Ejemplo n.º 1
0
def otp_verify(uid, otp):
    import sys, os, re
    import urllib2

    target = People.by_id(uid)
    configs = get_configs(Configs.query.filter_by(person_id=target.id, application='yubikey').all())

    if not otp.startswith(configs['prefix']):
      raise AuthException('Unauthorized/Invalid OTP')


    server_prefix = 'http://localhost/yk-val/verify?id='
    auth_regex = re.compile('^status=(?P<rc>\w{2})')

    server_url = server_prefix + client_id + "&otp=" + otp

    fh = urllib2.urlopen(server_url)

    for line in fh:
      match = auth_regex.search(line.strip('\n'))
      if match:
        if match.group('rc') == 'OK':
          return
        else:
          raise AuthException(line.split('=')[1])
        break

    turbogears.redirect('/yubikey/')
    return dict()
Ejemplo n.º 2
0
def otp_verify(uid, otp):
    import sys, os, re
    import urllib2

    target = People.by_id(uid)
    configs = get_configs(
        Configs.query.filter_by(person_id=target.id,
                                application='yubikey').all())

    if not otp.startswith(configs['prefix']):
        raise AuthException('Unauthorized/Invalid OTP')

    server_prefix = 'http://localhost/yk-val/verify?id='
    auth_regex = re.compile('^status=(?P<rc>\w{2})')

    server_url = server_prefix + client_id + "&otp=" + otp

    fh = urllib2.urlopen(server_url)

    for line in fh:
        match = auth_regex.search(line.strip('\n'))
        if match:
            if match.group('rc') == 'OK':
                return
            else:
                raise AuthException(line.split('=')[1])
            break

    turbogears.redirect('/yubikey/')
    return dict()
Ejemplo n.º 3
0
 def person_by_id(self, person_id):
     try:
         person = People.by_id(person_id)
         person_data = person.filter_private()
         person_data['approved_memberships'] = list(person.approved_memberships)
         person_data['unapproved_memberships'] = list(person.unapproved_memberships)
         return dict(success=True, person=person_data)
     except InvalidRequestError:
         return dict(success=False)
Ejemplo n.º 4
0
 def person_by_id(self, person_id):
     try:
         person = People.by_id(person_id)
         person_data = person.filter_private()
         person_data['approved_memberships'] = list(
             person.approved_memberships)
         person_data['unapproved_memberships'] = list(
             person.unapproved_memberships)
         return dict(success=True, person=person_data)
     except InvalidRequestError:
         return dict(success=False)
Ejemplo n.º 5
0
 def dump(self):
     dump_list = []
     person = People.by_username(identity.current.user_name)
     if identity.in_group(admin_group) or \
         identity.in_group(system_group):
         yubikey_attrs = {}
         for attr in Configs.query.filter_by(application='yubikey').all():
             if attr.person_id not in yubikey_attrs:
                 yubikey_attrs[attr.person_id] = {}
             yubikey_attrs[attr.person_id][attr.attribute] = attr.value
         for user_id in yubikey_attrs:
             if yubikey_attrs[user_id]['enabled'] == u'1':
                 dump_list.append('%s:%s' % (People.by_id(user_id).username, yubikey_attrs[user_id]['prefix']))
         return '\n'.join(dump_list)
     return '# Sorry, must be in an admin group to get these'
Ejemplo n.º 6
0
 def dump(self):
     dump_list = []
     person = People.by_username(identity.current.user_name)
     if identity.in_group(admin_group) or \
         identity.in_group(system_group):
         yubikey_attrs = {}
         for attr in Configs.query.filter_by(application='yubikey').all():
             if attr.person_id not in yubikey_attrs:
                 yubikey_attrs[attr.person_id] = {}
             yubikey_attrs[attr.person_id][attr.attribute] = attr.value
         for user_id in yubikey_attrs:
             if yubikey_attrs[user_id]['enabled'] == u'1':
                 dump_list.append('%s:%s' % (People.by_id(user_id).username, yubikey_attrs[user_id]['prefix']))
         return '\n'.join(dump_list)
     return '# Sorry, must be in an admin group to get these'