def activate_endpoint(api, ep=None): if ep is None: ep = dst_endpoint code, reason, reqs = api.endpoint_activation_requirements(ep, type='delegate_proxy') public_key = reqs.get_requirement_value("delegate_proxy", "public_key") proxy = x509_proxy.create_proxy_from_file(certificate_file, public_key, lifetime_hours=72) reqs.set_requirement_value("delegate_proxy", "proxy_chain", proxy) try: code, reason, result = api.endpoint_activate(ep, reqs) except api_client.APIError as e: sdlog.error("SDDMGLOB-028","Error: Cannot activate the source endpoint: (%s)"% str(e)) raise FatalException()
def activate_endpoint(self, ep): status_code, status_message, data = self.endpoint_activation_requirements( ep) assert (status_code == 200) if data['oauth_server']: sys.stderr.write( 'WARNING: this is an oauth server, we are assuming the myproxy is at the same address\n' ) myproxy = data['oauth_server'] else: myproxy = data['hostname'] user = keyring.get_password(myproxy, "user") password = keyring.get_password(myproxy, "password") dn = keyring.get_password(myproxy, "dn") # cert = keyring.get_password(myproxy, "certificate") cert = None if not (user and password and dn): sys.stderr.write( 'Cannot get myproxy certificate. Call "myproxy_logon.py {} to setup user and passwords"\n' .format(myproxy)) if cert == None: sys.stderr.write( 'Credentials not found for {}.\nInvoking myproxy_logon...\n'. format(myproxy)) (cert, dn) = myproxy_logon(myproxy, user, password, dn) if cert == None: sys.stderr.write( 'Cannot get myproxy certificate. Try "myproxy_logon.py {}"\n' .format(myproxy)) return with TmpFile() as t: (f, cert_path) = t f.write(cert) f.close() public_key = data.get_requirement_value("delegate_proxy", "public_key") proxy = x509_proxy.create_proxy_from_file(cert_path, public_key) data.set_requirement_value("delegate_proxy", "proxy_chain", proxy) status_code, status_message, data = self.endpoint_activate(ep, data) #print status_code, status_message, data assert (status_code == 200) sys.stderr.write( 'Endpoint {} is activated and will expire at {}\n'.format( ep, data["expire_time"]))
def preferred_activation(username, endpoint_name, myproxy_username): user_credential_path=os.getcwd()+"/credential-"+username+".pem" print "==Activating %s ==" % endpoint_name api = TransferAPIClient(username, cert_file=user_credential_path) api.set_debug_print(False, False) try: code, message, data = api.endpoint(endpoint_name) if not data["activated"]: try: print "==Try autoactivation==" code, message, data = api.endpoint_autoactivate(endpoint_name) except: print "Cannot autoactivate" except: pass try: code, message, data = api.endpoint(endpoint_name) except: data={'activated': "Unavailable"} if not data["activated"]: # and data["activated"] == "Unavailable": try: if myproxy_username != "none": print "==Try myproxy for %s ==" % myproxy_username status, message, data = api.endpoint_autoactivate(endpoint_name) data.set_requirement_value("myproxy", "username", myproxy_username) from getpass import getpass passphrase = getpass() data.set_requirement_value("myproxy", "passphrase", passphrase) api.endpoint_activate(endpoint_name, data) #activer=[username,"-c",os.getcwd()+"/credential.pem"] #api, _ = create_client_from_args(activer) #conditional_activation(endpoint_name,myproxy_username) code, message, data = api.endpoint(endpoint_name) else: raise except: print "==Local proxy activation==" _, _, reqs = api.endpoint_activation_requirements(endpoint_name, type="delegate_proxy") #print "endpoint_name",endpoint_name #print reqs public_key = reqs.get_requirement_value("delegate_proxy", "public_key") #print public_key proxy = x509_proxy.create_proxy_from_file(user_credential_path, public_key) #print "proxy" #print proxy reqs.set_requirement_value("delegate_proxy", "proxy_chain", proxy) #print reqs result = api.endpoint_activate(endpoint_name, reqs)
def endpoint_activate(self, endpoint): """ Activate the endpoint Parameters ---------- endpoint : str The endpoint to activate """ _, _, reqs = self.goclient.endpoint_activation_requirements( endpoint, type="delegate_proxy") public_key = reqs.get_requirement_value("delegate_proxy", "public_key") proxy = x509_proxy.create_proxy_from_file(self.credfile, public_key, self.proxy_valid_hrs) reqs.set_requirement_value("delegate_proxy", "proxy_chain", proxy) result = self.goclient.endpoint_activate(endpoint, reqs) return result
