Exemplo n.º 1
0
    def test_throw_exception_for_invalid_certificate(self):
        expected_exception_message = 'Certificate fingerprints don\'t match! Expected [0123456789012345678901234567890123456789012345678901234567890123] but got [06e2300bdbc118c290eda0dc977c24080718f4eeca68c8b0ad431872a2baa22d]'

        with HTTMock(provider_json_invalid_fingerprint_mock, ca_cert_mock, not_found_mock):
            provider = LeapProvider('some-provider.test', self.config)
            with self.assertRaises(Exception) as cm:
                provider.fetch_valid_certificate()
            self.assertEqual(expected_exception_message, cm.exception.message)
    def test_that_provider_cert_is_used_to_fetch_soledad_json(self):
        get_func = MagicMock(wraps=requests.get)

        with patch('pixelated.bitmask_libraries.provider.requests.get', new=get_func):
            with HTTMock(provider_json_mock, soledad_json_mock, not_found_mock):
                provider = LeapProvider('some-provider.test')
                provider.fetch_soledad_json()
        get_func.assert_called_with('https://api.some-provider.test:4430/1/config/soledad-service.json', verify='/tmp/foobar/providers/some-provider.test/keys/client/api.pem', timeout=15)
Exemplo n.º 3
0
def initialize_leap_provider(provider_hostname, provider_cert, provider_fingerprint, leap_home):
    LeapCertificate.set_cert_and_fingerprint(provider_cert,
                                             provider_fingerprint)
    leap_config.set_leap_home(leap_home)
    provider = LeapProvider(provider_hostname)
    provider.setup_ca()
    provider.download_settings()
    return provider
Exemplo n.º 4
0
    def test_that_provider_cert_is_used_to_fetch_soledad_json(self):
        get_func = MagicMock(wraps=requests.get)
        LeapCertificate.provider_api_cert = PROVIDER_API_CERT

        with patch('pixelated.bitmask_libraries.provider.requests.get', new=get_func):
            with HTTMock(provider_json_mock, soledad_json_mock, not_found_mock):
                provider = LeapProvider('some-provider.test', self.config)
                provider.fetch_soledad_json()
        get_func.assert_called_with('https://api.some-provider.test:4430/1/config/soledad-service.json', verify=PROVIDER_API_CERT, timeout=15)
Exemplo n.º 5
0
def initialize_leap_provider(provider_hostname, provider_cert, provider_fingerprint, leap_home):
    LeapCertificate.set_cert_and_fingerprint(provider_cert, provider_fingerprint)

    config = LeapConfig(leap_home=leap_home, start_background_jobs=True)
    provider = LeapProvider(provider_hostname, config)
    provider.download_certificate()
    LeapCertificate(provider).setup_ca_bundle()

    return config, provider
Exemplo n.º 6
0
    def test_that_leap_fingerprint_is_validated(self):
        session = MagicMock(wraps=requests.session())
        session_func = MagicMock(return_value=session)
        LeapCertificate.set_cert_and_fingerprint(None, 'some fingerprint')

        with patch('pixelated.bitmask_libraries.provider.requests.session', new=session_func):
            with HTTMock(provider_json_mock, ca_cert_mock, not_found_mock):
                provider = LeapProvider('some-provider.test', self.config)
                provider.fetch_valid_certificate()

        session.get.assert_any_call('https://some-provider.test/ca.crt', verify=False, timeout=15)
        session.mount.assert_called_with('https://', ANY)
Exemplo n.º 7
0
    def test_that_bootstrap_cert_is_used_to_fetch_certificate(self):
        session = MagicMock(wraps=requests.session())
        session_func = MagicMock(return_value=session)
        get_func = MagicMock(wraps=requests.get)

        with patch('pixelated.bitmask_libraries.provider.requests.session', new=session_func):
            with patch('pixelated.bitmask_libraries.provider.requests.get', new=get_func):
                with HTTMock(provider_json_mock, ca_cert_mock, not_found_mock):
                    provider = LeapProvider('some-provider.test', self.config)
                    provider.fetch_valid_certificate()

        session.get.assert_any_call('https://some-provider.test/ca.crt', verify=BOOTSTRAP_CA_CERT, timeout=15)
        session.get.assert_any_call('https://some-provider.test/provider.json', verify=BOOTSTRAP_CA_CERT, timeout=15)
Exemplo n.º 8
0
def register_new_user(username, server_name):
    certs_home = os.path.abspath(
        os.path.join(os.path.abspath(__file__), "..", "..", "certificates"))
    config = LeapConfig(certs_home=certs_home)
    provider = LeapProvider(server_name, config)
    password = getpass.getpass('Please enter password for %s: ' % username)
    LeapAuthenticator(provider).register(LeapCredentials(username, password))

    session = LeapSession.open(username, password, server_name)
    session.nicknym.generate_openpgp_key()
Exemplo n.º 9
0
def open(username, password, server_name, leap_home=DEFAULT_LEAP_HOME):
    certs_home = os.path.abspath(
        os.path.join(os.path.abspath(__file__), "..", "..", "certificates"))

