genadmincredential.in 1.59 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27
#!/usr/bin/perl -wT
#
# GENIPUBLIC-COPYRIGHT
# Copyright (c) 2008-2009 University of Utah and the Flux Group.
# All rights reserved.
#
use strict;

use Exporter;
use vars qw(@ISA @EXPORT);

@ISA    = "Exporter";
@EXPORT = qw ( );

use GeniCredential;
use GeniCertificate;
use GeniAuthority;
use GeniHRN;
use GeniResponse;
use GeniUser;

sub CreateAdminCredential()
{
	my $owner_urn = shift;
	my $target_cm_urn = shift;
	#
        # Must be an emulab user who is talking to us.
28
        # If any of the URN specified is invalid do not accept.
29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58
        if (! (GeniHRN::IsValid($owner_urn) && GeniHRN::IsValid($target_cm_urn))) {
            return GeniResponse->MalformedArgsResponse();
        }

        my $geniuser = GeniUser->Lookup($owner_urn);
        if (!defined($geniuser)) {
            return GeniResponse->Create(GENIRESPONSE_FORBIDDEN,
                                        undef, "Who are you?");
        }

	 my $authority = GeniAuthority->Lookup($target_cm_urn);
        if (!defined($authority)) {
            print STDERR "Could not find local authority object for $target_cm_urn\n";
            return GeniResponse->Create(GENIRESPONSE_ERROR);
        }
        my $credential =
            GeniCredential->CreateSigned($authority,
                                         $geniuser,
                                         $GeniCredential::LOCALSA_FLAG);
        return GeniResponse->Create(GENIRESPONSE_ERROR)
            if (!defined($credential));

        return GeniResponse->Create(GENIRESPONSE_SUCCESS,
                                    $credential->asString());

}

print CreateAdminCredential @ARGV