[feat] Add a 'fetch' flag to key export

If is set keyamanger will try to discover and download the key.

- Resolves: #8821

5 files changed, 27 insertions, 9 deletions

diff --git a/docs/changelog.rst b/docs/changelog.rst
index f9508700..455be5da 100644
--- a/docs/changelog.rst
+++ b/docs/changelog.rst
@@ -12,6 +12,7 @@ Features
 - `#8771 <https://0xacab.org/leap/bitmask-dev/issues/8771>`_: Add json print to the cli
 - `#8765 <https://0xacab.org/leap/bitmask-dev/issues/8765>`_: Require a global authentication token for the api
 - `#8819 <https://0xacab.org/leap/bitmask-dev/issues/8819>`_: Send key to provider if a new priv key is putted in the keyring
+- `#8821 <https://0xacab.org/leap/bitmask-dev/issues/8821>`_: Add a 'fetch' flag to key export
 - Initial cli port of the legacy vpn code
 - Add VPN API to bitmask.js
 - Add vpn get_cert command
diff --git a/src/leap/bitmask/cli/keys.py b/src/leap/bitmask/cli/keys.py
index 0412efe3..12191a5d 100644
--- a/src/leap/bitmask/cli/keys.py
+++ b/src/leap/bitmask/cli/keys.py
@@ -70,6 +70,9 @@ SUBCOMMANDS:
                             help='Select the userid of the keyring')
         parser.add_argument('--private', action='store_true',
                             help='Use private keys (by default uses public)')
+        parser.add_argument('--fetch', action='store_true',
+                            help='Try to fetch remotely the key if it is not '
+                            'in the local storage')
         parser.add_argument('address', nargs=1,
                             help='email address of the key')
         subargs = parser.parse_args(raw_args)
@@ -78,10 +81,14 @@ SUBCOMMANDS:
         if not userid:
             userid = self.cfg.get('bonafide', 'active', default='')
         self.data += ['export', userid, subargs.address[0]]
+
+        if subargs.private and subargs.fetch:
+            print('Cannot fetch private keys')
+            return
         if subargs.private:
             self.data += ['private']
-        else:
-            self.data += ['public']
+        if subargs.fetch:
+            self.data += ['fetch']
 
         return self._send(self._print_key)
 
diff --git a/src/leap/bitmask/core/dispatcher.py b/src/leap/bitmask/core/dispatcher.py
index e0cc1297..3d6f6704 100644
--- a/src/leap/bitmask/core/dispatcher.py
+++ b/src/leap/bitmask/core/dispatcher.py
@@ -315,10 +315,14 @@ class KeysCmd(SubCommand):
         address = parts[3]
 
         private = False
-        if parts[-1] == 'private':
-            private = True
+        fetch_remote = False
+        if len(parts) > 4:
+            if parts[4] == 'private':
+                private = True
+            elif parts[4] == 'fetch':
+                fetch_remote = True
 
-        return service.do_export(uid, address, private)
+        return service.do_export(uid, address, private, fetch_remote)
 
     @register_method('dict')
     def do_INSERT(self, service, *parts, **kw):
diff --git a/src/leap/bitmask/core/mail_services.py b/src/leap/bitmask/core/mail_services.py
index a0238279..48528d8d 100644
--- a/src/leap/bitmask/core/mail_services.py
+++ b/src/leap/bitmask/core/mail_services.py
@@ -397,13 +397,13 @@ class KeymanagerService(HookableService):
         d.addCallback(lambda keys: [dict(key) for key in keys])
         return d
 
-    def do_export(self, userid, address, private=False):
+    def do_export(self, userid, address, private=False, fetch_remote=False):
         km = self._container.get_instance(userid)
         if km is None:
             return defer.fail(ValueError("User " + userid + " has no active "
                                          "keymanager"))
 
-        d = km.get_key(address, private=private, fetch_remote=False)
+        d = km.get_key(address, private=private, fetch_remote=fetch_remote)
         d.addCallback(lambda key: dict(key))
         return d
 
diff --git a/ui/app/lib/bitmask.js b/ui/app/lib/bitmask.js
index 9d772242..72c027cb 100644
--- a/ui/app/lib/bitmask.js
+++ b/ui/app/lib/bitmask.js
@@ -359,11 +359,17 @@ var bitmask = function(){
              * @param {string} address The email address of the key
              * @param {boolean} priv Should get the private key?
              *                       If it's not provided the public one will be fetched.
+             * @param {boolean} fetch If the key is not in keymanager, should we fetch it remotely.
+             *                        If it's not provided keys will not be fetched remotely
              *
              * @return {Promise<KeyObject>} The key
              */
-            exprt: function(uid, address, priv) {
-                return call(['keys', 'export', uid, address, private_str(priv)]);
+            exprt: function(uid, address, priv, fetch) {
+                var privstr = private_str(priv);
+                if ((typeof fetch === 'bool') && fetch) {
+                    privstr = 'fetch';
+                }
+                return call(['keys', 'export', uid, address, privstr]);
             },
 
             /**