def autosms(self):
'''
This function is used to test the autosms policy
method:
testing/autosms
arguments:
user - username / loginname
realm - additional realm to match the user to a useridresolver
returns:
JSON response
'''
try:
if "user" not in self.request_params:
raise ParameterError("Missing parameter: 'user'")
ok = get_auth_AutoSMSPolicy()
Session.commit()
return sendResult(response, ok, 0)
except Exception as exx:
log.exception("[autosms] validate/check failed: %r", exx)
Session.rollback()
return sendError(response, ("validate/check failed: %r", exx), 0)
finally:
Session.close()
def checkOtp(self, anOtpVal, counter, window, options=None):
'''
checkOtp - check the otpval of a token against a given counter
in the + window range
:param passw: the to be verified passw/pin
:type passw: string
:return: counter if found, -1 if not found
:rtype: int
'''
log.debug("[checkOtp] begin. start to verify the otp value: anOtpVal:"
" %r, counter: %r, window: %r, options: %r "
% (anOtpVal, counter, window, options))
if not options:
options = {}
ret = HmacTokenClass.checkOtp(self, anOtpVal, counter, window)
if ret != -1:
if self.isValid() == False:
ret = -1
if ret >= 0:
if get_auth_AutoSMSPolicy():
user = None
message = "<otp>"
realms = self.getRealms()
if realms:
_sms_ret, message = get_auth_smstext(realm=realms[0])
if 'user' in options:
user = options.get('user', None)
if user:
_sms_ret, message = get_auth_smstext(realm=user.realm)
realms = self.getRealms()
if 'data' in options or 'message' in options:
message = options.get('data',
options.get('message', '<otp>'))
try:
_success, message = self.sendSMS(message=message)
except Exception as exx:
log.exception(exx)
finally:
self.incOtpCounter(ret, reset=False)
if ret >= 0:
msg = "otp verification was successful!"
else:
msg = "otp verification failed!"
log.debug("[checkOtp] end. %s ret: %r" % (msg, ret))
return ret
def checkOtp(self, anOtpVal, counter, window, options=None):
'''
checkOtp - check the otpval of a token against a given counter
in the + window range
:param passw: the to be verified passw/pin
:type passw: string
:return: counter if found, -1 if not found
:rtype: int
'''
log.debug("[checkOtp] begin. start to verify the otp value: anOtpVal:"
" %r, counter: %r, window: %r, options: %r " %
(anOtpVal, counter, window, options))
if not options:
options = {}
ret = HmacTokenClass.checkOtp(self, anOtpVal, counter, window)
if ret != -1:
if self.isValid() is False:
ret = -1
if ret >= 0:
if get_auth_AutoSMSPolicy():
user = None
message = "<otp>"
realms = self.getRealms()
if realms:
_sms_ret, message = get_auth_smstext(realm=realms[0])
if 'user' in options:
user = options.get('user', None)
if user:
_sms_ret, message = get_auth_smstext(realm=user.realm)
realms = self.getRealms()
if 'data' in options or 'message' in options:
message = options.get('data',
options.get('message', '<otp>'))
try:
_success, message = self.sendSMS(message=message)
except Exception as exx:
log.exception(exx)
finally:
self.incOtpCounter(ret, reset=False)
if ret >= 0:
msg = "otp verification was successful!"
else:
msg = "otp verification failed!"
log.debug("[checkOtp] end. %s ret: %r" % (msg, ret))
return ret
def checkOtp(self, anOtpVal, counter, window, options=None):
"""
checkOtp - check the otpval of a token against a given counter
in the + window range
:param passw: the to be verified passw/pin
:type passw: string
:return: counter if found, -1 if not found
:rtype: int
"""
if not options:
options = {}
ret = HmacTokenClass.checkOtp(self, anOtpVal, counter, window)
if ret != -1:
if self.isValid() is False:
ret = -1
if ret >= 0:
if get_auth_AutoSMSPolicy():
user = None
message = "<otp>"
realms = self.getRealms()
if realms:
_sms_ret, message = get_auth_smstext(realm=realms[0])
if "user" in options:
user = options.get("user", None)
if user:
_sms_ret, message = get_auth_smstext(realm=user.realm)
realms = self.getRealms()
if "data" in options or "message" in options:
message = options.get(
"data", options.get("message", "<otp>")
)
try:
_success, message = self.sendSMS(message=message)
except Exception as exx:
log.error(exx)
finally:
self.incOtpCounter(ret, reset=False)
if ret >= 0:
msg = "otp verification was successful!"
else:
msg = "otp verification failed!"
