def refresh():
"""
Refreshes an active configuration. The token is refreshed if expired, and a new token is obtained if the token
is invalid.
"""
uuid, auth_url, metadata = get_storage(check=True)
token, token_endpoint, auth_endpoint, api_url, display_name, support_contact, profile_id, con_type, country_id, _, _ = metadata
oauth = OAuth2Session(client_id=CLIENT_ID,
token=token,
auto_refresh_url=token_endpoint)
try:
token = oauth.refresh_token(token_url=token_endpoint)
except InvalidGrantError as e:
_logger.warning(f"token invalid: {e}")
oauth = oauth2.run_challenge(token_endpoint, auth_endpoint)
api_base_uri, token_endpoint, auth_endpoint = get_info(auth_url)
client = get_client()
try:
cert, key = get_cert_key(client, uuid)
except IOError:
# probably the NM connection was deleted
cert = None
if not cert or not check_certificate(oauth, api_base_uri, cert):
key, cert = create_keypair(oauth, api_base_uri)
config = get_config(oauth, api_base_uri, profile_id)
save_connection_with_mainloop(config, key, cert)
update_token(token)
def get_config_and_keycert(oauth: OAuth2Session, api_url: str,
profile_id: str) -> Tuple[str, str, str]:
config = get_config(oauth, api_url, profile_id)
private_key, certificate = create_keypair(oauth, api_url)
return config, private_key, certificate
def main():
logging.basicConfig(level=logging.INFO)
search_term = parse_args()
verifier = make_verifier(Ed25519_PUBLIC_KEY)
if isinstance(search_term,
str) and search_term.lower().startswith('https://'):
base_url = search_term
info_url = base_url
else:
servers = list_servers(SERVER_URI, verifier=verifier)
secure_internet = [
s for s in servers if s['server_type'] == 'secure_internet'
]
institute_access = [
s for s in servers if s['server_type'] == 'institute_access'
]
orgs = list_orgs(ORGANISATION_URI, verifier=verifier)
choice = menu(institutes=institute_access,
orgs=orgs,
search_term=search_term)
if not choice:
exit(1)
type_, base_url = choice
if type_ == 'secure_internet_home':
secure_internets = [
s for s in secure_internet if s['base_url'] == base_url
]
info_url = secure_internet_choice(secure_internets)
else:
info_url = base_url
exists = get_entry(base_url)
if exists:
token, api_base_uri, token_endpoint, authorization_endpoint = exists
oauth = OAuth2Session(client_id=CLIENT_ID,
token=token,
auto_refresh_url=token_endpoint)
else:
api_base_uri, token_endpoint, auth_endpoint = get_info(
info_url, verifier)
oauth = get_oauth(token_endpoint, auth_endpoint)
set_entry(base_url, oauth.token, api_base_uri, token_endpoint,
auth_endpoint)
oauth.refresh_token(token_url=token_endpoint)
profiles = list_profiles(oauth, api_base_uri)
profile_id = profile_choice(profiles)
config = get_config(oauth, api_base_uri, profile_id)
private_key, certificate = create_keypair(oauth, api_base_uri)
if write_to_nm_choice():
save_connection(config, private_key, certificate)
else:
target = Path('eduVPN.ovpn').resolve()
print(f"Writing configuration to {target}")
write_config(config, private_key, certificate, target)