def writeProxyToFile(self, proxy):
"""CE helper function to write a CE proxy string to a file."""
result = writeToProxyFile(proxy)
if not result["OK"]:
self.log.error("Could not write proxy to file", result["Message"])
return result
proxyLocation = result["Value"]
result = getProxyInfoAsString(proxyLocation)
if not result["OK"]:
self.log.error("Could not get proxy info", result)
return result
else:
self.log.info("Payload proxy information:")
print(result["Value"])
return S_OK(proxyLocation)
def writeProxyToFile(self, proxy):
"""CE helper function to write a CE proxy string to a file.
"""
result = writeToProxyFile(proxy)
if not result['OK']:
self.log.error('Could not write proxy to file', result['Message'])
return result
proxyLocation = result['Value']
result = getProxyInfoAsString(proxyLocation)
if not result['OK']:
self.log.error('Could not get proxy info', result)
return result
else:
self.log.info('Payload proxy information:')
print result['Value']
return S_OK(proxyLocation)
def writeProxyToFile(self, proxy):
"""CE helper function to write a CE proxy string to a file.
"""
result = writeToProxyFile(proxy)
if not result['OK']:
self.log.error('Could not write proxy to file', result['Message'])
return result
proxyLocation = result['Value']
result = getProxyInfoAsString(proxyLocation)
if not result['OK']:
self.log.error('Could not get proxy info', result)
return result
else:
self.log.info('Payload proxy information:')
print result['Value']
return S_OK(proxyLocation)
def doOAuthMagic(self):
"""Magic method with tokens
:return: S_OK()/S_ERROR()
"""
params = {}
if self.issuer:
params["issuer"] = self.issuer
result = IdProviderFactory().getIdProvider("DIRACCLI", **params)
if not result["OK"]:
return result
idpObj = result["Value"]
if self.group and self.group not in self.scopes:
self.scopes.append(f"g:{self.group}")
if self.response == "proxy" and self.response not in self.scopes:
self.scopes.append(self.response)
if self.lifetime:
self.scopes.append("lifetime:%s" % (int(self.lifetime or 12) * 3600))
idpObj.scope = "+".join(self.scopes) if self.scopes else ""
# Submit Device authorisation flow
result = idpObj.deviceAuthorization()
if not result["OK"]:
return result
if self.response == "proxy":
self.outputFile = self.outputFile or getDefaultProxyLocation()
# Save new proxy certificate
result = writeToProxyFile(idpObj.token["proxy"].encode("UTF-8"), self.outputFile)
if not result["OK"]:
return result
gLogger.notice(f"Proxy is saved to {self.outputFile}.")
else:
# Revoke old tokens from token file
self.outputFile = getTokenFileLocation(self.outputFile)
if os.path.isfile(self.outputFile):
result = readTokenFromFile(self.outputFile)
if not result["OK"]:
gLogger.error(result["Message"])
elif result["Value"]:
oldToken = result["Value"]
for tokenType in ["access_token", "refresh_token"]:
result = idpObj.revokeToken(oldToken[tokenType], tokenType)
if result["OK"]:
gLogger.notice(f"{tokenType} is revoked from", self.outputFile)
else:
gLogger.error(result["Message"])
# Save new tokens to token file
result = writeTokenDictToTokenFile(idpObj.token, self.outputFile)
if not result["OK"]:
return result
self.outputFile = result["Value"]
gLogger.notice(f"New token is saved to {self.outputFile}.")
if not DIRAC.gConfig.getValue("/DIRAC/Security/Authorization/issuer"):
gLogger.notice("To continue use token you need to add /DIRAC/Security/Authorization/issuer option.")
if not self.issuer:
DIRAC.exit(1)
DIRAC.gConfig.setOptionValue("/DIRAC/Security/Authorization/issuer", self.issuer)
return S_OK()