Add sqlite based VO to token map

diff --git a/snfOCCI/APIserver.py b/snfOCCI/APIserver.py
index d85e9e7..bb7455d 100755 (executable)
--- a/snfOCCI/APIserver.py
+++ b/snfOCCI/APIserver.py
@@ -2,6 +2,8 @@
 
 import re
 import string
+import sqlite3
+
 from snfOCCI.registry import snfRegistry
 from snfOCCI.compute import ComputeBackend
 from snfOCCI.config import SERVER_CONFIG, KAMAKI_CONFIG
@@ -22,6 +24,8 @@ from wsgiref.validate import validator
 import voms
 
 
+conn = sqlite3.connect('/home/nemo/myWorkspace/snf-occi/snfOCCI/voms.db')
+
 class MyAPP(Application):
     '''
     An OCCI WSGI application.
@@ -93,18 +97,12 @@ class MyAPP(Application):
 
     def __call__(self, environ, response):
 
-        compClient = ComputeClient(KAMAKI_CONFIG['compute_url'], environ['HTTP_AUTH_TOKEN'])
-        cyclClient = CycladesClient(KAMAKI_CONFIG['compute_url'], environ['HTTP_AUTH_TOKEN'])
-
-        #Up-to-date flavors and images
-        self.refresh_images(compClient,cyclClient)
-        self.refresh_flavors(compClient,cyclClient)
-        self.refresh_compute_instances(compClient)
+        #Authorization
 
         ssl_dict = dict()
 
         #Regular expression in HTTP headers
-        #environ[HTTP_SSL] contains PEM certificates in wrong format
+        #raw environ[HTTP_SSL] contains PEM certificates in wrong format
         
         pem_re = r'^(-----BEGIN CERTIFICATE----- )(.*|\s]*)( -----END CERTIFICATE-----)'
 
@@ -132,22 +130,27 @@ class MyAPP(Application):
         print (user_dn, user_vo, user_fqans)
 
 
-        #Authenticate only VOs in list
-        VOs = ['see','fedcloud.egi.eu']
-        #Always authenticated, only for testing purposes 
-        
-        authenticated  = False
+        cursor = conn.cursor()
+        query = "SELECT token FROM vo_map WHERE vo_name=?"
+        cursor.execute(query,[(user_vo)])
 
-        if user_vo in VOs:
-            authenticated = True
+        (token,) = cursor.fetchone()
 
-        if authenticated:
-            # token will be represented in self.extras
-            return self._call_occi(environ, response, security = None, token = environ['HTTP_AUTH_TOKEN'], snf = compClient, client = cyclClient)
+        if token:
+            compClient = ComputeClient(KAMAKI_CONFIG['compute_url'], token)
+            cyclClient = CycladesClient(KAMAKI_CONFIG['compute_url'], token)
+
+            self.refresh_images(compClient,cyclClient)
+            self.refresh_flavors(compClient,cyclClient)
+            self.refresh_compute_instances(compClient)
+
+
+            return self._call_occi(environ, response, security = None, token = token, snf = compClient, client = cyclClient)
         else:
             raise HTTPError(404, "Unauthorized access")
 
 
+
 def main():
 
     APP = MyAPP(registry = snfRegistry())