def update(self, param, reset_failcount=True): """ update - process initialization parameters :param param: dict of initialization parameters :type param: dict :return: nothing """ LOG.debug("[update] begin. adjust the token class with: param %r" % param) _ = context['translate'] # in the scope helpdesk we allways have a user # to whom the token will be assigned if param.get('::scope::', {}).get('helpdesk', False): user = param['::scope::']['user'] u_info = getUserDetail(user) param[self.EMAIL_ADDRESS_KEY] = u_info.get('email', None) # specific - e-mail self._email_address = param[self.EMAIL_ADDRESS_KEY] # in scope selfservice - check if edit_email is allowed # if not allowed to edit, check if the email is the same # as from the user data if param.get('::scope::', {}).get('selfservice', False): user = param['::scope::']['user'] if not is_email_editable(user): u_info = getUserDetail(user) u_email = u_info.get('email', None) if u_email.strip() != self._email_address.strip(): raise Exception( _('User is not allowed to set ' 'email address')) # in case of the e-mail token, only the server must know the otpkey # thus if none is provided, we let create one (in the TokenClass) if 'genkey' not in param and 'otpkey' not in param: param['genkey'] = 1 HmacTokenClass.update(self, param, reset_failcount) LOG.debug("[update] end. all token parameters are set.") return
def get_mobile_number(self, user=None): """ get the mobile number - from the token info or - if the policy allowes it, from the user info """ if not user: return self._getPhone() pol = get_client_policy( context["Client"], scope="authentication", user=user, action="sms_dynamic_mobile_number", ) get_dynamic = get_action_value( pol, scope="authentication", action="sms_dynamic_mobile_number", default=False, ) if not get_dynamic: return self._getPhone() user_detail = getUserDetail(user) return user_detail.get("mobile", self._getPhone())
def get_mobile_number(self, user=None): ''' get the mobile number - from the token info or - if the policy allowes it, from the user info ''' if not user: return self._getPhone() pol = get_client_policy(context['Client'], scope="authentication", user=user, action="sms_dynamic_mobile_number") if not pol: return self._getPhone() get_dynamic = getPolicyActionValue(pol, "sms_dynamic_mobile_number", is_string=True) if not get_dynamic: return self._getPhone() user_detail = getUserDetail(user) return user_detail.get('mobile', self._getPhone())
def _get_email_address(self, user=None): ''' get the email address - from the token info or - if the policy allowes it, from the user info ''' if not user: return self._email_address pol = get_client_policy(context['Client'], scope="authentication", user=user, action="dynamic_email_address") if not pol: return self._email_address get_dynamic = get_action_value(pol, scope="authentication", action="dynamic_email_address", default='') if not get_dynamic: return self._email_address user_detail = getUserDetail(user) return user_detail.get('email', self._email_address)
def get_mobile_number(self, user=None): ''' get the mobile number - from the token info or - if the policy allowes it, from the user info ''' if not user: return self.get_phone() pol = get_client_policy(context['Client'], scope="authentication", user=user, action="voice_dynamic_mobile_number") if not pol: return self.get_phone() get_dynamic = get_action_value(pol, scope='authentication', action="voice_dynamic_mobile_number", default=False) if not get_dynamic: return self.get_phone() user_detail = getUserDetail(user) return user_detail.get('mobile', self.get_phone())
def update(self, param, reset_failcount=True): """ update - process initialization parameters :param param: dict of initialization parameters :type param: dict :return: nothing """ LOG.debug("[update] begin. adjust the token class with: param %r" % param) # specific - e-mail self._email_address = param[self.EMAIL_ADDRESS_KEY] # in scope selfservice - check if edit_email is allowed # if not allowed to edit, check if the email is the same # as from the user data if param.get('::scope::', {}).get('selfservice', False): user = param['::scope::']['user'] if not is_email_editable(user): u_info = getUserDetail(user) u_email = u_info.get('email', None) if u_email.strip() != self._email_address.strip(): raise Exception(_('User is not allowed to set email address')) ## in case of the e-mail token, only the server must know the otpkey ## thus if none is provided, we let create one (in the TokenClass) if not 'genkey' in param and not 'otpkey' in param: param['genkey'] = 1 HmacTokenClass.update(self, param, reset_failcount) LOG.debug("[update] end. all token parameters are set.") return
def update(self, param, reset_failcount=True): ''' update - process initialization parameters :param param: dict of initialization parameters :type param: dict :return: nothing ''' _ = context['translate'] log.debug("[update] begin. adjust the token class with: param %r" % (param)) # specific - phone phone = getParam(param, "phone", required) # in scope selfservice - check if edit_sms is allowed # if not allowed to edit, check if the phone is the same # as from the user data if param.get('::scope::', {}).get('selfservice', False): user = param['::scope::']['user'] if not is_phone_editable(user): u_info = getUserDetail(user) u_phone = u_info.get('mobile', u_info.get('phone', None)) if u_phone != phone: raise Exception( _('User is not allowed to ' 'set phone number')) self.setPhone(phone) # in case of the sms token, only the server must know the otpkey # thus if none is provided, we let create one (in the TokenClass) if 'genkey' not in param and 'otpkey' not in param: param['genkey'] = 1 HmacTokenClass.update(self, param, reset_failcount) log.debug("[update] end. all token parameters are set.") return