    config = LeapConfig(leap_home=leap_home, certs_home=certs_home)
    provider = LeapProvider(server_name, config)
    refresh_ca_bundle(provider)
    session = LeapSessionFactory(provider).create(
        LeapCredentials(username, password))

    return session
Exemplo n.º 10
0
    def test_that_bootstrap_cert_is_used_to_fetch_certificate(self):
        session = MagicMock(wraps=requests.session())
        session_func = MagicMock(return_value=session)
        get_func = MagicMock(wraps=requests.get)
        LeapCertificate.LEAP_CERT = PROVIDER_WEB_CERT

        with patch('pixelated.bitmask_libraries.provider.requests.session',
                   new=session_func):
            with patch('pixelated.bitmask_libraries.provider.requests.get',
                       new=get_func):
                with HTTMock(provider_json_mock, ca_cert_mock, not_found_mock):
                    provider = LeapProvider('some-provider.test', self.config)
                    provider.fetch_valid_certificate()

        session.get.assert_any_call('https://some-provider.test/ca.crt',
                                    verify=PROVIDER_WEB_CERT,
                                    timeout=15)
        session.get.assert_any_call('https://some-provider.test/provider.json',
                                    verify=PROVIDER_WEB_CERT,
                                    timeout=15)
Exemplo n.º 11
0
def open(username, password, server_name):
    try:
        certs_home = os.path.abspath(
            os.path.join(os.path.abspath(__file__), "..", "..",
                         "certificates"))

        config = LeapConfig(certs_home=certs_home)
        provider = LeapProvider(server_name, config)
        session = LeapSessionFactory(provider).create(
            LeapCredentials(username, password))

        return session
    except:
        raise
Exemplo n.º 12
0
    def test_that_leap_fingerprint_is_validated(self):
        session = MagicMock(wraps=requests.session())
        session_func = MagicMock(return_value=session)

        with patch(
                'pixelated.bitmask_libraries.provider.which_bootstrap_cert_fingerprint',
                return_value='some fingerprint'):
            with patch(
                    'pixelated.bitmask_libraries.provider.which_bootstrap_CA_bundle',
                    return_value=False):
                with patch(
                        'pixelated.bitmask_libraries.provider.requests.session',
                        new=session_func):
                    with HTTMock(provider_json_mock, ca_cert_mock,
                                 not_found_mock):
                        provider = LeapProvider('some-provider.test',
                                                self.config)
                        provider.fetch_valid_certificate()

        session.get.assert_any_call('https://some-provider.test/ca.crt',
                                    verify=False,
                                    timeout=15)
        session.mount.assert_called_with('https://', ANY)
Exemplo n.º 13
0
    def test_provider_fetches_provider_json(self):
        with HTTMock(provider_json_mock):
            provider = LeapProvider('some-provider.test', self.config)

            self.assertEqual("1", provider.api_version)
            self.assertEqual("some-provider.test", provider.domain)
            self.assertEqual("https://api.some-provider.test:4430",
                             provider.api_uri)
            self.assertEqual("https://some-provider.test/ca.crt",
                             provider.ca_cert_uri)
            self.assertEqual(
                "SHA256: 06e2300bdbc118c290eda0dc977c24080718f4eeca68c8b0ad431872a2baa22d",
                provider.ca_cert_fingerprint)
            self.assertEqual(["mx"], provider.services)
Exemplo n.º 14
0
def initialize_leap_provider(provider_hostname, provider_cert,
                             provider_fingerprint, leap_home):
    LeapCertificate.set_cert_and_fingerprint(provider_cert,
                                             provider_fingerprint)
    leap_config.set_leap_home(leap_home)
    provider = LeapProvider(provider_hostname)
    provider.setup_ca()
    provider.download_settings()
    return provider
Exemplo n.º 15
0
def _set_provider(provider_cert, provider_cert_fingerprint, server_name, leap_home=None):
    if leap_home:
        leap_config.set_leap_home(leap_home)

    LeapCertificate.set_cert_and_fingerprint(provider_cert, provider_cert_fingerprint)
    provider = LeapProvider(server_name)
    provider.setup_ca()
    provider.download_settings()
    return provider
Exemplo n.º 16
0
def initialize_leap_provider(provider_hostname, provider_cert,
                             provider_fingerprint, leap_home):
    LeapCertificate.set_cert_and_fingerprint(provider_cert,
                                             provider_fingerprint)
    leap_config.set_leap_home(leap_home)
    provider = LeapProvider(provider_hostname)
    provider.download_certificate()
    LeapCertificate(provider).setup_ca_bundle()
    provider.download_soledad_json()
    return provider
Exemplo n.º 17
0
def initialize_leap(leap_provider_cert, leap_provider_cert_fingerprint,
                    credentials_file, organization_mode, leap_home):
    init_monkeypatches()
    events_server.ensure_server()
    provider, username, password = credentials.read(organization_mode,
                                                    credentials_file)
    LeapCertificate.set_cert_and_fingerprint(leap_provider_cert,
                                             leap_provider_cert_fingerprint)

    config = LeapConfig(leap_home=leap_home, start_background_jobs=True)
    provider = LeapProvider(provider, config)
    LeapCertificate(provider).setup_ca_bundle()
    leap_session = LeapSessionFactory(provider).create(username, password)

    yield leap_session.initial_sync()

    defer.returnValue(leap_session)
Exemplo n.º 18
0
def register(server_name, username, password, leap_home, provider_cert,
             provider_cert_fingerprint):

    try:
        validate_username(username)
    except ValueError:
        print('Only lowercase letters, digits, . - and _ allowed.')

