def token(ttype=None): """ This is a special token function. Each token type can define an additional API call, that does not need authentication on the REST API level. :return: Token Type dependent """ tokenc = get_token_class(ttype) res = tokenc.api_endpoint(request, g) serial = getParam(request.all_data, "serial") user = get_user_from_param(request.all_data) g.audit_object.log({ "success": 1, "user": user.login, "realm": user.realm, "serial": serial, "token_type": ttype }) if res[0] == "json": return jsonify(res[1]) elif res[0] in ["html", "plain"]: return current_app.response_class(res[1], mimetype="text/{0!s}".format(res[0])) elif len(res) == 2: return current_app.response_class(json.dumps(res[1]), mimetype="application/{0!s}".format( res[0])) else: return current_app.response_class(res[1], mimetype="application/octet-binary", headers=res[2])
def token(ttype=None): """ This is a special token function. Each token type can define an additional API call, that does not need authentication on the REST API level. :return: Token Type dependent """ tokenc = get_token_class(ttype) res = tokenc.api_endpoint(request, g) serial = getParam(request.all_data, "serial") user = get_user_from_param(request.all_data) g.audit_object.log({"success": 1, "user": user.login, "realm": user.realm, "serial": serial, "token_type": ttype}) if res[0] == "json": return jsonify(res[1]) elif res[0] in ["html", "plain"]: return Response(res[1], mimetype="text/{0!s}".format(res[0])) elif len(res) == 2: return Response(json.dumps(res[1]), mimetype="application/{0!s}".format(res[0])) else: return Response(res[1], mimetype="application/octet-binary", headers=res[2])
def parseOATHcsv(csv): ''' (#653) This function parses CSV data for oath token. The file format is serial, key, [hotp,totp], [6,8], [30|60], serial, key, ocra, [ocra-suite] It imports sha1 hotp or totp token. I can also import ocra token. The default is hotp if totp is set, the default seconds are 30 if ocra is set, an ocra-suite is required, otherwise the default ocra-suite is used. It returns a dictionary: { serial: { 'type' : xxxx, 'otpkey' : xxxx, 'timeStep' : xxxx, 'otplen' : xxx, 'ocrasuite' : xxx } } ''' TOKENS = {} csv_array = csv.split('\n') log.debug("the file contains {0:d} tokens.".format(len(csv_array))) for line in csv_array: l = line.split(',') serial = l[0].strip() # check for empty line if len(serial) > 0 and not serial.startswith('#'): if len(l) < 2: log.error( "the line {0!s} did not contain a hotp key".format(line)) continue # ttype if len(l) == 2: # No tokentype, take the default "hotp" l.append("hotp") ttype = l[2].strip().lower() tok_class = get_token_class(ttype) params = tok_class.get_import_csv(l) log.debug("read the line {0!s}".format(params)) TOKENS[serial] = params return TOKENS
def init_token_defaults(request=None, action=None): """ This policy function is used as a decorator for the API init function. Depending on policy settings it can add token specific default values like totp_hashlib, hotp_hashlib, totp_otplen... """ params = request.all_data ttype = params.get("type") or "hotp" token_class = get_token_class(ttype) default_settings = token_class.get_default_settings( params, g.logged_in_user, g.policy_object, g.client_ip) log.debug("Adding default settings {0!s} for token type {1!s}".format( default_settings, ttype)) request.all_data.update(default_settings) return True
def token(ttype=None): """ This is a special token function. Each token type can define an additional API call, that does not need authentication on the REST API level. :return: Token Type dependent """ tokenc = get_token_class(ttype) res = tokenc.api_endpoint(request.all_data) serial = getParam(request.all_data, "serial") user = get_user_from_param(request.all_data) g.audit_object.log({"success": 1, "user": user, "serial": serial, "tokentype": ttype}) if res[0] == "json": return jsonify(res[1]) elif res[0] == "text": return Response(res[1])
