From d79aa00e3c24c5bf5e5ed5ba5a9b976f93034362 Mon Sep 17 00:00:00 2001 From: Folker Bernitt Date: Wed, 4 Nov 2015 10:11:19 +0100 Subject: Instantiate new MailSender in Services - Issue #499 - Some smaller refactorings - Extract smtp cert download to own class --- service/pixelated/adapter/services/mail_sender.py | 14 ++-- service/pixelated/bitmask_libraries/provider.py | 7 -- service/pixelated/bitmask_libraries/session.py | 61 +++++++++++------ service/pixelated/bitmask_libraries/smtp.py | 33 +++++---- service/pixelated/config/services.py | 10 +-- .../test/unit/adapter/services/test_mail_sender.py | 7 +- service/test/unit/bitmask_libraries/test_smtp.py | 53 +++------------ .../bitmask_libraries/test_smtp_cert_downloader.py | 78 ++++++++++++++++++++++ 8 files changed, 161 insertions(+), 102 deletions(-) create mode 100644 service/test/unit/bitmask_libraries/test_smtp_cert_downloader.py diff --git a/service/pixelated/adapter/services/mail_sender.py b/service/pixelated/adapter/services/mail_sender.py index a3315b53..ca1e99d7 100644 --- a/service/pixelated/adapter/services/mail_sender.py +++ b/service/pixelated/adapter/services/mail_sender.py @@ -30,12 +30,9 @@ class SMTPDownException(Exception): class MailSender(object): - def __init__(self, account_email_address, keymanager, cert_path, remote_smtp_host, remote_smtp_port): - self._from = account_email_address + def __init__(self, smtp_config, keymanager): + self._smtp_config = smtp_config self._keymanager = keymanager - self._cert_path = cert_path - self._remote_smtp_host = remote_smtp_host - self._remote_smtp_port = remote_smtp_port def sendmail(self, mail): recipients = flatten([mail.to, mail.cc, mail.bcc]) @@ -48,7 +45,12 @@ class MailSender(object): return defer.gatherResults(deferreds) def _create_outgoing_mail(self): - return OutgoingMail(str(self._from), self._keymanager, unicode(self._cert_path), unicode(self._cert_path), str(self._remote_smtp_host), int(self._remote_smtp_port)) + return OutgoingMail(str(self._smtp_config.account_email), + self._keymanager, + self._smtp_config.cert_path, + self._smtp_config.cert_path, + str(self._smtp_config.remote_smtp_host), + int(self._smtp_config.remote_smtp_port)) class LocalSmtpMailSender(object): diff --git a/service/pixelated/bitmask_libraries/provider.py b/service/pixelated/bitmask_libraries/provider.py index 071b0bbf..a529208d 100644 --- a/service/pixelated/bitmask_libraries/provider.py +++ b/service/pixelated/bitmask_libraries/provider.py @@ -138,10 +138,3 @@ class LeapProvider(object): def address_for(self, username): return '%s@%s' % (username, self.domain) - - def _client_cert_path(self): - return os.path.join( - self.config.leap_home, - "providers", - self.domain, - "keys", "client", "smtp.pem") diff --git a/service/pixelated/bitmask_libraries/session.py b/service/pixelated/bitmask_libraries/session.py index 4a503628..3f8e6de6 100644 --- a/service/pixelated/bitmask_libraries/session.py +++ b/service/pixelated/bitmask_libraries/session.py @@ -26,7 +26,7 @@ from leap.mail.incoming.service import IncomingMail from leap.auth import SRPAuth from leap.mail.imap.account import IMAPAccount from .nicknym import NickNym -from .smtp import LeapSmtp +from .smtp import LeapSmtp, LeapSMTPConfig from .soledad import SoledadSessionFactory from leap.common.events import ( @@ -123,6 +123,36 @@ class LeapSession(object): raise +class SmtpCertDownloader(object): + + def __init__(self, provider, auth): + self._provider = provider + self._auth = auth + + def download(self): + cert_url = '%s/%s/cert' % (self._provider.api_uri, self._provider.api_version) + cookies = {"_session_id": self._auth.session_id} + headers = {} + headers["Authorization"] = 'Token token="{0}"'.format(self._auth.token) + response = requests.get( + cert_url, + verify=LeapCertificate(self._provider).provider_api_cert, + cookies=cookies, + timeout=self._provider.config.timeout_in_s, + headers=headers) + response.raise_for_status() + + client_cert = response.content + + return client_cert + + def download_to(self, target_file): + client_cert = self.download() + + with open(target_file, 'w') as f: + f.write(client_cert) + + class LeapSessionFactory(object): def __init__(self, provider): self._provider = provider @@ -151,34 +181,27 @@ class LeapSessionFactory(object): nicknym = self._create_nicknym(account_email, auth.token, auth.uuid, soledad) self._download_smtp_cert(auth) - smtp = LeapSmtp(self._provider, auth, nicknym.keymanager) - # TODO: Create the new mail sender based on what we have in available LeapSmtp, e.g. the certs + smtp_host, smtp_port = self._provider.smtp_info() + smtp_config = LeapSMTPConfig(account_email, self._smtp_client_cert_path(), smtp_host, smtp_port) + smtp = LeapSmtp(smtp_config, nicknym.keymanager) return LeapSession(self._provider, auth, mail_store, soledad, nicknym, smtp) def _download_smtp_cert(self, auth): - cert_path = self._provider._client_cert_path() + cert_path = self._smtp_client_cert_path() if not os.path.exists(os.path.dirname(cert_path)): os.makedirs(os.path.dirname(cert_path)) - cert_url = '%s/%s/cert' % (self._provider.api_uri, self._provider.api_version) - cookies = {"_session_id": auth.session_id} - headers = {} - headers["Authorization"] = 'Token token="{0}"'.format(auth.token) - response = requests.get( - cert_url, - verify=LeapCertificate(self._provider).provider_api_cert, - cookies=cookies, - timeout=self._provider.config.timeout_in_s, - headers=headers) - response.raise_for_status() - - client_cert = response.content + SmtpCertDownloader(self._provider, auth).download_to(cert_path) - with open(cert_path, 'w') as f: - f.write(client_cert) + def _smtp_client_cert_path(self): + return os.path.join( + self._config.leap_home, + "providers", + self._provider.domain, + "keys", "client", "smtp.pem") def _lookup_session(self, key): global SESSIONS diff --git a/service/pixelated/bitmask_libraries/smtp.py b/service/pixelated/bitmask_libraries/smtp.py index 63d2d310..f4ab00f7 100644 --- a/service/pixelated/bitmask_libraries/smtp.py +++ b/service/pixelated/bitmask_libraries/smtp.py @@ -14,41 +14,40 @@ # You should have received a copy of the GNU Affero General Public License # along with Pixelated. If not, see . import logging -import os -import requests import random from leap.mail.smtp import setup_smtp_gateway -from pixelated.bitmask_libraries.certs import LeapCertificate logger = logging.getLogger(__name__) +class LeapSMTPConfig(object): + + def __init__(self, account_email, cert_path, remote_smtp_host, remote_smtp_port): + self.account_email = account_email + self.cert_path = cert_path + self.remote_smtp_host = remote_smtp_host + self.remote_smtp_port = remote_smtp_port + + class LeapSmtp(object): - def __init__(self, provider, auth, keymanager=None): + def __init__(self, smtp_config, keymanager=None): self.local_smtp_port_number = random.randrange(12000, 16000) - self._provider = provider - self.username = auth.username - self.session_id = auth.session_id - self.user_token = auth.token + self._smtp_config = smtp_config self._keymanager = keymanager - self._remote_hostname, self._remote_port = provider.smtp_info() self._local_smtp_service_socket = None self._local_smtp_service = None def start(self): - cert_path = self._provider._client_cert_path() - email = '%s@%s' % (self.username, self._provider.domain) - self._local_smtp_service, self._local_smtp_service_socket = setup_smtp_gateway( port=self.local_smtp_port_number, - userid=str(email), + userid=str(self._smtp_config.account_email), keymanager=self._keymanager, - smtp_host=self._remote_hostname.encode('UTF-8'), - smtp_port=self._remote_port, - smtp_cert=cert_path, - smtp_key=cert_path, + smtp_host=self._smtp_config.remote_smtp_host.encode('UTF-8'), + smtp_port=self._smtp_config.remote_smtp_port, + smtp_cert=self._smtp_config.cert_path, + smtp_key=self._smtp_config.cert_path, encrypted_only=False ) diff --git a/service/pixelated/config/services.py b/service/pixelated/config/services.py index 7c08d286..cd475228 100644 --- a/service/pixelated/config/services.py +++ b/service/pixelated/config/services.py @@ -1,7 +1,7 @@ from pixelated.adapter.mailstore.searchable_mailstore import SearchableMailStore from pixelated.adapter.services.mail_service import MailService from pixelated.adapter.model.mail import InputMail -from pixelated.adapter.services.mail_sender import LocalSmtpMailSender # , MailSender +from