    if not password:
        password = getpass.getpass('Please enter password for %s: ' % username)

    LeapCertificate.set_cert_and_fingerprint(provider_cert,
                                             provider_cert_fingerprint)
    config = LeapConfig(leap_home=leap_home)
    provider = LeapProvider(server_name, config)
    LeapCertificate(provider).setup_ca_bundle()
    srp_auth = SRPAuth(provider.api_uri,
                       LeapCertificate(provider).provider_api_cert)

    if srp_auth.register(username, password):
        LeapSessionFactory(provider).create(username, password)
    else:
        logger.error("Register failed")
Exemplo n.º 19
0
 def test_fetch_valid_certificate(self):
     with HTTMock(provider_json_mock, ca_cert_mock, not_found_mock):
         provider = LeapProvider('some-provider.test', self.config)
         provider.fetch_valid_certificate()
Exemplo n.º 20
0
 def test_fetch_smtp_json(self):
     with HTTMock(provider_json_mock, smtp_json_mock, not_found_mock):
         provider = LeapProvider("some-provider.test", self.config)
         smtp = provider.fetch_smtp_json()
         self.assertEqual("mx.some-provider.test", smtp.get("hosts").get("leap-mx").get("hostname"))
Exemplo n.º 21
0
 def test_fetch_valid_certificate(self):
     with HTTMock(provider_json_mock, ca_cert_mock, not_found_mock):
         provider = LeapProvider('some-provider.test', self.config)
         provider.fetch_valid_certificate()
Exemplo n.º 22
0
 def test_throw_exception_for_fetch_smtp_status_code(self):
     with HTTMock(provider_json_mock, not_found_mock):
         provider = LeapProvider('some-provider.test', self.config)
         self.assertRaises(HTTPError, provider.fetch_smtp_json)
Exemplo n.º 23
0
 def test_fetch_smtp_json(self):
     with HTTMock(provider_json_mock, smtp_json_mock, not_found_mock):
         provider = LeapProvider('some-provider.test', self.config)
         smtp = provider.fetch_smtp_json()
         self.assertEqual('mx.some-provider.test',
                          smtp.get('hosts').get('leap-mx').get('hostname'))
Exemplo n.º 24
0
    def test_fetch_soledad_json(self):
        with HTTMock(provider_json_mock, soledad_json_mock, not_found_mock):
            provider = LeapProvider('some-provider.test', self.config)
            soledad = provider.fetch_soledad_json()

            self.assertEqual("some value", soledad.get('some key'))
Exemplo n.º 25
0
 def test_fetch_smtp_json(self):
     with HTTMock(provider_json_mock, smtp_json_mock, not_found_mock):
         provider = LeapProvider('some-provider.test', self.config)
         smtp = provider.fetch_smtp_json()
         self.assertEqual('mx.some-provider.test', smtp.get('hosts').get('leap-mx').get('hostname'))
Exemplo n.º 26
0
    def test_fetch_soledad_json(self):
        with HTTMock(provider_json_mock, soledad_json_mock, not_found_mock):
            provider = LeapProvider('some-provider.test', self.config)
            soledad = provider.fetch_soledad_json()

            self.assertEqual("some value", soledad.get('some key'))
Exemplo n.º 27
0
 def test_throw_exception_for_invalid_certificate(self):
     with HTTMock(provider_json_invalid_fingerprint_mock, ca_cert_mock,
                  not_found_mock):
         provider = LeapProvider('some-provider.test', self.config)
         self.assertRaises(Exception, provider.fetch_valid_certificate)
Exemplo n.º 28
0
    if not password:
        password = getpass.getpass('Please enter password for %s: ' % username)

    try:
        validate_username(username)
        validate_password(password)
    except ValueError, e:
        print(e.message)
        sys.exit(1)

    events_server.ensure_server()
    LeapCertificate.set_cert_and_fingerprint(provider_cert,
                                             provider_cert_fingerprint)
    config = LeapConfig(leap_home=leap_home)
    provider = LeapProvider(server_name, config)
    LeapCertificate(provider).setup_ca_bundle()
    srp_auth = SRPAuth(provider.api_uri,
                       LeapCertificate(provider).provider_api_cert)

    if srp_auth.register(username, password):
        LeapSessionFactory(provider).create(username, password)
    else:
        logger.error("Register failed")


def validate_username(username):
    accepted_characters = '^[a-z0-9\-\_\.]*$'
    if (not re.match(accepted_characters, username)):
        raise ValueError('Only lowercase letters, digits, . - and _ allowed.')