summaryrefslogtreecommitdiff
path: root/bonafide
diff options
context:
space:
mode:
authorKali Kaneko <kali@leap.se>2015-09-04 02:18:51 -0400
committerKali Kaneko <kali@leap.se>2015-09-04 02:18:51 -0400
commit7576725b8992b621614e725c7a5a1c3b6991303a (patch)
treeaf00a7c0a1c24c31fed6e555df8d88d75d198ea3 /bonafide
parent47a1c704321f30c09007f7c60162c6c12c146b93 (diff)
smtp certs [WIP]
Diffstat (limited to 'bonafide')
-rw-r--r--bonafide/src/leap/bonafide/_decorators.py2
-rw-r--r--bonafide/src/leap/bonafide/_http.py6
-rw-r--r--bonafide/src/leap/bonafide/provider.py5
-rw-r--r--bonafide/src/leap/bonafide/session.py30
4 files changed, 34 insertions, 9 deletions
diff --git a/bonafide/src/leap/bonafide/_decorators.py b/bonafide/src/leap/bonafide/_decorators.py
index cfd6ec07..6b437150 100644
--- a/bonafide/src/leap/bonafide/_decorators.py
+++ b/bonafide/src/leap/bonafide/_decorators.py
@@ -19,7 +19,7 @@ Decorators used in bonafide.
"""
-def needs_authentication(func):
+def auth_required(func):
"""
Decorate a method so that it will not be called if the instance
attribute `is_authenticated` does not evaluate to True.
diff --git a/bonafide/src/leap/bonafide/_http.py b/bonafide/src/leap/bonafide/_http.py
index 6510e84c..39aababd 100644
--- a/bonafide/src/leap/bonafide/_http.py
+++ b/bonafide/src/leap/bonafide/_http.py
@@ -18,6 +18,7 @@
"""
twisted.web utils for bonafide.
"""
+import base64
import cookielib
import urllib
@@ -39,12 +40,15 @@ def cookieAgentFactory(verify_path, connectTimeout=30):
return CookieAgent(agent, cookiejar)
-def httpRequest(agent, url, values={}, headers={}, method='POST'):
+def httpRequest(agent, url, values={}, headers={}, method='POST', token=None):
data = ''
if values:
data = urllib.urlencode(values)
headers['Content-Type'] = ['application/x-www-form-urlencoded']
+ if token:
+ headers['Authorization'] = ['Token token="%s"' % (bytes(token))]
+
def handle_response(response):
if response.code == 204:
d = defer.succeed('')
diff --git a/bonafide/src/leap/bonafide/provider.py b/bonafide/src/leap/bonafide/provider.py
index ca2ea1d6..5b13d73b 100644
--- a/bonafide/src/leap/bonafide/provider.py
+++ b/bonafide/src/leap/bonafide/provider.py
@@ -21,8 +21,13 @@ LEAP Provider API.
class LeapProviderApi(object):
# TODO when should the provider-api object be created?
+ # TODO relate to a Provider object, with autoconf flag.
# XXX separate in auth-needing actions?
+ # doing that in LeapSession right now (with a decorator)
+ # but probably it would be better if we can just gather that info in just
+ # one place and decorate the methods programatically.
+
# XXX version this mapping !!!
actions = {
diff --git a/bonafide/src/leap/bonafide/session.py b/bonafide/src/leap/bonafide/session.py
index 85e49e06..198b250c 100644
--- a/bonafide/src/leap/bonafide/session.py
+++ b/bonafide/src/leap/bonafide/session.py
@@ -21,7 +21,7 @@ from twisted.internet import defer, reactor
from twisted.python import log
from leap.bonafide import srp_auth
-from leap.bonafide._decorators import needs_authentication
+from leap.bonafide._decorators import auth_required
from leap.bonafide._http import httpRequest, cookieAgentFactory
@@ -57,8 +57,8 @@ class LeapSession(object):
log.msg("%s to %s" % (method, uri))
params = self._srp_auth.get_handshake_params(self.username, A)
- handshake = yield httpRequest(self._agent, uri, values=params,
- method=method)
+ handshake = yield self._request(self._agent, uri, values=params,
+ method=method)
M = self._srp_auth.process_handshake(srpuser, handshake)
uri, method = self._api.get_uri_and_method(
@@ -66,26 +66,38 @@ class LeapSession(object):
log.msg("%s to %s" % (method, uri))
params = self._srp_auth.get_authentication_params(M, A)
- auth = yield httpRequest(self._agent, uri, values=params,
- method=method)
+ auth = yield self._request(self._agent, uri, values=params,
+ method=method)
uuid, token, M2 = self._srp_auth.process_authentication(auth)
self._srp_auth.verify_authentication(srpuser, M2)
self._uuid = uuid
self._token = token
- defer.returnValue('[OK] Credentias Authenticated through SRP')
+ defer.returnValue('[OK] Credentials Authenticated through SRP')
- @needs_authentication
+ @auth_required
def logout(self):
print "Should logout..."
+ @auth_required
+ def get_smtp_cert(self):
+ # TODO pass it to the provider object so that it can save it in the
+ # right path.
+ uri, method = self._api.get_uri_and_method('get_smtp_cert')
+ print method, "to", uri
+ return self._request(self._agent, uri, method=method)
+
@property
def is_authenticated(self):
if not self._srp_user:
return False
return self._srp_user.authenticated()
+ def _request(self, *args, **kw):
+ kw['token'] = self._token
+ return httpRequest(*args, **kw)
+
if __name__ == "__main__":
from leap.bonafide import provider
@@ -106,10 +118,14 @@ if __name__ == "__main__":
def auth_eb(failure):
print "[ERROR!]", failure.getErrorMessage()
+ log.err(failure)
d = session.authenticate()
d.addCallback(print_result)
d.addErrback(auth_eb)
+ d.addCallback(lambda _: session.get_smtp_cert())
+ d.addCallback(print_result)
+ d.addErrback(auth_eb)
d.addCallback(lambda _: session.logout())
d.addBoth(cbShutDown)
reactor.run()