def get_auth_token_ssh(account, signature, appid, ip=None): """ Authenticate a Rucio account temporarily via SSH key exchange. The token lifetime is 1 hour. :param account: Account identifier as a string. :param signature: Response to challenge token signed with SSH private key as a base64 encoded string. :param appid: The application identifier as a string. :param ip: IP address of the client as a string. :returns: Authentication token as a variable-length string. """ kwargs = {'account': account, 'signature': signature} if not permission.has_permission(issuer=account, action='get_auth_token_ssh', kwargs=kwargs): raise exception.AccessDenied('User with provided signature can not log to account %s' % account) return authentication.get_auth_token_ssh(account, signature, appid, ip)
def get_auth_token_ssh(account, signature, appid, ip=None, vo='def', session=None): """ Authenticate a Rucio account temporarily via SSH key exchange. The token lifetime is 1 hour. :param account: Account identifier as a string. :param signature: Response to challenge token signed with SSH private key as a base64 encoded string. :param appid: The application identifier as a string. :param ip: IP address of the client as a string. :param vo: The VO to act on. :param session: The database session in use. :returns: A dict with token and expires_at entries. """ kwargs = {'account': account, 'signature': signature} if not permission.has_permission(issuer=account, vo=vo, action='get_auth_token_ssh', kwargs=kwargs, session=session): raise exception.AccessDenied( 'User with provided signature can not log to account %s' % account) account = InternalAccount(account, vo=vo) return authentication.get_auth_token_ssh(account, signature, appid, ip, session=session)