def test_11_challenge_response_hotp(self):
# set a chalresp policy for HOTP
with self.app.test_request_context('/policy/pol_chal_resp',
data={'action':
"challenge_response=hotp",
'scope': "authentication",
'realm': '',
'active': True},
method='POST',
headers={'Authorization': self.at}):
res = self.app.full_dispatch_request()
self.assertTrue(res.status_code == 200, res)
result = json.loads(res.data).get("result")
self.assertTrue(result["status"] is True, result)
self.assertTrue('"setPolicy pol_chal_resp": 1' in res.data,
res.data)
serial = "CHALRESP1"
pin = "chalresp1"
# create a token and assign to the user
db_token = Token(serial, tokentype="hotp")
db_token.update_otpkey(self.otpkey)
db_token.save()
token = HotpTokenClass(db_token)
token.set_user(User("cornelius", self.realm1))
token.set_pin(pin)
# create the challenge by authenticating with the OTP PIN
with self.app.test_request_context('/validate/check',
method='POST',
data={"user": "******",
"pass": pin}):
res = self.app.full_dispatch_request()
self.assertTrue(res.status_code == 200, res)
result = json.loads(res.data).get("result")
detail = json.loads(res.data).get("detail")
self.assertFalse(result.get("value"))
self.assertEqual(detail.get("message"), "please enter otp: ")
transaction_id = detail.get("transaction_id")
# send the OTP value
with self.app.test_request_context('/validate/check',
method='POST',
data={"user": "******",
"transaction_id":
transaction_id,
"pass": "******"}):
res = self.app.full_dispatch_request()
self.assertTrue(res.status_code == 200, res)
result = json.loads(res.data).get("result")
detail = json.loads(res.data).get("detail")
self.assertTrue(result.get("value"))
# delete the token
remove_token(serial=serial)
def test_00_create_realms(self):
self.setUp_user_realms()
# create a token and assign it to the user
db_token = Token(self.serials[0], tokentype="hotp")
db_token.update_otpkey(self.otpkey)
db_token.save()
token = HotpTokenClass(db_token)
self.assertTrue(token.token.serial == self.serials[0], token)
token.set_user(User("cornelius", self.realm1))
token.set_pin("pin")
self.assertTrue(token.token.user_id == "1000", token.token.user_id)
def test_13_challenge_response_email(self):
serial = "CHALRESP3"
pin = "chalresp3"
# create a token and assign to the user
db_token = Token(serial, tokentype="email")
db_token.update_otpkey(self.otpkey)
db_token.save()
token = HotpTokenClass(db_token)
token.set_user(User("cornelius", self.realm1))
token.set_pin(pin)
# create the challenge by authenticating with the OTP PIN
with self.app.test_request_context('/validate/check',
method='POST',
data={"user": "******",
"pass": pin}):
res = self.app.full_dispatch_request()
self.assertTrue(res.status_code == 200, res)
result = json.loads(res.data).get("result")
detail = json.loads(res.data).get("detail")
self.assertFalse(result.get("value"))
self.assertEqual(detail.get("message"), "please enter otp: ")
transaction_id = detail.get("transaction_id")
# send the OTP value
# Test with parameter state.
with self.app.test_request_context('/validate/check',
method='POST',
data={"user": "******",
"state":
transaction_id,
"pass": "******"}):
res = self.app.full_dispatch_request()
self.assertTrue(res.status_code == 200, res)
result = json.loads(res.data).get("result")
detail = json.loads(res.data).get("detail")
self.assertTrue(result.get("value"))
# delete the token
remove_token(serial=serial)
def test_00_create_realms(self):
self.setUp_user_realms()
# create a token and assign it to the user
db_token = Token(self.serials[0], tokentype="hotp")
db_token.update_otpkey(self.otpkey)
db_token.save()
token = HotpTokenClass(db_token)
self.assertTrue(token.token.serial == self.serials[0], token)
token.set_user(User("cornelius", self.realm1))
token.set_pin("pin")
self.assertTrue(token.token.user_id == "1000", token.token.user_id)
def test_11_challenge_response_hotp(self):
# set a chalresp policy for HOTP
with self.app.test_request_context('/policy/pol_chal_resp',
data={
'action':
"challenge_response=hotp",
'scope': "authentication",
'realm': '',
'active': True
},
method='POST',
headers={'Authorization': self.at}):
res = self.app.full_dispatch_request()
self.assertTrue(res.status_code == 200, res)
result = json.loads(res.data).get("result")
self.assertTrue(result["status"] is True, result)
self.assertTrue('"setPolicy pol_chal_resp": 1' in res.data,
res.data)
serial = "CHALRESP1"
pin = "chalresp1"
# create a token and assign to the user
db_token = Token(serial, tokentype="hotp")
db_token.update_otpkey(self.otpkey)
db_token.save()
token = HotpTokenClass(db_token)
token.set_user(User("cornelius", self.realm1))
token.set_pin(pin)
# Set the failcounter
token.set_failcount(5)
# create the challenge by authenticating with the OTP PIN
with self.app.test_request_context('/validate/check',
method='POST',
data={
"user": "******",
"pass": pin
}):
res = self.app.full_dispatch_request()
self.assertTrue(res.status_code == 200, res)
result = json.loads(res.data).get("result")
detail = json.loads(res.data).get("detail")
self.assertFalse(result.get("value"))
self.assertEqual(detail.get("message"), "please enter otp: ")
transaction_id = detail.get("transaction_id")
self.assertEqual(token.get_failcount(), 5)
# send the OTP value
with self.app.test_request_context('/validate/check',
method='POST',
data={
"user": "******",
"transaction_id":
transaction_id,
"pass": "******"
}):
res = self.app.full_dispatch_request()
self.assertTrue(res.status_code == 200, res)
result = json.loads(res.data).get("result")
detail = json.loads(res.data).get("detail")
self.assertTrue(result.get("value"))
self.assertEqual(token.get_failcount(), 0)
# delete the token
remove_token(serial=serial)
