def validate_request(ion_actor_id, expiry):
# There is no point in looking up an anonymous user - so return default values.
if ion_actor_id == DEFAULT_ACTOR_ID:
expiry = DEFAULT_EXPIRY # Since this is now an anonymous request, there really is no expiry associated with it
return ion_actor_id, expiry
idm_client = IdentityManagementServiceProcessClient(process=service_gateway_instance)
try:
user = idm_client.read_actor_identity(actor_id=ion_actor_id,
headers={"ion-actor-id": service_gateway_instance.name,
'expiry': DEFAULT_EXPIRY})
except NotFound as e:
ion_actor_id = DEFAULT_ACTOR_ID # If the user isn't found default to anonymous
expiry = DEFAULT_EXPIRY # Since this is now an anonymous request, there really is no expiry associated with it
return ion_actor_id, expiry
# Need to convert to a float first in order to compare against current time.
try:
int_expiry = int(expiry)
except Exception as e:
raise Inconsistent("Unable to read the expiry value in the request '%s' as an int" % expiry)
# The user has been validated as being known in the system, so not check the expiry and raise exception if
# the expiry is not set to 0 and less than the current time.
if 0 < int_expiry < current_time_millis():
raise Unauthorized('The certificate associated with the user and expiry time in the request has expired.')
return ion_actor_id, expiry
def validate_request(ion_actor_id, expiry):
#There is no point in looking up an anonymous user - so return default values.
if ion_actor_id == DEFAULT_ACTOR_ID:
expiry = DEFAULT_EXPIRY #Since this is now an anonymous request, there really is no expiry associated with it
return ion_actor_id, expiry
idm_client = IdentityManagementServiceProcessClient(node=Container.instance.node, process=service_gateway_instance)
try:
user = idm_client.read_actor_identity(actor_id=ion_actor_id, headers={"ion-actor-id": service_gateway_instance.name, 'expiry': DEFAULT_EXPIRY })
except NotFound, e:
ion_actor_id = DEFAULT_ACTOR_ID # If the user isn't found default to anonymous
expiry = DEFAULT_EXPIRY #Since this is now an anonymous request, there really is no expiry associated with it
return ion_actor_id, expiry
def validate_request(ion_actor_id, expiry):
#There is no point in looking up an anonymous user - so return default values.
if ion_actor_id == DEFAULT_ACTOR_ID:
expiry = DEFAULT_EXPIRY #Since this is now an anonymous request, there really is no expiry associated with it
return ion_actor_id, expiry
idm_client = IdentityManagementServiceProcessClient(
node=Container.instance.node, process=service_gateway_instance)
try:
user = idm_client.read_actor_identity(
actor_id=ion_actor_id,
headers={
"ion-actor-id": service_gateway_instance.name,
'expiry': DEFAULT_EXPIRY
})
except NotFound, e:
ion_actor_id = DEFAULT_ACTOR_ID # If the user isn't found default to anonymous
expiry = DEFAULT_EXPIRY #Since this is now an anonymous request, there really is no expiry associated with it
return ion_actor_id, expiry
