1 files changed, 15 insertions, 14 deletions

diff --git a/service/test/unit/bitmask_libraries/test_provider.py b/service/test/unit/bitmask_libraries/test_provider.py
index 0771c7cc..1fe5a66d 100644
--- a/service/test/unit/bitmask_libraries/test_provider.py
+++ b/service/test/unit/bitmask_libraries/test_provider.py
@@ -20,8 +20,8 @@ from httmock import all_requests, HTTMock, urlmatch
 from requests import HTTPError
 from pixelated.bitmask_libraries.config import LeapConfig
 from pixelated.bitmask_libraries.provider import LeapProvider
+from pixelated.bitmask_libraries.certs import LeapCertificate
 from test_abstract_leap import AbstractLeapTest
-from requests import Session
 import requests
 
 
@@ -133,13 +133,14 @@ VeJ6
 """
 
 
-CA_CERT = '/tmp/ca.crt'
-BOOTSTRAP_CA_CERT = '/tmp/bootstrap-ca.crt'
+PROVIDER_API_CERT = '/tmp/ca.crt'
+PROVIDER_WEB_CERT = '/tmp/bootstrap-ca.crt'
 
 
 class LeapProviderTest(AbstractLeapTest):
     def setUp(self):
-        self.config = LeapConfig(verify_ssl=False, leap_home='/tmp/foobar', bootstrap_ca_cert_bundle=BOOTSTRAP_CA_CERT, ca_cert_bundle=CA_CERT)
+        self.config = LeapConfig(leap_home='/tmp/foobar')
+        LeapCertificate.set_cert_and_fingerprint(PROVIDER_WEB_CERT, None)
 
     def test_provider_fetches_provider_json(self):
         with HTTMock(provider_json_mock):
@@ -195,6 +196,7 @@ class LeapProviderTest(AbstractLeapTest):
         session = MagicMock(wraps=requests.session())
         session_func = MagicMock(return_value=session)
         get_func = MagicMock(wraps=requests.get)
+        LeapCertificate.LEAP_CERT = PROVIDER_WEB_CERT
 
         with patch('pixelated.bitmask_libraries.provider.requests.session', new=session_func):
             with patch('pixelated.bitmask_libraries.provider.requests.get', new=get_func):
@@ -202,29 +204,28 @@ class LeapProviderTest(AbstractLeapTest):
                     provider = LeapProvider('some-provider.test', self.config)
                     provider.fetch_valid_certificate()
 
-        session.get.assert_any_call('https://some-provider.test/ca.crt', verify=BOOTSTRAP_CA_CERT, timeout=15)
-        session.get.assert_any_call('https://some-provider.test/provider.json', verify=BOOTSTRAP_CA_CERT, timeout=15)
+        session.get.assert_any_call('https://some-provider.test/ca.crt', verify=PROVIDER_WEB_CERT, timeout=15)
+        session.get.assert_any_call('https://some-provider.test/provider.json', verify=PROVIDER_WEB_CERT, timeout=15)
 
     def test_that_provider_cert_is_used_to_fetch_soledad_json(self):
         get_func = MagicMock(wraps=requests.get)
+        LeapCertificate.provider_api_cert = PROVIDER_API_CERT
 
         with patch('pixelated.bitmask_libraries.provider.requests.get', new=get_func):
             with HTTMock(provider_json_mock, soledad_json_mock, not_found_mock):
                 provider = LeapProvider('some-provider.test', self.config)
                 provider.fetch_soledad_json()
-
-        get_func.assert_called_with('https://api.some-provider.test:4430/1/config/soledad-service.json', verify=CA_CERT, timeout=15)
+        get_func.assert_called_with('https://api.some-provider.test:4430/1/config/soledad-service.json', verify=PROVIDER_API_CERT, timeout=15)
 
     def test_that_leap_fingerprint_is_validated(self):
         session = MagicMock(wraps=requests.session())
         session_func = MagicMock(return_value=session)
+        LeapCertificate.set_cert_and_fingerprint(None, 'some fingerprint')
 
-        with patch('pixelated.bitmask_libraries.provider.which_bootstrap_cert_fingerprint', return_value='some fingerprint'):
-            with patch('pixelated.bitmask_libraries.provider.which_bootstrap_CA_bundle', return_value=False):
-                with patch('pixelated.bitmask_libraries.provider.requests.session', new=session_func):
-                    with HTTMock(provider_json_mock, ca_cert_mock, not_found_mock):
-                        provider = LeapProvider('some-provider.test', self.config)
-                        provider.fetch_valid_certificate()
+        with patch('pixelated.bitmask_libraries.provider.requests.session', new=session_func):
+            with HTTMock(provider_json_mock, ca_cert_mock, not_found_mock):
+                provider = LeapProvider('some-provider.test', self.config)
+                provider.fetch_valid_certificate()
 
         session.get.assert_any_call('https://some-provider.test/ca.crt', verify=False, timeout=15)
         session.mount.assert_called_with('https://', ANY)