pixelated.adapter.services.mail_sender import LocalSmtpMailSender, MailSender # , MailSender from pixelated.adapter.search import SearchEngine from pixelated.adapter.services.draft_service import DraftService from pixelated.adapter.listeners.mailbox_indexer_listener import listen_all_mailboxes @@ -55,17 +55,11 @@ class Services(object): self.search_engine = search_engine def setup_mail_service(self, leap_session, search_engine): - smtp_host, smtp_port = leap_session.provider.smtp_info() pixelated_mail_sender = LocalSmtpMailSender( leap_session.account_email(), leap_session.smtp) - # pixelated_mail_sender = MailSender( - # leap_session.account_email(), - # leap_session.nicknym, - # leap_session.provider.local_ca_crt, - # smtp_host, - # smtp_port) + MailSender(leap_session.smtp._smtp_config, leap_session.nicknym.keymanager) return MailService( pixelated_mail_sender, diff --git a/service/test/unit/adapter/services/test_mail_sender.py b/service/test/unit/adapter/services/test_mail_sender.py index ca68bdc6..d8c33f17 100644 --- a/service/test/unit/adapter/services/test_mail_sender.py +++ b/service/test/unit/adapter/services/test_mail_sender.py @@ -19,6 +19,7 @@ from twisted.trial import unittest from mockito import mock, when, verify, any, unstub from pixelated.adapter.services.mail_sender import LocalSmtpMailSender, SMTPDownException, MailSender from pixelated.adapter.model.mail import InputMail +from pixelated.bitmask_libraries.smtp import LeapSMTPConfig from pixelated.support.functional import flatten from test.support.test_helper import mail_dict from twisted.internet import reactor, defer @@ -32,17 +33,19 @@ class MailSenderTest(unittest.TestCase): self._keymanager_mock = mock() self._remote_smtp_host = 'some.host.test' self._remote_smtp_port = 1234 + self._smtp_config = LeapSMTPConfig('someone@somedomain.tld', self._cert_path, self._remote_smtp_host, self._remote_smtp_port) def tearDown(self): unstub() + @defer.inlineCallbacks def test_iterates_over_recipients(self): - sender = MailSender('someone@somedomain.tld', self._keymanager_mock, self._cert_path, self._remote_smtp_host, self._remote_smtp_port) + sender = MailSender(self._smtp_config, self._keymanager_mock) input_mail = InputMail.from_dict(mail_dict()) when(OutgoingMail).send_message(any(), any()).thenAnswer(lambda: defer.succeed(None)) - sender.sendmail(input_mail) + yield sender.sendmail(input_mail) for recipient in flatten([input_mail.to, input_mail.cc, input_mail.bcc]): verify(OutgoingMail).send_message(any(), recipient) diff --git a/service/test/unit/bitmask_libraries/test_smtp.py b/service/test/unit/bitmask_libraries/test_smtp.py index 182a0786..22b69b9e 100644 --- a/service/test/unit/bitmask_libraries/test_smtp.py +++ b/service/test/unit/bitmask_libraries/test_smtp.py @@ -13,29 +13,10 @@ # # You should have received a copy of the GNU Affero General Public License # along with Pixelated. If not, see . -import sys - import os from mock import MagicMock, patch from test_abstract_leap import AbstractLeapTest -from pixelated.bitmask_libraries.smtp import LeapSmtp -from httmock import all_requests, HTTMock, urlmatch - - -@all_requests -def not_found_mock(url, request): - sys.stderr.write('url=%s\n' % url.netloc) - sys.stderr.write('path=%s\n' % url.path) - return {'status_code': 404, - 'content': 'foobar'} - - -@urlmatch(netloc='api.some-server.test:4430', path='/1/cert') -def ca_cert_mock(url, request): - return { - "status_code": 200, - "content": "some content" - } +from pixelated.bitmask_libraries.smtp import LeapSmtp, LeapSMTPConfig class LeapSmtpTest(AbstractLeapTest): @@ -43,53 +24,39 @@ class LeapSmtpTest(AbstractLeapTest): def setUp(self): super(LeapSmtpTest, self).setUp() - self.provider.fetch_smtp_json.return_value = { - 'hosts': { - 'leap-mx': { - 'hostname': 'smtp.some-sever.test', - 'port': '1234' - } - } - } self.config.timeout_in_s = 15 + self._smtp_config = LeapSMTPConfig('test_user@some-server.test', self._client_cert_path(), 'smtp.some-server.test', 1234) def _client_cert_path(self): return os.path.join(self.leap_home, 'providers', 'some-server.test', 'keys', 'client', 'smtp.pem') @patch('pixelated.bitmask_libraries.smtp.setup_smtp_gateway') def