Heavy rework on certs, removed most of it, simplified the logic

2 files changed, 12 insertions, 13 deletions

diff --git a/service/pixelated/config/arguments.py b/service/pixelated/config/arguments.py
index 8899f9a8..72ae6141 100644
--- a/service/pixelated/config/arguments.py
+++ b/service/pixelated/config/arguments.py
@@ -14,8 +14,8 @@
 # You should have received a copy of the GNU Affero General Public License
 # along with Pixelated. If not, see <http://www.gnu.org/licenses/>.
 
+import os
 import argparse
-from pixelated.bitmask_libraries.config import DEFAULT_LEAP_HOME
 
 
 def parse_user_agent_args():
@@ -57,6 +57,6 @@ def parser_add_default_arguments(parser):
     parser.add_argument('--debug', action='store_true', help='DEBUG mode.')
     parser.add_argument('--organization-mode', help='Runs the user agent in organization mode, the credentials will be received from the stdin', default=False, action='store_true', dest='organization_mode')
     parser.add_argument('-c', '--config', dest='credentials_file', metavar='<credentials_file>', default=None, help='use specified file for credentials (for test purposes only)')
-    parser.add_argument('--leap-home', help='The folder where the user agent stores its data. Defaults to ~/.leap', dest='leap_home', default=DEFAULT_LEAP_HOME)
+    parser.add_argument('--leap-home', help='The folder where the user agent stores its data. Defaults to ~/.leap', dest='leap_home', default=os.path.join(os.path.expanduser("~"), '.leap'))
     parser.add_argument('-lc', '--leap-provider-cert', metavar='<leap-provider.crt>', default=None, help='use specified file for LEAP provider cert authority certificate (url https://<LEAP-provider-domain>/ca.crt)')
     parser.add_argument('-lf', '--leap-provider-cert-fingerprint', metavar='<leap provider certificate fingerprint>', default=None, help='use specified fingerprint to validate connection with LEAP provider', dest='leap_provider_cert_fingerprint')
diff --git a/service/pixelated/config/leap.py b/service/pixelated/config/leap.py
index 7a383b17..f2c025ba 100644
--- a/service/pixelated/config/leap.py
+++ b/service/pixelated/config/leap.py
@@ -2,8 +2,10 @@ from __future__ import absolute_import
 import random
 from pixelated.config import credentials
 from leap.common.events import server as events_server
+from pixelated.bitmask_libraries.config import LeapConfig
 from pixelated.bitmask_libraries.certs import LeapCertificate
-from pixelated.bitmask_libraries.session import open_leap_session
+from pixelated.bitmask_libraries.provider import LeapProvider
+from pixelated.bitmask_libraries.session import LeapSessionFactory
 
 
 def initialize_leap(leap_provider_cert,
@@ -12,21 +14,18 @@ def initialize_leap(leap_provider_cert,
                     organization_mode,
                     leap_home):
     init_monkeypatches()
-    provider, user, password = credentials.read(organization_mode, credentials_file)
-    LeapCertificate.set_cert_and_fingerprint(leap_provider_cert, leap_provider_cert_fingerprint)
     events_server.ensure_server(random.randrange(8000, 11999))
-    leap_session = create_leap_session(provider, user, password, leap_home)
-    leap_session.start_background_jobs()
-    return leap_session
+    provider, username, password = credentials.read(organization_mode, credentials_file)
+    LeapCertificate.set_cert_and_fingerprint(leap_provider_cert, leap_provider_cert_fingerprint)
 
+    config = LeapConfig(leap_home=leap_home)
+    provider = LeapProvider(provider, config)
+    LeapCertificate(provider).setup_ca_bundle()
+    leap_session = LeapSessionFactory(provider).create(username, password)
 
-def create_leap_session(provider, username, password, leap_home):
-    leap_session = open_leap_session(username,
-                                     password,
-                                     provider,
-                                     leap_home)
     leap_session.soledad_session.soledad.sync(defer_decryption=False)
     leap_session.nicknym.generate_openpgp_key()
+    leap_session.start_background_jobs()
     return leap_session