diff options
author | NavaL <ayoyo@thoughtworks.com> | 2016-11-28 17:13:54 +0100 |
---|---|---|
committer | Thais Siqueira <thais.siqueira@gmail.com> | 2017-01-02 14:29:45 -0200 |
commit | f0966dd627ec37789bc885bc951df988b9e46d61 (patch) | |
tree | 1b7401014a87d9129bb356c8024bb013a6256270 /service | |
parent | 56a0db46f2e53c453b8c5e67202601f7dac6c0b5 (diff) |
[#850] keys will now be renewed two months before expiry date
Diffstat (limited to 'service')
-rw-r--r-- | service/pixelated/bitmask_libraries/keymanager.py | 13 | ||||
-rw-r--r-- | service/test/unit/bitmask_libraries/test_keymanager.py | 21 |
2 files changed, 30 insertions, 4 deletions
diff --git a/service/pixelated/bitmask_libraries/keymanager.py b/service/pixelated/bitmask_libraries/keymanager.py index 464604db..cba9c6bd 100644 --- a/service/pixelated/bitmask_libraries/keymanager.py +++ b/service/pixelated/bitmask_libraries/keymanager.py @@ -13,6 +13,7 @@ # # You should have received a copy of the GNU Affero General Public License # along with Pixelated. If not, see <http://www.gnu.org/licenses/>. +import datetime from twisted.internet import defer from twisted.logger import Logger @@ -27,7 +28,12 @@ class UploadKeyError(Exception): pass +TWO_MONTHS = 60 +DEFAULT_EXTENSION_THRESHOLD = TWO_MONTHS + + class Keymanager(object): + def __init__(self, provider, soledad, email_address, token, uuid): nicknym_url = provider._discover_nicknym_server() self._email = email_address @@ -43,7 +49,7 @@ class Keymanager(object): current_key = yield self._key_exists(self._email) if not current_key: yield self._generate_key_and_send_to_leap() - elif current_key.has_expired(): + elif self.should_renew(current_key): yield self._regenerate_key() yield self._send_key_to_leap() @@ -69,6 +75,11 @@ class Keymanager(object): except KeyNotFound: defer.returnValue(None) + def should_renew(self, key): + # feature envy -- should be in keymanager + till_expiry_date = (key.expiry_date - datetime.datetime.now()) + return till_expiry_date.days < DEFAULT_EXTENSION_THRESHOLD + @defer.inlineCallbacks def get_key(self, email, private=False, fetch_remote=True): key = yield self.keymanager.get_key(email, private=private, fetch_remote=fetch_remote) diff --git a/service/test/unit/bitmask_libraries/test_keymanager.py b/service/test/unit/bitmask_libraries/test_keymanager.py index c788697c..57235bae 100644 --- a/service/test/unit/bitmask_libraries/test_keymanager.py +++ b/service/test/unit/bitmask_libraries/test_keymanager.py @@ -13,6 +13,7 @@ # # You should have received a copy of the GNU Affero General Public License # along with Pixelated. If not, see <http://www.gnu.org/licenses/>. +import datetime from mock import patch, MagicMock from mockito import when from unittest import TestCase @@ -111,10 +112,23 @@ class KeymanagerTest(TestCase): self.keymanager.delete_key_pair.assert_called_once() + def test_key_should_be_renewed_two_months_prior_to_expiry(self): + today = datetime.datetime.now() + mock_key = MagicMock() + mock_key.expiry_date = today - datetime.timedelta(days=20) + self.assertTrue(self.keymanager.should_renew(mock_key)) + + def test_key_should_not_be_renewed_before_two_months_prior_to_expiry(self): + today = datetime.datetime.now() + mock_key = MagicMock() + mock_key.expiry_date = today + datetime.timedelta(days=61) + self.assertFalse(self.keymanager.should_renew(mock_key)) + @defer.inlineCallbacks - def test_keymanager_regenerate_key_pair_if_current_key_expired(self): + def test_keymanager_regenerate_key_pair_if_current_key_is_about_to_expire(self): + today = datetime.datetime.now() mock_open_pgp_key = MagicMock() - mock_open_pgp_key.has_expired = MagicMock(return_value=True) + mock_open_pgp_key.expiry_date = today - datetime.timedelta(days=20) when(self.keymanager)._key_exists('test_user@some-server.test').thenReturn(mock_open_pgp_key) yield self.keymanager.generate_openpgp_key() @@ -124,8 +138,9 @@ class KeymanagerTest(TestCase): @defer.inlineCallbacks def test_key_regeneration_does_not_delete_key_when_upload_fails(self): + today = datetime.datetime.now() mock_open_pgp_key = MagicMock() - mock_open_pgp_key.has_expired = MagicMock(return_value=True) + mock_open_pgp_key.expiry_date = today - datetime.timedelta(days=20) self.leap_keymanager.get_key = MagicMock(return_value=defer.succeed(mock_open_pgp_key)) self.leap_keymanager.send_key = MagicMock(side_effect=UploadKeyError('Could not upload key')) |