def register(
server_name,
username,
password,
leap_home,
provider_cert,
provider_cert_fingerprint):
try:
validate_username(username)
except ValueError:
print('Only lowercase letters, digits, . - and _ allowed.')
if not password:
password = getpass.getpass('Please enter password for %s: ' % username)
LeapCertificate.set_cert_and_fingerprint(provider_cert, provider_cert_fingerprint)
config = LeapConfig(leap_home=leap_home)
provider = LeapProvider(server_name, config)
LeapCertificate(provider).setup_ca_bundle()
srp_auth = SRPAuth(provider.api_uri, LeapCertificate(provider).provider_api_cert)
if srp_auth.register(username, password):
LeapSessionFactory(provider).create(username, password)
else:
logger.error("Register failed")
def _create_new_session(self, username, password):
self._create_dir(self._provider.config.leap_home)
self._provider.download_certificate()
srp_auth = SRPAuth(self._provider.api_uri, self._provider.local_ca_crt)
auth = srp_auth.authenticate(username, password)
account_email = self._provider.address_for(username)
self._create_database_dir()
soledad = SoledadFactory.create(auth.token,
auth.uuid,
password,
self._secrets_path(auth.uuid),
self._local_db_path(auth.uuid),
self._provider.discover_soledad_server(auth.uuid),
LeapCertificate(self._provider).provider_api_cert)
mail_store = LeapMailStore(soledad)
nicknym = self._create_nicknym(account_email, auth.token, auth.uuid, soledad)
self._download_smtp_cert(auth)
smtp_host, smtp_port = self._provider.smtp_info()
smtp_config = LeapSMTPConfig(account_email, self._smtp_client_cert_path(), smtp_host, smtp_port)
return LeapSession(self._provider, auth, mail_store, soledad, nicknym, smtp_config)
def _create_new_session(self, username, password):
self._create_dir(self._provider.config.leap_home)
self._provider.download_certificate()
srp_auth = SRPAuth(self._provider.api_uri, self._provider.local_ca_crt)
auth = srp_auth.authenticate(username, password)
account_email = self._provider.address_for(username)
self._create_database_dir()
soledad = SoledadFactory.create(
auth.token, auth.uuid, password, self._secrets_path(auth.uuid),
self._local_db_path(auth.uuid),
self._provider.discover_soledad_server(auth.uuid),
LeapCertificate(self._provider).provider_api_cert)
mail_store = LeapMailStore(soledad)
nicknym = self._create_nicknym(account_email, auth.token, auth.uuid,
soledad)
self._download_smtp_cert(auth)
smtp_host, smtp_port = self._provider.smtp_info()
smtp_config = LeapSMTPConfig(account_email,
self._smtp_client_cert_path(), smtp_host,
smtp_port)
return LeapSession(self._provider, auth, mail_store, soledad, nicknym,
smtp_config)
def _can_authorize_with_leap_provider(self, username, password):
srp_auth = SRPAuth(self.provider.api_uri, which_api_CA_bundle(self.provider))
try:
auth = srp_auth.authenticate(username, password)
return True
except SRPAuthenticationError, e:
logger.error('Failure while authenticating with LEAP: %s' % e)
return False
def register_new_user(username, server_name):
config = LeapConfig()
provider = LeapProvider(server_name, config)
password = getpass.getpass('Please enter password for %s: ' % username)
srp_auth = SRPAuth(provider.api_uri, provider.local_ca_crt)
srp_auth.register(username, password)
session = LeapSession.open(username, password, server_name)
session.nicknym.generate_openpgp_key()
def _get_or_create_user(self, number):
srp_auth = SRPAuth(LEAP_SERVER_HOST, os.path.expanduser(LEAP_VERIFY_CERTIFICATE))
username, password = ('loadtest%d' % number), ('password_%d' % number)
try:
srp_auth.authenticate(username, password)
except SRPAuthenticationError:
invite_code = load_invite_from_number(number) if INVITES_ENABLED else None
srp_auth.register(username, password, invite_code)
return username, password
def _create_new_session(self, username, password):
self._create_dir(self._provider.config.leap_home)
self._provider.download_certificate()
srp_auth = SRPAuth(self._provider.api_uri, self._provider.local_ca_crt)
auth = srp_auth.authenticate(username, password)
account_email = self._provider.address_for(username)
soledad = SoledadSessionFactory.create(self._provider, auth.token, auth.uuid, password)
mail_store = LeapMailStore(soledad.soledad)
nicknym = self._create_nicknym(account_email, auth.token, auth.uuid, soledad)
smtp = LeapSmtp(self._provider, auth, nicknym.keymanager)
return LeapSession(self._provider, auth, mail_store, soledad, nicknym, smtp)
class User(object):
def __init__(self, number, provider, certificate):
self._username = '******' % number
self._password = '******' % number
self._set_srp_auth(provider, certificate)
def _set_srp_auth(self, leap_provider, certificate):
leap_api_server = 'https://api.%s:4430' % leap_provider
self._srp_auth = SRPAuth(leap_api_server, certificate)
def get_or_create_user(self, invite_code=None):
try:
self.authenticate()
except SRPAuthenticationError:
self.register(invite_code)
return self._username, self._password
def authenticate(self):
self._srp_auth.authenticate(self._username, self._password)
def register(self, invite_code=None):
self._srp_auth.register(self._username, self._password, invite_code)
def _create_new_session(self, username, password):
self._create_dir(self._provider.config.leap_home)
self._provider.download_certificate()
srp_auth = SRPAuth(self._provider.api_uri, self._provider.local_ca_crt)
auth = srp_auth.authenticate(username, password)
soledad = SoledadSessionFactory.create(self._provider, auth.token,
auth.uuid, password)
nicknym = self._create_nicknym(auth.username, auth.token, auth.uuid,
soledad)
account = self._create_account(auth.uuid, soledad)
incoming_mail_fetcher = self._create_incoming_mail_fetcher(
nicknym, soledad, account, auth.username)
smtp = LeapSmtp(self._provider, auth.username, auth.session_id,
nicknym.keymanager)
smtp.ensure_running()
return LeapSession(self._provider, auth, soledad, nicknym, account,
incoming_mail_fetcher, smtp)
def register(server_name, username, password, leap_home, provider_cert,
provider_cert_fingerprint):
try:
validate_username(username)
except ValueError:
print('Only lowercase letters, digits, . - and _ allowed.')
