diff options
| author | Ivan Alejandro <ivanalejandro0@gmail.com> | 2014-09-08 15:16:58 -0300 |
|---|---|---|
| committer | Ivan Alejandro <ivanalejandro0@gmail.com> | 2014-09-08 15:16:58 -0300 |
| commit | bdfac84e20389e2653939fa9f2dd9752eaabcfed (patch) | |
| tree | 7324622548cbc47ab29c205020dc828c0044a2c4 | |
| parent | a96c163b3ef6281eae1cf9c04fcbeb46b9fc43f4 (diff) | |
| parent | dff4c53be63e5412fe4a8e69d26bf45bd949ec71 (diff) | |
Merge remote-tracking branch 'chiiph/bug/use_token_for_eip' into develop
| -rw-r--r-- | changes/bug_use_token_for_eip | 1 | ||||
| -rw-r--r-- | src/leap/bitmask/crypto/certs.py | 12 |
2 files changed, 11 insertions, 2 deletions
diff --git a/changes/bug_use_token_for_eip b/changes/bug_use_token_for_eip new file mode 100644 index 00000000..b10368ad --- /dev/null +++ b/changes/bug_use_token_for_eip @@ -0,0 +1 @@ +- Properly send the token for querying the EIP certificate. Fixes #6060.
\ No newline at end of file diff --git a/src/leap/bitmask/crypto/certs.py b/src/leap/bitmask/crypto/certs.py index 244decfd..c3ca4efb 100644 --- a/src/leap/bitmask/crypto/certs.py +++ b/src/leap/bitmask/crypto/certs.py @@ -46,19 +46,27 @@ def download_client_cert(provider_config, path, session): # again. srp_auth = SRPAuth(provider_config) session_id = srp_auth.get_session_id() + token = srp_auth.get_token() cookies = None - if session_id: + if session_id is not None: cookies = {"_session_id": session_id} cert_uri = "%s/%s/cert" % ( provider_config.get_api_uri(), provider_config.get_api_version()) logger.debug('getting cert from uri: %s' % cert_uri) + headers = {} + + # API v2 will only support token auth, but in v1 we can send both + if token is not None: + headers["Authorization"] = 'Token token="{0}"'.format(token) + res = session.get(cert_uri, verify=provider_config .get_ca_cert_path(), cookies=cookies, - timeout=REQUEST_TIMEOUT) + timeout=REQUEST_TIMEOUT, + headers=headers) res.raise_for_status() client_cert = res.content |