GeniTicket.pm.in 2.76 KB
Newer Older
Leigh B. Stoller's avatar
Leigh B. Stoller committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132
#!/usr/bin/perl -wT
#
# EMULAB-COPYRIGHT
# Copyright (c) 2008 University of Utah and the Flux Group.
# All rights reserved.
#
package GeniTicket;

#
# Some simple ticket stuff.
#
use strict;
use Exporter;
use vars qw(@ISA @EXPORT);

@ISA    = "Exporter";
@EXPORT = qw ( );

# Must come after package declaration!
use lib '@prefix@/lib';
use GeniDB;
use libtestbed;
use English;
use Data::Dumper;
use File::Temp qw(tempfile);

# Configure variables
my $TB		   = "@prefix@";
my $TBOPS          = "@TBOPSEMAIL@";
my $TBAPPROVAL     = "@TBAPPROVALEMAIL@";
my $TBAUDIT   	   = "@TBAUDITEMAIL@";
my $BOSSNODE       = "@BOSSNODE@";
my $OURDOMAIN      = "@OURDOMAIN@";
my $GENICENTRAL    = "https://boss/protogeni/xmlrpc";
my $SIGNCRED	   = "$TB/sbin/signgenicred";

#
# Create a ticket. Not much to it yet.
#
# Should we keep track of tickets locally in the DB?
#
sub Create($$$;$)
{
    my ($class, $uuid, $rspec, $ticket) = @_;

    my $self = {};
    $self->{'rspec'}   = $rspec;
    $self->{'uuid'}    = $uuid;		# The slice UUID.
    $self->{'ticket'}  = $ticket;
    bless($self, $class);

    return $self;
}
# accessors
sub field($$)           { return ($_[0]->{$_[1]}); }
sub rspec($)		{ return field($_[0], "rspec"); }
sub uuid($)		{ return field($_[0], "uuid"); }
sub ticket($)		{ return field($_[0], "ticket"); }

#
# Populate the ticket with some stuff, which right now is just the
# number of node we are willing to grant.
#
sub Grant($$)
{
    my ($self, $count) = @_;

    return 0
	if (! ref($self));

    $self->{'count'} = $count;
    return 0;
}

#
# Sign the ticket before returning it. We capture the output, which is
# in XML.
#
sub Sign($)
{
    my ($self) = @_;

    return -1
	if (!ref($self));
    
    my $uuid = $self->uuid();
    my $requested = $self->rspec()->{'requested'};
    my $granted   = $self->rspec()->{'granted'};

    #
    # Create a template xml file to sign.
    #
    my $template =
	"<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"no\"?>\n".
	"<credential xml:id=\"Ref1\">\n".
	" <type>ticket</type>\n".
	" <owner_uuid>$uuid</owner_uuid>\n".
	" <this_uuid>$uuid</this_uuid>\n".
	" <ticket>\n".
	"  <can_delegate>1</can_delegate>\n".
	"  <rspec>\n".
	"    <requested>$requested</requested>\n".
	"    <granted>$granted</granted>\n".
	"  </rspec>\n".
	" </ticket>\n".	
        "</credential>\n";

    my ($fh, $filename) = tempfile(UNLINK => 0);
    return -1
	if (!defined($fh));

    print $fh $template;
    close($fh);

    #
    # Fire up the signer and capture the output. This is the signed ticket
    # that is returned. 
    #
    if (! open(SIGNER, "$SIGNCRED $filename |")) {
	print STDERR "Could not sign $filename\n";
	return -1;
    }
    my $ticket = "";
    while (<SIGNER>) {
	$ticket .= $_;
    }
    close(SIGNER);
    $self->{'ticket'} = $ticket;

    return 0;
}