def test_04_check_yubikey_pass(self):
# Check_yubikey_pass only works without pin!
db_token = Token.query.filter(Token.serial == self.serial1).first()
token = YubikeyTokenClass(db_token)
token.set_pin("")
token.save()
r, opt = YubikeyTokenClass.check_yubikey_pass(self.further_otps[1])
self.assertTrue(r)
self.assertTrue(opt.get("message") == "matching 1 tokens", opt)
# check failcounter
self.assertEqual(db_token.failcount, 0)
# the same otp value must not be usable again
r, opt = YubikeyTokenClass.check_yubikey_pass(self.further_otps[1])
self.assertFalse(r)
self.assertTrue(opt.get("message") == "wrong otp value", opt)
# check failcounter
self.assertEqual(db_token.failcount, 1)
# check an otp value, that does not match a token
r, opt = YubikeyTokenClass.check_yubikey_pass(
"fcebeeejedecebegfcniufvgvjturjgvinhebbbertjnihit")
self.assertFalse(r)
self.assertTrue(opt.get("action_detail") ==
"The serial UBAM@1382015 could not be found!", opt)
# check for an invalid OTP
r, opt = YubikeyTokenClass.check_yubikey_pass(self.further_otps[0])
self.assertFalse(r)
self.assertTrue(opt.get("message") == "wrong otp value", opt)
# check failcounter
self.assertEqual(db_token.failcount, 2)
def test_04_check_yubikey_pass(self):
# Check_yubikey_pass only works without pin!
db_token = Token.query.filter(Token.serial == self.serial1).first()
token = YubikeyTokenClass(db_token)
token.set_pin("")
token.save()
r, opt = YubikeyTokenClass.check_yubikey_pass(self.further_otps[1])
self.assertTrue(r)
self.assertTrue(opt.get("message") == "matching 1 tokens", opt)
# check failcounter
self.assertEqual(db_token.failcount, 0)
# the same otp value must not be usable again
r, opt = YubikeyTokenClass.check_yubikey_pass(self.further_otps[1])
self.assertFalse(r)
self.assertTrue(opt.get("message") == "wrong otp value", opt)
# check failcounter
self.assertEqual(db_token.failcount, 1)
# check an otp value, that does not match a token
r, opt = YubikeyTokenClass.check_yubikey_pass(
"fcebeeejedecebegfcniufvgvjturjgvinhebbbertjnihit")
self.assertFalse(r)
#self.assertTrue(opt.get("action_detail") ==
# "The serial UBAM@1382015 could not be found!", opt)
self.assertTrue(opt.get("action_detail") ==
"The prefix fcebeeejedecebeg could not be found!", opt)
# check for an invalid OTP
r, opt = YubikeyTokenClass.check_yubikey_pass(self.further_otps[0])
self.assertFalse(r)
self.assertTrue(opt.get("message") == "wrong otp value", opt)
# check failcounter
self.assertEqual(db_token.failcount, 2)
def test_05_check_maxfail(self):
# Check_yubikey_pass only works without pin!
db_token = Token.query.filter(Token.serial == self.serial1).first()
token = YubikeyTokenClass(db_token)
token.set_pin("")
token.save()
token.set_maxfail(5)
old_failcounter = token.get_failcount()
token.set_failcount(5)
# Failcount equals maxfail, so an authentication with a valid OTP
# will fail
r, opt = YubikeyTokenClass.check_yubikey_pass(self.further_otps[2])
self.assertFalse(r)
self.assertTrue(opt.get("message") == "matching 1 tokens, "
"Failcounter exceeded", opt)
# check failcounter
self.assertEqual(db_token.failcount, 5)
token.set_failcount(old_failcounter)
