Authorize only list of selected VOs

[snf-occi] / snfOCCI / APIserver.py

diff --git a/snfOCCI/APIserver.py b/snfOCCI/APIserver.py
index 13a7d75..d85e9e7 100755 (executable)
--- a/snfOCCI/APIserver.py
+++ b/snfOCCI/APIserver.py
@@ -128,11 +128,18 @@ class MyAPP(Application):
         ssl_dict["SSL_CLIENT_CERT"] = cert
         ssl_dict["SSL_CLIENT_CERT_CHAIN_0"] = chain
 
-        info = voms.authenticate(ssl_dict)
-        print info
+        (user_dn, user_vo, user_fqans) = voms.authenticate(ssl_dict)
+        print (user_dn, user_vo, user_fqans)
 
+
+        #Authenticate only VOs in list
+        VOs = ['see','fedcloud.egi.eu']
         #Always authenticated, only for testing purposes 
-        authenticated = True
+        
+        authenticated  = False
+
+        if user_vo in VOs:
+            authenticated = True
 
         if authenticated:
             # token will be represented in self.extras