def activate_connection(meta, builder):
"""do the actual connecting action"""
logger.info("Connecting to {}".format(meta.display_name))
notify("eduVPN connecting...", "Connecting to '{}'".format(meta.display_name))
try:
if not meta.token:
logger.error("metadata for {} doesn't contain oauth2 token".format(meta.uuid))
else:
oauth = oauth_from_token(meta=meta)
config = get_profile_config(oauth, meta.api_base_uri, meta.profile_id)
meta.config = config
update_config_provider(meta)
if datetime.now() > datetime.fromtimestamp(meta.token['expires_at']):
logger.info("key pair is expired")
cert, key = create_keypair(oauth, meta.api_base_uri)
update_keys_provider(meta.uuid, cert, key)
connect_provider(meta.uuid)
except Exception as e:
switch = builder.get_object('connect-switch')
GLib.idle_add(switch.set_active, False)
window = builder.get_object('eduvpn-window')
error_helper(window, "can't enable connection", "{}: {}".format(type(e).__name__, str(e)))
raise
def _cert_check(meta, oauth, builder, info):
common_name = common_name_from_cert(meta.cert.encode('ascii'))
cert_valid = check_certificate(oauth, meta.api_base_uri, common_name)
if not cert_valid['is_valid']:
logger.warning('client certificate not valid, reason: {}'.format(
cert_valid['reason']))
if cert_valid['reason'] in ('certificate_missing',
'certificate_not_yet_valid',
'certificate_expired'):
logger.info('Going to try to fetch new keypair')
cert, key = create_keypair(oauth, meta.api_base_uri)
update_keys_provider(meta.uuid, cert, key)
elif cert_valid['reason'] == 'user_disabled':
raise EduvpnException('Your account has been disabled.')
else:
raise EduvpnException(
'Your client certificate is invalid ({})'.format(
cert_valid['reason']))
_fetch_updated_config(oauth, meta, builder, info)
def test_update_keys_provider(self):
update_keys_provider(uuid=self.meta.uuid,
cert=self.meta.cert,
key=self.meta.key)