Changeset 1177 for TI12-security


Ignore:
Timestamp:
14/06/06 16:38:50 (14 years ago)
Author:
pjkersha
Message:

NDG/AttCert.py: changed isValidTime so that the time against which it is checked can be overridden by
setting the dtNow keyword.

NDG/CredWallet.py: reqAuthorisation - in the block for getting an existing AC, if an AC is found only use it
if it won't expire in the next couple of hours.

Location:
TI12-security/trunk/python/NDG
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/NDG/AttCert.py

    r1176 r1177  
    697697 
    698698 
    699     def isValidTime(self, raiseExcep=False): 
     699    def isValidTime(self, dtNow=None, raiseExcep=False): 
    700700        """Check Attribute Certificate for expiry.  Set raiseExcep to True 
    701701        to raise an exception with a message indicating the nature of the  
     
    708708            raise AttCertError("Not After datetime is not set") 
    709709        
    710         dtNow = datetime.utcnow() 
     710        if dtNow is None: 
     711            dtNow = datetime.utcnow() 
    711712         
    712713        # Testing only 
  • TI12-security/trunk/python/NDG/CredWallet.py

    r1176 r1177  
    1616# Temporary store of certificates for use with CredWallet reqAuthorisation() 
    1717import tempfile 
     18 
     19# Check Attribute Certificate validity times 
     20from datetime import datetime 
     21from datetime import timedelta 
    1822 
    1923# Keyword formatting/XML message creation for Attribute Authority WS 
     
    948952            # Look in the wallet for an AC with the same issuer name 
    949953            if aaName in self.__credentials: 
    950                 # Existing Attribute Certificate found in wallet - return this 
    951                 return self.__credentials[aaName] 
     954                # Existing Attribute Certificate found in wallet - Check that  
     955                # it will be valid for at least the next 2 hours 
     956                # 
     957                # TODO: Make this 2 hour offset a configurable parameter 
     958                # 
     959                # P J Kershaw 14/06/06 
     960                dtNow = datetime.utcnow() + datetime.timedelta(seconds=7200) 
     961                 
     962                if self.__credentials[aaName].isValidTime(dtNow=dtNow):                                    
     963                    return self.__credentials[aaName] 
    952964             
    953965             
Note: See TracChangeset for help on using the changeset viewer.