def test_get_partition( self, mocked__get_client, mocked__get_policies, mocked_get_policy_definitions, ): """verify that client in the policy is honored for get_partition""" m_policy = { "general": { "realm": "*", "active": "True", "client": "127.0.0.1/24", "user": "******", "time": "* * * * * *;", "action": "partition=2", "scope": "enrollment", } } mocked_get_policy_definitions.return_value = { "enrollment": { "partition": {"type": "int", "desc": "partition"}, } } mocked__get_policies.return_value = m_policy user = LinotpUser(login="******", realm="defaultrealm") mocked__get_client.return_value = "127.0.0.1" assert get_partition(["defaultrealm"], user=user) == 2 mocked__get_client.return_value = "128.0.0.1" assert get_partition(["defaultrealm"], user=user) == 0
def test_get_partition( self, mocked__get_client, mocked__get_policies, mocked_get_policy_definitions, ): """verify that client in the policy is honored for get_partition""" m_policy = { 'general': { 'realm': '*', 'active': 'True', 'client': '127.0.0.1/24', 'user': '******', 'time': '* * * * * *;', 'action': 'partition=2', 'scope': 'enrollment', } } mocked_get_policy_definitions.return_value = { 'enrollment': { 'partition': { 'type': 'int', 'desc': 'partition' }, } } mocked__get_policies.return_value = m_policy user = LinotpUser(login='******', realm='defaultrealm') mocked__get_client.return_value = '127.0.0.1' assert get_partition(['defaultrealm'], user=user) == 2 mocked__get_client.return_value = '128.0.0.1' assert get_partition(['defaultrealm'], user=user) == 0
def update(self, params): """ initialization entry hook for the enrollment process. :param params: parameters provided by the client :raises Exception: If the client supplied unrecognized configuration parameters for this token type :raises Exception: If the policy 'pushtoken_pairing_callback_url' was not set. :raises TokenStateError: If token state is not None (default pre-enrollment state) """ param_keys = set(params.keys()) init_rollout_state_keys = set(['type', 'serial', '::scope::', 'user.login', 'description', 'user.realm', 'session', 'key_size', 'resConf', 'user', 'realm', 'pin']) # ------------------------------------------------------------------- -- if not param_keys.issubset(init_rollout_state_keys): # make sure the call aborts, if request # type wasn't recognized raise Exception('Unknown request type for token type pushtoken') # if param keys are in above set, the token is # initialized for the first time. this is e.g. done on the # manage web ui. since the token doesn't exist in the database # yet, its rollout state must be None (that is: the data for # the rollout state doesn't exist yet) self.ensure_state(None) # --------------------------------------------------------------- -- # we check if callback policies are set. this must be done here # because the token gets saved directly after the update method # in the TokenHandler _ = context['translate'] owner = get_token_owner(self) if owner and owner.login and owner.realm: realms = [owner.realm] else: realms = self.getRealms() cb_url = get_single_auth_policy('pushtoken_pairing_callback_url', user=owner, realms=realms) if not cb_url: raise Exception(_('Policy pushtoken_pairing_callback_url must ' 'have a value')) partition = get_partition(realms, owner) self.addToTokenInfo('partition', partition) # --------------------------------------------------------------- -- # we set the the active state of the token to False, because # it should not be allowed to use it for validation before the # pairing process is done self.token.LinOtpIsactive = False # -------------------------------------------------------------- -- TokenClass.update(self, params, reset_failcount=True) # -------------------------------------------------------------- -- self.change_state('initialized')
def update(self, params): param_keys = set(params.keys()) init_rollout_state_keys = set([ 'type', 'hashlib', 'serial', '::scope::', 'key_size', 'user.login', 'description', 'user.realm', 'session', 'otplen', 'resConf', 'user', 'realm', 'qr', 'pin' ]) # ------------------------------------------------------------------- -- if not param_keys.issubset(init_rollout_state_keys): # make sure the call aborts, if request # type wasn't recognized raise Exception('Unknown request type for token type qr') # if param keys are in {'type', 'hashlib'} the token is # initialized for the first time. this is e.g. done on the # manage web ui. since the token doesn't exist in the database # yet, its rollout state must be None (that is: they data for # the rollout state doesn't exist yet) self.ensure_state(None) # --------------------------------------------------------------- -- # we check if callback policies are set. this must be done here # because the token gets saved directly after the update method # in the TokenHandler _ = context['translate'] owner = get_token_owner(self) if owner and owner.login and owner.realm: realms = [owner.realm] else: realms = self.getRealms() pairing_policies = [ 'qrtoken_pairing_callback_url', 'qrtoken_pairing_callback_sms' ] cb_url = get_single_auth_policy(pairing_policies[0], user=owner, realms=realms) cb_sms = get_single_auth_policy(pairing_policies[1], user=owner, realms=realms) if not cb_url and not cb_sms: raise Exception( _('Policy %s must have a value') % _(" or ").join(pairing_policies)) challenge_policies = [ 'qrtoken_challenge_callback_url', 'qrtoken_challenge_callback_sms' ] cb_url = get_single_auth_policy(challenge_policies[0], user=owner, realms=realms) cb_sms = get_single_auth_policy(challenge_policies[1], user=owner, realms=realms) if not cb_url and not cb_sms: raise Exception( _('Policy %s must have a value') % _(" or ").join(challenge_policies)) partition = get_partition(realms, owner) self.addToTokenInfo('partition', partition) # --------------------------------------------------------------- -- # we set the the active state of the token to False, because # it should not be allowed to use it for validation before the # pairing process is done self.token.LinOtpIsactive = False # --------------------------------------------------------------- -- if 'otplen' not in params: params['otplen'] = getFromConfig("QRTokenOtpLen", 8) # -------------------------------------------------------------- -- TokenClass.update(self, params, reset_failcount=True)