def activate_endpoint(api, ep=None): if ep is None: ep = dst_endpoint code, reason, reqs = api.endpoint_activation_requirements( ep, type='delegate_proxy') public_key = reqs.get_requirement_value("delegate_proxy", "public_key") proxy = x509_proxy.create_proxy_from_file(sdconfig.esgf_x509_proxy, public_key, lifetime_hours=72) reqs.set_requirement_value("delegate_proxy", "proxy_chain", proxy) try: code, reason, result = api.endpoint_activate(ep, reqs) except api_client.APIError as e: sdlog.error( "SDDMGLOB-028", "Error: Cannot activate the source endpoint: (%s)" % str(e)) raise FatalException()
def activateEndpoint(api_client, endpoint, myproxy_server=None, username=None, password=None, cert=None, key=None): if (not myproxy_server or not password) and (not myproxy_server or not cert): # Try to autoactivate the endpoint code, reason, result = api_client.endpoint_autoactivate(endpoint, if_expires_in=2880) print "Endpoint Activation: %s. %s: %s" % (endpoint, result["code"], result["message"]) if result["code"] == "AutoActivationFailed": return (False, "") return (True, "") code, reason, reqs = api_client.endpoint_activation_requirements(endpoint) # Activate the endpoint using an X.509 user credential stored by esgf-idp in /tmp/x509up_<idp_hostname>_<username> if cert and key: cred_file = "/tmp/x509up_%s_%s" % (myproxy_server, username) with open(cred_file, 'w') as cred: cred.write(cert) cred.write(key) public_key = reqs.get_requirement_value("delegate_proxy", "public_key") try: proxy = x509_proxy.create_proxy_from_file(cred_file, public_key, lifetime_hours=72) except Exception as e: print "Could not activate the endpoint: %s. Error: %s" % (endpoint, str(e)) return False reqs.set_requirement_value("delegate_proxy", "proxy_chain", proxy) else: # Activate the endpoint using MyProxy server method reqs.set_requirement_value("myproxy", "hostname", myproxy_server) reqs.set_requirement_value("myproxy", "username", username) reqs.set_requirement_value("myproxy", "passphrase", password) reqs.set_requirement_value("myproxy", "lifetime_in_hours", "168") try: code, reason, result = api_client.endpoint_activate(endpoint, reqs) except Exception as e: print "Could not activate the endpoint: %s. Error: %s" % (endpoint, str(e)) return (False, str(e)) if code != 200: print "Could not aactivate the endpoint: %s. Error: %s - %s" % (endpoint, result["code"], result["message"]) return (False, result["message"]) print "Endpoint Activation: %s. %s: %s" % (endpoint, result["code"], result["message"]) return (True, "")
def activateEndpoint(api_client, endpoint, openid=None): # Try to autoactivate the endpoint code, reason, result = api_client.endpoint_autoactivate(endpoint, if_expires_in=2880) if result["code"] == "AutoActivationFailed" and openid: # Activate the endpoint using an X.509 user credential stored by esgf-idp in /tmp/x509up_<idp_hostname>_<username> openid_parsed = urlparse.urlparse(openid) hostname = openid_parsed.hostname username = os.path.basename(openid_parsed.path) cred_file = "/tmp/x509up_%s_%s" % (hostname, username) reqs = result public_key = reqs.get_requirement_value("delegate_proxy", "public_key") try: proxy = x509_proxy.create_proxy_from_file(cred_file, public_key, lifetime_hours=72) except Exception as e: print "Could not activate the endpoint: %s. Error: %s" % (endpoint, str(e)) return reqs.set_requirement_value("delegate_proxy", "proxy_chain", proxy) code, reason, result = api_client.endpoint_activate(endpoint, reqs) if code != 200: print "Could not aactivate the endpoint: %s. Error: %s - %s" % (endpoint, result["code"], result["message"]) print "Endpoint Activation: %s. %s: %s" % (endpoint, result["code"], result["message"])
