def test_01_create_radius(self):
r = add_privacyideaserver(identifier="myserver",
url="https://pi/pi",
description="Hallo")
self.assertTrue(r > 0)
r = add_privacyideaserver(identifier="myserver2",
url="https://pi2/pi",
tls=False,
description="Hallo")
r = add_privacyideaserver(identifier="myserver3",
url="https://pi3/pi",
tls=True,
description="Hallo")
server_list = get_privacyideaservers()
self.assertTrue(server_list)
self.assertEqual(len(server_list), 3)
server_list = get_privacyideaservers(identifier="myserver")
self.assertEqual(server_list[0].config.identifier, "myserver")
self.assertTrue(server_list[0].config.tls)
self.assertEqual(server_list[0].config.description, "Hallo")
self.assertEqual(server_list[0].config.url, "https://pi/pi")
for server in ["myserver", "myserver2", "myserver3"]:
r = delete_privacyideaserver(server)
self.assertTrue(r > 0)
server_list = get_privacyideaservers()
self.assertEqual(len(server_list), 0)
def actions(cls):
"""
This method returns a dictionary of allowed actions and possible
options in this handler module.
:return: dict with actions
"""
pi_servers = [x.config.identifier for x in get_privacyideaservers()]
actions = {
ACTION_TYPE.FORWARD: {
"privacyIDEA": {
"type": "str",
"required": True,
"value": pi_servers,
"description": _("The remote/child privacyIDEA "
"Server.")
},
"realm": {
"type":
"str",
"description":
_("Change the realm name to a "
"realm on the child privacyIDEA "
"system.")
},
"resolver": {
"type":
"str",
"description":
_("Change the resolver name to a "
"resolver on the child "
"privacyIDEA system.")
},
"forward_client_ip": {
"type":
"bool",
"description":
_("Forward the client IP to the "
"child privacyIDEA server. "
"Otherwise this server will "
"be the client.")
},
"forward_authorization_token": {
"type":
"bool",
"description":
_("Forward the authorization header. "
"This allows to also forward request like "
"token- and system-requests.")
}
}
}
return actions
def actions(cls):
"""
This method returns a dictionary of allowed actions and possible
options in this handler module.
:return: dict with actions
"""
pi_servers = [x.config.identifier for x in get_privacyideaservers()]
actions = {ACTION_TYPE.FORWARD:
{"privacyIDEA":
{"type": "str",
"required": True,
"value": pi_servers,
"description": _("The remote/child privacyIDEA "
"Server.")
},
"realm":
{"type": "str",
"description": _("Change the realm name to a "
"realm on the child privacyIDEA "
"system.")
},
"resolver":
{"type": "str",
"description": _("Change the resolver name to a "
"resolver on the child "
"privacyIDEA system.")
},
"forward_client_ip":
{"type": "bool",
"description": _("Forward the client IP to the "
"child privacyIDEA server. "
"Otherwise this server will "
"be the client.")
},
"forward_authorization_token":
{"type": "bool",
"description": _("Forward the authorization header. "
"This allows to also forward request like "
"token- and system-requests.")
}
}
}
return actions
def list_privacyidea():
"""
This call gets the list of privacyIDEA server definitions
"""
res = {}
server_list = get_privacyideaservers()
for server in server_list:
if g.logged_in_user.get("role") == "admin":
res[server.config.identifier] = {"url": server.config.url,
"tls": server.config.tls,
"description":
server.config.description}
else:
# We do not pass any information to a normal user!
res[server.config.identifier] = {"url": "",
"tls": "",
"description": ""}
g.audit_object.log({'success': True})
return send_result(res)
def list_privacyidea():
"""
This call gets the list of privacyIDEA server definitions
"""
res = {}
server_list = get_privacyideaservers()
for server in server_list:
if g.logged_in_user.get("role") == "admin":
res[server.config.identifier] = {"url": server.config.url,
"tls": server.config.tls,
"description":
server.config.description}
else:
# We do not pass any information to a normal user!
res[server.config.identifier] = {"url": "",
"tls": "",
"description": ""}
g.audit_object.log({'success': True})
return send_result(res)