if not password:
password = getpass.getpass('Please enter password for %s: ' % username)
LeapCertificate.set_cert_and_fingerprint(provider_cert,
provider_cert_fingerprint)
config = LeapConfig(leap_home=leap_home)
provider = LeapProvider(server_name, config)
LeapCertificate(provider).setup_ca_bundle()
srp_auth = SRPAuth(provider.api_uri,
LeapCertificate(provider).provider_api_cert)
if srp_auth.register(username, password):
LeapSessionFactory(provider).create(username, password)
else:
logger.error("Register failed")
def _get_or_create_user(self, number):
srp_auth = SRPAuth(LEAP_SERVER_HOST,
os.path.expanduser(LEAP_VERIFY_CERTIFICATE))
username, password = ('loadtest%d' % number), ('password_%d' % number)
try:
srp_auth.authenticate(username, password)
except SRPAuthenticationError:
invite_code = None
if INVITES_ENABLED:
invite_code = load_invite_from_number(number)
srp_auth.register(username, password, invite_code)
return username, password
def _auth_leap(self, username, password):
srp_auth = SRPAuth(self._provider.api_uri, self._provider.local_ca_crt)
return srp_auth.authenticate(username, password)
def authenticate(provider, user, password):
srp_auth = SRPAuth(provider.api_uri, provider.local_ca_crt)
d = threads.deferToThread(srp_auth.authenticate, user, password)
return d
def _auth_leap(self, username, password):
srp_auth = SRPAuth(self._provider.api_uri, self._provider.local_ca_crt)
return srp_auth.authenticate(username, password)
def _validate_credentials():
try:
srp_auth = SRPAuth(self._leap_provider.api_uri, self._leap_provider.local_ca_crt)
return srp_auth.authenticate(credentials.username, credentials.password)
except SRPAuthenticationError:
raise UnauthorizedLogin()
password = getpass.getpass('Please enter password for %s: ' % username)
try:
validate_username(username)
validate_password(password)
except ValueError, e:
print(e.message)
sys.exit(1)
events_server.ensure_server()
LeapCertificate.set_cert_and_fingerprint(provider_cert,
provider_cert_fingerprint)
config = LeapConfig(leap_home=leap_home)
provider = LeapProvider(server_name, config)
LeapCertificate(provider).setup_ca_bundle()
srp_auth = SRPAuth(provider.api_uri,
LeapCertificate(provider).provider_api_cert)
if srp_auth.register(username, password):
LeapSessionFactory(provider).create(username, password)
else:
logger.error("Register failed")
def validate_username(username):
accepted_characters = '^[a-z0-9\-\_\.]*$'
if (not re.match(accepted_characters, username)):
raise ValueError('Only lowercase letters, digits, . - and _ allowed.')
def validate_password(password):
if len(password) < 8:
def _validate_credentials():
try:
srp_auth = SRPAuth(self._leap_provider.api_uri, self._leap_provider.local_ca_crt)
srp_auth.authenticate(credentials.username, credentials.password)
except SRPAuthenticationError:
raise UnauthorizedLogin()
def authenticate(user, password, cert_file, api):
srp_auth = SRPAuth(api, cert_file)
auth = srp_auth.authenticate(user, password)
return auth.__dict__.copy()
def _set_srp_auth(self, leap_provider, certificate):
leap_api_server = 'https://api.%s:4430' % leap_provider
self._srp_auth = SRPAuth(leap_api_server, certificate)
if not password:
password = getpass.getpass('Please enter password for %s: ' % username)
try:
validate_username(username)
validate_password(password)
except ValueError, e:
print(e.message)
sys.exit(1)
events_server.ensure_server()
LeapCertificate.set_cert_and_fingerprint(provider_cert, provider_cert_fingerprint)
config = LeapConfig(leap_home=leap_home)
provider = LeapProvider(server_name, config)
LeapCertificate(provider).setup_ca_bundle()
srp_auth = SRPAuth(provider.api_uri, LeapCertificate(provider).provider_api_cert)
if srp_auth.register(username, password):
LeapSessionFactory(provider).create(username, password)
else:
logger.error("Register failed")
def validate_username(username):
accepted_characters = '^[a-z0-9\-\_\.]*$'
if (not re.match(accepted_characters, username)):
raise ValueError('Only lowercase letters, digits, . - and _ allowed.')
def validate_password(password):
if len(password) < 8:
