check credentials on login branch

plus fix repaint on populateErrors on login page,
should refactor to ToBeValidated class or something similar,
with the other paintEvent functions that implement
the painting of errors coming from the "next" validating page.

1 files changed, 64 insertions, 11 deletions

diff --git a/src/leap/gui/firstrun/providersetup.py b/src/leap/gui/firstrun/providersetup.py
index a1710a3a..3fb9a19b 100644
--- a/src/leap/gui/firstrun/providersetup.py
+++ b/src/leap/gui/firstrun/providersetup.py
@@ -2,17 +2,24 @@
 Provider Setup Validation Page,
 used if First Run Wizard
 """
+import logging
 
 from PyQt4 import QtGui
 
+from leap.base import auth
 from leap.gui.progress import ValidationPage
 
 from leap.gui.constants import APP_LOGO, pause_for_user
 
+logger = logging.getLogger(__name__)
+
 
 class ProviderSetupValidationPage(ValidationPage):
     def __init__(self, parent=None):
         super(ProviderSetupValidationPage, self).__init__(parent)
+        is_signup = self.field("is_signup")
+        self.is_signup = is_signup
+
         self.setTitle("Setting up provider")
         #self.setSubTitle(
             #"auto configuring provider...")
@@ -25,14 +32,56 @@ class ProviderSetupValidationPage(ValidationPage):
         """
         executes actual checks in a separate thread
         """
-        domain = self.field('provider_domain')
+        full_domain = self.field('provider_domain')
         wizard = self.wizard()
         pconfig = wizard.providerconfig
 
-        pCertChecker = wizard.providercertchecker
-        certchecker = pCertChecker(domain=domain)
+        #pCertChecker = wizard.providercertchecker
+        #certchecker = pCertChecker(domain=full_domain)
+        pCertChecker = wizard.providercertchecker(
+            domain=full_domain)
 
         update_signal.emit('head_sentinel', 0)
+
+        ######################################
+        if not self.is_signup:
+            # We come from login page.
+            # We try a call to an authenticated
+            # page here as a mean to catch
+            # srp authentication errors while
+            # we are still at one page's reach
+            # of the login credentials input page.
+            # (so we're able to go back an correct)
+
+            step = "fetch_eipcert"
+            update_signal.emit('validating credentials', 20)
+
+            unamek = 'login_userName'
+            passwk = 'login_userPassword'
+
+            username = self.field(unamek)
+            password = self.field(passwk)
+            credentials = username, password
+
+            #################
+            # FIXME #BUG #638
+            verify = False
+
+            try:
+                pCertChecker.download_new_client_cert(
+                    credentials=credentials,
+                    verify=verify)
+
+            except auth.SRPAuthenticationError as exc:
+                self.set_error(
+                    step,
+                    "Authentication error: %s" % exc.message)
+                return False
+
+            pause_for_user()
+
+        #######################################
+
         update_signal.emit('Fetching CA certificate', 30)
         pause_for_user()
 
@@ -48,7 +97,7 @@ class ProviderSetupValidationPage(ValidationPage):
         # (Check with the trusted fingerprints dict
         # or something smart)
 
-        certchecker.download_ca_cert(
+        pCertChecker.download_ca_cert(
             uri=ca_cert_uri,
             verify=False)
         pause_for_user()
@@ -59,7 +108,7 @@ class ProviderSetupValidationPage(ValidationPage):
         # XXX get fingerprint dict (types)
         #sha256_fpr = ca_cert_fingerprint.split('=')[1]
 
-        #validate_fpr = certchecker.check_ca_cert_fingerprint(
+        #validate_fpr = pCertChecker.check_ca_cert_fingerprint(
             #fingerprint=sha256_fpr)
         #if not validate_fpr:
             # XXX update validationMsg
@@ -70,7 +119,7 @@ class ProviderSetupValidationPage(ValidationPage):
 
         #api_uri = pconfig.get('api_uri', None)
         #try:
-            #api_cert_verified = certchecker.verify_api_https(api_uri)
+            #api_cert_verified = pCertChecker.verify_api_https(api_uri)
         #except requests.exceptions.SSLError as exc:
             #logger.error('BUG #638. %s' % exc.message)
             # XXX RAISE! See #638
@@ -95,15 +144,18 @@ class ProviderSetupValidationPage(ValidationPage):
         called after _do_checks has finished
         (connected to checker thread finished signal)
         """
+        prevpage = "providerselection" if self.is_signup else "login"
         wizard = self.wizard()
+
         if self.errors:
-            print 'going back with errors'
+            logger.debug('going back with errors')
+            name, first_error = self.pop_first_error()
             wizard.set_validation_error(
-                'providerselection',
-                'error on provider setup')
+                prevpage,
+                first_error)
             self.go_back()
         else:
-            print 'going next'
+            logger.debug('going next')
             self.go_next()
 
     def nextId(self):
@@ -114,5 +166,6 @@ class ProviderSetupValidationPage(ValidationPage):
         if is_signup is True:
             next_ = 'signup'
         if is_signup is False:
-            next_ = 'connecting'
+            # XXX bad name. change to connect again.
+            next_ = 'signupvalidation'
         return wizard.get_page_index(next_)