def set_expiration(self, expiration): if isinstance(expiration, (int, float)): self.expiration = datetime.datetime.fromtimestamp(expiration) elif isinstance (expiration, datetime.datetime): self.expiration = expiration elif isinstance (expiration, StringTypes): self.expiration = utcparse (expiration) else: pass
def decode(self): if not self.xml: return doc = parseString(self.xml) sigs = [] signed_cred = doc.getElementsByTagName("signed-credential") # Is this a signed-cred or just a cred? if len(signed_cred) > 0: creds = signed_cred[0].getElementsByTagName("credential") signatures = signed_cred[0].getElementsByTagName("signatures") if len(signatures) > 0: sigs = signatures[0].getElementsByTagName("Signature") else: creds = doc.getElementsByTagName("credential") if creds is None or len(creds) == 0: # malformed cred file raise CredentialNotVerifiable("Malformed XML: No credential tag found") # Just take the first cred if there are more than one cred = creds[0] self.set_refid(cred.getAttribute("xml:id")) self.set_expiration(utcparse(getTextNode(cred, "expires"))) # import traceback # stack = traceback.extract_stack() og = getTextNode(cred, "owner_gid") # ABAC creds will have this be None and use this method # if og is None: # found = False # for frame in stack: # if 'super(ABACCredential, self).decode()' in frame: # found = True # break # if not found: # raise CredentialNotVerifiable("Malformed XML: No owner_gid found") self.gidCaller = GID(string=og) tg = getTextNode(cred, "target_gid") # if tg is None: # found = False # for frame in stack: # if 'super(ABACCredential, self).decode()' in frame: # found = True # break # if not found: # raise CredentialNotVerifiable("Malformed XML: No target_gid found") self.gidObject = GID(string=tg) # Process privileges rlist = Rights() priv_nodes = cred.getElementsByTagName("privileges") if len(priv_nodes) > 0: privs = priv_nodes[0] for priv in privs.getElementsByTagName("privilege"): kind = getTextNode(priv, "name") deleg = str2bool(getTextNode(priv, "can_delegate")) if kind == '*': # Convert * into the default privileges for the credential's type # Each inherits the delegatability from the * above _ , type = urn_to_hrn(self.gidObject.get_urn()) rl = determine_rights(type, self.gidObject.get_urn()) for r in rl.rights: r.delegate = deleg rlist.add(r) else: rlist.add(Right(kind.strip(), deleg)) self.set_privileges(rlist) # Is there a parent? parent = cred.getElementsByTagName("parent") if len(parent) > 0: parent_doc = parent[0].getElementsByTagName("credential")[0] parent_xml = parent_doc.toxml("utf-8") if parent_xml is None or parent_xml.strip() == "": raise CredentialNotVerifiable("Malformed XML: Had parent tag but it is empty") self.parent = Credential(string=parent_xml) self.updateRefID() # Assign the signatures to the credentials for sig in sigs: Sig = Signature(string=sig.toxml("utf-8")) for cur_cred in self.get_credential_list(): if cur_cred.get_refid() == Sig.get_refid(): cur_cred.set_signature(Sig)