test_that_start_calls_setup_smtp_gateway(self, gateway_mock): - self.provider.smtp_info = MagicMock(return_value=('smtp.some-sever.test', 1234)) - self.provider._client_cert_path = MagicMock(return_value=self._client_cert_path()) - smtp = LeapSmtp(self.provider, self.auth, self.keymanager) + smtp = LeapSmtp(self._smtp_config, self.keymanager) port = 500 smtp.local_smtp_port_number = port gateway_mock.return_value = (None, None) - with HTTMock(ca_cert_mock, not_found_mock): - smtp.ensure_running() + smtp.ensure_running() cert_path = self._client_cert_path() - gateway_mock.assert_called_with(smtp_cert=cert_path, userid='test_user@some-server.test', smtp_port=1234, smtp_key=cert_path, keymanager=self.keymanager, encrypted_only=False, smtp_host='smtp.some-sever.test', port=port) + gateway_mock.assert_called_with(smtp_cert=cert_path, userid='test_user@some-server.test', smtp_port=1234, smtp_key=cert_path, keymanager=self.keymanager, encrypted_only=False, smtp_host='smtp.some-server.test', port=port) def test_that_client_stop_does_nothing_if_not_started(self): - self.provider.smtp_info = MagicMock(return_value=('smtp.some-sever.test', 1234)) - smtp = LeapSmtp(self.provider, self.auth, self.keymanager) + smtp = LeapSmtp(self._smtp_config, self.keymanager) - with HTTMock(not_found_mock): - smtp.stop() + smtp.stop() @patch('pixelated.bitmask_libraries.smtp.setup_smtp_gateway') def test_that_running_smtp_sevice_is_stopped(self, gateway_mock): - self.provider.smtp_info = MagicMock(return_value=('smtp.some-sever.test', 1234)) - smtp = LeapSmtp(self.provider, self.auth, self.keymanager) + smtp = LeapSmtp(self._smtp_config, self.keymanager) smtp_service = MagicMock() smtp_port = MagicMock() gateway_mock.return_value = (smtp_service, smtp_port) - with HTTMock(ca_cert_mock, not_found_mock): - smtp.ensure_running() - smtp.stop() + smtp.ensure_running() + smtp.stop() smtp_port.stopListening.assert_called_with() smtp_service.doStop.assert_called_with() diff --git a/service/test/unit/bitmask_libraries/test_smtp_cert_downloader.py b/service/test/unit/bitmask_libraries/test_smtp_cert_downloader.py new file mode 100644 index 00000000..5644ab6a --- /dev/null +++ b/service/test/unit/bitmask_libraries/test_smtp_cert_downloader.py @@ -0,0 +1,78 @@ +# +# Copyright (c) 2015 ThoughtWorks, Inc. +# +# Pixelated is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Pixelated is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with Pixelated. If not, see . +import unittest +from mockito import mock, unstub +from requests import HTTPError +from pixelated.bitmask_libraries.session import SmtpCertDownloader +from tempfile import NamedTemporaryFile +from httmock import all_requests, HTTMock, urlmatch + +CERTIFICATE_DATA = 'some cert data' + + +@all_requests +def not_found_mock(url, request): + return {'status_code': 404, + 'content': 'foobar'} + + +@urlmatch(netloc='api.some-server.test:4430', path='/1/cert') +def ca_cert_mock(url, request): + return { + "status_code": 200, + "content": CERTIFICATE_DATA + } + + +class TestSmtpCertDownloader(unittest.TestCase): + + def setUp(self): + self._provider = mock() + self._config = mock() + self._config.leap_home = '/tmp' + self._auth = mock() + + self._provider.config = self._config + self._provider.api_uri = 'https://api.some-server.test:4430' + self._provider.api_version = '1' + self._provider.server_name = 'some.host.tld' + + self._auth.session_id = 'some session id' + self._auth.token = 'some token' + + def tearDown(self): + unstub() + + def test_download_certificate(self): + with HTTMock(ca_cert_mock, not_found_mock): + cert_data = SmtpCertDownloader(self._provider, self._auth).download() + + self.assertEqual(CERTIFICATE_DATA, cert_data) + + def test_error_if_not_found(self): + downloader = SmtpCertDownloader(self._provider, self._auth) + with HTTMock(not_found_mock): + self.assertRaises(HTTPError, downloader.download) + + def test_download_to(self): + downloader = SmtpCertDownloader(self._provider, self._auth) + + with NamedTemporaryFile() as tmp_file: + with HTTMock(ca_cert_mock, not_found_mock): + downloader.download_to(tmp_file.name) + + file_content = open(tmp_file.name).read() + self.assertEqual(CERTIFICATE_DATA, file_content) -- cgit v1.2.3