def _get_ch_params():
# Initialise variables when required
from core.config import FullConfParser
fcp = FullConfParser()
username = fcp.get("auth.conf").get("certificates").get("username")
ch_host = fcp.get("auth.conf").get("clearinghouse").get("host")
ch_port = fcp.get("auth.conf").get("clearinghouse").get("port")
ch_end = fcp.get("auth.conf").get("clearinghouse").get("endpoint")
return (username, ch_host, ch_port, ch_end)
def getusercred(geni_api = 3):
"""Retrieve your user credential. Useful for debugging.
If you specify the -o option, the credential is saved to a file.
If you specify --usercredfile:
First, it tries to read the user cred from that file.
Second, it saves the user cred to a file by that name (but with the appropriate extension)
Otherwise, the filename is <username>-<framework nickname from config file>-usercred.[xml or json, depending on AM API version].
If you specify the --prefix option then that string starts the filename.
If instead of the -o option, you supply the --tostdout option, then the usercred is printed to STDOUT.
Otherwise the usercred is logged.
The usercred is returned for use by calling scripts.
e.g.:
Get user credential, save to a file:
omni.py -o getusercred
Get user credential, save to a file with filename prefix mystuff:
omni.py -o -p mystuff getusercred
"""
from core.config import FullConfParser
fcp = FullConfParser()
username = fcp.get("auth.conf").get("certificates").get("username")
creds_path = os.path.normpath(os.path.join(os.path.dirname(__file__), "../../..", "cert"))
cert_path = os.path.join(creds_path, "%s-cert.pem" % username)
# Retrieve new credential by contacting with GCF CH
try:
user_cert = open(cert_path, "r").read()
cred = ch_call("CreateUserCredential", params = [user_cert])
# Exception? -> Retrieve already existing credential from disk (CBAS)
except:
cred_path = os.path.join(creds_path, "%s-cred.xml" % username)
cred = open(cred_path).read()
if geni_api >= 3:
if cred:
cred = credentials.wrap_cred(cred)
credxml = credentials.get_cred_xml(cred)
# pull the username out of the cred
# <owner_urn>urn:publicid:IDN+geni:gpo:gcf+user+alice</owner_urn>
user = ""
usermatch = re.search(r"\<owner_urn>urn:publicid:IDN\+.+\+user\+(\w+)\<\/owner_urn\>", credxml)
if usermatch:
user = usermatch.group(1)
return ("Retrieved %s user credential" % user, cred)
def __load_config(self):
# Imports the named module (package includes "." and this is not nice with PyMongo)
self.config = FullConfParser()
self.flask_category = self.config.get("flask.conf")
self.general_section = self.flask_category.get("general")
self.template_folder = self.general_section.get("template_folder")
self.template_folder = os.path.normpath(os.path.join(os.path.dirname(__file__),\
"../../..", self.template_folder))
self.fcgi_section = self.flask_category.get("fcgi")
self.certificates_flask_section = self.flask_category.get(
"certificates")
self.auth_category = self.config.get("auth.conf")
self.certificates_auth_section = self.auth_category.get("certificates")
# Verification and certificates
self._verify_users =\
ast.literal_eval(self.certificates_auth_section.get("verify_users"))
self.mro_section = self.config.get("ro.conf").get("master_ro")
self.mro_enabled = ast.literal_eval(
self.mro_section.get("mro_enabled"))
def __init__(self):
super(GENIv3DelegateBase, self).__init__()
self.config = FullConfParser()
self.general_section = self.config.get("geniv3.conf").get("general")
self.certificates_section = self.config.get("auth.conf").get("certificates")
