def redeem_ticket(self, opts, args):
ticket_file = args[0]
# get slice hrn from the ticket
# use this to get the right slice credential
ticket = SfaTicket(filename=ticket_file)
ticket.decode()
slice_hrn = ticket.gidObject.get_hrn()
slice_urn = hrn_to_urn(slice_hrn, 'slice')
#slice_hrn = ticket.attributes['slivers'][0]['hrn']
user_cred = self.get_user_cred()
slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
# get a list of node hostnames from the RSpec
tree = etree.parse(StringIO(ticket.rspec))
root = tree.getroot()
hostnames = root.xpath("./network/site/node/hostname/text()")
# create an xmlrpc connection to the component manager at each of these
# components and gall redeem_ticket
connections = {}
for hostname in hostnames:
try:
self.logger.info("Calling redeem_ticket at %(hostname)s " % locals())
server = self.get_server(hostname, CM_PORT, self.key_file, \
self.cert_file, self.options.debug)
server.RedeemTicket(ticket.save_to_string(save_parents=True), slice_cred)
self.logger.info("Success")
except socket.gaierror:
self.logger.error("redeem_ticket failed: Component Manager not accepting requests")
except Exception, e:
self.logger.log_exc(e.message)
def get_ticket(api, xrn, creds, rspec, users):
reg_objects = __get_registry_objects(xrn, creds, users)
slice_hrn, type = urn_to_hrn(xrn)
slices = Slices(api)
peer = slices.get_peer(slice_hrn)
sfa_peer = slices.get_sfa_peer(slice_hrn)
# get the slice record
registry = api.registries[api.hrn]
credential = api.getCredential()
records = registry.Resolve(xrn, credential)
# similar to CreateSliver, we must verify that the required records exist
# at this aggregate before we can issue a ticket
site_id, remote_site_id = slices.verify_site(registry, credential, slice_hrn,
peer, sfa_peer, reg_objects)
slice = slices.verify_slice(registry, credential, slice_hrn, site_id,
remote_site_id, peer, sfa_peer, reg_objects)
# make sure we get a local slice record
record = None
for tmp_record in records:
if tmp_record['type'] == 'slice' and \
not tmp_record['peer_authority']:
record = SliceRecord(dict=tmp_record)
if not record:
raise RecordNotFound(slice_hrn)
# get sliver info
slivers = Slices(api).get_slivers(slice_hrn)
if not slivers:
raise SliverDoesNotExist(slice_hrn)
# get initscripts
initscripts = []
data = {
'timestamp': int(time.time()),
'initscripts': initscripts,
'slivers': slivers
}
# create the ticket
object_gid = record.get_gid_object()
new_ticket = SfaTicket(subject = object_gid.get_subject())
new_ticket.set_gid_caller(api.auth.client_gid)
new_ticket.set_gid_object(object_gid)
new_ticket.set_issuer(key=api.key, subject=api.hrn)
new_ticket.set_pubkey(object_gid.get_pubkey())
new_ticket.set_attributes(data)
new_ticket.set_rspec(rspec)
#new_ticket.set_parent(api.auth.hierarchy.get_auth_ticket(auth_hrn))
new_ticket.encode()
new_ticket.sign()
return new_ticket.save_to_string(save_parents=True)
