pyceo/ceo/krb_check.py

import subprocess

import gssapi


def krb_check():
    """
    Spawns a `kinit` process if no credentials are available or the
    credentials have expired.
    Returns the principal string 'user@REALM'.
    """
    for _ in range(2):
        try:
            creds = gssapi.Credentials(usage='initiate')
            result = creds.inquire()
            return str(result.name)
        except (gssapi.raw.misc.GSSError, gssapi.raw.exceptions.ExpiredCredentialsError):
            kinit()

    raise Exception('could not acquire GSSAPI credentials')


def kinit():
    subprocess.run(['kinit'], check=True)
add members CLI 2021-08-23 09:59:01 -04:00			`import subprocess`

			`import gssapi`


			`def krb_check():`
			`"""`
			Spawns a `kinit` process if no credentials are available or the
			`credentials have expired.`
			`Returns the principal string 'user@REALM'.`
			`"""`
add unit tests for members CLI 2021-08-23 19:01:24 -04:00			`for _ in range(2):`
			`try:`
			`creds = gssapi.Credentials(usage='initiate')`
			`result = creds.inquire()`
			`return str(result.name)`
			`except (gssapi.raw.misc.GSSError, gssapi.raw.exceptions.ExpiredCredentialsError):`
			`kinit()`
add members CLI 2021-08-23 09:59:01 -04:00
add unit tests for members CLI 2021-08-23 19:01:24 -04:00			`raise Exception('could not acquire GSSAPI credentials')`
add members CLI 2021-08-23 09:59:01 -04:00

			`def kinit():`
			`subprocess.run(['kinit'], check=True)`