diff options
Diffstat (limited to 'service')
-rw-r--r-- | service/pixelated/register.py | 62 | ||||
-rw-r--r-- | service/requirements.txt | 1 | ||||
-rw-r--r-- | service/test/unit/resources/test_login_resource.py | 18 | ||||
-rw-r--r-- | service/test_requirements.txt | 1 |
4 files changed, 41 insertions, 41 deletions
diff --git a/service/pixelated/register.py b/service/pixelated/register.py index 0269c832..66ceea41 100644 --- a/service/pixelated/register.py +++ b/service/pixelated/register.py @@ -13,35 +13,29 @@ # # You should have received a copy of the GNU Affero General Public License # along with Pixelated. If not, see <http://www.gnu.org/licenses/>. -import re import getpass +import re import sys +from collections import namedtuple -from twisted.logger import Logger - -from leap.auth import SRPAuth +from leap.bitmask.bonafide.provider import Api +from leap.bitmask.bonafide.session import Session from leap.common.events import server as events_server - -from pixelated.config import arguments -from pixelated.config import logger as logger_config from pixelated.bitmask_libraries.certs import LeapCertificate from pixelated.bitmask_libraries.provider import LeapProvider +from pixelated.config import arguments +from pixelated.config import logger as logger_config +from pixelated.config.authentication import Authentication from pixelated.config.sessions import LeapSessionFactory +from twisted.internet.defer import inlineCallbacks +from twisted.logger import Logger -logger = Logger() +Credentials = namedtuple('Credentials', 'username, password') +logger = Logger() -def register( - server_name, - username, - password, - leap_home, - provider_cert, - provider_cert_fingerprint): - - if not password: - password = getpass.getpass('Please enter password for %s: ' % username) +def _validate(username, password): try: validate_username(username) validate_password(password) @@ -49,16 +43,40 @@ def register( print(e.message) sys.exit(1) + +def _set_provider(provider_cert, provider_cert_fingerprint, server_name): events_server.ensure_server() LeapCertificate.set_cert_and_fingerprint(provider_cert, provider_cert_fingerprint) provider = LeapProvider(server_name) provider.setup_ca() provider.download_settings() - srp_auth = SRPAuth(provider.api_uri, provider.provider_api_cert) + return provider + + +def _bonafide_session(username, password, provider): + srp_provider = Api(provider.api_uri) + credentials = Credentials(username, password) + return Session(credentials, srp_provider, provider.local_ca_crt) + + +@inlineCallbacks +def _bootstrap_leap_session(username, password, leap_provider, srp_auth): + auth = Authentication(username, srp_auth.token, srp_auth.uuid, 'session_id', {'is_admin': False}) + yield LeapSessionFactory(leap_provider).create(username, password, auth) + + +@inlineCallbacks +def register(server_name, username, password, leap_home, provider_cert, provider_cert_fingerprint): + if not password: + password = getpass.getpass('Please enter password for %s: ' % username) + + _validate(username, password) + leap_provider = _set_provider(provider_cert, provider_cert_fingerprint, server_name) + srp_auth = _bonafide_session(username, password, leap_provider) - if srp_auth.register(username, password): - auth = srp_auth.authenticate(username, password) - LeapSessionFactory(provider).create(username, password, auth) + created, user = yield srp_auth.signup(username, password, invite=None) + if created: + yield _bootstrap_leap_session(username, password, leap_provider, srp_auth) else: logger.error("Register failed") diff --git a/service/requirements.txt b/service/requirements.txt index d6552204..6e3d0a03 100644 --- a/service/requirements.txt +++ b/service/requirements.txt @@ -7,7 +7,6 @@ srp==1.0.4 whoosh==2.5.7 Twisted==16.1.1 -e 'git+https://github.com/pixelated/leap_pycommon.git@develop#egg=leap.common' --e 'git+https://github.com/pixelated/leap_auth.git#egg=leap.auth' -e 'git+https://github.com/leapcode/bitmask-dev.git@master#egg=leap.bitmask' -e 'git+https://github.com/pixelated/soledad.git@develop#egg=leap.soledad.common&subdirectory=common/' -e 'git+https://github.com/pixelated/soledad.git@develop#egg=leap.soledad.client&subdirectory=client/' diff --git a/service/test/unit/resources/test_login_resource.py b/service/test/unit/resources/test_login_resource.py index be199e0e..5843ef28 100644 --- a/service/test/unit/resources/test_login_resource.py +++ b/service/test/unit/resources/test_login_resource.py @@ -241,24 +241,6 @@ class TestLoginPOST(unittest.TestCase): d.addCallback(assert_login_setup_service_for_user) return d - @patch('pixelated.config.sessions.LeapSessionFactory.create') - @patch('leap.auth.SRPAuth.authenticate') - @patch('pixelated.config.services.Services.setup') - def test_leap_session_is_not_created_when_leap_auth_fails(self, mock_service_setup, mock_leap_srp_auth, mock_leap_session_create): - mock_leap_srp_auth.side_effect = SRPAuthError() - - d = self.web.get(self.request) - - def assert_login_setup_service_for_user(_): - verify(self.portal).login(ANY(), None, IResource) - self.assertFalse(mock_leap_session_create.called) - self.assertFalse(mock_service_setup.called) - self.assertEqual(401, self.request.responseCode) - self.assertFalse(self.resource.is_logged_in(self.request)) - - d.addCallback(assert_login_setup_service_for_user) - return d - @patch('twisted.web.util.redirectTo') @patch('pixelated.resources.session.PixelatedSession.is_logged_in') def test_should_not_process_login_if_already_logged_in(self, mock_logged_in, mock_redirect): diff --git a/service/test_requirements.txt b/service/test_requirements.txt index b6b704c7..94b19526 100644 --- a/service/test_requirements.txt +++ b/service/test_requirements.txt @@ -10,3 +10,4 @@ coverage crochet==1.4.0 poster==0.8.1 locustio==0.7.3 +-e 'git+https://github.com/pixelated/leap_auth.git#egg=leap.auth' |