summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKali Kaneko <kali@leap.se>2015-09-16 16:07:57 -0400
committerKali Kaneko <kali@leap.se>2015-09-16 16:07:57 -0400
commit961d9e6a1c7a5041d5b019581dbf08f16f29ea53 (patch)
tree115b1a218059507513135c2b8377c352a0884e34
parentd77fef90375711883afb16781bcae88c65944b0c (diff)
[bug] authenticate logout calls to api
logout calls were not being authenticated, so we were receiving 401 return code.
-rw-r--r--changes/bug-fix-logout-auth1
-rw-r--r--src/leap/bitmask/crypto/srpauth.py22
2 files changed, 17 insertions, 6 deletions
diff --git a/changes/bug-fix-logout-auth b/changes/bug-fix-logout-auth
new file mode 100644
index 00000000..0dc09c02
--- /dev/null
+++ b/changes/bug-fix-logout-auth
@@ -0,0 +1 @@
+- Authenticate properly logout calls to API.
diff --git a/src/leap/bitmask/crypto/srpauth.py b/src/leap/bitmask/crypto/srpauth.py
index 452bfa66..97a4e958 100644
--- a/src/leap/bitmask/crypto/srpauth.py
+++ b/src/leap/bitmask/crypto/srpauth.py
@@ -552,12 +552,19 @@ class SRPAuthImpl(object):
self._provider_config.
get_api_version(),
"logout")
+ cookies = {self.SESSION_ID_KEY: self.get_session_id()}
+ headers = {
+ self.AUTHORIZATION_KEY:
+ "Token token={0}".format(self.get_token())
+ }
try:
- self._session.delete(logout_url,
- data=self.get_session_id(),
- verify=self._provider_config.
- get_ca_cert_path(),
- timeout=REQUEST_TIMEOUT)
+ res = self._session.delete(
+ logout_url,
+ cookies=cookies,
+ headers=headers,
+ verify=self._provider_config.
+ get_ca_cert_path(),
+ timeout=REQUEST_TIMEOUT)
except Exception as e:
logger.warning("Something went wrong with the logout: %r" %
(e,))
@@ -568,7 +575,10 @@ class SRPAuthImpl(object):
self.set_token(None)
# Also reset the session
self._session = self._fetcher.session()
- logger.debug("Successfully logged out.")
+ if res.status_code == 204:
+ logger.debug("Successfully logged out.")
+ else:
+ logger.debug("Logout status code: %s" % res.status_code)
def set_session_id(self, session_id):
with self._session_id_lock: