summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--changes/bug-fix-logout-auth1
-rw-r--r--src/leap/bitmask/crypto/srpauth.py22
2 files changed, 17 insertions, 6 deletions
diff --git a/changes/bug-fix-logout-auth b/changes/bug-fix-logout-auth
new file mode 100644
index 00000000..0dc09c02
--- /dev/null
+++ b/changes/bug-fix-logout-auth
@@ -0,0 +1 @@
+- Authenticate properly logout calls to API.
diff --git a/src/leap/bitmask/crypto/srpauth.py b/src/leap/bitmask/crypto/srpauth.py
index 452bfa66..97a4e958 100644
--- a/src/leap/bitmask/crypto/srpauth.py
+++ b/src/leap/bitmask/crypto/srpauth.py
@@ -552,12 +552,19 @@ class SRPAuthImpl(object):
self._provider_config.
get_api_version(),
"logout")
+ cookies = {self.SESSION_ID_KEY: self.get_session_id()}
+ headers = {
+ self.AUTHORIZATION_KEY:
+ "Token token={0}".format(self.get_token())
+ }
try:
- self._session.delete(logout_url,
- data=self.get_session_id(),
- verify=self._provider_config.
- get_ca_cert_path(),
- timeout=REQUEST_TIMEOUT)
+ res = self._session.delete(
+ logout_url,
+ cookies=cookies,
+ headers=headers,
+ verify=self._provider_config.
+ get_ca_cert_path(),
+ timeout=REQUEST_TIMEOUT)
except Exception as e:
logger.warning("Something went wrong with the logout: %r" %
(e,))
@@ -568,7 +575,10 @@ class SRPAuthImpl(object):
self.set_token(None)
# Also reset the session
self._session = self._fetcher.session()
- logger.debug("Successfully logged out.")
+ if res.status_code == 204:
+ logger.debug("Successfully logged out.")
+ else:
+ logger.debug("Logout status code: %s" % res.status_code)
def set_session_id(self, session_id):
with self._session_id_lock: