def get_slice_credentials(self):
     client = self.get_client(self._sa_url)
     fcn = eval('client.get_credentials')
     suppress_errors = None
     reason = "Testing"
     (result, msg) = _do_ssl(self._framework, suppress_errors, reason, 
                             fcn,  self._slice_urn, [], {})
     return result['value']
def get_credentials(opts):
    config = {'cert' : opts.cert, 'key' : opts.key}
    framework = ClientFramework(config, {})
    suppress_errors = None
    reason = "Testing"
    ch_client = framework.make_client(opts.ch_url, opts.key, opts.cert, 
                                   allow_none=True,
                                   verbose=False)
    (result, msg) = _do_ssl(framework, suppress_errors, reason, 
                            ch_client.get_credentials, opts.slice_urn, [], {})
    cred = result['value'][0]['geni_value']
    creds = [cred]
    return creds
    def get_aggregate_info(self):
        client = self.get_client(self._sr_url)
        fcn = eval('client.lookup_aggregates')
        suppress_errors = None
        reason = "Testing"
        (result, msg) = _do_ssl(self._framework, suppress_errors, reason, fcn,  {})
        self._aggregate_info = result['value']

        # Add additional aggregates not in SR
        wix = {'SERVICE_URL' : 'http://wixam.maxgigapop.net:12346',
               'SERVICE_NAME' : 'WIX',
               'SERVICE_URN' : 'urn:publicid:IDN+wix.internet2.edu+authority+am'}
        self._aggregate_info.append(wix)
 def get_sliver_status(self, am_urn):
     am_info = self.get_agg_info_for_urn(am_urn)
     if am_info == None: 
         print "AM not registered: %s" % am_urn
         return None
     am_url = am_info['SERVICE_URL']
     client = self.get_client(am_url)
     fcn = eval('client.SliverStatus')
     suppress_errors = None
     reason = "Testing"
     (result, msg) = _do_ssl(self._framework, suppress_errors, reason, 
                             fcn,  self._slice_urn, self._creds, {})
     status = result['value']
     return status
示例#5
0
def get_credentials(opts):
    config = {'cert': opts.cert, 'key': opts.key}
    framework = ClientFramework(config, {})
    suppress_errors = None
    reason = "Testing"
    ch_client = framework.make_client(opts.ch_url,
                                      opts.key,
                                      opts.cert,
                                      allow_none=True,
                                      verbose=False)
    (result, msg) = _do_ssl(framework, suppress_errors, reason,
                            ch_client.get_credentials, opts.slice_urn, [], {})
    cred = result['value'][0]['geni_value']
    creds = [cred]
    return creds
    def get_sliver_info_for_slice(self):
        client = self.get_client(self._sa_url)
        fcn = eval('client.lookup_sliver_info')
        suppress_errors = None
        reason = "Testing"
        options = {"match" : {"SLIVER_INFO_SLICE_URN" : self._slice_urn}}
        (result, msg) = _do_ssl(self._framework, suppress_errors, reason, fcn,
                                self._creds, options)
        self._sliver_info = result['value']

        # Set up unique list of AM urn's
        for sliver_urn, sliver_details in self._sliver_info.iteritems():
            agg_urn = sliver_details['SLIVER_INFO_AGGREGATE_URN']
            if agg_urn not in self._unique_agg_urns:
                self._unique_agg_urns.append(agg_urn);
                if agg_urn in self._sites_info:
                    self._unique_agg_urns_with_site_info.append(agg_urn)
 def get_manifest(self, am_urn):
     am_info = self.get_agg_info_for_urn(am_urn)
     if am_info == None: 
         print "AM not registered: %s" % am_urn
         return None
     am_url = am_info['SERVICE_URL']
     client = self.get_client(am_url)
     fcn = eval('client.ListResources')
     suppress_errors = None
     reason = "Testing"
     options = {'geni_slice_urn' : self._slice_urn,
                'geni_rspec_version' : {'version' : '3', 'type' : 'GENI'},
                'geni_compressed' : False}
     (result, msg) = _do_ssl(self._framework, suppress_errors, reason, 
                             fcn,  self._creds, options)
     if result['code']['geni_code'] != 0:
         return None
     status = result['value']
     return status
示例#8
0
def emulate_portal_page(opts, verbose=False):

    suppress_errors = None
    reason = "Testing"
    config = {'cert': opts.cert, 'key': opts.key}

