[feature] new commands: get_cert

2 files changed, 21 insertions, 4 deletions

diff --git a/src/leap/bitmask/bonafide/_protocol.py b/src/leap/bitmask/bonafide/_protocol.py
index ac631d8c..91b8b242 100644
--- a/src/leap/bitmask/bonafide/_protocol.py
+++ b/src/leap/bitmask/bonafide/_protocol.py
@@ -192,9 +192,12 @@ class BonafideProtocol(object):
         d = self._sessions[full_id].get_smtp_cert()
         return d
 
-    def do_get_vpn_cert(self):
-        # FIXME to be implemented
-        pass
+    def do_get_vpn_cert(self, full_id):
+        if (full_id not in self._sessions or
+                not self._sessions[full_id].is_authenticated):
+            return fail(RuntimeError("There is no session for such user"))
+        d = self._sessions[full_id].get_vpn_cert()
+        return d
 
     def do_update_user(self):
         # FIXME to be implemented
diff --git a/src/leap/bitmask/bonafide/service.py b/src/leap/bitmask/bonafide/service.py
index 37d1e214..69aac2df 100644
--- a/src/leap/bitmask/bonafide/service.py
+++ b/src/leap/bitmask/bonafide/service.py
@@ -120,7 +120,21 @@ class BonafideService(HookableService):
     def do_provider_list(self, seeded=False):
         return self._bonafide.do_provider_list(seeded)
 
-    def do_get_smtp_cert(self, username):
+    # TODO make username mandatory
+    # and move active_user to the cli machinery
+    def do_get_vpn_cert(self, username=None):
+        if not username:
+            username = self._active_user
+        if not username:
+            return defer.fail(
+                RuntimeError('No active user, cannot get VPN cert.'))
+        d = self._bonafide.do_get_vpn_cert(username)
+        d.addCallback(lambda response: (username, response))
+        return d
+
+    def do_get_smtp_cert(self, username=None):
+        if not username:
+            username = self._active_user
         if not username:
             return defer.fail(
                 RuntimeError('No username, cannot get SMTP cert.'))