diff options
author | Tomás Touceda <chiiph@leap.se> | 2014-09-05 15:37:07 -0300 |
---|---|---|
committer | Tomás Touceda <chiiph@leap.se> | 2014-09-08 14:53:23 -0300 |
commit | dff4c53be63e5412fe4a8e69d26bf45bd949ec71 (patch) | |
tree | 7324622548cbc47ab29c205020dc828c0044a2c4 /src/leap/bitmask | |
parent | a96c163b3ef6281eae1cf9c04fcbeb46b9fc43f4 (diff) |
Send the token when querying the EIP cert
Diffstat (limited to 'src/leap/bitmask')
-rw-r--r-- | src/leap/bitmask/crypto/certs.py | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/src/leap/bitmask/crypto/certs.py b/src/leap/bitmask/crypto/certs.py index 244decfd..c3ca4efb 100644 --- a/src/leap/bitmask/crypto/certs.py +++ b/src/leap/bitmask/crypto/certs.py @@ -46,19 +46,27 @@ def download_client_cert(provider_config, path, session): # again. srp_auth = SRPAuth(provider_config) session_id = srp_auth.get_session_id() + token = srp_auth.get_token() cookies = None - if session_id: + if session_id is not None: cookies = {"_session_id": session_id} cert_uri = "%s/%s/cert" % ( provider_config.get_api_uri(), provider_config.get_api_version()) logger.debug('getting cert from uri: %s' % cert_uri) + headers = {} + + # API v2 will only support token auth, but in v1 we can send both + if token is not None: + headers["Authorization"] = 'Token token="{0}"'.format(token) + res = session.get(cert_uri, verify=provider_config .get_ca_cert_path(), cookies=cookies, - timeout=REQUEST_TIMEOUT) + timeout=REQUEST_TIMEOUT, + headers=headers) res.raise_for_status() client_cert = res.content |