    framework = MAClientFramework(config, {})
    ma_url = opts.url
    sa_url = opts.url.replace('/MA', '/SA')
    cs_url = opts.url.replace('/MA', '/CS')
    log_url = opts.url.replace('/MA', '/LOG')
    ma_client = framework.make_client(ma_url, opts.key, opts.cert,
                                      verbose=False)
    sa_client = framework.make_client(sa_url, opts.key, opts.cert,
                                      verbose=False)
    cs_client = framework.make_client(cs_url, opts.key, opts.cert,
                                      verbose=False)
    log_client = framework.make_client(log_url, opts.key, opts.cert,
                                       verbose=False)

    if opts.page == "home":
        print "Fetching home page for %s" % opts.eppn
        # Lookup public member info by EPPN
        client_options = {'match': {'_GENI_MEMBER_EPPN': opts.eppn}}
        (public_info, msg) = _do_ssl(framework, suppress_errors, reason,
                                     ma_client.lookup_public_member_info,
                                     opts.credentials, client_options)
        member_urn = public_info['value'].keys()[0]
        member_uid = public_info['value'][member_urn]['MEMBER_UID']

        # Lookup identifying info by UID
        client_options = {'match': {'MEMBER_UID': [member_uid]}}
        (identifying_info, msg) = _do_ssl(framework, suppress_errors, reason,
                                          ma_client.lookup_identifying_member_info,
                                          opts.credentials, client_options)

        # Lookup private key by UID
        client_options = {'match': {'MEMBER_UID': [member_uid]},
                          'filter': ['_GENI_MEMBER_INSIDE_PRIVATE_KEY']}
        (private_info, msg) = _do_ssl(framework, suppress_errors, reason,
                                      ma_client.lookup_private_member_info,
                                      opts.credentials, client_options)
        if verbose:
            print "Result = %s " % public_info
            print "Result = %s " % identifying_info
            print "Result = %s " % private_info

        # Lookup public inside cert by UID
        client_options = {'match': {'MEMBER_UID': [member_uid]},
                          'filter': ['_GENI_MEMBER_INSIDE_CERTIFICATE']}
        (public_info, msg) = _do_ssl(framework, suppress_errors, reason,
                                     ma_client.lookup_public_member_info,
                                     opts.credentials, client_options)
        if verbose:
            print "Result = %s " % public_info

        # get_permissions
        client_options = {'_dummy': ''}
        (permissions, msg) = _do_ssl(framework, suppress_errors, reason,
                                     cs_client.get_permissions,
                                     member_uid,
                                     opts.credentials, client_options)
        if verbose:
            print "Result = %s " % permissions

        # Lookup projects for member
        client_options = {'_dummy': ''}
        (projects_info, msg) = _do_ssl(framework, suppress_errors, reason,
                                       sa_client.lookup_projects_for_member,
                                       member_urn,
                                       opts.credentials, client_options)
        if verbose:
            print "Result = %s " % projects_info

        # Lookup projects
        project_uids = [project_info['PROJECT_UID']
                        for project_info in projects_info['value']
                        if not project_info['PROJECT_EXPIRED']]
        client_options = {'match': {'PROJECT_UID': project_uids}}
        (projects, msg) = _do_ssl(framework, suppress_errors, reason,
                                  sa_client.lookup_projects,
                                  opts.credentials, client_options)
        if verbose:
            print "Result = %s" % projects

        # Lookup slices for member
        client_options = {'_dummy': ''}
        (slices_info, msg) = _do_ssl(framework, suppress_errors, reason,
                                     sa_client.lookup_slices_for_member,
                                     member_urn,
                                     opts.credentials, client_options)
        if verbose:
            print "Result = %s " % slices_info

        # Lookup slices
        slice_uids = [slice_info['SLICE_UID']
                      for slice_info in slices_info['value']
                      if not slice_info['SLICE_EXPIRED']]
        client_options = {'match': {'SLICE_UID': slice_uids}}
        (slices, msg) = _do_ssl(framework, suppress_errors, reason,
                                sa_client.lookup_slices,
                                opts.credentials, client_options)
        if verbose:
            print "Result = %s " % slices

        # Lookup public member info for all project leads, slice_owners
        member_uids = []
        for slice_urn, slice_data in slices['value'].items():
            if slice_data['SLICE_EXPIRED']:
                continue
            slice_owner_uid = slice_data['_GENI_SLICE_OWNER']
            if slice_owner_uid not in member_uids:
                member_uids.append(slice_owner_uid)
        for project_urn, project_data in projects['value'].items():
            if project_data['PROJECT_EXPIRED']:
                continue
            project_lead_uid = project_data['_GENI_PROJECT_OWNER']
            if project_lead_uid not in member_uids:
                member_uids.append(project_lead_uid)
        client_options = {'match': {'MEMBER_UID': member_uids}}
        (members_public_info, msg) = _do_ssl(framework, suppress_errors,
                                             reason,
                                             ma_client.lookup_public_member_info,
                                             opts.credentials, client_options)
        if verbose:
            print "Result = %s " % members_public_info

        # Lookup identifying member info for all project leads, slice_owners
        client_options = {'match': {'MEMBER_UID': member_uids}}
        (members_identifying_info, msg) = _do_ssl(framework,
                                                  suppress_errors, reason,
                                                  ma_client.lookup_identifying_member_info,
                                                  opts.credentials, client_options)
        if verbose:
            print "Result = %s " % members_identifying_info

        # Lookup pending requests for user
        client_options = {'_dummy': ''}
        (pending_requests, msg) = _do_ssl(framework, suppress_errors, reason,
                                          sa_client.get_pending_requests_for_user,
                                          member_uid, 1, '',
                                          opts.credentials, client_options)
        if verbose:
            print "Result = %s " % pending_requests

        # Lookup identifying member info for all project leads and slice owners
        # *** Looks like we're doing this twice...
        client_options = {'match': {'MEMBER_UID': member_uids}}
        (members_identifying_info, msg) = _do_ssl(framework,
                                                  suppress_errors, reason,
                                                  ma_client.lookup_identifying_member_info,
                                                  opts.credentials, client_options)
        if verbose:
            print "Result = %s " % members_identifying_info

        # Lookup requests by user
        client_options = {'_dummy': ''}
        (pending_requests, msg) = _do_ssl(framework,
                                          suppress_errors, reason,
                                          sa_client.get_requests_by_user,
                                          member_uid, 1, '', 0,
                                          opts.credentials, client_options)
        if verbose:
            print "Result = %s " % pending_requests

        # Lookup projects for pending requests
        project_uids = []
        for pending_request in pending_requests['value']:
            project_uid = pending_request['context_id']
            project_uids.append(project_uid)
        client_options = {'match': {'PROJECT_UID': project_uids}}
        (pending_projects, msg) = _do_ssl(framework,
                                          suppress_errors, reason,
                                          sa_client.lookup_projects,
                                          opts.credentials, client_options)
        if verbose:
            print "Result = %s " % pending_projects

        # Lookup identifying info for leads of pending projects
        member_uids = []
        for pending_project_urn, pending_project_data in pending_projects['value'].items():
            lead_uid = pending_project_data['_GENI_PROJECT_OWNER']
            if lead_uid not in member_uids:
                member_uids.append(lead_uid)
        client_options = {'match': {'MEMBER_UID': member_uids}}
        (pending_project_leads, msg) = _do_ssl(framework,
                                               suppress_errors, reason,
                                               ma_client.lookup_identifying_member_info,
                                               opts.credentials,
                                               client_options)
        if verbose:
            print "Result = %s " % pending_project_leads

        # Lookup log entries for context
        (log_entries, msg) = _do_ssl(framework,
                                     suppress_errors, reason,
                                     log_client.get_log_entries_for_context,
                                     5, member_uid, 24, opts.credentials,
                                     client_options)

        if verbose:
            print "Result = %s " % log_entries

        # Lookup log entries for author
        (log_entries, msg) = _do_ssl(framework,
                                     suppress_errors, reason,
                                     log_client.get_log_entries_by_author,
                                     member_uid, 24, opts.credentials,
                                     client_options)

        if verbose:
            print "Result = %s " % log_entries

        print "Done fetching home page for %s" % opts.eppn

    else:
        print "Page not supported: %s" % page_name
示例#9
0
def main(args = sys.argv, do_print=True):

    opts, args = parseOptions(args)
    client_options = json.loads(opts.options)
    if opts.options_file:
        client_options = json.load(open(opts.options_file, 'r'))
    client_attributes = json.loads(opts.attributes)
    if opts.attributes_file:
        client_attributes = json.load(open(opts.attributes_file, 'r'))
    if do_print:
        print "CREDS = " + str(opts.credentials)
        print "OPTIONS = " + str(client_options)
    suppress_errors = None
    reason = "Testing"
    config = {'cert' : opts.cert, 'key' : opts.key}

    framework = MAClientFramework(config, {})
    client = framework.make_client(opts.url, opts.key, opts.cert, 
                                   allow_none=True,
                                   verbose=False)
    fcn = eval("client.%s" % opts.method)
    
