Merge pull request #7332 from chaen/v9.0_HACK_23.11.30

[9.0] revive future JobMonitoringHandler and allow proxyLocation to work with host

src/DIRAC/Core/DISET/private/BaseClient.py

@@ -253,7 +253,11 @@ def __discoverExtraCredentials(self):
         :return: S_OK()/S_ERROR()
         """
         # which extra credentials to use?
-        self.__extraCredentials = self.VAL_EXTRA_CREDENTIALS_HOST if self.__useCertificates else ""
+        self.__extraCredentials = (
+            self.VAL_EXTRA_CREDENTIALS_HOST
+            if (self.__useCertificates and not self.kwargs.get(self.KW_PROXY_LOCATION))
+            else ""
+        )
         if self.KW_EXTRA_CREDENTIALS in self.kwargs:
             self.__extraCredentials = self.kwargs[self.KW_EXTRA_CREDENTIALS]
 

src/DIRAC/Core/DISET/private/Transports/SSLTransport.py

@@ -40,7 +40,9 @@ def checkSanity(urlTuple, kwargs):
     """
     useCerts = False
     certFile = ""
-    if "useCertificates" in kwargs and kwargs["useCertificates"]:
+    if kwargs.get("proxyLocation"):
+        certFile = kwargs["proxyLocation"]
+    elif "useCertificates" in kwargs and kwargs["useCertificates"]:
         certTuple = Locations.getHostCertificateAndKeyLocation()
         if not certTuple:
             gLogger.error("No cert/key found! ")
@@ -52,10 +54,7 @@ def checkSanity(urlTuple, kwargs):
             gLogger.error("proxyString parameter is not a valid type", str(type(kwargs["proxyString"])))
             return S_ERROR("proxyString parameter is not a valid type")
     else:
-        if "proxyLocation" in kwargs:
-            certFile = kwargs["proxyLocation"]
-        else:
-            certFile = Locations.getProxyLocation()
+        certFile = Locations.getProxyLocation()
         if not certFile:
             gLogger.error("No proxy found")
             return S_ERROR("No proxy found")

src/DIRAC/Core/Tornado/Client/private/TornadoBaseClient.py

@@ -277,7 +277,7 @@ def __discoverExtraCredentials(self):
         WARNING: COPY/PASTE FROM Core/Diset/private/BaseClient
         """
         # which extra credentials to use?
-        if self.__useCertificates:
+        if self.__useCertificates and not self.kwargs.get(self.KW_PROXY_LOCATION):
             self.__extraCredentials = self.VAL_EXTRA_CREDENTIALS_HOST
         else:
             self.__extraCredentials = ""
@@ -508,10 +508,11 @@ def _request(self, retry=0, outputFile=None, **kwargs):
             return url
         url = url["Value"]
 
+        if self.kwargs.get(self.KW_PROXY_LOCATION):
+            auth = {"cert": self.kwargs[self.KW_PROXY_LOCATION]}
         # getting certificate
         # Do we use the server certificate ?
-        if self.kwargs[self.KW_USE_CERTIFICATES]:
-            # TODO: make this code path work with DiracX for Agents and possibly webapp ?
+        elif self.kwargs[self.KW_USE_CERTIFICATES]:
             auth = {"cert": Locations.getHostCertificateAndKeyLocation()}
 
         # Use access token?
@@ -550,8 +551,6 @@ def _request(self, retry=0, outputFile=None, **kwargs):
             fp = os.fdopen(tmpHandle, "w")
             fp.write(self.kwargs[self.KW_PROXY_STRING])
             fp.close()
-        elif self.kwargs.get(self.KW_PROXY_LOCATION):
-            auth = {"cert": self.kwargs[self.KW_PROXY_LOCATION]}
         else:
             auth = {"cert": Locations.getProxyLocation()}
             if not auth["cert"]:

src/DIRAC/WorkloadManagementSystem/FutureClient/JobMonitoringClient.py

@@ -1,12 +1,11 @@
-from diracx.client import DiracClient
-
-
 from DIRAC.Core.Utilities.ReturnValues import convertToReturnValue
 
+from DIRAC.Core.Security.DiracX import DiracXClient
+
 
 class JobMonitoringClient:
     def fetch(self, parameters, jobIDs):
-        with DiracClient() as api:
+        with DiracXClient() as api:
             jobs = api.jobs.search(
                 parameters=["JobID"] + parameters,
                 search=[{"parameter": "JobID", "operator": "in", "values": jobIDs}],