summaryrefslogtreecommitdiff
path: root/src/leap/crypto/srpauth.py
diff options
context:
space:
mode:
Diffstat (limited to 'src/leap/crypto/srpauth.py')
-rw-r--r--src/leap/crypto/srpauth.py31
1 files changed, 17 insertions, 14 deletions
diff --git a/src/leap/crypto/srpauth.py b/src/leap/crypto/srpauth.py
index 152d77b5..8028a6dc 100644
--- a/src/leap/crypto/srpauth.py
+++ b/src/leap/crypto/srpauth.py
@@ -50,6 +50,7 @@ class SRPAuth(QtCore.QObject):
LOGIN_KEY = "login"
A_KEY = "A"
CLIENT_AUTH_KEY = "client_auth"
+ SESSION_ID_KEY = "_session_id"
def __init__(self, provider_config):
"""
@@ -272,7 +273,13 @@ class SRPAuth(QtCore.QObject):
"failed"))
logger.debug("Session verified.")
- self.set_session_id(self._session.cookies["_session_id"])
+ session_id = self._session.cookies.get(self.SESSION_ID_KEY, None)
+ if not session_id:
+ logger.error("Bad cookie from server (missing _session_id)")
+ raise SRPAuthenticationError(self.tr("Session cookie "
+ "verification "
+ "failed"))
+ self.set_session_id(session_id)
def authenticate(self, username, password):
"""
@@ -409,11 +416,18 @@ class SRPAuth(QtCore.QObject):
if __name__ == "__main__":
+ import signal
import sys
+
from functools import partial
app = QtGui.QApplication(sys.argv)
- import signal
+ if not len(sys.argv) == 3:
+ print 'Usage: srpauth.py <user> <pass>'
+ sys.exit(0)
+
+ _user = sys.argv[1]
+ _pass = sys.argv[2]
def sigint_handler(*args, **kwargs):
logger.debug('SIGINT catched. shutting down...')
@@ -452,20 +466,9 @@ if __name__ == "__main__":
provider = ProviderConfig()
if provider.load("leap/providers/bitmask.net/provider.json"):
- # url = "%s/tickets" % (provider.get_api_uri(),)
- # print url
- # res = requests.session().get(url, verify=provider.get_ca_cert_path())
- # print res.content
- # res.raise_for_status()
auth = SRPAuth(provider)
- auth_instantiated = partial(auth.authenticate, "test2", "sarasaaaa")
+ auth_instantiated = partial(auth.authenticate, _user, _pass)
checker.add_checks([auth_instantiated, auth.logout])
- #auth.authenticate("test2", "sarasaaaa")
- #res = requests.session().get("%s/cert" % (provider.get_api_uri(),),
- #verify=provider.get_ca_cert_path())
- #print res.content
- #auth.logout()
-
sys.exit(app.exec_())