    # Methods that take no arguments
    result = None
    msg = None

    if opts.page:
        emulate_portal_page(opts)

    elif opts.method in ['get_version', 'get_trust_roots']:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn)
    # Methods that take options argument
    elif opts.method in ['lookup_member_authorities', 'lookup_slice_authorities', \
                             'lookup_aggregates', \
                             'lookup_authorities_for_urns' ]:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    client_options)
    # Methods that take a URN and an aggregate URL argument
    elif opts.method in ['register_aggregate', 'remove_aggregate'] and opts.agg_url:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    opts.urn, opts.agg_url, opts.credentials, client_options)
    elif opts.int_arg is not None and opts.method in ['get_services_of_type', 'get_first_service_of_type', 'get_service_by_id']:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    int(opts.int_arg))
    elif opts.method in ['get_services']:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn)
    # Logging methods (test)
    elif opts.method in ['log_event']:
        message = opts.string_arg
        attributes = {}
        add_attribute(attributes, opts.int_arg, opts.uuid_arg)
        add_attribute(attributes, opts.int2_arg, opts.uuid2_arg)
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    message, attributes, opts.credentials,
                                client_options)
    elif opts.method in [ 'get_log_entries_by_author']:
        num_hours = 15*24
        user_id = '8e405a75-3ff7-4288-bfa5-111552fa53ce'
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    user_id, num_hours, opts.credentials,
                                client_options)
    elif opts.method in ['get_log_entries_for_context']:
        context_type = 'SLICE'
        context_id = '848e4a11-55eb-45df-a0e8-b79109fb0a88'
        num_hours = 15*24
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    context_type, context_id, num_hours,
                                opts.credentials, client_options)
    elif opts.method in ['get_log_entries_by_attributes']:
        type1 = 'SLICE'
        id1 = '848e4a11-55eb-45df-a0e8-b79109fb0a88'
        type2 = 'PROJECT'
        id2 = '8c042cf0-8389-48e0-aca1-782fd7a20794'
        num_hours = 15*24
        attribute_sets = [{type1 : id1}, {type2 : id2}]
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    attribute_sets, num_hours, opts.credentials,
                                client_options)

    elif opts.method in ['get_attributes_for_log_entry']:
        event_id = '20360';
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    event_id, opts.credentials,
                                client_options)
    # Credential store methods
    elif opts.method in ['get_permissions']:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    opts.uuid_arg, \
                                    opts.credentials, client_options)
    elif opts.method in ['get_attributes']:
        context = 'None'
        if opts.uuid2_arg: context = opts.uuid2_arg
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    opts.uuid_arg, \
                                    opts.int_arg, context, \
                                    opts.credentials, client_options)
    elif opts.method in ['lookup_keys']:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    opts.credentials, client_options)
    elif opts.method in ['delete_key', 'update_key'] \
            and opts.string_arg and opts.urn:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    opts.string_arg, \
                                    opts.credentials, client_options)

    # Client Authorization methods
    elif opts.method in ['list_clients']:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn)
    elif opts.method in ['list_authorized_clients']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg)
    elif opts.method in ['authorize_client']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg,
                    opts.urn, opts.int_arg)
    # Sliver info methods
    elif opts.method in ['delete_sliver_info', 'update_sliver_info']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.urn,
                    opts.credentials, client_options)
    elif opts.method in ['create_sliver_info', 'lookup_sliver_info']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, 
                    opts.credentials, client_options)


    # Project request methods
    elif opts.method in ['create_request']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.int_arg, 
                    opts.uuid_arg, opts.int2_arg, opts.string_arg, opts.string2_arg, \
                        opts.credentials, client_options)
    elif opts.method in ['resolve_pending_request']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.int_arg, 
                    opts.int2_arg, opts.int3_arg, opts.string_arg, \
                        opts.credentials, client_options)
    elif opts.method in ['invite_member']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.int_arg, 
                    opts.uuid_arg, 
                    opts.credentials, client_options)
        
    elif opts.method in ['accept_invitation']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, 
                    opts.uuid_arg, # invite_id
                    opts.uuid2_arg, # member_id
                    opts.credentials, client_options)
        
    elif opts.method in ['get_requests_for_context']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.int_arg, 
                    opts.uuid_arg, opts.int2_arg, opts.credentials, client_options)
    elif opts.method in ['get_requests_by_user']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg,
                    opts.int_arg, opts.uuid2_arg, opts.int2_arg, opts.credentials, client_options)
    elif opts.method in ['get_pending_requests_for_user', 'get_number_of_pending_requests_for_user']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg,
                    opts.int_arg, opts.uuid2_arg, opts.credentials, client_options)

    elif opts.method in ['get_request_by_id']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, 
                    opts.int_arg, opts.int2_arg, opts.credentials, client_options)

    # MA certificate methods
    elif opts.method in ['create_certificate']:
        options = {}
        if opts.file_arg:
            csr = open(opts.file_arg).read()
            options = {'csr' : csr}
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.urn,
                    opts.credentials, options)

