def getProxy(self, userDN, userGroup, requiredLifeTime=False):
""" Get proxy string from the Proxy Repository for use with userDN
in the userGroup
"""
# Get the Per User SubProxy if one is requested
if isPUSPdn(userDN):
result = self.__getPUSProxy(userDN, userGroup, requiredLifeTime)
if not result['OK']:
return result
pemData = result['Value'][0]
timeLeft = result['Value'][1]
chain = X509Chain()
result = chain.loadProxyFromString(pemData)
if not result['OK']:
return result
return S_OK((chain, timeLeft))
# Standard proxy is requested
retVal = self.__getPemAndTimeLeft(userDN, userGroup)
if not retVal['OK']:
return retVal
pemData = retVal['Value'][0]
timeLeft = retVal['Value'][1]
chain = X509Chain()
retVal = chain.loadProxyFromString(pemData)
if not retVal['OK']:
return retVal
if requiredLifeTime:
if timeLeft < requiredLifeTime:
retVal = self.renewFromMyProxy(userDN,
userGroup,
lifeTime=requiredLifeTime,
chain=chain)
if not retVal['OK']:
return S_ERROR("Can't get a proxy for %s seconds: %s" %
(requiredLifeTime, retVal['Message']))
chain = retVal['Value']
#Proxy is invalid for some reason, let's delete it
if not chain.isValidProxy()['Value']:
self.deleteProxy(userDN, userGroup)
return S_ERROR("%s@%s has no proxy registered" %
(userDN, userGroup))
return S_OK((chain, timeLeft))
def getProxy(self, userDN, userGroup, requiredLifeTime=False):
""" Get proxy string from the Proxy Repository for use with userDN
in the userGroup
"""
# Get the Per User SubProxy if one is requested
if isPUSPdn(userDN):
result = self.__getPUSProxy(userDN, userGroup, requiredLifeTime)
if not result['OK']:
return result
pemData = result['Value'][0]
timeLeft = result['Value'][1]
chain = X509Chain()
result = chain.loadProxyFromString(pemData)
if not result['OK']:
return result
return S_OK((chain, timeLeft))
# Standard proxy is requested
retVal = self.__getPemAndTimeLeft(userDN, userGroup)
if not retVal['OK']:
return retVal
pemData = retVal['Value'][0]
timeLeft = retVal['Value'][1]
chain = X509Chain()
retVal = chain.loadProxyFromString(pemData)
if not retVal['OK']:
return retVal
if requiredLifeTime:
if timeLeft < requiredLifeTime:
if self.__useMyProxy:
retVal = self.renewFromMyProxy(userDN, userGroup, lifeTime=requiredLifeTime, chain=chain)
if not retVal['OK']:
return S_ERROR("Can't get a proxy for %s seconds: %s" % (requiredLifeTime, retVal['Message']))
chain = retVal['Value']
else:
return S_ERROR("Can't get a proxy: the required lifetime is less than the time left in the proxy")
# Proxy is invalid for some reason, let's delete it
if not chain.isValidProxy()['Value']:
self.deleteProxy(userDN, userGroup)
return S_ERROR("%s@%s has no proxy registered" % (userDN, userGroup))
return S_OK((chain, timeLeft))
def getVOMSProxy(self,
userDN,
userGroup,
requiredLifeTime=False,
requestedVOMSAttr=False):
""" Get proxy string from the Proxy Repository for use with userDN
in the userGroup and VOMS attr
"""
retVal = self.__getVOMSAttribute(userGroup, requestedVOMSAttr)
if not retVal['OK']:
return retVal
vomsAttr = retVal['Value']['attribute']
vomsVO = retVal['Value']['VOMSVO']
#Look in the cache
retVal = self.__getPemAndTimeLeft(userDN, userGroup, vomsAttr)
if retVal['OK']:
pemData = retVal['Value'][0]
vomsTime = retVal['Value'][1]
chain = X509Chain()
retVal = chain.loadProxyFromString(pemData)
if retVal['OK']:
retVal = chain.getRemainingSecs()
if retVal['OK']:
remainingSecs = retVal['Value']
if requiredLifeTime and requiredLifeTime <= vomsTime and requiredLifeTime <= remainingSecs:
return S_OK((chain, min(vomsTime, remainingSecs)))
if isPUSPdn(userDN):
# Get the Per User SubProxy if one is requested
result = self.__getPUSProxy(userDN, userGroup, requiredLifeTime,
requestedVOMSAttr)
if not result['OK']:
return result
pemData = result['Value'][0]
chain = X509Chain()
result = chain.loadProxyFromString(pemData)
