summaryrefslogtreecommitdiff
path: root/src/leap/bitmask/bonafide
diff options
context:
space:
mode:
Diffstat (limited to 'src/leap/bitmask/bonafide')
-rw-r--r--src/leap/bitmask/bonafide/_protocol.py8
-rw-r--r--src/leap/bitmask/bonafide/_srp.py24
-rw-r--r--src/leap/bitmask/bonafide/service.py5
-rw-r--r--src/leap/bitmask/bonafide/session.py4
4 files changed, 31 insertions, 10 deletions
diff --git a/src/leap/bitmask/bonafide/_protocol.py b/src/leap/bitmask/bonafide/_protocol.py
index 3572cbf..1112550 100644
--- a/src/leap/bitmask/bonafide/_protocol.py
+++ b/src/leap/bitmask/bonafide/_protocol.py
@@ -77,16 +77,16 @@ class BonafideProtocol(object):
# Service public methods
- def do_signup(self, full_id, password, autoconf=False):
+ def do_signup(self, full_id, password, invite=None, autoconf=False):
log.msg('SIGNUP for %s' % full_id)
_, provider_id = config.get_username_and_provider(full_id)
provider = config.Provider(provider_id, autoconf=autoconf)
d = provider.callWhenReady(
- self._do_signup, provider, full_id, password)
+ self._do_signup, provider, full_id, password, invite)
return d
- def _do_signup(self, provider, full_id, password):
+ def _do_signup(self, provider, full_id, password, invite):
# XXX check it's unauthenticated
def return_user(result, _session):
@@ -97,7 +97,7 @@ class BonafideProtocol(object):
username, _ = config.get_username_and_provider(full_id)
# XXX get deferred?
session = self._get_session(provider, full_id, password)
- d = session.signup(username, password)
+ d = session.signup(username, password, invite)
d.addCallback(return_user, session)
d.addErrback(self._del_session_errback, full_id)
return d
diff --git a/src/leap/bitmask/bonafide/_srp.py b/src/leap/bitmask/bonafide/_srp.py
index 34a75a5..3f69b33 100644
--- a/src/leap/bitmask/bonafide/_srp.py
+++ b/src/leap/bitmask/bonafide/_srp.py
@@ -19,12 +19,17 @@
SRP Authentication.
"""
+from twisted.logger import Logger
+
import binascii
import json
import srp
+log = Logger()
+
+
class SRPAuthMechanism(object):
"""
@@ -100,19 +105,34 @@ class SRPSignupMechanism(object):
Implement a protocol-agnostic SRP Registration mechanism.
"""
- def get_signup_params(self, username, password):
+ def get_signup_params(self, username, password, invite=None):
salt, verifier = _get_salt_verifier(username, password)
user_data = {
'user[login]': username,
'user[password_salt]': binascii.hexlify(salt),
'user[password_verifier]': binascii.hexlify(verifier)}
+ if invite is not None:
+ user_data.update({'user[invite_code]': invite})
return user_data
def process_signup(self, signup_response):
signup = json.loads(signup_response)
errors = signup.get('errors')
if errors:
- msg = 'username ' + errors.get('login')[0]
+ errmsg = json.dumps(errors)
+ log.error('Oops! Errors during signup: {data!r}', data=errmsg)
+ msg = errors.get('invite_code')
+ if msg:
+ msg = msg[0]
+ else:
+ msg = errors.get('login')
+ if msg:
+ # there is a bug https://leap.se/code/issues/8504
+ # the server tells us 'has already been taken' several
+ # times
+ msg = 'username ' + msg[0]
+ else:
+ msg = 'unknown signup error'
raise SRPRegistrationError(msg)
else:
username = signup.get('login')
diff --git a/src/leap/bitmask/bonafide/service.py b/src/leap/bitmask/bonafide/service.py
index fbe6846..4e25172 100644
--- a/src/leap/bitmask/bonafide/service.py
+++ b/src/leap/bitmask/bonafide/service.py
@@ -85,8 +85,9 @@ class BonafideService(HookableService):
'srp_token': response[0], 'uuid': response[1]})
return d
- def do_signup(self, username, password, autoconf=False):
- d = self._bonafide.do_signup(username, password, autoconf)
+ def do_signup(self, username, password, invite=None, autoconf=False):
+ d = self._bonafide.do_signup(
+ username, password, invite=invite, autoconf=autoconf)
d.addCallback(lambda response: {'signup': 'ok', 'user': response})
return d
diff --git a/src/leap/bitmask/bonafide/session.py b/src/leap/bitmask/bonafide/session.py
index abb697a..213e773 100644
--- a/src/leap/bitmask/bonafide/session.py
+++ b/src/leap/bitmask/bonafide/session.py
@@ -162,13 +162,13 @@ class Session(object):
# User management
@defer.inlineCallbacks
- def signup(self, username, password):
+ def signup(self, username, password, invite=None):
# XXX should check that it_IS_NOT_authenticated
provider.validate_username(username)
uri = self._api.get_signup_uri()
met = self._api.get_signup_method()
params = self._srp_signup.get_signup_params(
- username, password)
+ username, password, invite)
signup = yield self._request(self._agent, uri, values=params,
method=met)