def endpoint_activation(self, endpoint_name, myproxy_username=''): """ Activate a GridFTP endpoint :param endpoint_name: name of the endpoint to activate :param myproxy_username: myproxy user name """ #code, reason, data = self.api.endpoint(endpoint_name) #self._print_endpoint(data) #self.display_endpoint_list(); LOGGER.debug("Checking if endpoint {0} is already activated".format( endpoint_name)) _, _, data = self.api.endpoint(endpoint_name) if data["activated"]: LOGGER.info("Endpoint {0} is already active!".format(endpoint_name)) return True # Trying with autoactivation LOGGER.debug("Trying autoactivation") code, message, data = self.api.endpoint_autoactivate( endpoint_name) if not data["code"].startswith("AutoActivationFailed"): LOGGER.info("Endpoint {0} activated!".format(endpoint_name)) LOGGER.debug("result: {0} ({1})".format(data["code"], data["message"])) return True LOGGER.debug("Trying activating with myproxy") data.set_requirement_value("myproxy", "username", myproxy_username) # Remove interactive messages: add arguments to manage this part from getpass import getpass passphrase = getpass() data.set_requirement_value("myproxy", "passphrase", passphrase) try: status, message, data = self.api.endpoint_activate(endpoint_name, data, if_expires_in=600) if not data["code"].startswith("AutoActivationFailed"): LOGGER.info("Endpoint {0} activated!\n".format(endpoint_name)) LOGGER.debug("result: {0} ({1})\n".format(data["code"], data["message"])) return True except Exception as e: print "Error: {0}".format(e) # Trying activating a delegate proxy self.check_proxy() user_credential_path = os.path.join(os.getcwd(), self.proxy_name) LOGGER.debug("Trying delegate proxy activation") _, _, reqs = self.api.endpoint_activation_requirements( endpoint_name, type="delegate_proxy") public_key = reqs.get_requirement_value("delegate_proxy", "public_key") #print public_key proxy = x509_proxy.create_proxy_from_file(user_credential_path, public_key, lifetime_hours=3) #print proxy reqs.set_requirement_value("delegate_proxy", "proxy_chain", proxy) try: code, message, data = self.api.endpoint_activate(endpoint_name, reqs) if not data["code"].startswith("AutoActivationFailed"): LOGGER.info("Endpoint {0} activated!\n".format(endpoint_name)) LOGGER.debug("result: {0} ({1})\n".format(data["code"], data["message"])) return True except Exception as e: print "Error: {0}".format(e) print "Can not active the endpoint {0}\n".format(endpoint_name) if "proxy is not valid until" in str(e): print "This error may be related to clock time skew. " \ "Please, check if your client clock is server " \ "synchronized and not ahead (you could check with " \ "\"www.time.is\")" return False
mypath = options.path if (not options.cert_file) and options.key_file: cert = options.key_file if (not options.key_file) and options.cert_file: key = options.cert_file #Getting a Transfer API instance and authenticating api = api_client.TransferAPIClient(username=user, cert_file=cert, key_file=key) #Deactivating the endpoint to make sure that the following code actually is #activating the endpoint. api.endpoint_deactivate(endpt) #Authenticating and activating the endpoint manually. reqs = api.endpoint_activation_requirements(endpt, type="delegate_proxy")[2] public_key = reqs.get_requirement_value("delegate_proxy", "public_key") proxy = x509_proxy.create_proxy_from_file(cred_file, public_key) reqs.set_requirement_value("delegate_proxy", "proxy_chain", proxy) result = api.endpoint_activate(endpt, reqs) #Perform a dir listing and print the list of files. #The 'DATA' subfield of the data dict will contain a dictionary containing #properties for each file. code, reason, data = api.endpoint_ls(endpt, mypath) #TODO: What exactly do we want to print out here? Comments welcome. for entry in data['DATA']: print "%s\t%s\t%s" % (entry['name'],entry['permissions'],entry['size']) #Cleanup by deactivating the endpoint. api.endpoint_deactivate(endpt)
The endpoint name may contain a # which is a shell comment, so be sure to quote the endpoint name. """ import sys from globusonline.transfer.api_client import create_client_from_args from globusonline.transfer.api_client import x509_proxy if __name__ == '__main__': api, args = create_client_from_args() if len(args) < 2: sys.stderr.write( "username, endpoint, cred_file arguments are required") sys.exit(1) ep = args[0] cred_file = args[1] print "Using x509_proxy implementation '%s'" % x509_proxy.implementation _, _, reqs = api.endpoint_activation_requirements(ep, type="delegate_proxy") public_key = reqs.get_requirement_value("delegate_proxy", "public_key") proxy = x509_proxy.create_proxy_from_file(cred_file, public_key) reqs.set_requirement_value("delegate_proxy", "proxy_chain", proxy) result = api.endpoint_activate(ep, reqs) print result
