def test_credentials(username, password):
identity_uid = create_uuid()
session_uid = create_uuid()
if random.randint(0, 1):
device_uid = create_uuid()
else:
device_uid = None
short_uid = LoginSession.to_short_uid(session_uid)
otpcode = "%06d" % random.randint(1, 999999)
data = Credentials.package(identity_uid=identity_uid,
short_uid=short_uid,
device_uid=device_uid,
username=username,
password=password,
otpcode=otpcode)
creds = Credentials.unpackage(data=data,
username=username,
short_uid=short_uid)
assert (creds["username"] == username)
assert (creds["short_uid"] == short_uid)
if device_uid is None:
assert (creds["device_uid"] != device_uid)
else:
assert (creds["device_uid"] == device_uid)
encoded_password = Credentials.encode_password(identity_uid=identity_uid,
device_uid=device_uid,
password=password)
assert (creds["password"] == encoded_password)
assert (creds["otpcode"] == otpcode)
def request_login(self, login_message=None):
"""Request to authenticate as this user. This returns a login URL that
you must connect to to supply your login credentials
If 'login_message' is supplied, then this is passed to
the identity service so that it can be displayed
when the user accesses the login page. This helps
the user validate that they have accessed the correct
login page. Note that if the message is None,
then a random message will be generated.
"""
self._check_for_error()
from Acquire.Client import LoginError
if not self.is_empty():
raise LoginError("You cannot try to log in twice using the same "
"User object. Create another object if you want "
"to try to log in again.")
if self._username is None or len(self._username) == 0:
raise LoginError("Please supply a valid username!")
# first, create a private key that will be used
# to sign all requests and identify this login
from Acquire.Client import PrivateKey as _PrivateKey
session_key = _PrivateKey(name="user_session_key %s" % self._username)
signing_key = _PrivateKey(name="user_session_cert %s" % self._username)
args = {"username": self._username,
"public_key": session_key.public_key().to_data(),
"public_certificate": signing_key.public_key().to_data(),
"scope": self._scope,
"permissions": self._permissions
}
# get information from the local machine to help
# the user validate that the login details are correct
try:
hostname = _socket.gethostname()
ipaddr = _socket.gethostbyname(hostname)
args["hostname"] = hostname
args["ipaddr"] = ipaddr
except:
pass
if login_message is None:
try:
login_message = _get_random_sentence()
except:
pass
if login_message is not None:
args["login_message"] = login_message
identity_service = self.identity_service()
result = identity_service.call_function(
function="request_login", args=args)
try:
login_url = result["login_url"]
except:
login_url = None
if login_url is None:
error = "Failed to login. Could not extract the login URL! " \
"Result is %s" % (str(result))
self._set_error_state(error)
raise LoginError(error)
try:
session_uid = result["session_uid"]
except:
session_uid = None
if session_uid is None:
error = "Failed to login. Could not extract the login " \
"session UID! Result is %s" % (str(result))
self._set_error_state(error)
raise LoginError(error)
# now save all of the needed data
self._login_url = result["login_url"]
self._session_key = session_key
self._signing_key = signing_key
self._session_uid = session_uid
self._status = _LoginStatus.LOGGING_IN
self._user_uid = None
_output("Login by visiting: %s" % self._login_url)
if login_message is not None:
_output("(please check that this page displays the message '%s')"
% login_message)
from Acquire.Identity import LoginSession as _LoginSession
return {"login_url": self._login_url,
"session_uid": session_uid,
"short_uid": _LoginSession.to_short_uid(session_uid)}