Python get_tokenlabel Beispiele

Beispiel #1

Datei: apps.py Projekt: alexxtasi/LinOTP

def create_google_authenticator_url(user, realm, key, type="hmac", serial=""):
    '''
    This creates the google authenticator URL.
    This url may only be 119 characters long.
    Otherwise we qrcode.js can not create the qrcode.
    If the URL would be longer, we shorten the username

    We expect the key to be hexlified!
    '''
    # policy depends on some lib.util

    if "hmac" == type.lower():
        type = "hotp"

    label = ""

    key_bin = binascii.unhexlify(key)
    # also strip the padding =, as it will get problems with the google app.
    otpkey = base64.b32encode(key_bin).strip('=')

    #'url' : "otpauth://hotp/%s?secret=%s&counter=0" % ( user@realm, otpkey )
    base_len = len("otpauth://%s/?secret=%s&counter=0" % (type, otpkey))
    max_len = 119
    allowed_label_len = max_len - base_len
    log.debug("[create_google_authenticator_url] we got %s characters left for the token label" % str(allowed_label_len))

    label = get_tokenlabel(user, realm, serial)
    label = label[0:allowed_label_len]

    url_label = quote(label)

    return "otpauth://%s/%s?secret=%s&counter=0" % (type, url_label, otpkey)

Beispiel #2

Datei: apps.py Projekt: RDLM-01/Elm

def create_google_authenticator_url(user, realm, key, type="hmac", serial=""):
    '''
    This creates the google authenticator URL.
    This url may only be 119 characters long.
    Otherwise we qrcode.js can not create the qrcode.
    If the URL would be longer, we shorten the username

    We expect the key to be hexlified!
    '''
    # policy depends on some lib.util

    if "hmac" == type.lower():
        type = "hotp"

    label = ""

    key_bin = binascii.unhexlify(key)
    # also strip the padding =, as it will get problems with the google app.
    otpkey = base64.b32encode(key_bin).strip('=')

    #'url' : "otpauth://hotp/%s?secret=%s&counter=0" % ( user@realm, otpkey )
    base_len = len("otpauth://%s/?secret=%s&counter=0" % (type, otpkey))
    max_len = 119
    allowed_label_len = max_len - base_len
    log.debug(
        "[create_google_authenticator_url] we got %s characters left for the token label"
        % str(allowed_label_len))

    label = get_tokenlabel(user, realm, serial)
    label = label[0:allowed_label_len]

    url_label = quote(label)

    return "otpauth://%s/%s?secret=%s&counter=0" % (type, url_label, otpkey)

Beispiel #3

def create_google_authenticator(param: dict, user=None) -> str:
    """Create the google url from the parameters

    :param param: dict containing the parameters
    :param user: the user to which the token should be assigned
    :return: the google authenticator url
    """

    serial = param["serial"]
    login = user and user.login or param.get("user.login", "")
    realm = user and user.realm or param.get("user.realm", "")
    description = param.get("description", "")

    token_label = get_tokenlabel(
        serial=serial, user=login, realm=realm, description=description
    )

    issuer = get_tokenissuer(
        serial=serial, user=login, realm=realm, description=description
    )

    # --------------------------------------------------------------------- --

    # as the issuer is also used as an url parameter,
    # we add it to the parameters

    param["issuer"] = issuer

    # build the label, which is defined as:
    #   label = accountname / issuer (“:” / “%3A”) *”%20” accountname

    label = quote(issuer) + ":" + quote(token_label)

    return google_authenticator_url(label, param)

Beispiel #4

    def test_get_tokenlabel_wo_policy(self, mock__get_client,
                                      mock_has_client_policy):

        mock__get_client.return_value = "localhost"
        mock_has_client_policy.return_value = {}

        res = get_tokenlabel(serial="123")
        assert res == "123"

        res = get_tokenlabel(serial="123", user="******")
        assert res == "hugo"

        res = get_tokenlabel(serial="123", user="******", realm="home")
        assert res == "hugo"

        res = get_tokenlabel(serial="123",
                             user="******",
                             realm="home",
                             description="nothing")
        assert res == "hugo"

Beispiel #5

    def test_get_tokenlabel_w_policy(self, mock__get_client,
                                     mock_has_client_policy,
                                     mock_get_action_value):

        mock__get_client.return_value = "localhost"
        mock_has_client_policy.return_value = {}
        mock_get_action_value.return_value = "<d>.<r>.<u>.<s>"

        res = get_tokenlabel(serial="!")
        assert res == "...!"

        res = get_tokenlabel(serial="!", user="******")
        assert res == "..matters.!"

        res = get_tokenlabel(serial="!", user="******", realm="else")
        assert res == ".else.matters.!"

        res = get_tokenlabel(serial="!",
                             user="******",
                             realm="else",
                             description="nothing")
        assert res == "nothing.else.matters.!"

Beispiel #6

Datei: apps.py Projekt: smartree/LinOTP

def create_oathtoken_url(user, realm, otpkey, type="hmac", serial=""):
    # 'url' : 'oathtoken:///addToken?name='+serial +
    #                '&key='+otpkey+
    #                '&timeBased=false&counter=0&numDigites=6&lockdown=true',

    timebased = ""
    if "totp" == type.lower():
        timebased = "&timeBased=true"

    label = get_tokenlabel(user, realm, serial)
    url_label = quote(label)

    url = "oathtoken:///addToken?name=%s&lockdown=true&key=%s%s" % (
        url_label, otpkey, timebased)
    return url

Beispiel #7

def create_oathtoken_url(user, realm, otpkey, type="hmac", serial=""):
    # 'url' : 'oathtoken:///addToken?name='+serial +
    #                '&key='+otpkey+
    #                '&timeBased=false&counter=0&numDigites=6&lockdown=true',

    timebased = ""
    if "totp" == type.lower():
        timebased = "&timeBased=true"

    label = get_tokenlabel(user, realm, serial)
    url_label = quote(label)

    url = "oathtoken:///addToken?name=%s&lockdown=true&key=%s%s" % (
                                                                  url_label,
                                                                  otpkey,
                                                                  timebased
                                                                  )
    return url

Beispiel #8

def create_google_authenticator(param, user=None):
    '''
    create url for google authenticator

    :param param: request dictionary
    :return: string with google url
    '''

    typ = param.get("type", 'hotp')
    if typ.lower() == 'hmac':
        typ = 'hotp'

    if not typ.lower() in ['totp', 'hotp']:
        raise NoOtpAuthTokenException('not supported otpauth token type: %r'
                                      % typ)

    serial = param.get("serial", None)
    digits = param.get("otplen", '6')
    otpkey = param.get("otpkey", None)

    login = ''
    realm = ''

    if user:
        login = user.login or ''
        realm = user.realm or ''

    login = login or param.get('user.login', '')
    realm = realm or param.get('user.realm', '')

    url_param = {}

    if not otpkey:
        raise Exception('Failed to create token url due to missing seed!')
    key = base64.b32encode(binascii.unhexlify(otpkey))
    key = key.strip("=")

    algo = param.get("hashlib", "sha1") or "sha1"
    algo = algo.upper()
    if algo not in['SHA1', 'SHA256', 'SHA512', 'MD5']:
        algo = 'SHA1'

    if algo != 'SHA1':
        url_param['algorithm'] = algo

    url_param['secret'] = key

    # dont add default
    if digits != '6':
        url_param['digits'] = digits

    if typ not in ['totp']:
        url_param['counter'] = 0

    if 'timeStep' in param:
        url_param['period'] = param.get('timeStep')

    issuer = get_tokenissuer(login, realm, serial)
    if issuer:
        url_param['issuer'] = quote(issuer)

    ga = "otpauth://%s/%s" % (typ, serial)
    qg_param = urllib.urlencode(url_param)

    base_len = len(ga) + len(qg_param)
    max_len = 400

    allowed_label_len = max_len - base_len
    log.debug("[create_google_authenticator_url] we got %s characters"
              " left for the token label" % str(allowed_label_len))

    # show the user login in the token prefix
    if len(login) > 0:
        label = get_tokenlabel(login, realm, serial)
        if len(param.get('description', '')) > 0 and '<d>' in label:
            label = label.replace('<d>', param.get('description'))

    else:
        label = serial or ''
        if len(param.get('description', '')) > 0:
            label = label + ':' + param.get('description')

    if issuer:
        label = issuer + ':' + label
    label = label[0:allowed_label_len]
    url_label = quote(label, ':')

    ga = "otpauth://%s/%s?%s" % (typ, url_label, qg_param)
    log.debug("google authenticator: %r" % ga[:20])
    return ga

Beispiel #9

def create_google_authenticator(param, user=None):
    '''
    create url for google authenticator

    :param param: request dictionary
    :return: string with google url
    '''

    typ = param.get("type", 'hotp')
    if typ.lower() == 'hmac':
        typ = 'hotp'

    if not typ.lower() in ['totp', 'hotp']:
        raise NoOtpAuthTokenException('not supported otpauth token type: %r'
                                      % typ)

    serial = param.get("serial", None)
    digits = param.get("otplen", '6')
    otpkey = param.get("otpkey", None)

    login = ''
    realm = ''

    if user:
        login = user.login or ''
        realm = user.realm or ''

    login = login or param.get('user.login', '')
    realm = realm or param.get('user.realm', '')

    url_param = {}

    if not otpkey:
        raise Exception('Failed to create token url due to missing seed!')
    key = base64.b32encode(binascii.unhexlify(otpkey))
    key = key.strip("=")

    algo = param.get("hashlib", "sha1") or "sha1"
    algo = algo.upper()
    if algo not in['SHA1', 'SHA256', 'SHA512', 'MD5']:
        algo = 'SHA1'

    if algo != 'SHA1':
        url_param['algorithm'] = algo

    url_param['secret'] = key

    # dont add default
    if digits != '6':
        url_param['digits'] = digits

    if typ not in ['totp']:
        url_param['counter'] = 0

    if 'timeStep' in param:
        url_param['period'] = param.get('timeStep')

    issuer = get_tokenissuer(login, realm, serial)
    if issuer:
        url_param['issuer'] = quote(issuer)

    ga = "otpauth://%s/%s" % (typ, serial)
    qg_param = urllib.urlencode(url_param)

    base_len = len(ga) + len(qg_param)
    max_len = 400

    allowed_label_len = max_len - base_len
    log.debug("[create_google_authenticator_url] we got %s characters"
              " left for the token label" % str(allowed_label_len))

    # show the user login in the token prefix
    if len(login) > 0:
        label = get_tokenlabel(login, realm, serial)
        if len(param.get('description', '')) > 0 and '<d>' in label:
            label = label.replace('<d>', param.get('description'))

    else:
        label = serial or ''
        if len(param.get('description', '')) > 0:
            label = label + ':' + param.get('description')

    if issuer:
        label = issuer + ':' + label
    label = label[0:allowed_label_len]
    url_label = quote(label, ':')

    ga = "otpauth://%s/%s?%s" % (typ, url_label, qg_param)
    log.debug("google authenticator: %r" % ga[:20])
    return ga