[2e46f35] | 1 | #!/usr/bin/env python |
---|
[d743d60] | 2 | |
---|
| 3 | import sys |
---|
[e83f2f2] | 4 | from datetime import datetime |
---|
[d743d60] | 5 | |
---|
[6bedbdba] | 6 | from deter import fedid, generate_fedid |
---|
[d743d60] | 7 | from federation.remote_service import service_caller |
---|
[e83f2f2] | 8 | from federation.proof import proof |
---|
[d743d60] | 9 | from federation.client_lib import client_opts, exit_with_fault, RPCException, \ |
---|
[7206e5a] | 10 | wrangle_standard_options, do_rpc, get_experiment_names, \ |
---|
[e83f2f2] | 11 | save_certfile, get_abac_certs, log_authentication |
---|
[d743d60] | 12 | |
---|
| 13 | class new_opts(client_opts): |
---|
| 14 | def __init__(self): |
---|
| 15 | client_opts.__init__(self) |
---|
| 16 | self.add_option("--experiment_cert", dest="out_certfile", |
---|
[62f3dd9] | 17 | action='callback', callback=self.expand_file, type='str', |
---|
| 18 | help="output certificate file") |
---|
[d743d60] | 19 | self.add_option("--experiment_name", dest="exp_name", |
---|
| 20 | type="string", help="Suggested experiment name") |
---|
[353db8c] | 21 | self.add_option('--gen_cert', action='store_true', dest='gen_cert', |
---|
[7206e5a] | 22 | default=False, |
---|
| 23 | help='generate a cert to which to delegate rights') |
---|
[d743d60] | 24 | |
---|
| 25 | parser = new_opts() |
---|
| 26 | (opts, args) = parser.parse_args() |
---|
| 27 | |
---|
[7206e5a] | 28 | try: |
---|
[a0c2866] | 29 | cert, fid, url = wrangle_standard_options(opts) |
---|
[7206e5a] | 30 | acerts = get_abac_certs(opts.abac_dir) |
---|
| 31 | except EnvironmentError, e: |
---|
| 32 | sys.exit('%s: %s' % (e.filename, e.strerror)) |
---|
[a0c2866] | 33 | except RuntimeError, e: |
---|
| 34 | sys.exit("%s" %e) |
---|
[d743d60] | 35 | |
---|
| 36 | out_certfile = opts.out_certfile |
---|
| 37 | |
---|
| 38 | msg = { } |
---|
| 39 | |
---|
[7206e5a] | 40 | if opts.gen_cert: |
---|
| 41 | expid, expcert = generate_fedid(opts.exp_name or 'dummy') |
---|
| 42 | msg['experimentAccess'] = { 'X509': expcert } |
---|
| 43 | else: |
---|
| 44 | expcert = None |
---|
| 45 | |
---|
[d743d60] | 46 | if opts.exp_name: |
---|
| 47 | msg['experimentID'] = { 'localname': opts.exp_name } |
---|
| 48 | |
---|
[7206e5a] | 49 | if acerts: |
---|
| 50 | msg['credential'] = acerts |
---|
| 51 | |
---|
[d743d60] | 52 | if opts.debug > 1: print >>sys.stderr, msg |
---|
| 53 | |
---|
| 54 | try: |
---|
| 55 | resp_dict = do_rpc(msg, |
---|
[5d854e1] | 56 | url, opts.transport, cert, opts.trusted, |
---|
[d743d60] | 57 | serialize_only=opts.serialize_only, |
---|
| 58 | tracefile=opts.tracefile, |
---|
| 59 | caller=service_caller("New"), responseBody='NewResponseBody') |
---|
| 60 | except RPCException, e: |
---|
[e83f2f2] | 61 | exit_with_fault(e, 'New', opts) |
---|
[d743d60] | 62 | except RuntimeError, e: |
---|
| 63 | sys.exit("Error processing RPC: %s" % e) |
---|
| 64 | |
---|
| 65 | if opts.debug > 1: print >>sys.stderr, resp_dict |
---|
| 66 | |
---|
| 67 | try: |
---|
[7206e5a] | 68 | save_certfile(opts.out_certfile, resp_dict.get('experimentAccess', None), |
---|
| 69 | expcert) |
---|
| 70 | except EnvironmentError, e: |
---|
| 71 | sys.exit('Could not write to %s:' % (e.strerror, e.filename)) |
---|
| 72 | except CertificateMismatchError: |
---|
| 73 | printf >>sys.stderr, "Fedid of created experiment does not match generated" |
---|
| 74 | |
---|
[d743d60] | 75 | |
---|
| 76 | e_fedid, e_local = get_experiment_names(resp_dict.get('experimentID', None)) |
---|
| 77 | st = resp_dict.get('experimentStatus', None) |
---|
[e83f2f2] | 78 | proof = proof.from_dict(resp_dict.get('proof', {})) |
---|
[d743d60] | 79 | |
---|
| 80 | if e_local: print "localname: %s" % e_local |
---|
| 81 | if e_fedid: print "fedid: %s" % e_fedid |
---|
| 82 | if st: print "status: %s" % st |
---|
[e83f2f2] | 83 | if proof and opts.auth_log: |
---|
| 84 | log_authentication(opts.auth_log, 'New', 'succeeded', proof) |
---|