    # MA add/revoke privilege methods
    elif opts.method in ['add_member_privilege', 'revoke_member_privilege']:
        options = {}
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg, \
                        opts.string_arg, \
                        opts.credentials, options)

    # Methods that take urn, credentials, options
    elif opts.method in ['get_credentials']:
        options = {}
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.urn, \
                        opts.credentials, options)
        

    # Generic Federation v2 API methods
    elif opts.method in ['lookup', 'create']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.type, \
                       opts.credentials, client_options)

    elif opts.method in ['update', 'delete', \
                             'modify_membership', 'lookup_members', 'lookup_for_member']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.type, \
                        opts.urn, opts.credentials, client_options)

    # Portal query
    elif opts.method in ['portal_query']:
        options = {}
        member_eppn = opts.string_arg
        project_id = opts.uuid_arg
        slice_id = opts.uuid2_arg
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, \
                        member_eppn, project_id, slice_id)

#    def add_member_privilege(self, cert, member_uid, privilege, credentials, options):


    # Methods that take attributes and options
    elif client_attributes:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    client_attributes, \
                                    opts.credentials, client_options)

    
                             
    # Methods that take credentials and options and urn arguments
    elif opts.urn:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    opts.urn, \
                                    opts.credentials, client_options)
    # Methods that take credentials and options (and no urn) arguments
    else:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    opts.credentials, client_options)

    if do_print:
        print "RESULT = " + str(result)
        if msg:
            print "MSG = " + str(msg)
示例#10
0
def main(args=sys.argv, do_print=True):
    logging.basicConfig()
    opts, args = parseOptions(args)
    client_options = json.loads(opts.options)
    if opts.options_file:
        client_options = json.load(open(opts.options_file, 'r'))
    client_attributes = json.loads(opts.attributes)
    if opts.attributes_file:
        client_attributes = json.load(open(opts.attributes_file, 'r'))
    if do_print:
        print "CREDS = " + str(opts.credentials)
        print "OPTIONS = " + str(client_options)
    suppress_errors = None
    reason = "Testing"
    config = {'cert': opts.cert, 'key': opts.key}

    framework = MAClientFramework(config, {})
    client = framework.make_client(opts.url,
                                   opts.key,
                                   opts.cert,
                                   allow_none=True,
                                   verbose=False)
    fcn = eval("client.%s" % opts.method)

    # Methods that take no arguments
    result = None
    msg = None

    if opts.page:
        emulate_portal_page(opts)

    elif opts.method in ['get_version', 'get_trust_roots']:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn)
    # Methods that take options argument
    elif opts.method in ['lookup_member_authorities', 'lookup_slice_authorities', \
                             'lookup_aggregates', \
                             'lookup_authorities_for_urns' ]:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    client_options)
    # Methods that take a URN and an aggregate URL argument
    elif opts.method in ['register_aggregate', 'remove_aggregate'
                         ] and opts.agg_url:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    opts.urn, opts.agg_url, opts.credentials, client_options)
    elif opts.int_arg is not None and opts.method in [
            'get_services_of_type', 'get_first_service_of_type',
            'get_service_by_id'
    ]:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    int(opts.int_arg))
    elif opts.method in ['get_services']:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn)
    # Logging methods (test)
    elif opts.method in ['log_event']:
        message = opts.string_arg
        attributes = {}
        add_attribute(attributes, opts.int_arg, opts.uuid_arg)
        add_attribute(attributes, opts.int2_arg, opts.uuid2_arg)
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    message, attributes, opts.credentials,
                                client_options)
    elif opts.method in ['get_log_entries_by_author']:
        num_hours = 15 * 24
        user_id = '8e405a75-3ff7-4288-bfa5-111552fa53ce'
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    user_id, num_hours, opts.credentials,
                                client_options)
    elif opts.method in ['get_log_entries_for_context']:
        context_type = 'SLICE'
        context_id = '848e4a11-55eb-45df-a0e8-b79109fb0a88'
        num_hours = 15 * 24
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    context_type, context_id, num_hours,
                                opts.credentials, client_options)
    elif opts.method in ['get_log_entries_by_attributes']:
        type1 = 'SLICE'
        id1 = '848e4a11-55eb-45df-a0e8-b79109fb0a88'
        type2 = 'PROJECT'
        id2 = '8c042cf0-8389-48e0-aca1-782fd7a20794'
        num_hours = 15 * 24
        attribute_sets = [{type1: id1}, {type2: id2}]
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    attribute_sets, num_hours, opts.credentials,
                                client_options)

