summaryrefslogtreecommitdiff
path: root/src/leap/bitmask/bonafide/session.py
diff options
context:
space:
mode:
authorKali Kaneko <kali@leap.se>2018-01-10 12:31:17 +0100
committerKali Kaneko <kali@leap.se>2018-01-25 01:19:10 +0100
commit5ffa0c1710ce4038b94a026a58daf8f12aef2ec4 (patch)
tree61723ea8c2385b2930ed82f401f52d6239ecc221 /src/leap/bitmask/bonafide/session.py
parent5510c24e61046269e5b29df7d7ffb67a42bdc763 (diff)
[feat] support anonymous vpn
honor the anonymous certificate for the providers that offer it. this still needs a change in bonafide, in which if provider supports anonymous access we still have to download eip-service.json for testing, I assume this has been already manually downloaded.
Diffstat (limited to 'src/leap/bitmask/bonafide/session.py')
-rw-r--r--src/leap/bitmask/bonafide/session.py26
1 files changed, 14 insertions, 12 deletions
diff --git a/src/leap/bitmask/bonafide/session.py b/src/leap/bitmask/bonafide/session.py
index 988cbb99..d6a39447 100644
--- a/src/leap/bitmask/bonafide/session.py
+++ b/src/leap/bitmask/bonafide/session.py
@@ -17,6 +17,7 @@
"""
LEAP Session management.
"""
+from twisted.cred.credentials import IAnonymous, IUsernamePassword
from twisted.internet import defer, reactor
from twisted.logger import Logger
@@ -47,7 +48,6 @@ class Session(object):
log = Logger()
def __init__(self, credentials, api, provider_cert):
- # TODO check if an anonymous credentials is passed.
# TODO move provider_cert to api object.
# On creation, it should be able to retrieve all the info it needs
# (calling bootstrap).
@@ -56,9 +56,12 @@ class Session(object):
# and a "autoconfig" attribute passed on initialization.
# TODO get a file-descriptor for password if not in credentials
# TODO merge self._request with config.Provider._http_request ?
-
- self.username = credentials.username
- self.password = credentials.password
+ if IAnonymous.providedBy(credentials):
+ self.username = None
+ self.password = None
+ elif IUsernamePassword.providedBy(credentials):
+ self.username = credentials.username
+ self.password = credentials.password
self._provider_cert = provider_cert
self._api = api
self._initialize_session()
@@ -86,7 +89,10 @@ class Session(object):
@property
def is_authenticated(self):
- return self._srp_auth.srp_user.authenticated()
+ if self.username is None:
+ return False
+ else:
+ return self._srp_auth.srp_user.authenticated()
@defer.inlineCallbacks
def authenticate(self):
@@ -133,8 +139,8 @@ class Session(object):
met = self._api.get_update_user_method()
params = self._srp_password.get_password_params(
self.username, password)
- update = yield self._request(self._agent, uri, values=params,
- method=met)
+ yield self._request(self._agent, uri, values=params,
+ method=met)
self.password = password
self._srp_auth = _srp.SRPAuthMechanism(self.username, password)
defer.returnValue(OK)
@@ -153,16 +159,12 @@ class Session(object):
# User certificates
def get_vpn_cert(self):
- # TODO pass it to the provider object so that it can save it in the
- # right path.
uri = self._api.get_vpn_cert_uri()
met = self._api.get_vpn_cert_method()
return self._request(self._agent, uri, method=met)
@_auth_required
def get_smtp_cert(self):
- # TODO pass it to the provider object so that it can save it in the
- # right path.
uri = self._api.get_smtp_cert_uri()
met = self._api.get_smtp_cert_method()
return self._request(self._agent, uri, method=met)
@@ -198,7 +200,7 @@ class Session(object):
@defer.inlineCallbacks
def fetch_provider_configs(self, uri, path, method='GET'):
- config = yield self._request(
+ yield self._request(
self._agent, uri, method=method, saveto=path)
defer.returnValue('ok')