[#778] Handling case of failed key upload

If we get any problem with the upload of the user's public key,
we are deleting the key pair from the local database and denying
login. That way, a new login will have a chance to regenerate the
key and upload it properly.

2 files changed, 33 insertions, 3 deletions

diff --git a/service/pixelated/bitmask_libraries/keymanager.py b/service/pixelated/bitmask_libraries/keymanager.py
index 4cb3e80e..dddc744e 100644
--- a/service/pixelated/bitmask_libraries/keymanager.py
+++ b/service/pixelated/bitmask_libraries/keymanager.py
@@ -21,6 +21,10 @@ import logging
 logger = logging.getLogger(__name__)
 
 
+class UploadKeyError(Exception):
+    pass
+
+
 class Keymanager(object):
     def __init__(self, provider, soledad, email_address, token, uuid):
         nicknym_url = provider._discover_nicknym_server()
@@ -38,7 +42,11 @@ class Keymanager(object):
         if not key_present:
             logger.info("Generating keys - this could take a while...")
             yield self._gen_key()
-            yield self._send_key_to_leap()
+            try:
+                yield self._send_key_to_leap()
+            except Exception as e:
+                yield self.delete_key_pair(self._email)
+                raise UploadKeyError(e.message)
 
     @defer.inlineCallbacks
     def _key_exists(self, email):
@@ -56,3 +64,11 @@ class Keymanager(object):
 
     def _send_key_to_leap(self):
         return self.keymanager.send_key()
+
+    @defer.inlineCallbacks
+    def delete_key_pair(self, key):
+        private_key = yield self.get_key(self._email, private=True, fetch_remote=False)
+        public_key = yield self.get_key(self._email, private=False, fetch_remote=False)
+
+        self.keymanager.delete_key(private_key)
+        self.keymanager.delete_key(public_key)
diff --git a/service/test/unit/bitmask_libraries/test_keymanager.py b/service/test/unit/bitmask_libraries/test_keymanager.py
index 89327b54..de382359 100644
--- a/service/test/unit/bitmask_libraries/test_keymanager.py
+++ b/service/test/unit/bitmask_libraries/test_keymanager.py
@@ -17,7 +17,9 @@ from mock import patch, MagicMock
 from mockito import when
 from unittest import TestCase
 from pixelated.bitmask_libraries.keymanager import Keymanager
+from pixelated.bitmask_libraries.keymanager import UploadKeyError
 from pixelated.config import leap_config
+from twisted.internet import defer
 
 
 class KeymanagerTest(TestCase):
@@ -74,7 +76,7 @@ class KeymanagerTest(TestCase):
         self.keymanager._gen_key.assert_called_once()
         self.keymanager._send_key_to_leap.assert_called_once()
 
-    def test_keymanager_generate_openpgp_key_dont_regenerate_preexisting_key(self):
+    def test_keymanager_generate_openpgp_key_doesnt_regenerate_preexisting_key(self):
         when(self.keymanager)._key_exists('test_user@some-server.test').thenReturn(True)
 
         self.keymanager._gen_key = MagicMock()
@@ -83,7 +85,7 @@ class KeymanagerTest(TestCase):
 
         self.keymanager._gen_key.assert_not_called()
 
-    def test_keymanager_generate_openpgp_key_dont_upload_preexisting_key(self):
+    def test_keymanager_generate_openpgp_key_doesnt_upload_preexisting_key(self):
         when(self.keymanager)._key_exists('test_user@some-server.test').thenReturn(True)
 
         self.keymanager._send_key_to_leap = MagicMock()
@@ -91,3 +93,15 @@ class KeymanagerTest(TestCase):
         self.keymanager.generate_openpgp_key()
 
         self.keymanager._send_key_to_leap.assert_not_called()
+
+    @defer.inlineCallbacks
+    def test_keymanager_generate_openpgp_key_deletes_key_when_upload_fails(self):
+        when(self.keymanager)._key_exists('test_user@some-server.test').thenReturn(False)
+
+        self.keymanager.delete_key_pair = MagicMock()
+        when(self.keymanager)._send_key_to_leap().thenRaise(Exception('Could not upload key'))
+
+        with self.assertRaises(UploadKeyError):
+            yield self.keymanager.generate_openpgp_key()
+
+        self.keymanager.delete_key_pair.assert_called_once_with('test_user@some-server.test')