def getProxy(self, userDN, userGroup, requiredLifeTime=False): """ Get proxy string from the Proxy Repository for use with userDN in the userGroup """ # Get the Per User SubProxy if one is requested if isPUSPdn(userDN): result = self.__getPUSProxy(userDN, userGroup, requiredLifeTime) if not result['OK']: return result pemData = result['Value'][0] timeLeft = result['Value'][1] chain = X509Chain() result = chain.loadProxyFromString(pemData) if not result['OK']: return result return S_OK((chain, timeLeft)) # Standard proxy is requested retVal = self.__getPemAndTimeLeft(userDN, userGroup) if not retVal['OK']: return retVal pemData = retVal['Value'][0] timeLeft = retVal['Value'][1] chain = X509Chain() retVal = chain.loadProxyFromString(pemData) if not retVal['OK']: return retVal if requiredLifeTime: if timeLeft < requiredLifeTime: retVal = self.renewFromMyProxy(userDN, userGroup, lifeTime=requiredLifeTime, chain=chain) if not retVal['OK']: return S_ERROR("Can't get a proxy for %s seconds: %s" % (requiredLifeTime, retVal['Message'])) chain = retVal['Value'] #Proxy is invalid for some reason, let's delete it if not chain.isValidProxy()['Value']: self.deleteProxy(userDN, userGroup) return S_ERROR("%s@%s has no proxy registered" % (userDN, userGroup)) return S_OK((chain, timeLeft))
def getProxy(self, userDN, userGroup, requiredLifeTime=False): """ Get proxy string from the Proxy Repository for use with userDN in the userGroup """ # Get the Per User SubProxy if one is requested if isPUSPdn(userDN): result = self.__getPUSProxy(userDN, userGroup, requiredLifeTime) if not result['OK']: return result pemData = result['Value'][0] timeLeft = result['Value'][1] chain = X509Chain() result = chain.loadProxyFromString(pemData) if not result['OK']: return result return S_OK((chain, timeLeft)) # Standard proxy is requested retVal = self.__getPemAndTimeLeft(userDN, userGroup) if not retVal['OK']: return retVal pemData = retVal['Value'][0] timeLeft = retVal['Value'][1] chain = X509Chain() retVal = chain.loadProxyFromString(pemData) if not retVal['OK']: return retVal if requiredLifeTime: if timeLeft < requiredLifeTime: if self.__useMyProxy: retVal = self.renewFromMyProxy(userDN, userGroup, lifeTime=requiredLifeTime, chain=chain) if not retVal['OK']: return S_ERROR("Can't get a proxy for %s seconds: %s" % (requiredLifeTime, retVal['Message'])) chain = retVal['Value'] else: return S_ERROR("Can't get a proxy: the required lifetime is less than the time left in the proxy") # Proxy is invalid for some reason, let's delete it if not chain.isValidProxy()['Value']: self.deleteProxy(userDN, userGroup) return S_ERROR("%s@%s has no proxy registered" % (userDN, userGroup)) return S_OK((chain, timeLeft))
def getVOMSProxy(self, userDN, userGroup, requiredLifeTime=False, requestedVOMSAttr=False): """ Get proxy string from the Proxy Repository for use with userDN in the userGroup and VOMS attr """ retVal = self.__getVOMSAttribute(userGroup, requestedVOMSAttr) if not retVal['OK']: return retVal vomsAttr = retVal['Value']['attribute'] vomsVO = retVal['Value']['VOMSVO'] #Look in the cache retVal = self.__getPemAndTimeLeft(userDN, userGroup, vomsAttr) if retVal['OK']: pemData = retVal['Value'][0] vomsTime = retVal['Value'][1] chain = X509Chain() retVal = chain.loadProxyFromString(pemData) if retVal['OK']: retVal = chain.getRemainingSecs() if retVal['OK']: remainingSecs = retVal['Value'] if requiredLifeTime and requiredLifeTime <= vomsTime and requiredLifeTime <= remainingSecs: return S_OK((chain, min(vomsTime, remainingSecs))) if isPUSPdn(userDN): # Get the Per User SubProxy if one is requested result = self.