def test_01_randint(self):
r = urandom.randint(100)
self.assertTrue(r <= 100, r)
r = urandom.randint(100, 200)
self.assertTrue(100 <= r <= 200, r)
r = urandom.randint(200, 100)
self.assertTrue(100 <= r <= 200, r)
def test_01_randint(self):
r = urandom.randint(100)
self.assertTrue(r <= 100, r)
r = urandom.randint(100, 200)
self.assertTrue(100 <= r <= 200, r)
r = urandom.randint(200, 100)
self.assertTrue(100 <= r <= 200, r)
def create_challenge(self, transactionid=None, options=None):
"""
create a challenge, which is submitted to the user
:param transactionid: the id of this challenge
:param options: the request context parameters / data
:return: tuple of (bool, message, transactionid, attributes)
:rtype: tuple
The return tuple builds up like this:
``bool`` if submit was successful;
``message`` which is displayed in the JSON response;
additional ``attributes``, which are displayed in the JSON response.
"""
options = options or {}
return_message = get_action_values_from_options(
SCOPE.AUTH, "{0!s}_{1!s}".format(self.get_class_type(),
ACTION.CHALLENGETEXT),
options) or DEFAULT_CHALLENGE_TEXT
position_count = int(
get_action_values_from_options(
SCOPE.AUTH, "{0!s}_{1!s}".format(self.get_class_type(),
PIIXACTION.COUNT), options)
or DEFAULT_POSITION_COUNT)
attributes = {'state': transactionid}
validity = 120
if self.is_active() is True:
# We need to get a number of random positions from the secret string
secret_length = len(self.token.get_otpkey().getKey())
if not secret_length:
raise ValidateError(
"The indexedsecret token has an empty secret and "
"can not be used for authentication.")
random_positions = [
urandom.randint(1, secret_length)
for _x in range(0, position_count)
]
position_str = ",".join(
["{0!s}".format(x) for x in random_positions])
attributes["random_positions"] = random_positions
db_challenge = Challenge(self.token.serial,
transaction_id=transactionid,
challenge=options.get("challenge"),
data=position_str,
session=options.get("session"),
validitytime=validity)
db_challenge.save()
transactionid = transactionid or db_challenge.transaction_id
return_message = return_message.format(position_str)
expiry_date = datetime.datetime.now() + \
datetime.timedelta(seconds=validity)
attributes['valid_until'] = "{0!s}".format(expiry_date)
return True, return_message, transactionid, attributes
import crypt
try:
import bcrypt
_bcrypt_hashpw = bcrypt.hashpw
except ImportError:
_bcrypt_hashpw = None
# On App Engine, this function is not available.
if hasattr(os, 'getpid'):
_pid = os.getpid()
else:
# Fake PID
from privacyidea.lib.crypto import urandom
_pid = urandom.randint(0, 100000)
class PasswordHash:
def __init__(self, iteration_count_log2=8, portable_hashes=True,
algorithm=''):
alg = algorithm.lower()
if (alg == 'blowfish' or alg == 'bcrypt') and _bcrypt_hashpw is None:
raise NotImplementedError('The bcrypt module is required')
self.itoa64 = \
'./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
if iteration_count_log2 < 4 or iteration_count_log2 > 31:
iteration_count_log2 = 8
self.iteration_count_log2 = iteration_count_log2
self.portable_hashes = portable_hashes
import time
from base64 import (b64decode, b64encode)
try:
import bcrypt
_bcrypt_hashpw = bcrypt.hashpw
except ImportError: # pragma: no cover
_bcrypt_hashpw = None
# On App Engine, this function is not available.
if hasattr(os, 'getpid'):
_pid = os.getpid()
else: # pragma: no cover
# Fake PID
_pid = urandom.randint(0, 100000)
ENCODING = "utf-8"
def check_time_in_range(time_range, check_time=None):
"""
Check if the given time is contained in the time_range string.
The time_range can be something like
<DOW>-<DOW>: <hh:mm>-<hh:mm>, <DOW>-<DOW>: <hh:mm>-<hh:mm>
<DOW>-<DOW>: <h:mm>-<hh:mm>, <DOW>: <h:mm>-<hh:mm>
<DOW>: <h>-<hh>
DOW beeing the day of the week: Mon, Tue, Wed, Thu, Fri, Sat, Sun
hh: 00-23
