diff options
Diffstat (limited to 'service/pixelated/bitmask_libraries/session.py')
-rw-r--r-- | service/pixelated/bitmask_libraries/session.py | 39 |
1 files changed, 32 insertions, 7 deletions
diff --git a/service/pixelated/bitmask_libraries/session.py b/service/pixelated/bitmask_libraries/session.py index e13e5863..4a503628 100644 --- a/service/pixelated/bitmask_libraries/session.py +++ b/service/pixelated/bitmask_libraries/session.py @@ -16,17 +16,18 @@ import errno import traceback import sys - import os +import requests + +from twisted.internet import reactor, defer +from pixelated.bitmask_libraries.certs import LeapCertificate +from pixelated.adapter.mailstore import LeapMailStore from leap.mail.incoming.service import IncomingMail -from twisted.internet import reactor -from .nicknym import NickNym from leap.auth import SRPAuth -from pixelated.adapter.mailstore import LeapMailStore -from .soledad import SoledadSessionFactory -from .smtp import LeapSmtp from leap.mail.imap.account import IMAPAccount -from twisted.internet import defer +from .nicknym import NickNym +from .smtp import LeapSmtp +from .soledad import SoledadSessionFactory from leap.common.events import ( register, @@ -149,12 +150,36 @@ class LeapSessionFactory(object): nicknym = self._create_nicknym(account_email, auth.token, auth.uuid, soledad) + self._download_smtp_cert(auth) smtp = LeapSmtp(self._provider, auth, nicknym.keymanager) # TODO: Create the new mail sender based on what we have in available LeapSmtp, e.g. the certs return LeapSession(self._provider, auth, mail_store, soledad, nicknym, smtp) + def _download_smtp_cert(self, auth): + cert_path = self._provider._client_cert_path() + + if not os.path.exists(os.path.dirname(cert_path)): + os.makedirs(os.path.dirname(cert_path)) + + cert_url = '%s/%s/cert' % (self._provider.api_uri, self._provider.api_version) + cookies = {"_session_id": auth.session_id} + headers = {} + headers["Authorization"] = 'Token token="{0}"'.format(auth.token) + response = requests.get( + cert_url, + verify=LeapCertificate(self._provider).provider_api_cert, + cookies=cookies, + timeout=self._provider.config.timeout_in_s, + headers=headers) + response.raise_for_status() + + client_cert = response.content + + with open(cert_path, 'w') as f: + f.write(client_cert) + def _lookup_session(self, key): global SESSIONS if key in SESSIONS: |