def validate_password(self, realm, username, password):
if username != self._user or password is None or password == "":
return False
if self._hashed_password is not None:
return Utils.check_hashed_password(password, self._hashed_password)
elif self._password is not None:
return password == self._password
return False
def validate_service_password(self, realm, username, password):
"""
"""
if username != self._service_user or password is None or password == '':
return False
if self._service_hashed_password is not None:
return Utils.check_hashed_password(password, self._service_hashed_password)
elif self._service_password is not None:
return password == self._service_password
return False
def test_check_hashed_password(self):
# None or empty password should always be rejected
self.assertFalse(Utils.check_hashed_password(None, 'cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e'))
self.assertFalse(Utils.check_hashed_password('', 'cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e'))
# Check some passwords
self.assertTrue(Utils.check_hashed_password('42', '39ca7ce9ecc69f696bf7d20bb23dd1521b641f806cc7a6b724aaa6cdbffb3a023ff98ae73225156b2c6c9ceddbfc16f5453e8fa49fc10e5d96a3885546a46ef4'))
self.assertTrue(Utils.check_hashed_password('very_secure_password', '1245a9633edf47b7091f37c4d294b5be5a9936c81c5359b16d1c4833729965663f1943ef240959c53803fedef7ac19bd59c66ad7e7092d7dbf155ce45884607d'))
self.assertTrue(Utils.check_hashed_password('1245a9633edf47b7091f37c4d294b5be5a9936c81c5359b16d1c4833729965663f1943ef240959c53803fedef7ac19bd59c66ad7e7092d7dbf155ce45884607d', '00faf4a142f087e55edf6e91ea333d9a4bcd9b2d6bba8fab42869c6e00e28a3acba6d5fe3495f037221d633e01b3c7baa6e915028407548f77b5b9710899bfbe'))
# Capital letters in hashed_password must not cause the password to be rejected
self.assertTrue(Utils.check_hashed_password('very_secure_password', '1245A9633EDF47B7091F37C4D294B5BE5A9936C81C5359B16D1C4833729965663F1943EF240959C53803FEDEF7AC19BD59C66AD7E7092D7DBF155CE45884607D'))
# Changing case in password must cause the password to be rejected
self.assertFalse(Utils.check_hashed_password('Very_Secure_Password', '1245a9633edf47b7091f37c4d294b5be5a9936c81c5359b16d1c4833729965663f1943ef240959c53803fedef7ac19bd59c66ad7e7092d7dbf155ce45884607d'))
def test_check_hashed_password(self):
# None or empty password should always be rejected
self.assertFalse(Utils.check_hashed_password(None, 'cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e'))
self.assertFalse(Utils.check_hashed_password('', 'cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e'))
# Check some passwords
self.assertTrue(Utils.check_hashed_password('42', '39ca7ce9ecc69f696bf7d20bb23dd1521b641f806cc7a6b724aaa6cdbffb3a023ff98ae73225156b2c6c9ceddbfc16f5453e8fa49fc10e5d96a3885546a46ef4'))
self.assertTrue(Utils.check_hashed_password('very_secure_password', '1245a9633edf47b7091f37c4d294b5be5a9936c81c5359b16d1c4833729965663f1943ef240959c53803fedef7ac19bd59c66ad7e7092d7dbf155ce45884607d'))
self.assertTrue(Utils.check_hashed_password('1245a9633edf47b7091f37c4d294b5be5a9936c81c5359b16d1c4833729965663f1943ef240959c53803fedef7ac19bd59c66ad7e7092d7dbf155ce45884607d', '00faf4a142f087e55edf6e91ea333d9a4bcd9b2d6bba8fab42869c6e00e28a3acba6d5fe3495f037221d633e01b3c7baa6e915028407548f77b5b9710899bfbe'))
# Capital letters in hashed_password must not cause the password to be rejected
self.assertTrue(Utils.check_hashed_password('very_secure_password', '1245A9633EDF47B7091F37C4D294B5BE5A9936C81C5359B16D1C4833729965663F1943EF240959C53803FEDEF7AC19BD59C66AD7E7092D7DBF155CE45884607D'))
# Changing case in password must cause the password to be rejected
self.assertFalse(Utils.check_hashed_password('Very_Secure_Password', '1245a9633edf47b7091f37c4d294b5be5a9936c81c5359b16d1c4833729965663f1943ef240959c53803fedef7ac19bd59c66ad7e7092d7dbf155ce45884607d'))
def __process_password(self, cmd):
"""
Process entered password
:param cmd: entered password
"""
self.__push_password_finished()
if Utils.check_hashed_password(cmd, self.hashed_password):
self.logger.debug("CLI: {0} Authorization succeeded".format(
self.source))
self.__push_helpmessage()
self.__push_command_prompt()
return
else:
self.logger.debug("CLI: {0} Authorization failed".format(
self.source))
self.push("Authorization failed. Bye\n")
self.close()
return
