summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNavaL <ayoyo@thoughtworks.com>2016-11-28 17:13:54 +0100
committerThais Siqueira <thais.siqueira@gmail.com>2017-01-02 14:29:45 -0200
commitf0966dd627ec37789bc885bc951df988b9e46d61 (patch)
tree1b7401014a87d9129bb356c8024bb013a6256270
parent56a0db46f2e53c453b8c5e67202601f7dac6c0b5 (diff)
[#850] keys will now be renewed two months before expiry date
-rw-r--r--service/pixelated/bitmask_libraries/keymanager.py13
-rw-r--r--service/test/unit/bitmask_libraries/test_keymanager.py21
2 files changed, 30 insertions, 4 deletions
diff --git a/service/pixelated/bitmask_libraries/keymanager.py b/service/pixelated/bitmask_libraries/keymanager.py
index 464604db..cba9c6bd 100644
--- a/service/pixelated/bitmask_libraries/keymanager.py
+++ b/service/pixelated/bitmask_libraries/keymanager.py
@@ -13,6 +13,7 @@
#
# You should have received a copy of the GNU Affero General Public License
# along with Pixelated. If not, see <http://www.gnu.org/licenses/>.
+import datetime
from twisted.internet import defer
from twisted.logger import Logger
@@ -27,7 +28,12 @@ class UploadKeyError(Exception):
pass
+TWO_MONTHS = 60
+DEFAULT_EXTENSION_THRESHOLD = TWO_MONTHS
+
+
class Keymanager(object):
+
def __init__(self, provider, soledad, email_address, token, uuid):
nicknym_url = provider._discover_nicknym_server()
self._email = email_address
@@ -43,7 +49,7 @@ class Keymanager(object):
current_key = yield self._key_exists(self._email)
if not current_key:
yield self._generate_key_and_send_to_leap()
- elif current_key.has_expired():
+ elif self.should_renew(current_key):
yield self._regenerate_key()
yield self._send_key_to_leap()
@@ -69,6 +75,11 @@ class Keymanager(object):
except KeyNotFound:
defer.returnValue(None)
+ def should_renew(self, key):
+ # feature envy -- should be in keymanager
+ till_expiry_date = (key.expiry_date - datetime.datetime.now())
+ return till_expiry_date.days < DEFAULT_EXTENSION_THRESHOLD
+
@defer.inlineCallbacks
def get_key(self, email, private=False, fetch_remote=True):
key = yield self.keymanager.get_key(email, private=private, fetch_remote=fetch_remote)
diff --git a/service/test/unit/bitmask_libraries/test_keymanager.py b/service/test/unit/bitmask_libraries/test_keymanager.py
index c788697c..57235bae 100644
--- a/service/test/unit/bitmask_libraries/test_keymanager.py
+++ b/service/test/unit/bitmask_libraries/test_keymanager.py
@@ -13,6 +13,7 @@
#
# You should have received a copy of the GNU Affero General Public License
# along with Pixelated. If not, see <http://www.gnu.org/licenses/>.
+import datetime
from mock import patch, MagicMock
from mockito import when
from unittest import TestCase
@@ -111,10 +112,23 @@ class KeymanagerTest(TestCase):
self.keymanager.delete_key_pair.assert_called_once()
+ def test_key_should_be_renewed_two_months_prior_to_expiry(self):
+ today = datetime.datetime.now()
+ mock_key = MagicMock()
+ mock_key.expiry_date = today - datetime.timedelta(days=20)
+ self.assertTrue(self.keymanager.should_renew(mock_key))
+
+ def test_key_should_not_be_renewed_before_two_months_prior_to_expiry(self):
+ today = datetime.datetime.now()
+ mock_key = MagicMock()
+ mock_key.expiry_date = today + datetime.timedelta(days=61)
+ self.assertFalse(self.keymanager.should_renew(mock_key))
+
@defer.inlineCallbacks
- def test_keymanager_regenerate_key_pair_if_current_key_expired(self):
+ def test_keymanager_regenerate_key_pair_if_current_key_is_about_to_expire(self):
+ today = datetime.datetime.now()
mock_open_pgp_key = MagicMock()
- mock_open_pgp_key.has_expired = MagicMock(return_value=True)
+ mock_open_pgp_key.expiry_date = today - datetime.timedelta(days=20)
when(self.keymanager)._key_exists('test_user@some-server.test').thenReturn(mock_open_pgp_key)
yield self.keymanager.generate_openpgp_key()
@@ -124,8 +138,9 @@ class KeymanagerTest(TestCase):
@defer.inlineCallbacks
def test_key_regeneration_does_not_delete_key_when_upload_fails(self):
+ today = datetime.datetime.now()
mock_open_pgp_key = MagicMock()
- mock_open_pgp_key.has_expired = MagicMock(return_value=True)
+ mock_open_pgp_key.expiry_date = today - datetime.timedelta(days=20)
self.leap_keymanager.get_key = MagicMock(return_value=defer.succeed(mock_open_pgp_key))
self.leap_keymanager.send_key = MagicMock(side_effect=UploadKeyError('Could not upload key'))