def __getTransferClient(self): """ Get transfer client :return: TransferClient() """ if self.transferClient: return self.transferClient return TransferClient("Framework/BundleDelivery", skipCACheck=skipCACheck())
def __discoverCredentialsToUse(self): """ Discovers which credentials to use for connection. * Server certificate: -> If KW_USE_CERTIFICATES in kwargs, sets it in self.__useCertificates -> If not, check gConfig.useServerCertificate(), and sets it in self.__useCertificates and kwargs[KW_USE_CERTIFICATES] * Certification Authorities check: -> if KW_SKIP_CA_CHECK is not in kwargs and we are using the certificates, set KW_SKIP_CA_CHECK to false in kwargs -> if KW_SKIP_CA_CHECK is not in kwargs and we are not using the certificate, check the skipCACheck * Proxy Chain WARNING: MOSTLY COPY/PASTE FROM Core/Diset/private/BaseClient """ # Use certificates? if self.KW_USE_CERTIFICATES in self.kwargs: self.__useCertificates = self.kwargs[self.KW_USE_CERTIFICATES] else: self.__useCertificates = gConfig.useServerCertificate() self.kwargs[self.KW_USE_CERTIFICATES] = self.__useCertificates if self.KW_SKIP_CA_CHECK not in self.kwargs: if self.__useCertificates: self.kwargs[self.KW_SKIP_CA_CHECK] = False else: self.kwargs[self.KW_SKIP_CA_CHECK] = skipCACheck() # Rewrite a little bit from here: don't need the proxy string, we use the file if self.KW_PROXY_CHAIN in self.kwargs: try: self.kwargs[self.KW_PROXY_STRING] = self.kwargs[ self.KW_PROXY_CHAIN].dumpAllToString()['Value'] del self.kwargs[self.KW_PROXY_CHAIN] except BaseException: return S_ERROR( "Invalid proxy chain specified on instantiation") # ==== REWRITED FROM HERE ==== # For certs always check CA's. For clients skipServerIdentityCheck return S_OK()
def __discoverCredentialsToUse(self): """Discovers which credentials to use for connection. * Server certificate: -> If KW_USE_CERTIFICATES in kwargs, sets it in self.__useCertificates -> If not, check gConfig.useServerCertificate(), and sets it in self.__useCertificates and kwargs[KW_USE_CERTIFICATES] * Certification Authorities check: -> if KW_SKIP_CA_CHECK is not in kwargs and we are using the certificates, set KW_SKIP_CA_CHECK to false in kwargs -> if KW_SKIP_CA_CHECK is not in kwargs and we are not using the certificate, check the CS.skipCACheck * Proxy Chain -> if KW_PROXY_CHAIN in kwargs, we remove it and dump its string form into kwargs[KW_PROXY_STRING] :return: S_OK()/S_ERROR() """ # Use certificates? if self.KW_USE_CERTIFICATES in self.kwargs: self.__useCertificates = self.kwargs[self.KW_USE_CERTIFICATES] else: self.__useCertificates = gConfig.useServerCertificate() self.kwargs[self.KW_USE_CERTIFICATES] = self.__useCertificates if self.KW_SKIP_CA_CHECK not in self.kwargs: if self.__useCertificates: self.kwargs[self.KW_SKIP_CA_CHECK] = False else: self.kwargs[self.KW_SKIP_CA_CHECK] = skipCACheck() if self.KW_PROXY_CHAIN in self.kwargs: try: self.kwargs[self.KW_PROXY_STRING] = self.kwargs[ self.KW_PROXY_CHAIN].dumpAllToString()["Value"] del self.kwargs[self.KW_PROXY_CHAIN] except Exception: return S_ERROR( "Invalid proxy chain specified on instantiation") return S_OK()
def __discoverCredentialsToUse(self): """Discovers which credentials to use for connection. * Server certificate: -> If KW_USE_CERTIFICATES in kwargs, sets it in self.__useCertificates -> If not, check gConfig.useServerCertificate(), and sets it in self.__useCertificates and kwargs[KW_USE_CERTIFICATES] * Certification Authorities check: -> if KW_SKIP_CA_CHECK is not in kwargs and we are using the certificates, set KW_SKIP_CA_CHECK to false in kwargs -> if KW_SKIP_CA_CHECK is not in kwargs and we are not using the certificate, check the skipCACheck * Bearer token: -> If KW_USE_ACCESS_TOKEN in kwargs, sets it in self.__useAccessToken -> If not, check "/DIRAC/Security/UseTokens", and sets it in self.__useAccessToken and kwargs[KW_USE_ACCESS_TOKEN] -> If not, check 'DIRAC_USE_ACCESS_TOKEN' in os.environ, sets it in self.__useAccessToken and kwargs[KW_USE_ACCESS_TOKEN] * Proxy Chain WARNING: MOSTLY COPY/PASTE FROM Core/Diset/private/BaseClient """ # Use certificates? if self.KW_USE_CERTIFICATES in self.kwargs: self.__useCertificates = self.kwargs[self.KW_USE_CERTIFICATES] else: self.__useCertificates = gConfig.useServerCertificate() self.kwargs[self.KW_USE_CERTIFICATES] = self.__useCertificates if self.KW_SKIP_CA_CHECK not in self.kwargs: if self.__useCertificates: self.kwargs[self.KW_SKIP_CA_CHECK] = False else: self.kwargs[self.KW_SKIP_CA_CHECK] = skipCACheck() # Use tokens? if self.KW_USE_ACCESS_TOKEN in self.kwargs: self.__useAccessToken = self.kwargs[self.KW_USE_ACCESS_TOKEN] elif "DIRAC_USE_ACCESS_TOKEN" in os.environ: self.__useAccessToken = os.environ.get("DIRAC_USE_ACCESS_TOKEN", "false").lower() in ("y", "yes", "true") else: self.__useAccessToken = gConfig.getValue( "/DIRAC/Security/UseTokens", "false").lower() in ( "y", "yes", "true", ) self.kwargs[self.KW_USE_ACCESS_TOKEN] = self.__useAccessToken if self.__useAccessToken: from DIRAC.Resources.IdProvider.IdProviderFactory import IdProviderFactory result = IdProviderFactory().getIdProvider("DIRACCLI") if not result["OK"]: return result self.__idp = result["Value"] # Rewrite a little bit from here: don't need the proxy string, we use the file if self.KW_PROXY_CHAIN in self.kwargs: try: self.kwargs[self.KW_PROXY_STRING] = self.kwargs[ self.KW_PROXY_CHAIN].dumpAllToString()["Value"] del self.kwargs[self.KW_PROXY_CHAIN] except Exception: return S_ERROR( "Invalid proxy chain specified on instantiation") # ==== REWRITED FROM HERE ==== # For certs always check CA's. For clients skipServerIdentityCheck return S_OK()
def __getRPCClient(self): if self.rpcClient: return self.rpcClient return RPCClient("Framework/BundleDelivery", skipCACheck=skipCACheck())