def endpoint_activation(self, endpoint_name, myproxy_username='', myproxy_password=''): """ Activate a GridFTP endpoint. Different attempts will be made: autocativation, using myproxy and using a delegate proxy (in the latter case \'grid-proxy-init\' is needed to generate a X.509 proxy). Myproxy username and password will be used to try the authentication with myproxy: they will be prompted if not passed as parameter or not found in the resource json file. The passphrase of the user certificate (needed for generating an X.509 proxy certificate) will be prompted if not found in the resource json file. :param endpoint_name: name of the endpoint to activate :param myproxy_username: myproxy user name (optional, if empty end needed it will be prompted) :param myproxy_password: myproxy user password (optional, if empty end needed it will be prompted) """ if self.api is None: print "You need to be authenticated with Globus Online to perform " \ "this operation. " return False LOGGER.debug("Checking if endpoint {0} is already activated..".format( endpoint_name)) _, _, data = self.api.endpoint(endpoint_name) if data["activated"]: LOGGER.info( "Endpoint {0} is already active!".format(endpoint_name)) return True # Trying with autoactivation LOGGER.debug("Trying autoactivation..") code, message, data = self.api.endpoint_autoactivate(endpoint_name) if not data["code"].startswith("AutoActivationFailed"): LOGGER.info("Endpoint {0} activated!".format(endpoint_name)) LOGGER.debug("result: {0} ({1})".format(data["code"], data["message"])) return True LOGGER.debug("Trying activating with myproxy..") if not myproxy_username and self.globus_init: myproxy_username = self.globus_init['myproxy_username'] if not myproxy_username and self.globus_init: myproxy_username = raw_input( "Please insert your \'myproxy\' username:"******"myproxy", "username", myproxy_username) data.set_requirement_value("myproxy", "passphrase", myproxy_password) try: status, message, data = self.api.endpoint_activate( endpoint_name, data, if_expires_in=600) if not data["code"].startswith("AutoActivationFailed"): LOGGER.info("Endpoint {0} activated!\n".format(endpoint_name)) LOGGER.debug("result: {0} ({1})\n".format( data["code"], data["message"])) return True except Exception as e: print "Error: {0}".format(e) # Trying activating a delegate proxy # Verify if there is a workaround not to use grid-proxy-init # (https://github.com/globusonline/transfer-api-client-python/tree/master/mkproxy) self.check_proxy() user_credential_path = os.path.join(os.getcwd(), self.proxy_name) LOGGER.debug("Trying delegate proxy activation..") _, _, reqs = self.api.endpoint_activation_requirements( endpoint_name, type="delegate_proxy") public_key = reqs.get_requirement_value("delegate_proxy", "public_key") # print public_key proxy = x509_proxy.create_proxy_from_file(user_credential_path, public_key, lifetime_hours=3) # print proxy reqs.set_requirement_value("delegate_proxy", "proxy_chain", proxy) try: code, message, data = self.api.endpoint_activate( endpoint_name, reqs) if not data["code"].startswith("AutoActivationFailed"): LOGGER.info("Endpoint {0} activated!\n".format(endpoint_name)) LOGGER.debug("result: {0} ({1})\n".format( data["code"], data["message"])) return True except Exception as e: print "Error: {0}".format(e) print "Can not active the endpoint {0}\n".format(endpoint_name) if "proxy is not valid until" in str(e): print "This error may be related to clock time skew. " \ "Please, check if your client clock is server " \ "synchronized and not ahead (you could check with " \ "\"www.time.is\")" return False
cert = options.key_file if (not options.key_file) and options.cert_file: key = options.cert_file #Getting a transfer API instance by authenticating using X509 credentials api = api_client.TransferAPIClient(username=user, cert_file=cert, key_file=key) #Deactivating our source and destination endpoints, just to make sure we're #actually activating them below. api.endpoint_deactivate(src) api.endpoint_deactivate(dst) #Manual activation of the source endpoint. src_reqs = api.endpoint_activation_requirements(src, type="delegate_proxy")[2] src_pubkey = src_reqs.get_requirement_value("delegate_proxy", "public_key") src_proxy = x509_proxy.create_proxy_from_file(cred_file, src_pubkey) src_reqs.set_requirement_value("delegate_proxy", "proxy_chain", src_proxy) src_result = api.endpoint_activate(src, src_reqs) #The manual activation process, repeated for the destination endpoint. #We found that both endpoints need to be activated manually due to differences #in configurations across the different endpoints. dst_reqs = api.endpoint_activation_requirements(dst, type="delegate_proxy")[2] dst_pubkey = dst_reqs.get_requirement_value("delegate_proxy", "public_key") dst_proxy = x509_proxy.create_proxy_from_file(cred_file, dst_pubkey) dst_reqs.set_requirement_value("delegate_proxy", "proxy_chain", dst_proxy) dst_result = api.endpoint_activate(dst, dst_reqs) #Transfer setup and execution. sub_code, sub_reason, sub_data = api.submission_id() mytransfer = Transfer(sub_data['value'], src, dst)
def endpoint_activation(self, endpoint_name, myproxy_username='', myproxy_password=''): """ Activate a GridFTP endpoint. Different attempts will be made: autocativation, using myproxy and using a delegate proxy (in the latter case \'grid-proxy-init\' is needed to generate a X.509 proxy). Myproxy username and password will be used to try the authentication with myproxy: they will be prompted if not passed as parameter or not found in the resource json file. The passphrase of the user certificate (needed for generating an X.509 proxy certificate) will be prompted if not found in the resource json file. :param endpoint_name: name of the endpoint to activate :param myproxy_username: myproxy user name (optional, if empty end needed it will be prompted) :param myproxy_password: myproxy user password (optional, if empty end needed it will be prompted) """ if self.api is None: print "You need to be authenticated with Globus Online to perform " \ "this operation. " return False LOGGER.debug("Checking if endpoint {0} is already activated..".format( endpoint_name)) _, _, data = self.api.endpoint(endpoint_name) if data["activated"]: LOGGER.info( "Endpoint {0} is already active!".format(endpoint_name)) return True # Trying with autoactivation LOGGER.debug("Trying autoactivation..") code, message, data = self.api.endpoint_autoactivate( endpoint_name) if not data["code"].startswith("AutoActivationFailed"): LOGGER.info("Endpoint {0} activated!".format(endpoint_name)) LOGGER.debug("result: {0} ({1})".format(data["code"], data["message"])) return True LOGGER.debug("Trying activating with myproxy..") if not myproxy_username and self.globus_init: myproxy_username = self.globus_init['myproxy_username'] if not myproxy_username and self.globus_init: myproxy_username = raw_input( "Please insert your \'myproxy\' username:"******"myproxy", "username", myproxy_username) data.set_requirement_value("myproxy", "passphrase", myproxy_password) try: status, message, data = self.api.endpoint_activate(endpoint_name, data, if_expires_in=600) if not data["code"].startswith("AutoActivationFailed"): LOGGER.info("Endpoint {0} activated!\n".format(endpoint_name)) LOGGER.debug("result: {0} ({1})\n".format(data["code"], data["message"])) return True except Exception as e: print "Error: {0}".format(e) # Trying activating a delegate proxy # Verify if there is a workaround not to use grid-proxy-init # (https://github.com/globusonline/transfer-api-client-python/tree/master/mkproxy) self.check_proxy() user_credential_path = os.path.join(os.getcwd(), self.proxy_name) LOGGER.debug("Trying delegate proxy activation..") _, _, reqs = self.api.endpoint_activation_requirements( endpoint_name, type="delegate_proxy") public_key = reqs.get_requirement_value("delegate_proxy", "public_key") # print public_key proxy = x509_proxy.create_proxy_from_file(user_credential_path, public_key, lifetime_hours=3) # print proxy reqs.set_requirement_value("delegate_proxy", "proxy_chain", proxy) try: code, message, data = self.api.endpoint_activate(endpoint_name, reqs) if not data["code"].startswith("AutoActivationFailed"): LOGGER.info("Endpoint {0} activated!\n".format(endpoint_name)) LOGGER.debug("result: {0} ({1})\n".format(data["code"], data["message"])) return True except Exception as e: print "Error: {0}".format(e) print "Can not active the endpoint {0}\n".format(endpoint_name) if "proxy is not valid until" in str(e): print "This error may be related to clock time skew. " \ "Please, check if your client clock is server " \ "synchronized and not ahead (you could check with " \ "\"www.time.is\")" return False