__getPUSProxy(userDN, userGroup, requiredLifeTime, requestedVOMSAttr) if not result['OK']: return result pemData = result['Value'][0] chain = X509Chain() result = chain.loadProxyFromString(pemData) if not result['OK']: return result else: # Get the stored proxy and dress it with the VOMS extension retVal = self.getProxy(userDN, userGroup, requiredLifeTime) if not retVal['OK']: return retVal chain, secsLeft = retVal['Value'] if requiredLifeTime and requiredLifeTime > secsLeft: return S_ERROR("Stored proxy is not long lived enough") vomsMgr = VOMS() retVal = vomsMgr.getVOMSAttributes(chain) if retVal['OK']: attrs = retVal['Value'] if len(attrs) > 0: if attrs[0] != vomsAttr: return S_ERROR( "Stored proxy has already a different VOMS attribute %s than requested %s" % (vomsAttr, attrs[0])) else: result = self.__storeVOMSProxy(userDN, userGroup, vomsAttr, chain) if not result['OK']: return result secsLeft = result['Value'] if requiredLifeTime and requiredLifeTime <= secsLeft: return S_OK((chain, secsLeft)) return S_ERROR( "Stored proxy has already a different VOMS attribute and is not long lived enough" ) retVal = vomsMgr.setVOMSAttributes(chain, vomsAttr, vo=vomsVO) if not retVal['OK']: return S_ERROR("Cannot append voms extension: %s" % retVal['Message']) chain = retVal['Value'] # We have got the VOMS proxy, store it into the cache result = self.__storeVOMSProxy(userDN, userGroup, vomsAttr, chain) if not result['OK']: return result secsLeft = result['Value'] return S_OK((chain, secsLeft))
def getVOMSProxy( self, userDN, userGroup, requiredLifeTime = False, requestedVOMSAttr = False ): """ Get proxy string from the Proxy Repository for use with userDN in the userGroup and VOMS attr """ retVal = self.__getVOMSAttribute( userGroup, requestedVOMSAttr ) if not retVal[ 'OK' ]: return retVal vomsAttr = retVal[ 'Value' ][ 'attribute' ] vomsVO = retVal[ 'Value' ][ 'VOMSVO' ] #Look in the cache retVal = self.__getPemAndTimeLeft( userDN, userGroup, vomsAttr ) if retVal[ 'OK' ]: pemData = retVal[ 'Value' ][0] vomsTime = retVal[ 'Value' ][1] chain = X509Chain() retVal = chain.loadProxyFromString( pemData ) if retVal[ 'OK' ]: retVal = chain.getRemainingSecs() if retVal[ 'OK' ]: remainingSecs = retVal[ 'Value' ] if requiredLifeTime and requiredLifeTime <= vomsTime and requiredLifeTime <= remainingSecs: return S_OK( ( chain, min( vomsTime, remainingSecs ) ) ) if isPUSPdn( userDN ): # Get the Per User SubProxy if one is requested result = self.__getPUSProxy( userDN, userGroup, requiredLifeTime, requestedVOMSAttr ) if not result['OK']: return result pemData = result[ 'Value' ][0] chain = X509Chain() result = chain.loadProxyFromString( pemData ) if not result[ 'OK' ]: return result else: # Get the stored proxy and dress it with the VOMS extension retVal = self.getProxy( userDN, userGroup, requiredLifeTime ) if not retVal[ 'OK' ]: return retVal chain, secsLeft = retVal[ 'Value' ] if requiredLifeTime and requiredLifeTime > secsLeft: return S_ERROR( "Stored proxy is not long lived enough" ) vomsMgr = VOMS() retVal = vomsMgr.getVOMSAttributes( chain ) if retVal[ 'OK' ]: attrs = retVal[ 'Value' ] if len( attrs ) > 0: if attrs[0] != vomsAttr: return S_ERROR( "Stored proxy has already a different VOMS attribute %s than requested %s" % ( vomsAttr, attrs[0] ) ) else: result = self.__storeVOMSProxy( userDN, userGroup, vomsAttr, chain ) if not result[ 'OK' ]: return result secsLeft = result[ 'Value' ] if requiredLifeTime and requiredLifeTime <= secsLeft: return S_OK( ( chain, secsLeft ) ) return S_ERROR( "Stored proxy has already a different VOMS attribute and is not long lived enough" ) retVal = vomsMgr.setVOMSAttributes( chain , vomsAttr, vo = vomsVO ) if not retVal[ 'OK' ]: return S_ERROR( "Cannot append voms extension: %s" % retVal[ 'Message' ] ) chain = retVal[ 'Value' ] # We have got the VOMS proxy, store it into the cache result = self.__storeVOMSProxy( userDN, userGroup, vomsAttr, chain ) if not result[ 'OK' ]: return result secsLeft = result[ 'Value' ] return S_OK( ( chain, secsLeft ) )