diff options
-rw-r--r-- | service/pixelated/config/authentication.py | 11 | ||||
-rw-r--r-- | service/pixelated/config/leap.py | 8 | ||||
-rw-r--r-- | service/pixelated/resources/auth.py | 4 | ||||
-rw-r--r-- | service/test/support/integration/app_test_client.py | 6 | ||||
-rw-r--r-- | service/test/support/integration/multi_user_client.py | 8 | ||||
-rw-r--r-- | service/test/unit/bitmask_libraries/test_smtp_client_certificate.py | 6 | ||||
-rw-r--r-- | service/test/unit/resources/test_login_resource.py | 11 | ||||
-rw-r--r-- | service/test/unit/resources/test_users_resource.py | 9 |
8 files changed, 32 insertions, 31 deletions
diff --git a/service/pixelated/config/authentication.py b/service/pixelated/config/authentication.py new file mode 100644 index 00000000..dc8439cc --- /dev/null +++ b/service/pixelated/config/authentication.py @@ -0,0 +1,11 @@ +class Authentication(object): + + def __init__(self, username, token, uuid, session_id, user_attributes): + self.username = username + self.token = token + self.uuid = uuid + self.session_id = session_id + self._user_attributes = user_attributes + + def is_admin(self): + return self._user_attributes.get('is_admin', False) diff --git a/service/pixelated/config/leap.py b/service/pixelated/config/leap.py index 22c1e57a..54518bae 100644 --- a/service/pixelated/config/leap.py +++ b/service/pixelated/config/leap.py @@ -4,12 +4,12 @@ from collections import namedtuple from twisted.internet import defer, threads from leap.common.events import (server as events_server) from leap.soledad.common.errors import InvalidAuthTokenError -from leap.auth import SRPSession - +from leap.bonafide._srp import SRPAuthError from leap.bonafide.session import Session from leap.bonafide.provider import Api from pixelated.config import credentials from pixelated.config import leap_config +from pixelated.config.authentication import Authentication from pixelated.bitmask_libraries.certs import LeapCertificate from pixelated.bitmask_libraries.provider import LeapProvider from pixelated.config.sessions import LeapSessionFactory @@ -73,7 +73,7 @@ def initialize_leap_single_user(leap_provider_cert, try: auth = yield authenticate(provider, username, password) - except SRPAuthenticationError: + except SRPAuthError: raise UnauthorizedLogin() leap_session = yield create_leap_session(provider, username, password, auth) @@ -87,7 +87,7 @@ def authenticate(provider, user, password): credentials = Credentials(user, password) srp_auth = Session(credentials, srp_provider, provider.local_ca_crt) yield srp_auth.authenticate() - defer.returnValue(SRPSession(user, srp_auth.token, srp_auth.uuid, 'session_id', {'is_admin': False})) + defer.returnValue(Authentication(user, srp_auth.token, srp_auth.uuid, 'session_id', {'is_admin': False})) def init_monkeypatches(): diff --git a/service/pixelated/resources/auth.py b/service/pixelated/resources/auth.py index 5581d080..66aac4e5 100644 --- a/service/pixelated/resources/auth.py +++ b/service/pixelated/resources/auth.py @@ -17,7 +17,6 @@ import logging import re -from leap.exceptions import SRPAuthenticationError from twisted.cred.checkers import ANONYMOUS from twisted.cred.credentials import ICredentials from twisted.cred.error import UnauthorizedLogin @@ -30,6 +29,7 @@ from twisted.web import util from twisted.cred import error from twisted.web.resource import IResource, ErrorPage +from leap.bonafide._srp import SRPAuthError from pixelated.config.leap import create_leap_session, authenticate from pixelated.resources import IPixelatedSession @@ -50,7 +50,7 @@ class LeapPasswordChecker(object): def requestAvatarId(self, credentials): try: auth = yield authenticate(self.provider, credentials.username, credentials.password) - except SRPAuthenticationError: + except SRPAuthError: raise UnauthorizedLogin() leap_session = yield create_leap_session(self.provider, credentials.username, credentials.password, auth) diff --git a/service/test/support/integration/app_test_client.py b/service/test/support/integration/app_test_client.py index 3a3b7ddf..352ff9c6 100644 --- a/service/test/support/integration/app_test_client.py +++ b/service/test/support/integration/app_test_client.py @@ -16,7 +16,6 @@ import json import multiprocessing from leap.mail.adaptors.soledad import SoledadMailAdaptor -from leap.srp_session import SRPSession from mockito import mock import os import shutil @@ -35,10 +34,11 @@ from zope.interface import implementer from twisted.cred import checkers, credentials from pixelated.adapter.mailstore.leap_attachment_store import LeapAttachmentStore from pixelated.adapter.services.feedback_service import FeedbackService -from pixelated.application import ServicesFactory, UserAgentMode, SingleUserServicesFactory, set_up_protected_resources +from pixelated.application import UserAgentMode, set_up_protected_resources from pixelated.config.sessions import LeapSession from pixelated.config.services import Services, ServicesFactory, SingleUserServicesFactory from pixelated.config.site import PixelatedSite +from pixelated.config.authentication import Authentication from pixelated.adapter.mailstore import LeapMailStore from pixelated.adapter.mailstore.searchable_mailstore import SearchableMailStore @@ -136,7 +136,7 @@ class StubSRPChecker(object): def requestAvatarId(self, credentials): if(self._credentials[credentials.username] == credentials.password): - leap_auth = SRPSession(credentials.username, uuid.uuid4(), uuid.uuid4(), uuid.uuid4(), {}) + leap_auth = Authentication(credentials.username, uuid.uuid4(), uuid.uuid4(), uuid.uuid4(), {}) return defer.succeed(LeapSession(self._leap_provider, leap_auth, None, None, None, None)) else: return defer.fail() diff --git a/service/test/support/integration/multi_user_client.py b/service/test/support/integration/multi_user_client.py index 75168128..2530db46 100644 --- a/service/test/support/integration/multi_user_client.py +++ b/service/test/support/integration/multi_user_client.py @@ -13,16 +13,14 @@ # # You should have received a copy of the GNU Affero General Public License # along with Pixelated. If not, see <http://www.gnu.org/licenses/>. -from leap.exceptions import SRPAuthenticationError from mockito import mock, when, any as ANY from twisted.internet import defer -from leap.auth import SRPSession - from pixelated.application import UserAgentMode, set_up_protected_resources from pixelated.config.services import ServicesFactory -from pixelated.config.sessions import LeapSessionFactory, LeapSession +from pixelated.config.sessions import LeapSessionFactory +from pixelated.config.authentication import Authentication import pixelated.config.services from pixelated.resources.root_resource import RootResource from test.support.integration import AppTestClient @@ -53,7 +51,7 @@ class MultiUserClient(AppTestClient): def login(self, username='username', password='password'): if(username == 'username' and password == 'password'): self.credentials_checker.add_user(username, password) - session = SRPSession(username, 'some_user_token', 'some_user_uuid', 'session_id', {'is_admin': False}) + session = Authentication(username, 'some_user_token', 'some_user_uuid', 'session_id', {'is_admin': False}) leap_session = self._test_account.leap_session leap_session.user_auth = session config = mock() diff --git a/service/test/unit/bitmask_libraries/test_smtp_client_certificate.py b/service/test/unit/bitmask_libraries/test_smtp_client_certificate.py index 050f2d94..c9a51694 100644 --- a/service/test/unit/bitmask_libraries/test_smtp_client_certificate.py +++ b/service/test/unit/bitmask_libraries/test_smtp_client_certificate.py @@ -16,10 +16,10 @@ import os import unittest import tempdir -from leap.srp_session import SRPSession import leap.common.certs as certs -from mockito import mock, unstub, when, verify, never, any as ANY +from mockito import mock, unstub, when, any as ANY +from pixelated.config.authentication import Authentication from pixelated.config.sessions import SmtpClientCertificate from tempfile import NamedTemporaryFile @@ -57,7 +57,7 @@ class TestSmtpClientCertificate(unittest.TestCase): self.provider.api_version = '1' self.provider.server_name = 'some.host.tld' self.provider.domain = 'some-provider.tld' - self.auth = SRPSession(USERNAME, 'token', 'uuid', 'session_id', {}) + self.auth = Authentication(USERNAME, 'token', 'uuid', 'session_id', {}) self.pem_path = os.path.join(self.tmp_dir.name, 'providers', 'some-provider.tld', 'keys', 'client', 'smtp.pem') def tearDown(self): diff --git a/service/test/unit/resources/test_login_resource.py b/service/test/unit/resources/test_login_resource.py index c2b89654..6383e25c 100644 --- a/service/test/unit/resources/test_login_resource.py +++ b/service/test/unit/resources/test_login_resource.py @@ -2,17 +2,16 @@ import os import test.support.mockito -from leap.exceptions import SRPAuthenticationError +from leap.bonafide._srp import SRPAuthError from mock import patch from mockito import mock, when, any as ANY, verify, verifyZeroInteractions, verifyNoMoreInteractions from twisted.trial import unittest from twisted.web.resource import IResource from twisted.web.test.requesthelper import DummyRequest -from pixelated.config.sessions import LeapSessionFactory, LeapSession -from pixelated.resources.login_resource import ( - LoginResource, - parse_accept_language) +from pixelated.config.sessions import LeapSession +from pixelated.resources.login_resource import LoginResource +from pixelated.resources.login_resource import parse_accept_language from test.unit.resources import DummySite @@ -246,7 +245,7 @@ class TestLoginPOST(unittest.TestCase): @patch('leap.auth.SRPAuth.authenticate') @patch('pixelated.config.services.Services.setup') def test_leap_session_is_not_created_when_leap_auth_fails(self, mock_service_setup, mock_leap_srp_auth, mock_leap_session_create): - mock_leap_srp_auth.side_effect = SRPAuthenticationError() + mock_leap_srp_auth.side_effect = SRPAuthError() d = self.web.get(self.request) diff --git a/service/test/unit/resources/test_users_resource.py b/service/test/unit/resources/test_users_resource.py index 9862209d..417bbcc9 100644 --- a/service/test/unit/resources/test_users_resource.py +++ b/service/test/unit/resources/test_users_resource.py @@ -1,17 +1,10 @@ -import os - import test.support.mockito -from leap.exceptions import SRPAuthenticationError -from mock import patch -from mockito import mock, when, any as ANY, verify, verifyZeroInteractions, verifyNoMoreInteractions +from mockito import mock, when, verify from twisted.trial import unittest -from twisted.web.resource import IResource from twisted.web.test.requesthelper import DummyRequest -from pixelated.config.sessions import LeapSessionFactory, LeapSession from pixelated.config.services import Services, ServicesFactory -from pixelated.resources.login_resource import LoginResource from pixelated.resources.users import UsersResource from test.unit.resources import DummySite |