Synnefo » snf-occi

import sys

from optparse import OptionParser, OptionValueError

def parse_arguments(args):

    kw = {}

    kw["usage"] = "%prog [options]"

    kw["description"] = "OCCI interface to synnefo API"

    parser = OptionParser(**kw)

    parser.disable_interspersed_args()

    parser.add_option("--enable_voms", action="store_true", dest="enable_voms", default=False, help="Enable voms authorization")

    parser.add_option("--voms_db", action="store", type="string", dest="voms_db", help="Path to sqlite database file")

    (opts, args) = parser.parse_args(args)

    if opts.enable_voms and not opts.voms_db:

        print "--voms_db option required"

        parser.print_help()

    return (opts, args)

        if ENABLE_VOMS:

            global VOMS_DB

            conn = sqlite3.connect(VOMS_DB)

            ssl_dict = dict()

            #Regular expression in HTTP headers

            #raw environ[HTTP_SSL] contains PEM certificates in wrong format

            pem_re = r'^(-----BEGIN CERTIFICATE----- )(.*|\s]*)( -----END CERTIFICATE-----)'

            client_cert = re.search(pem_re, environ["HTTP_SSL_CLIENT_CERT"])

            client_chain = re.search(pem_re, environ["HTTP_SSL_CLIENT_CERT_CHAIN_0"])

            client_cert_list=[]

            client_chain_list=[]

            for i in range(1,4):

                client_cert_list.append(string.strip(client_cert.group(i)))

            for i in range(1,4):

                client_chain_list.append(string.strip(client_chain.group(i)))

            cert = client_cert_list[0]+"\n"+client_cert_list[1].replace(" "," \n")+"\n"+client_cert_list[2]

            chain = client_chain_list[0]+"\n"+client_chain_list[1].replace(" "," \n")+"\n"+client_chain_list[2]

            ssl_dict["SSL_CLIENT_S_DN"] = environ["HTTP_SSL_CLIENT_S_DN"]

            ssl_dict["SSL_CLIENT_CERT"] = cert

            ssl_dict["SSL_CLIENT_CERT_CHAIN_0"] = chain

            (user_dn, user_vo, user_fqans) = voms.authenticate(ssl_dict)

            print (user_dn, user_vo, user_fqans)

            cursor = conn.cursor()

            query = "SELECT token FROM vo_map WHERE vo_name=?"

            cursor.execute(query,[(user_vo)])

            (token,) = cursor.fetchone()

            if token:

                compClient = ComputeClient(KAMAKI_CONFIG['compute_url'], token)

                cyclClient = CycladesClient(KAMAKI_CONFIG['compute_url'], token)

                self.refresh_images(compClient,cyclClient)

                self.refresh_flavors(compClient,cyclClient)

                self.refresh_compute_instances(compClient)

                return self._call_occi(environ, response, security = None, token = token, snf = compClient, client = cyclClient)

            else:

                raise HTTPError(404, "Unauthorized access")

            #Authorize with user token

            compClient = ComputeClient(KAMAKI_CONFIG['compute_url'], environ['HTTP_AUTH_TOKEN'])

            cyclClient = CycladesClient(KAMAKI_CONFIG['compute_url'], environ['HTTP_AUTH_TOKEN'])

            return self._call_occi(environ, response, security = None, token = environ['HTTP_AUTH_TOKEN'], snf = compClient, client = cyclClient)

    global ENABLE_VOMS, VOMS_DB

    (opts, args) = parse_arguments(sys.argv[1:])

    ENABLE_VOMS = opts.enable_voms

    VOMS_DB = opts.voms_db

    COMPUTE_BACKEND = ComputeBackend()