Beispiel #1
0
    def check_status(self):
        """
        check the status of a transaction - for polling support
        """

        try:

            param = self.request_params

            #
            # we require either state or transactionid as parameter

            transid = param.get('state', param.get('transactionid', None))
            if not transid:
                raise ParameterError(_('Missing required parameter "state" or '
                                     '"transactionid"!'))

            #
            # serial is an optional parameter

            serial = param.get('serial', None)

            # user is an optional parameter:
            # if no 'user' in the parameters, the User object will be empty
            user = getUserFromParam(param)

            passw = param.get('pass')
            if passw is None:
                raise ParameterError(_('Missing required parameter "pass"!'))

            use_offline = param.get('use_offline', False)

            va = ValidationHandler()
            ok, opt = va.check_status(transid=transid, user=user,
                                      serial=serial, password=passw,
                                      use_offline=use_offline)

            c.audit['success'] = ok
            c.audit['info'] = str(opt)

            Session.commit()
            return sendResult(response, ok, 0, opt=opt)

        except Exception as exx:
            log.exception("check_status failed: %r" % exx)
            c.audit['info'] = str(exx)
            Session.rollback()
            return sendResult(response, False, 0)

        finally:
            Session.close()
Beispiel #2
0
    def index(self):
        '''
        This is the redirect to the first template
        '''

        c.title = _("LinOTP Self Service")
        return render('selfservice/base.mako')
Beispiel #3
0
def _getTokenTypes():
    '''
        _getTokenTypes - retrieve the list of dynamic tokens and their title section

        :return: dict with token type and title
        :rtype:  dict
    '''

    tinfo = {}

    for tclass_object in set(tokenclass_registry.values()):
        tok = tclass_object.getClassType()
        if hasattr(tclass_object, 'getClassInfo'):
            tinfo[tok] = _(tclass_object.getClassInfo('title') or tok)

    return tinfo
Beispiel #4
0
    def login(self):
        '''
        render the selfservice login page
        '''

        c.title = _("LinOTP Self Service Login")

        # ------------------------------------------------------------------ --

        # prepare the realms and put the default realm on the top

        defaultRealm = getDefaultRealm()
        realmArray = [defaultRealm]

        for realm in getRealms():
            if realm != defaultRealm:
                realmArray.append(realm)

        # ------------------------------------------------------------------ --

        # prepare the global context c for the rendering context

        c.defaultRealm = defaultRealm
        c.realmArray = realmArray

        c.realmbox = getRealmBox()

        context = get_pre_context(c.audit['client'])

        mfa_login = context['mfa_login']
        mfa_3_fields = context['mfa_3_fields']

        c.otp = False
        c.mfa_3_fields = False
        if mfa_login and mfa_3_fields:
            c.mfa_3_fields = True

        response = Response(render('/selfservice/login.mako'))

        if request.cookies.get('user_selfservice'):
            remove_auth_cookie(request.cookies.get('user_selfservice'))
            response.delete_cookie('user_selfservice')

        return response
Beispiel #5
0
def setDefaultProvider(provider_type, provider_name):
    """
    interface to set the default provider wo. storing the provider

    :param provider_type: the type of the provider: sms or email
    :param provider_name: the name of the provider - must exist
    :return: boolean, success of storing default provider information
    """
    res = False
    detail = {}

    providers = getProvider(provider_type, provider_name)
    if provider_name in providers or provider_name == Legacy_Provider_Name:
        default_provider_key = Default_Provider_Key[provider_type]
        storeConfig(key=default_provider_key, val=provider_name)
        res = True
    else:
        detail = {'message': _('Unknown provider! %r') % provider_name}
    return res, detail
Beispiel #6
0
def delProvider(provider_type, provider_name):
    """
    delete a provider

    :param provider_type: the type of Provider: push, sms or email
    :param provider_name: the name of the provider

    :return: the number of deleted entries
    """
    detail = {}

    prefix = Provider_types.get(provider_type, {}).get('prefix')
    if not prefix:
        raise Exception('unknown provider type %r' % provider_type)

    # find out, which providers we have
    config = getLinotpConfig()

    # if the provider is the default one, we don't delete this one
    default_provider_key = Default_Provider_Key[provider_type]
    if default_provider_key in config:
        default_provider = config[default_provider_key]

        if provider_name == default_provider:
            detail = {'message': _('Default provider could not be deleted!')}
            ret = 0
            return ret, detail

    # check that there are no references left
    provider_policies = _lookup_provider_policies(provider_type)
    if provider_name in provider_policies:
        detail = {
            'message': (_('Unable to delete - provider used in '
                          'policies!\n[%s]') %
                        ','.join(provider_policies[provider_name]))
            }
        ret = 0
        return ret, detail

    del_entries = set()
    provider = prefix + provider_name

    # treat backward default legacy case
    if provider_name == Legacy_Provider_Name:
        entries = Legacy_Provider.get(provider_type, {})
        for entry in list(entries.keys()):
            if entry in config:
                del_entries.add(entry)

    if not del_entries:
        # first delete the provider root entry
        if provider in config:
            del_entries.add(provider)

        # now lookup the all decent entries
        provider_prefix = provider + '.'
        for key in list(config.keys()):
            if key[:len(provider_prefix)] == provider_prefix:
                del_entries.add(key)

    # when all entries are gathered, we can now delete them all
    for del_entry in del_entries:
        removeFromConfig(del_entry)

    ret = len(del_entries)

    return ret, detail