if not result['OK']:
return result
else:
# Get the stored proxy and dress it with the VOMS extension
retVal = self.getProxy(userDN, userGroup, requiredLifeTime)
if not retVal['OK']:
return retVal
chain, secsLeft = retVal['Value']
if requiredLifeTime and requiredLifeTime > secsLeft:
return S_ERROR("Stored proxy is not long lived enough")
vomsMgr = VOMS()
retVal = vomsMgr.getVOMSAttributes(chain)
if retVal['OK']:
attrs = retVal['Value']
if len(attrs) > 0:
if attrs[0] != vomsAttr:
return S_ERROR(
"Stored proxy has already a different VOMS attribute %s than requested %s"
% (vomsAttr, attrs[0]))
else:
result = self.__storeVOMSProxy(userDN, userGroup,
vomsAttr, chain)
if not result['OK']:
return result
secsLeft = result['Value']
if requiredLifeTime and requiredLifeTime <= secsLeft:
return S_OK((chain, secsLeft))
return S_ERROR(
"Stored proxy has already a different VOMS attribute and is not long lived enough"
)
retVal = vomsMgr.setVOMSAttributes(chain, vomsAttr, vo=vomsVO)
if not retVal['OK']:
return S_ERROR("Cannot append voms extension: %s" %
retVal['Message'])
chain = retVal['Value']
# We have got the VOMS proxy, store it into the cache
result = self.__storeVOMSProxy(userDN, userGroup, vomsAttr, chain)
if not result['OK']:
return result
secsLeft = result['Value']
return S_OK((chain, secsLeft))
def getVOMSProxy( self, userDN, userGroup, requiredLifeTime = False, requestedVOMSAttr = False ):
""" Get proxy string from the Proxy Repository for use with userDN
in the userGroup and VOMS attr
"""
retVal = self.__getVOMSAttribute( userGroup, requestedVOMSAttr )
if not retVal[ 'OK' ]:
return retVal
vomsAttr = retVal[ 'Value' ][ 'attribute' ]
vomsVO = retVal[ 'Value' ][ 'VOMSVO' ]
#Look in the cache
retVal = self.__getPemAndTimeLeft( userDN, userGroup, vomsAttr )
if retVal[ 'OK' ]:
pemData = retVal[ 'Value' ][0]
vomsTime = retVal[ 'Value' ][1]
chain = X509Chain()
retVal = chain.loadProxyFromString( pemData )
if retVal[ 'OK' ]:
retVal = chain.getRemainingSecs()
if retVal[ 'OK' ]:
remainingSecs = retVal[ 'Value' ]
if requiredLifeTime and requiredLifeTime <= vomsTime and requiredLifeTime <= remainingSecs:
return S_OK( ( chain, min( vomsTime, remainingSecs ) ) )
if isPUSPdn( userDN ):
# Get the Per User SubProxy if one is requested
result = self.__getPUSProxy( userDN, userGroup, requiredLifeTime, requestedVOMSAttr )
if not result['OK']:
return result
pemData = result[ 'Value' ][0]
chain = X509Chain()
result = chain.loadProxyFromString( pemData )
if not result[ 'OK' ]:
return result
else:
# Get the stored proxy and dress it with the VOMS extension
retVal = self.getProxy( userDN, userGroup, requiredLifeTime )
if not retVal[ 'OK' ]:
return retVal
chain, secsLeft = retVal[ 'Value' ]
if requiredLifeTime and requiredLifeTime > secsLeft:
return S_ERROR( "Stored proxy is not long lived enough" )
vomsMgr = VOMS()
retVal = vomsMgr.getVOMSAttributes( chain )
if retVal[ 'OK' ]:
attrs = retVal[ 'Value' ]
if len( attrs ) > 0:
if attrs[0] != vomsAttr:
return S_ERROR( "Stored proxy has already a different VOMS attribute %s than requested %s" % ( vomsAttr, attrs[0] ) )
else:
result = self.__storeVOMSProxy( userDN, userGroup, vomsAttr, chain )
if not result[ 'OK' ]:
return result
secsLeft = result[ 'Value' ]
if requiredLifeTime and requiredLifeTime <= secsLeft:
return S_OK( ( chain, secsLeft ) )
return S_ERROR( "Stored proxy has already a different VOMS attribute and is not long lived enough" )
retVal = vomsMgr.setVOMSAttributes( chain , vomsAttr, vo = vomsVO )
if not retVal[ 'OK' ]:
return S_ERROR( "Cannot append voms extension: %s" % retVal[ 'Message' ] )
chain = retVal[ 'Value' ]
# We have got the VOMS proxy, store it into the cache
result = self.__storeVOMSProxy( userDN, userGroup, vomsAttr, chain )
if not result[ 'OK' ]:
return result
secsLeft = result[ 'Value' ]
return S_OK( ( chain, secsLeft ) )
