From dff4c53be63e5412fe4a8e69d26bf45bd949ec71 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=C3=A1s=20Touceda?= <chiiph@leap.se>
Date: Fri, 5 Sep 2014 15:37:07 -0300
Subject: Send the token when querying the EIP cert

---
 src/leap/bitmask/crypto/certs.py | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/leap/bitmask/crypto/certs.py b/src/leap/bitmask/crypto/certs.py
index 244decfd..c3ca4efb 100644
--- a/src/leap/bitmask/crypto/certs.py
+++ b/src/leap/bitmask/crypto/certs.py
@@ -46,19 +46,27 @@ def download_client_cert(provider_config, path, session):
     # again.
     srp_auth = SRPAuth(provider_config)
     session_id = srp_auth.get_session_id()
+    token = srp_auth.get_token()
     cookies = None
-    if session_id:
+    if session_id is not None:
         cookies = {"_session_id": session_id}
     cert_uri = "%s/%s/cert" % (
         provider_config.get_api_uri(),
         provider_config.get_api_version())
     logger.debug('getting cert from uri: %s' % cert_uri)
 
+    headers = {}
+
+    # API v2 will only support token auth, but in v1 we can send both
+    if token is not None:
+        headers["Authorization"] = 'Token token="{0}"'.format(token)
+
     res = session.get(cert_uri,
                       verify=provider_config
                       .get_ca_cert_path(),
                       cookies=cookies,
-                      timeout=REQUEST_TIMEOUT)
+                      timeout=REQUEST_TIMEOUT,
+                      headers=headers)
     res.raise_for_status()
     client_cert = res.content
 
-- 
cgit v1.2.3