def init_token_defaults(request=None, action=None): """ This policy function is used as a decorator for the API init function. Depending on policy settings it can add token specific default values like totp_hashlib, hotp_hashlib, totp_otplen... """ params = request.all_data ttype = params.get("type") or "hotp" token_class = get_token_class(ttype) default_settings = token_class.get_default_settings(params, g.logged_in_user, g.policy_object, g.client_ip) log.debug("Adding default settings {0!s} for token type {1!s}".format( default_settings, ttype)) request.all_data.update(default_settings) return True
def token(ttype=None): """ This is a special token function. Each token type can define an additional API call, that does not need authentication on the REST API level. :return: Token Type dependent """ tokenc = get_token_class(ttype) res = tokenc.api_endpoint(request, g) serial = getParam(request.all_data, "serial") user = get_user_from_param(request.all_data) g.audit_object.log({ "success": 1, "user": user, "serial": serial, "tokentype": ttype }) if res[0] == "json": return jsonify(res[1]) elif res[0] in ["html", "plain"]: return Response(res[1], mimetype="text/{0!s}".format(res[0]))
def parseOATHcsv(csv): ''' (#653) This function parses CSV data for oath token. The file format is serial, key, [hotp,totp], [6,8], [30|60], serial, key, ocra, [ocra-suite] serial, key, tan, tan1 tan2 tan3 tan4 It imports sha1 hotp or totp token. I can also import ocra token. The default is hotp if totp is set, the default seconds are 30 if ocra is set, an ocra-suite is required, otherwise the default ocra-suite is used. It returns a dictionary: { serial: { 'type' : xxxx, 'otpkey' : xxxx, 'timeStep' : xxxx, 'otplen' : xxx, 'ocrasuite' : xxx } } ''' TOKENS = {} version = 0 csv_array = csv.split('\n') m = re.match(r"^#\s*version:\s*(\d+)", csv_array[0]) if m: version = m.group(1) log.debug("the file is version {0}.".format(version)) log.debug("the file contains {0:d} lines.".format(len(csv_array))) for line in csv_array: # Do not parse comment lines if line.startswith("#"): continue l = line.split(',') # Do not parse emtpy lines, it could be [] or [''] if len(l) <= 1: continue # Import the user user = {} if version == "2": # extract the user from the first three columns user["username"] = l.pop(0).strip() user["resolver"] = l.pop(0).strip() user["realm"] = l.pop(0).strip() # check for empty serial serial = l[0].strip() if len(serial) > 0: if len(l) < 2: log.error("the line {0!s} did not contain a hotp key".format(line)) continue # ttype if len(l) == 2: # No tokentype, take the default "hotp" l.append("hotp") ttype = l[2].strip().lower() tok_class = get_token_class(ttype) params = tok_class.get_import_csv(l) log.debug("read the line {0!s}".format(params)) params["user"] = user TOKENS[serial] = params return TOKENS
def parseOATHcsv(csv): ''' (#653) This function parses CSV data for oath token. The file format is serial, key, [hotp,totp], [6,8], [30|60], serial, key, ocra, [ocra-suite] serial, key, tan, tan1 tan2 tan3 tan4 It imports sha1 hotp or totp token. I can also import ocra token. The default is hotp if totp is set, the default seconds are 30 if ocra is set, an ocra-suite is required, otherwise the default ocra-suite is used. It returns a dictionary: { serial: { 'type' : xxxx, 'otpkey' : xxxx, 'timeStep' : xxxx, 'otplen' : xxx, 'ocrasuite' : xxx } } ''' TOKENS = {} version = 0 csv_array = csv.split('\n') m = re.match("^#\s*version:\s*(\d+)", csv_array[0]) if m: version = m.group(1) log.debug("the file is version {0}.".format(version)) log.debug("the file contains {0:d} lines.".format(len(csv_array))) for line in csv_array: # Do not parse comment lines if line.startswith("#"): continue l = line.split(',') # Do not parse emtpy lines, it could be [] or [''] if len(l) <= 1: continue # Import the user user = {} if version == "2": # extract the user from the first three columns user["username"] = l.pop(0).strip() user["resolver"] = l.pop(0).strip() user["realm"] = l.pop(0).strip() # check for empty serial serial = l[0].strip() if len(serial) > 0: if len(l) < 2: log.error( "the line {0!s} did not contain a hotp key".format(line)) continue # ttype if len(l) == 2: # No tokentype, take the default "hotp" l.append("hotp") ttype = l[2].strip().lower() tok_class = get_token_class(ttype) params = tok_class.get_import_csv(l) log.debug("read the line {0!s}".format(params)) params["user"] = user TOKENS[serial] = params return TOKENS