    elif opts.method in ['get_attributes_for_log_entry']:
        event_id = '20360'
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    event_id, opts.credentials,
                                client_options)
    # Credential store methods
    elif opts.method in ['get_permissions']:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    opts.uuid_arg, \
                                    opts.credentials, client_options)
    elif opts.method in ['get_attributes']:
        context = 'None'
        if opts.uuid2_arg: context = opts.uuid2_arg
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    opts.uuid_arg, \
                                    opts.int_arg, context, \
                                    opts.credentials, client_options)
    elif opts.method in ['lookup_keys']:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    opts.credentials, client_options)
    elif opts.method in ['delete_key', 'update_key'] \
            and opts.string_arg and opts.urn:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    opts.string_arg, \
                                    opts.credentials, client_options)

    # Client Authorization methods
    elif opts.method in ['list_clients']:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn)
    elif opts.method in ['list_authorized_clients']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg)
    elif opts.method in ['authorize_client']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg,
                    opts.urn, opts.int_arg)
    # Sliver info methods
    elif opts.method in ['delete_sliver_info', 'update_sliver_info']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.urn,
                    opts.credentials, client_options)
    elif opts.method in ['create_sliver_info', 'lookup_sliver_info']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn,
                    opts.credentials, client_options)

    # Project request methods
    elif opts.method in ['create_request']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.int_arg,
                    opts.uuid_arg, opts.int2_arg, opts.string_arg, opts.string2_arg, \
                        opts.credentials, client_options)
    elif opts.method in ['resolve_pending_request']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.int_arg,
                    opts.int2_arg, opts.int3_arg, opts.string_arg, \
                        opts.credentials, client_options)
    elif opts.method in ['invite_member']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.int_arg,
                    opts.uuid_arg,
                    opts.credentials, client_options)

    elif opts.method in ['accept_invitation']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn,
                    opts.uuid_arg, # invite_id
                    opts.uuid2_arg, # member_id
                    opts.credentials, client_options)

    elif opts.method in ['get_requests_for_context']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.int_arg,
                    opts.uuid_arg, opts.int2_arg, opts.credentials, client_options)
    elif opts.method in ['get_requests_by_user']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg,
                    opts.int_arg, opts.uuid2_arg, opts.int2_arg, opts.credentials, client_options)
    elif opts.method in [
            'get_pending_requests_for_user',
            'get_number_of_pending_requests_for_user'
    ]:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg,
                    opts.int_arg, opts.uuid2_arg, opts.credentials, client_options)

    elif opts.method in ['get_request_by_id']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn,
                    opts.int_arg, opts.int2_arg, opts.credentials, client_options)

    # MA certificate methods
    elif opts.method in ['create_certificate']:
        options = {}
        if opts.file_arg:
            csr = open(opts.file_arg).read()
            options = {'csr': csr}
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.urn,
                    opts.credentials, options)

    # MA add/revoke privilege methods
    elif opts.method in ['add_member_privilege', 'revoke_member_privilege']:
        options = {}
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg, \
                        opts.string_arg, \
                        opts.credentials, options)

    # Methods that take urn, credentials, options
    elif opts.method in ['get_credentials']:
        options = {}
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.urn, \
                        opts.credentials, options)

    # Generic Federation v2 API methods
    elif opts.method in ['lookup', 'create']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.type, \
                       opts.credentials, client_options)

    elif opts.method in ['update', 'delete', \
                             'modify_membership', 'lookup_members', 'lookup_for_member']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.type, \
                        opts.urn, opts.credentials, client_options)

    # Portal query
    elif opts.method in ['portal_query']:
        options = {}
        member_eppn = opts.string_arg
        project_id = opts.uuid_arg
        slice_id = opts.uuid2_arg
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, \
                        member_eppn, project_id, slice_id)


#    def add_member_privilege(self, cert, member_uid, privilege, credentials, options):

# Methods that take attributes and options
    elif client_attributes:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    client_attributes, \
                                    opts.credentials, client_options)

    # Methods that take credentials and options and urn arguments
    elif opts.urn:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    opts.urn, \
                                    opts.credentials, client_options)
    # Methods that take credentials and options (and no urn) arguments
    else:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn, \
                                    opts.credentials, client_options)

    if do_print:
        print "RESULT = " + str(result)
        if msg:
            print "MSG = " + str(msg)
示例#11
0
def main(args=sys.argv, do_print=True):
    logging.basicConfig()
    opts, args = parseOptions(args)
    client_options = json.loads(opts.options)
    if opts.options_file:
        client_options = json.load(open(opts.options_file, 'r'))
    client_attributes = json.loads(opts.attributes)
    if opts.attributes_file:
        client_attributes = json.load(open(opts.attributes_file, 'r'))
    if do_print and not opts.raw_output:
        print "CREDS = " + str(opts.credentials)
        print "OPTIONS = " + str(client_options)
    suppress_errors = None
    reason = "Testing"
    config = {'cert': opts.cert, 'key': opts.key}

    framework = MAClientFramework(config, {})
    client = framework.make_client(opts.url, opts.key, opts.cert,
                                   allow_none=True,
                                   verbose=False)
    fcn = getattr(client, opts.method)