def update(self, param, reset_failcount=True): ''' update - process initialization parameters :param param: dict of initialization parameters :type param: dict :return: nothing ''' _ = context['translate'] # specific - phone try: phone = param['phone'] except KeyError: raise ParameterError("Missing parameter: 'phone'") # in scope selfservice - check if edit_sms is allowed # if not allowed to edit, check if the phone is the same # as from the user data if param.get('::scope::', {}).get('selfservice', False): user = param['::scope::']['user'] if not is_phone_editable(user): u_info = getUserDetail(user) u_phone = u_info.get('mobile', u_info.get('phone', None)) if u_phone != phone: raise Exception( _('User is not allowed to ' 'set phone number')) self.setPhone(phone) # in case of the sms token, only the server must know the otpkey # thus if none is provided, we let create one (in the TokenClass) if 'genkey' not in param and 'otpkey' not in param: param['genkey'] = 1 HmacTokenClass.update(self, param, reset_failcount) return
def update(self, param, reset_failcount=True): ''' update - process initialization parameters :param param: dict of initialization parameters :type param: dict :return: nothing ''' _ = context['translate'] log.debug("[update] begin. adjust the token class with: param %r" % (param)) # specific - phone phone = getParam(param, "phone", required) # in scope selfservice - check if edit_sms is allowed # if not allowed to edit, check if the phone is the same # as from the user data if param.get('::scope::', {}).get('selfservice', False): user = param['::scope::']['user'] if not is_phone_editable(user): u_info = getUserDetail(user) u_phone = u_info.get('mobile', u_info.get('phone', None)) if u_phone != phone: raise Exception(_('User is not allowed to ' 'set phone number')) self.setPhone(phone) # in case of the sms token, only the server must know the otpkey # thus if none is provided, we let create one (in the TokenClass) if 'genkey' not in param and 'otpkey' not in param: param['genkey'] = 1 HmacTokenClass.update(self, param, reset_failcount) log.debug("[update] end. all token parameters are set.") return
def update(self, param, reset_failcount=True): """ update - process initialization parameters :param param: dict of initialization parameters :type param: dict :return: nothing """ # specific - phone try: phone = param["phone"] except KeyError: raise ParameterError("Missing parameter: 'phone'") # in scope selfservice - check if edit_sms is allowed # if not allowed to edit, check if the phone is the same # as from the user data if param.get("::scope::", {}).get("selfservice", False): user = param["::scope::"]["user"] if not is_phone_editable(user): u_info = getUserDetail(user) u_phone = u_info.get("mobile", u_info.get("phone", None)) if u_phone != phone: raise Exception( _("User is not allowed to set phone number") ) self.setPhone(phone) # in case of the sms token, only the server must know the otpkey # thus if none is provided, we let create one (in the TokenClass) if "genkey" not in param and "otpkey" not in param: param["genkey"] = 1 HmacTokenClass.update(self, param, reset_failcount) return
def update(self, param, reset_failcount=True): """ update - process initialization parameters :param param: dict of initialization parameters :type param: dict :return: nothing """ LOG.debug("[update] begin. adjust the token class with: param %r", param) # specific - e-mail self._email_address = param[self.EMAIL_ADDRESS_KEY] # in scope selfservice - check if edit_email is allowed # if not allowed to edit, check if the email is the same # as from the user data if param.get("::scope::", {}).get("selfservice", False): user = param["::scope::"]["user"] if not is_email_editable(user): u_info = getUserDetail(user) u_email = u_info.get("email", None) if u_email.strip() != self._email_address.strip(): raise Exception( _("User is not allowed to set email address")) # in case of the e-mail token, only the server must know the otpkey # thus if none is provided, we let create one (in the TokenClass) if "genkey" not in param and "otpkey" not in param: param["genkey"] = 1 HmacTokenClass.update(self, param, reset_failcount) LOG.debug("[update] end. all token parameters are set.") return
def update(self, param, reset_failcount=True): """ update - process initialization parameters :param param: dict of initialization parameters :type param: dict :return: nothing """ log.debug("[update] begin. adjust the token class with: param %r" % (param)) # specific - phone phone = getParam(param, "phone", required) # in scope selfservice - check if edit_sms is allowed # if not allowed to edit, check if the phone is the same # as from the user data if param.get("::scope::", {}).get("selfservice", False): user = param["::scope::"]["user"] if not is_phone_editable(user): u_info = getUserDetail(user) u_phone = u_info.get("mobile", u_info.get("phone", None)) if u_phone != phone: raise Exception(_("User is not allowed to " "set phone number")) self.setPhone(phone) # in case of the sms token, only the server must know the otpkey # thus if none is provided, we let create one (in the TokenClass) if "genkey" not in param and "otpkey" not in param: param["genkey"] = 1 HmacTokenClass.update(self, param, reset_failcount) log.debug("[update] end. all token parameters are set.") return