def check_status(self):
"""
check the status of a transaction - for polling support
"""
try:
param = self.request_params
#
# we require either state or transactionid as parameter
transid = param.get('state', param.get('transactionid', None))
if not transid:
raise ParameterError(_('Missing required parameter "state" or '
'"transactionid"!'))
#
# serial is an optional parameter
serial = param.get('serial', None)
# user is an optional parameter:
# if no 'user' in the parameters, the User object will be empty
user = getUserFromParam(param)
passw = param.get('pass')
if passw is None:
raise ParameterError(_('Missing required parameter "pass"!'))
use_offline = param.get('use_offline', False)
va = ValidationHandler()
ok, opt = va.check_status(transid=transid, user=user,
serial=serial, password=passw,
use_offline=use_offline)
c.audit['success'] = ok
c.audit['info'] = str(opt)
Session.commit()
return sendResult(response, ok, 0, opt=opt)
except Exception as exx:
log.exception("check_status failed: %r" % exx)
c.audit['info'] = str(exx)
Session.rollback()
return sendResult(response, False, 0)
finally:
Session.close()
def index(self):
'''
This is the redirect to the first template
'''
c.title = _("LinOTP Self Service")
return render('selfservice/base.mako')
def _getTokenTypes():
'''
_getTokenTypes - retrieve the list of dynamic tokens and their title section
:return: dict with token type and title
:rtype: dict
'''
tinfo = {}
for tclass_object in set(tokenclass_registry.values()):
tok = tclass_object.getClassType()
if hasattr(tclass_object, 'getClassInfo'):
tinfo[tok] = _(tclass_object.getClassInfo('title') or tok)
return tinfo
def login(self):
'''
render the selfservice login page
'''
c.title = _("LinOTP Self Service Login")
# ------------------------------------------------------------------ --
# prepare the realms and put the default realm on the top
defaultRealm = getDefaultRealm()
realmArray = [defaultRealm]
for realm in getRealms():
if realm != defaultRealm:
realmArray.append(realm)
# ------------------------------------------------------------------ --
# prepare the global context c for the rendering context
c.defaultRealm = defaultRealm
c.realmArray = realmArray
c.realmbox = getRealmBox()
context = get_pre_context(c.audit['client'])
mfa_login = context['mfa_login']
mfa_3_fields = context['mfa_3_fields']
c.otp = False
c.mfa_3_fields = False
if mfa_login and mfa_3_fields:
c.mfa_3_fields = True
response = Response(render('/selfservice/login.mako'))
if request.cookies.get('user_selfservice'):
remove_auth_cookie(request.cookies.get('user_selfservice'))
response.delete_cookie('user_selfservice')
return response
def setDefaultProvider(provider_type, provider_name):
"""
interface to set the default provider wo. storing the provider
:param provider_type: the type of the provider: sms or email
:param provider_name: the name of the provider - must exist
:return: boolean, success of storing default provider information
"""
res = False
detail = {}
providers = getProvider(provider_type, provider_name)
if provider_name in providers or provider_name == Legacy_Provider_Name:
default_provider_key = Default_Provider_Key[provider_type]
storeConfig(key=default_provider_key, val=provider_name)
res = True
else:
detail = {'message': _('Unknown provider! %r') % provider_name}
return res, detail
def delProvider(provider_type, provider_name):
"""
delete a provider
:param provider_type: the type of Provider: push, sms or email
:param provider_name: the name of the provider
:return: the number of deleted entries
"""
detail = {}
prefix = Provider_types.get(provider_type, {}).get('prefix')
if not prefix:
raise Exception('unknown provider type %r' % provider_type)
# find out, which providers we have
config = getLinotpConfig()
# if the provider is the default one, we don't delete this one
default_provider_key = Default_Provider_Key[provider_type]
if default_provider_key in config:
default_provider = config[default_provider_key]
if provider_name == default_provider:
detail = {'message': _('Default provider could not be deleted!')}
ret = 0
return ret, detail
# check that there are no references left
provider_policies = _lookup_provider_policies(provider_type)
if provider_name in provider_policies:
detail = {
'message': (_('Unable to delete - provider used in '
'policies!\n[%s]') %
','.join(provider_policies[provider_name]))
}
ret = 0
return ret, detail
del_entries = set()
provider = prefix + provider_name
# treat backward default legacy case
if provider_name == Legacy_Provider_Name:
entries = Legacy_Provider.get(provider_type, {})
for entry in list(entries.keys()):
if entry in config:
del_entries.add(entry)
if not del_entries:
# first delete the provider root entry
if provider in config:
del_entries.add(provider)
# now lookup the all decent entries
provider_prefix = provider + '.'
for key in list(config.keys()):
if key[:len(provider_prefix)] == provider_prefix:
del_entries.add(key)
# when all entries are gathered, we can now delete them all
for del_entry in del_entries:
removeFromConfig(del_entry)
ret = len(del_entries)
return ret, detail