    # Methods that take no arguments
    result = None
    msg = None

    if opts.page:
        emulate_portal_page(opts)

    elif opts.method in ['get_version', 'get_trust_roots']:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn)
    # Methods that take options argument
    elif opts.method in ['lookup_member_authorities',
                         'lookup_slice_authorities',
                         'lookup_aggregates',
                         'lookup_authorities_for_urns']:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
                                client_options)
    # Methods that take a URN and an aggregate URL argument
    elif opts.method in ['register_aggregate', 'remove_aggregate'] and \
            opts.agg_url:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
                                opts.urn, opts.agg_url, opts.credentials,
                                client_options)
    elif (opts.int_arg is not None and
          opts.method in ['get_services_of_type', 'get_first_service_of_type',
                          'get_service_by_id']):
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
                                int(opts.int_arg))
    elif opts.method in ['get_services']:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn)
    # Logging methods (test)
    elif opts.method in ['log_event']:
        message = opts.string_arg
        attributes = {}
        add_attribute(attributes, opts.int_arg, opts.uuid_arg)
        add_attribute(attributes, opts.int2_arg, opts.uuid2_arg)
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
                                message, attributes, opts.credentials,
                                client_options)
    elif opts.method in ['get_log_entries_by_author']:
        num_hours = 15 * 24
        user_id = '8e405a75-3ff7-4288-bfa5-111552fa53ce'
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
                                user_id, num_hours, opts.credentials,
                                client_options)
    elif opts.method in ['get_log_entries_for_context']:
        context_type = 'SLICE'
        context_id = '848e4a11-55eb-45df-a0e8-b79109fb0a88'
        num_hours = 15 * 24
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
                                context_type, context_id, num_hours,
                                opts.credentials, client_options)
    elif opts.method in ['get_log_entries_by_attributes']:
        type1 = 'SLICE'
        id1 = '848e4a11-55eb-45df-a0e8-b79109fb0a88'
        type2 = 'PROJECT'
        id2 = '8c042cf0-8389-48e0-aca1-782fd7a20794'
        num_hours = 15 * 24
        attribute_sets = [{type1: id1}, {type2: id2}]
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
                                attribute_sets, num_hours, opts.credentials,
                                client_options)

    elif opts.method in ['get_attributes_for_log_entry']:
        event_id = '20360'
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
                                event_id, opts.credentials,
                                client_options)
    # Credential store methods
    elif opts.method in ['get_permissions']:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
                                opts.uuid_arg,
                                opts.credentials, client_options)
    elif opts.method in ['get_attributes']:
        context = 'None'
        if opts.uuid2_arg:
            context = opts.uuid2_arg
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
                                opts.uuid_arg,
                                opts.int_arg, context,
                                opts.credentials, client_options)
    elif opts.method in ['lookup_keys']:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
                                opts.credentials, client_options)
    elif opts.method in ['delete_key', 'update_key'] \
            and opts.string_arg and opts.urn:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
                                opts.string_arg,
                                opts.credentials, client_options)

    # Client Authorization methods
    elif opts.method in ['list_clients']:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn)
    elif opts.method in ['list_authorized_clients']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg)
    elif opts.method in ['authorize_client']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg,
                    opts.urn, opts.int_arg)
    # Sliver info methods
    elif opts.method in ['delete_sliver_info', 'update_sliver_info']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.urn,
                    opts.credentials, client_options)
    elif opts.method in ['create_sliver_info', 'lookup_sliver_info']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn,
                    opts.credentials, client_options)

