def create_null_slice_cred(): """Create a slice cred that can be used to list resources.""" slice_urn = create_slice_urn() slice_gid, _ = create_x509_cert(slice_urn) user_gid = GID(filename=settings.GCF_X509_CH_CERT) ucred = create_slice_credential(user_gid, slice_gid) ucred.save_to_file(settings.GCF_NULL_SLICE_CRED)
def get_am_cred(cls): """ Get the slice authority credentials to use for AM calls. @return: GENI credential string. """ slice_urn = create_slice_urn() slice_gid, _ = create_x509_cert(slice_urn) user_gid = GID(filename=settings.GCF_X509_CH_CERT) ucred = create_slice_credential(user_gid, slice_gid) return ucred.save_to_string()
# It doesnt have the chain but should be signed # by this CHs cert, which should also be a trusted # root at any federated AM. So everyone can verify it as is. # Note that if a user from a different CH (installed # as trusted by this CH for some reason) called this method, # that user would be used here - and can still get a valid slice try: user_gid = gid.GID(string=user_cert) except Exception, exc: logger.error("CreateSlice failed to create user_gid from SSL client cert: %s", traceback.format_exc()) raise Exception("Failed to create slice %s. Cant get user GID from SSL client certificate." % urn_req, exc) # OK have a user_gid so can get a slice credential # authorizing this user on the slice try: slice_cred = create_slice_credential(user_gid, slice_gid) except Exception, exc: logger.error('CreateSlice failed to get slice credential for user %r, slice %r: %s', user_gid.get_hrn(), slice_gid.get_hrn(), traceback.format_exc()) raise Exception('CreateSlice failed to get slice credential for user %r, slice %r' % (user_gid.get_hrn(), slice_gid.get_hrn()), exc) logger.info('Created slice %r' % (urn_req)) return slice_cred.save_to_string() def DeleteSlice(urn_req): logger.info("Called DeleteSlice %r" % urn_req) return True def ListAggregates(): logger.info("Called ListAggregates") # FIXME: return the GCF aggregates registered here return []
def get_slice_cred(self, slice, user): info = slice.geni_slice_info user_cert = get_or_create_user_cert(user) return create_slice_credential( user_cert, GID(string=str(info.slice_gid))).save_to_string()
def get_slice_cred(self, slice, user): info = slice.geni_slice_info user_cert = get_or_create_user_cert(user) return create_slice_credential( user_cert, GID(string=str(info.slice_gid)) ).save_to_string()