Merge remote-tracking branch 'chiiph/feature/use_token' into develop

author: Ivan Alejandro <ivanalejandro0@gmail.com> 2013-10-02 13:46:11 -0300
committer: Ivan Alejandro <ivanalejandro0@gmail.com> 2013-10-02 13:46:11 -0300
commit: 3501a67aa1b801f6bab52a20ff5bcfc08d9fd25a (patch)
tree: 080fd6c30ed72c6368f82b73360d42bfa3ac0cec
parent: 1a2f257cc2f15e3a3ad84c643c2e78ff58972b45 (diff)
parent: 5b2220bc0177f12c81a3dbb1ebffd3cdae8b350d (diff)
3 files changed, 14 insertions, 2 deletions
diff --git a/changes/feature_use_token b/changes/feature_use_token
new file mode 100644
index 00000000..b412cc2d
--- /dev/null
+++ b/changes/feature_use_token
@@ -0,0 +1 @@
+  o Use token header for authenticated requests. Closes #3910.
+\ No newline at end of file
diff --git a/src/leap/bitmask/crypto/srpauth.py b/src/leap/bitmask/crypto/srpauth.py
index 9c08d353..90d9ea0a 100644
--- a/src/leap/bitmask/crypto/srpauth.py
+++ b/src/leap/bitmask/crypto/srpauth.py
@@ -129,6 +129,7 @@ class SRPAuth(QtCore.QObject):
         SESSION_ID_KEY = "_session_id"
         USER_VERIFIER_KEY = 'user[password_verifier]'
         USER_SALT_KEY = 'user[password_salt]'
+        AUTHORIZATION_KEY = "Authorization"
 
         def __init__(self, provider_config):
             """
@@ -466,6 +467,10 @@ class SRPAuth(QtCore.QObject):
                 self._username, new_password, self._hashfun, self._ng)
 
             cookies = {self.SESSION_ID_KEY: self.get_session_id()}
+            headers = {
+                self.AUTHORIZATION_KEY:
+                "Token token={0}".format(self.get_token())
+            }
             user_data = {
                 self.USER_VERIFIER_KEY: binascii.hexlify(verifier),
                 self.USER_SALT_KEY: binascii.hexlify(salt)
@@ -475,7 +480,8 @@ class SRPAuth(QtCore.QObject):
                 url, data=user_data,
                 verify=self._provider_config.get_ca_cert_path(),
                 cookies=cookies,
-                timeout=REQUEST_TIMEOUT)
+                timeout=REQUEST_TIMEOUT,
+                headers=headers)
 
             # In case of non 2xx it raises HTTPError
             change_password.raise_for_status()
diff --git a/src/leap/bitmask/services/__init__.py b/src/leap/bitmask/services/__init__.py
index 9b32c5ad..f9456159 100644
--- a/src/leap/bitmask/services/__init__.py
+++ b/src/leap/bitmask/services/__init__.py
@@ -126,10 +126,15 @@ def download_service_config(provider_config, service_config,
     # XXX make and use @with_srp_auth decorator
     srp_auth = SRPAuth(provider_config)
     session_id = srp_auth.get_session_id()
+    token = srp_auth.get_token()
     cookies = None
-    if session_id:
+    if session_id is not None:
         cookies = {"_session_id": session_id}
 
+    # API v2 will only support token auth, but in v1 we can send both
+    if token is not None:
+        headers["Authorization"] = 'Token token="{0}"'.format(token)
+
     res = session.get(config_uri,
                       verify=provider_config.get_ca_cert_path(),
                       headers=headers,
author	Ivan Alejandro <ivanalejandro0@gmail.com>	2013-10-02 13:46:11 -0300
committer	Ivan Alejandro <ivanalejandro0@gmail.com>	2013-10-02 13:46:11 -0300
commit	3501a67aa1b801f6bab52a20ff5bcfc08d9fd25a (patch)
tree	080fd6c30ed72c6368f82b73360d42bfa3ac0cec
parent	1a2f257cc2f15e3a3ad84c643c2e78ff58972b45 (diff)
parent	5b2220bc0177f12c81a3dbb1ebffd3cdae8b350d (diff)