    # Project request methods
    elif opts.method in ['create_request']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.int_arg,
                    opts.uuid_arg, opts.int2_arg, opts.string_arg,
                    opts.string2_arg,
                    opts.credentials, client_options)
    elif opts.method in ['resolve_pending_request']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.int_arg,
                    opts.int2_arg, opts.int3_arg, opts.string_arg,
                    opts.credentials, client_options)
    elif opts.method in ['invite_member']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.int_arg,
                    opts.uuid_arg,
                    opts.credentials, client_options)

    elif opts.method in ['accept_invitation']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn,
                    opts.uuid_arg,  # invite_id
                    opts.uuid2_arg,  # member_id
                    opts.credentials, client_options)

    elif opts.method in ['get_requests_for_context']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.int_arg,
                    opts.uuid_arg, opts.int2_arg, opts.credentials,
                    client_options)
    elif opts.method in ['get_requests_by_user']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg,
                    opts.int_arg, opts.uuid2_arg, opts.int2_arg,
                    opts.credentials, client_options)
    elif opts.method in ['get_pending_requests_for_user',
                         'get_number_of_pending_requests_for_user']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg,
                    opts.int_arg, opts.uuid2_arg, opts.credentials,
                    client_options)

    elif opts.method in ['get_request_by_id']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn,
                    opts.int_arg, opts.int2_arg, opts.credentials,
                    client_options)

    # MA certificate methods
    elif opts.method in ['create_certificate']:
        options = {}
        if opts.file_arg:
            csr = open(opts.file_arg).read()
            options = {'csr': csr}
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.urn,
                    opts.credentials, options)

    # Method to create members
    elif opts.method in ['create_member'] and opts.string_arg:

        # Use the entered string_arg as the email to register a member
        attributes = [{"value": opts.string_arg,
                       "name": "email_address",
                       "self_asserted": False},
                      {"value": opts.string_arg,
                       "name": "eppn",
                       "self_asserted": False}]
        options = {}

        # Send query message and retrieve the result and response message
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
                                attributes, opts.credentials, options)

    # Method to lookup for members
    elif opts.method in ['lookup_public_member_info',
                         'lookup_private_member_info',
                         'lookup_allowed_member_info',
                         'lookup_identifying_member_info'] and \
            (opts.urn or opts.uuid_arg):

        # Create client options dictionary
        client_options = {"match": {}}

        # If the user entered an UUID
        if opts.uuid_arg:
            # Uptade the client options dictionary with the entered UUID
            client_options["match"].update({"MEMBER_UID": opts.uuid_arg})

        # If the user entered an URN
        if opts.urn:
            # Uptade the client options dictionary with the entered URN
            client_options["match"].update({"MEMBER_URN": opts.urn})

        # Send query message and retrieve the result and response message
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
                                opts.credentials, client_options)

    # MA add/revoke privilege methods
    elif opts.method in ['add_member_privilege', 'revoke_member_privilege']:
        options = {}
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.uuid_arg,
                    opts.string_arg,
                    opts.credentials, options)

    # Methods that take urn, credentials, options
    elif opts.method in ['get_credentials']:
        options = {}
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.urn,
                    opts.credentials, options)

    # Generic Federation v2 API methods
    elif opts.method in ['lookup', 'create']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.type,
                    opts.credentials, client_options)

    elif opts.method in ['lookup_slice_members', 'lookup_slices_for_member',
                         'lookup_project_members',
                         'lookup_projects_for_member']:
        urn = None
        if ('match' in client_options and
                'SLICE_URN' in client_options['match']):
            urn = client_options['match']['SLICE_URN']
        if ('match' in client_options and
                'PROJECT_URN' in client_options['match']):
            urn = client_options['match']['PROJECT_URN']
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn,
                    urn, opts.credentials, client_options)

    elif opts.method in ['update', 'delete', 'modify_membership',
                         'lookup_members', 'lookup_for_member']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.type,
                    opts.urn, opts.credentials, client_options)

    # Lookup login info (authorities only)
    elif opts.method in ['lookup_login_info']:
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn,
                    opts.credentials, client_options)

    # Portal query
    elif opts.method in ['portal_query']:
        options = {}
        member_eppn = opts.string_arg
        project_id = opts.uuid_arg
        slice_id = opts.uuid2_arg
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn,
                    member_eppn, project_id, slice_id)

    # MA Swap nonce method
    elif opts.method in ['swap_identities']:
        options = {}
        (result, msg) = \
            _do_ssl(framework, suppress_errors, reason, fcn, opts.urn,
                    opts.urn2_arg, opts.credentials, options)

    # Methods that take attributes and options
    elif client_attributes:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
                                client_attributes,
                                opts.credentials, client_options)

    # Methods that take credentials and options and urn arguments
    elif opts.urn:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
                                opts.urn,
                                opts.credentials, client_options)
    # Methods that take credentials and options (and no urn) arguments
    else:
        (result, msg) = _do_ssl(framework, suppress_errors, reason, fcn,
                                opts.credentials, client_options)

    if do_print:
        if opts.raw_output:
            print json.dumps(result)
        else:
            print "RESULT = " + str(result)
        if msg:
            print "MSG = " + str(msg)