log.debug(msg)
return ret
def do_autosms_test(self, policy, user, client_ip, expected_result):
new_policy = {
"name": "autosms",
"scope": "authentication",
"realm": "*",
"action": "autosms",
}
if policy:
new_policy.update(policy)
self.set_policy(new_policy)
context["Client"] = client_ip
context["RequestUser"] = getUserFromParam({"user": user})
result = get_auth_AutoSMSPolicy()
assert result == expected_result
def autosms(self):
'''
This function is used to test the autosms policy
method:
testing/autosms
arguments:
user - username / loginname
realm - additional realm to match the user to a useridresolver
returns:
JSON response
'''
log.debug('[autosms]')
param = request.params
try:
if isSelfTest() == False:
Session.rollback()
return sendError(
response,
"The testing controller can only be used in SelfTest mode!",
0)
user = getUserFromParam(param, required)
ok = get_auth_AutoSMSPolicy()
Session.commit()
return sendResult(response, ok, 0)
except Exception as e:
log.error("[autosms] validate/check failed: %r", e)
log.error("[autosms] %s" % traceback.format_exc())
Session.rollback()
return sendError(response, "validate/check failed:" + unicode(e),
0)
finally:
Session.close()
log.debug('[autosms] done')
def autosms(self):
'''
This function is used to test the autosms policy
method:
testing/autosms
arguments:
user - username / loginname
realm - additional realm to match the user to a useridresolver
returns:
JSON response
'''
param = request.params
try:
if isSelfTest() is False:
Session.rollback()
return sendError(
response,
"The testing controller can only be used in SelfTest mode!",
0)
if "user" not in param:
raise ParameterError("Missing parameter: 'user'")
ok = get_auth_AutoSMSPolicy()
Session.commit()
return sendResult(response, ok, 0)
except Exception as e:
log.exception("[autosms] validate/check failed: %r", e)
Session.rollback()
return sendError(response, "validate/check failed:" + unicode(e),
0)
finally:
Session.close()
def autosms(self):
'''
This function is used to test the autosms policy
method:
testing/autosms
arguments:
user - username / loginname
realm - additional realm to match the user to a useridresolver
returns:
JSON response
'''
log.debug('[autosms]')
param = request.params
try:
if isSelfTest() == False:
Session.rollback()
return sendError(response, "The testing controller can only be used in SelfTest mode!", 0)
user = getUserFromParam(param, required)
ok = get_auth_AutoSMSPolicy()
Session.commit()
return sendResult(response, ok, 0)
except Exception as e:
log.error("[autosms] validate/check failed: %r", e)
log.error("[autosms] %s" % traceback.format_exc())
Session.rollback()
return sendError(response, "validate/check failed:" + unicode(e), 0)
finally:
Session.close()
log.debug('[autosms] done')
def checkOtp(self, anOtpVal, counter, window, options=None):
'''
checkOtp - check the otpval of a token against a given counter
in the + window range
:param passw: the to be verified passw/pin
:type passw: string
:return: counter if found, -1 if not found
:rtype: int
'''
log.debug(
"[checkOtp] begin. start to verify the otp value: anOtpVal:" +
" %r, counter: %r, window: %r, options: %r " %
(anOtpVal, counter, window, options))
ret = HmacTokenClass.checkOtp(self, anOtpVal, counter, window)
if ret != -1:
if self.isValid() == False:
ret = -1
if ret >= 0:
if get_auth_AutoSMSPolicy():
user = None
message = "<otp>"
if options is not None and type(options) == dict:
user = options.get('user', None)
if user:
sms_ret, message = get_auth_smstext(realm=user.realm)
self.incOtpCounter(ret, reset=False)
success, message = self.sendSMS(message=message)
if ret >= 0:
msg = "otp verification was successful!"
else:
msg = "otp verification failed!"
log.debug("[checkOtp] end. %s ret: %r" % (msg, ret))
return ret
def checkOtp(self, anOtpVal, counter, window, options=None):
"""
checkOtp - check the otpval of a token against a given counter
in the + window range
:param passw: the to be verified passw/pin
:type passw: string
:return: counter if found, -1 if not found
:rtype: int
"""
log.debug(
"[checkOtp] begin. start to verify the otp value: anOtpVal:"
+ " %r, counter: %r, window: %r, options: %r " % (anOtpVal, counter, window, options)
)
ret = HmacTokenClass.checkOtp(self, anOtpVal, counter, window)
if ret != -1:
if self.isValid() == False:
ret = -1
if ret >= 0:
if get_auth_AutoSMSPolicy():
user = None
message = "<otp>"
if options is not None and type(options) == dict:
user = options.get("user", None)
if user:
sms_ret, message = get_auth_smstext(realm=user.realm)
self.incOtpCounter(ret, reset=False)
success, message = self.sendSMS(message=message)
if ret >= 0:
msg = "otp verification was successful!"
else:
msg = "otp verification failed!"
log.debug("[checkOtp] end. %s ret: %r" % (msg, ret))
return ret
def autosms(self):
'''
This function is used to test the autosms policy
method:
testing/autosms
arguments:
user - username / loginname
realm - additional realm to match the user to a useridresolver
returns:
JSON response
'''
try:
if isSelfTest() is False:
Session.rollback()
return sendError(response, "The testing controller can only"
" be used in SelfTest mode!", 0)
if "user" not in self.request_params:
raise ParameterError("Missing parameter: 'user'")
ok = get_auth_AutoSMSPolicy()
Session.commit()
return sendResult(response, ok, 0)
except Exception as exx:
log.exception("[autosms] validate/check failed: %r", exx)
Session.rollback()
return sendError(response, ("validate/check failed: %r", exx), 0)
finally:
Session.close()
