp': int(time.time()), 'initscripts': initscripts, 'slivers': slivers } # create the ticket object_gid = record.get_gid_object() new_ticket = SfaTicket(subject = object_gid.get_subject()) new_ticket.set_gid_caller(api.auth.client_gid) new_ticket.set_gid_object(object_gid) new_ticket.set_issuer(key=api.key, subject=api.hrn) new_ticket.set_pubkey(object_gid.get_pubkey()) new_ticket.set_attributes(data) new_ticket.set_rspec(rspec) #new_ticket.set_parent(api.auth.hierarchy.get_auth_ticket(auth_hrn)) new_ticket.encode() new_ticket.sign() return new_ticket.save_to_string(save_parents=True)