def test_19_reset_resync(self):
serial = "reset"
tokenobject = init_token({"serial": serial,
"otpkey": "1234567890123456"})
otps = tokenobject.get_multi_otp(count=100)
self.assertTrue(tokenobject.token.count == 0)
# 20: '122407', 21: '505117', 22: '870960', 23: '139843', 24: '631376'
self.assertTrue(otps[2].get("otp").get(20) == "122407", otps[2])
self.assertTrue(tokenobject.token.count == 0)
r = resync_token(serial, "122407", "505117")
self.assertTrue(r)
self.assertTrue(tokenobject.token.count == 22, tokenobject.token.count)
tokenobject.token.failcount = 20
r = reset_token(serial)
self.assertTrue(r)
self.assertTrue(tokenobject.token.failcount == 0)
remove_token(serial)
self.assertRaises(ParameterError, reset_token)
def test_19_reset_resync(self):
serial = "reset"
tokenobject = init_token({
"serial": serial,
"otpkey": "1234567890123456"
})
otps = tokenobject.get_multi_otp(count=100)
self.assertTrue(tokenobject.token.count == 0)
# 20: '122407', 21: '505117', 22: '870960', 23: '139843', 24: '631376'
self.assertTrue(otps[2].get("otp").get(20) == "122407", otps[2])
self.assertTrue(tokenobject.token.count == 0)
r = resync_token(serial, "122407", "505117")
self.assertTrue(r)
self.assertTrue(tokenobject.token.count == 22, tokenobject.token.count)
tokenobject.token.failcount = 20
r = reset_token(serial)
self.assertTrue(r)
self.assertTrue(tokenobject.token.failcount == 0)
remove_token(serial)
self.assertRaises(ParameterError, reset_token)
def test_06_fail_counter(self):
# test if a user has several tokens that the fail counter is increased
# reset the failcounter
reset_token(serial="SE1")
init_token({"serial": "s2",
"genkey": 1,
"pin": "test"}, user=User("cornelius", self.realm1))
init_token({"serial": "s3",
"genkey": 1,
"pin": "test"}, user=User("cornelius", self.realm1))
# Now the user cornelius has 3 tokens.
# SE1 with pin "pin"
# token s2 with pin "test" and
# token s3 with pin "test".
self.assertTrue(get_inc_fail_count_on_false_pin())
# We give an OTP PIN that does not match any token.
# The failcounter of all tokens will be increased
with self.app.test_request_context('/validate/check',
method='POST',
data={"user": "******",
"pass": "******"}):
res = self.app.full_dispatch_request()
self.assertTrue(res.status_code == 200, res)
result = json.loads(res.data).get("result")
detail = json.loads(res.data).get("detail")
self.assertFalse(result.get("value"))
tok = get_tokens(serial="SE1")[0]
self.assertEqual(tok.token.failcount, 1)
tok = get_tokens(serial="s2")[0]
self.assertEqual(tok.token.failcount, 1)
tok = get_tokens(serial="s3")[0]
self.assertEqual(tok.token.failcount, 1)
# Now we give the matching OTP PIN of one token.
# Only one failcounter will be increased
with self.app.test_request_context('/validate/check',
method='POST',
data={"user": "******",
"pass": "******"}):
res = self.app.full_dispatch_request()
self.assertTrue(res.status_code == 200, res)
result = json.loads(res.data).get("result")
detail = json.loads(res.data).get("detail")
self.assertEqual(detail.get("serial"), "SE1")
self.assertEqual(detail.get("message"), "wrong otp value")
# Only the failcounter of SE1 (the PIN matching token) is increased!
tok = get_tokens(serial="SE1")[0]
self.assertEqual(tok.token.failcount, 2)
tok = get_tokens(serial="s2")[0]
self.assertEqual(tok.token.failcount, 1)
tok = get_tokens(serial="s3")[0]
self.assertEqual(tok.token.failcount, 1)
set_privacyidea_config("IncFailCountOnFalsePin", False)
self.assertFalse(get_inc_fail_count_on_false_pin())
reset_token(serial="SE1")
reset_token(serial="s2")
reset_token(serial="s3")
# If we try to authenticate with an OTP PIN that does not match any
# token NO failcounter is increased!
with self.app.test_request_context('/validate/check',
method='POST',
data={"user": "******",
"pass": "******"}):
res = self.app.full_dispatch_request()
self.assertTrue(res.status_code == 200, res)
result = json.loads(res.data).get("result")
detail = json.loads(res.data).get("detail")
self.assertFalse(result.get("value"))
tok = get_tokens(serial="SE1")[0]
self.assertEqual(tok.token.failcount, 0)
tok = get_tokens(serial="s2")[0]
self.assertEqual(tok.token.failcount, 0)
tok = get_tokens(serial="s3")[0]
self.assertEqual(tok.token.failcount, 0)
