def validate_request(ion_actor_id, expiry): # There is no point in looking up an anonymous user - so return default values. if ion_actor_id == DEFAULT_ACTOR_ID: expiry = DEFAULT_EXPIRY # Since this is now an anonymous request, there really is no expiry associated with it return ion_actor_id, expiry idm_client = IdentityManagementServiceProcessClient(process=service_gateway_instance) try: user = idm_client.read_actor_identity(actor_id=ion_actor_id, headers={"ion-actor-id": service_gateway_instance.name, 'expiry': DEFAULT_EXPIRY}) except NotFound as e: ion_actor_id = DEFAULT_ACTOR_ID # If the user isn't found default to anonymous expiry = DEFAULT_EXPIRY # Since this is now an anonymous request, there really is no expiry associated with it return ion_actor_id, expiry # Need to convert to a float first in order to compare against current time. try: int_expiry = int(expiry) except Exception as e: raise Inconsistent("Unable to read the expiry value in the request '%s' as an int" % expiry) # The user has been validated as being known in the system, so not check the expiry and raise exception if # the expiry is not set to 0 and less than the current time. if 0 < int_expiry < current_time_millis(): raise Unauthorized('The certificate associated with the user and expiry time in the request has expired.') return ion_actor_id, expiry
def validate_request(ion_actor_id, expiry): #There is no point in looking up an anonymous user - so return default values. if ion_actor_id == DEFAULT_ACTOR_ID: expiry = DEFAULT_EXPIRY #Since this is now an anonymous request, there really is no expiry associated with it return ion_actor_id, expiry idm_client = IdentityManagementServiceProcessClient(node=Container.instance.node, process=service_gateway_instance) try: user = idm_client.read_actor_identity(actor_id=ion_actor_id, headers={"ion-actor-id": service_gateway_instance.name, 'expiry': DEFAULT_EXPIRY }) except NotFound, e: ion_actor_id = DEFAULT_ACTOR_ID # If the user isn't found default to anonymous expiry = DEFAULT_EXPIRY #Since this is now an anonymous request, there really is no expiry associated with it return ion_actor_id, expiry
def validate_request(ion_actor_id, expiry): #There is no point in looking up an anonymous user - so return default values. if ion_actor_id == DEFAULT_ACTOR_ID: expiry = DEFAULT_EXPIRY #Since this is now an anonymous request, there really is no expiry associated with it return ion_actor_id, expiry idm_client = IdentityManagementServiceProcessClient( node=Container.instance.node, process=service_gateway_instance) try: user = idm_client.read_actor_identity( actor_id=ion_actor_id, headers={ "ion-actor-id": service_gateway_instance.name, 'expiry': DEFAULT_EXPIRY }) except NotFound, e: ion_actor_id = DEFAULT_ACTOR_ID # If the user isn't found default to anonymous expiry = DEFAULT_EXPIRY #Since this is now an anonymous request, there really is no expiry associated with it return ion_actor_id, expiry