# Now we give the matching OTP PIN of one token.
# Only one failcounter will be increased
with self.app.test_request_context('/validate/check',
method='POST',
data={"user": "******",
"pass": "******"}):
res = self.app.full_dispatch_request()
self.assertTrue(res.status_code == 200, res)
result = json.loads(res.data).get("result")
detail = json.loads(res.data).get("detail")
self.assertEqual(detail.get("serial"), "SE1")
self.assertEqual(detail.get("message"), "wrong otp value")
# Only the failcounter of SE1 (the PIN matching token) is increased!
tok = get_tokens(serial="SE1")[0]
self.assertEqual(tok.token.failcount, 1)
tok = get_tokens(serial="s2")[0]
self.assertEqual(tok.token.failcount, 0)
tok = get_tokens(serial="s3")[0]
self.assertEqual(tok.token.failcount, 0)
def test_06_fail_counter(self):
# test if a user has several tokens that the fail counter is increased
# reset the failcounter
reset_token(serial="SE1")
init_token({
"serial": "s2",
"genkey": 1,
"pin": "test"
},
user=User("cornelius", self.realm1))
init_token({
"serial": "s3",
"genkey": 1,
"pin": "test"
},
user=User("cornelius", self.realm1))
# Now the user cornelius has 3 tokens.
# SE1 with pin "pin"
# token s2 with pin "test" and
# token s3 with pin "test".
self.assertTrue(get_inc_fail_count_on_false_pin())
# We give an OTP PIN that does not match any token.
# The failcounter of all tokens will be increased
with self.app.test_request_context('/validate/check',
method='POST',
data={
"user": "******",
"pass": "******"
}):
res = self.app.full_dispatch_request()
self.assertTrue(res.status_code == 200, res)
result = json.loads(res.data).get("result")
detail = json.loads(res.data).get("detail")
self.assertFalse(result.get("value"))
tok = get_tokens(serial="SE1")[0]
self.assertEqual(tok.token.failcount, 1)
tok = get_tokens(serial="s2")[0]
self.assertEqual(tok.token.failcount, 1)
tok = get_tokens(serial="s3")[0]
self.assertEqual(tok.token.failcount, 1)
# Now we give the matching OTP PIN of one token.
# Only one failcounter will be increased
with self.app.test_request_context('/validate/check',
method='POST',
data={
"user": "******",
"pass": "******"
}):
res = self.app.full_dispatch_request()
self.assertTrue(res.status_code == 200, res)
result = json.loads(res.data).get("result")
detail = json.loads(res.data).get("detail")
self.assertEqual(detail.get("serial"), "SE1")
self.assertEqual(detail.get("message"), "wrong otp value")
# Only the failcounter of SE1 (the PIN matching token) is increased!
tok = get_tokens(serial="SE1")[0]
self.assertEqual(tok.token.failcount, 2)
tok = get_tokens(serial="s2")[0]
self.assertEqual(tok.token.failcount, 1)
tok = get_tokens(serial="s3")[0]
self.assertEqual(tok.token.failcount, 1)
set_privacyidea_config("IncFailCountOnFalsePin", False)
self.assertFalse(get_inc_fail_count_on_false_pin())
reset_token(serial="SE1")
reset_token(serial="s2")
reset_token(serial="s3")
# If we try to authenticate with an OTP PIN that does not match any
# token NO failcounter is increased!
with self.app.test_request_context('/validate/check',
method='POST',
data={
"user": "******",
"pass": "******"
}):
res = self.app.full_dispatch_request()
self.assertTrue(res.status_code == 200, res)
result = json.loads(res.data).get("result")
detail = json.loads(res.data).get("detail")
self.assertFalse(result.get("value"))
tok = get_tokens(serial="SE1")[0]
self.assertEqual(tok.token.failcount, 0)
tok = get_tokens(serial="s2")[0]
self.assertEqual(tok.token.failcount, 0)
tok = get_tokens(serial="s3")[0]
self.assertEqual(tok.token.failcount, 0)
# Now we give the matching OTP PIN of one token.
# Only one failcounter will be increased
with self.app.test_request_context('/validate/check',
method='POST',
data={
"user": "******",
"pass": "******"
}):
res = self.app.full_dispatch_request()
self.assertTrue(res.status_code == 200, res)
result = json.loads(res.data).get("result")
detail = json.loads(res.data).get("detail")
self.assertEqual(detail.get("serial"), "SE1")
self.assertEqual(detail.get("message"), "wrong otp value")
# Only the failcounter of SE1 (the PIN matching token) is increased!
tok = get_tokens(serial="SE1")[0]
self.assertEqual(tok.token.failcount, 1)
tok = get_tokens(serial="s2")[0]
self.assertEqual(tok.token.failcount, 0)
tok = get_tokens(serial="s3")[0]
self.assertEqual(tok.token.failcount, 0)
