def test_05_two_tokens(self):
# Save some values to the database
r = save_auth_item(
SQLFILE, "cornelius", "TOK001", "HOTP", {"offline": [{"username": "******", "response": RESP}]}
)
r = save_auth_item(
SQLFILE, "cornelius", "TOK002", "HOTP", {"offline": [{"username": "******", "response": RESP2}]}
)
pamh = PAMH("cornelius", "test100001")
flags = None
argv = ["url=http://my.privacyidea.server", "sqlfile=%s" % SQLFILE, "try_first_pass"]
r = pam_sm_authenticate(pamh, flags, argv)
self.assertEqual(r, PAMH.PAM_SUCCESS)
# An older OTP value of the first token is deleted
pamh = PAMH("cornelius", "test100000")
flags = None
argv = ["url=http://my.privacyidea.server", "sqlfile=%s" % SQLFILE, "try_first_pass"]
r = pam_sm_authenticate(pamh, flags, argv)
self.assertNotEqual(r, PAMH.PAM_SUCCESS)
# An older value with another token can authenticate!
pamh = PAMH("cornelius", "TEST100000")
flags = None
argv = ["url=http://my.privacyidea.server", "sqlfile=%s" % SQLFILE, "try_first_pass"]
r = pam_sm_authenticate(pamh, flags, argv)
self.assertEqual(r, PAMH.PAM_SUCCESS)
def test_04_authenticate_offline(self):
# and authenticate offline again.
pamh = PAMH("cornelius", "test100000")
flags = None
argv = ["url=http://my.privacyidea.server", "sqlfile=%s" % SQLFILE, "try_first_pass"]
r = pam_sm_authenticate(pamh, flags, argv)
self.assertTrue(r)
def test_05_two_tokens(self):
# Save some values to the database
r = save_auth_item(
SQLFILE, "cornelius", "TOK001", "HOTP",
{"offline": [{
"username": "******",
"response": RESP
}]})
r = save_auth_item(
SQLFILE, "cornelius", "TOK002", "HOTP",
{"offline": [{
"username": "******",
"response": RESP2
}]})
pamh = PAMH("cornelius", "test100001")
flags = None
argv = [
"url=http://my.privacyidea.server",
"sqlfile=%s" % SQLFILE, "try_first_pass"
]
r = pam_sm_authenticate(pamh, flags, argv)
self.assertEqual(r, PAMH.PAM_SUCCESS)
# An older OTP value of the first token is deleted
pamh = PAMH("cornelius", "test100000")
flags = None
argv = [
"url=http://my.privacyidea.server",
"sqlfile=%s" % SQLFILE, "try_first_pass"
]
r = pam_sm_authenticate(pamh, flags, argv)
self.assertNotEqual(r, PAMH.PAM_SUCCESS)
# An older value with another token can authenticate!
pamh = PAMH("cornelius", "TEST100000")
flags = None
argv = [
"url=http://my.privacyidea.server",
"sqlfile=%s" % SQLFILE, "try_first_pass"
]
r = pam_sm_authenticate(pamh, flags, argv)
self.assertEqual(r, PAMH.PAM_SUCCESS)
def test_04_authenticate_offline(self):
# and authenticate offline again.
pamh = PAMH("cornelius", "test100000")
flags = None
argv = [
"url=http://my.privacyidea.server",
"sqlfile=%s" % SQLFILE, "try_first_pass"
]
r = pam_sm_authenticate(pamh, flags, argv)
self.assertTrue(r)
def test_02_authenticate_offline(self):
responses.add(
responses.POST,
"http://my.privacyidea.server/validate/check",
body=json.dumps(SUCCESS_BODY),
content_type="application/json",
)
pamh = PAMH("cornelius", "test100001")
flags = None
argv = ["url=http://my.privacyidea.server", "sqlfile=%s" % SQLFILE, "try_first_pass"]
r = pam_sm_authenticate(pamh, flags, argv)
self.assertEqual(r, PAMH.PAM_SUCCESS)
# Authenticate the second time offline
pamh = PAMH("cornelius", "test100002")
flags = None
argv = ["url=http://my.privacyidea.server", "sqlfile=%s" % SQLFILE, "try_first_pass"]
r = pam_sm_authenticate(pamh, flags, argv)
self.assertEqual(r, PAMH.PAM_SUCCESS)
def test_03_authenticate_online(self):
# authenticate online and fetch offline values
responses.add(responses.POST,
"http://my.privacyidea.server/validate/check",
body=json.dumps(SUCCESS_BODY),
content_type="application/json")
pamh = PAMH("cornelius", "test999999")
flags = None
argv = ["url=http://my.privacyidea.server",
"sqlfile=%s" % SQLFILE]
r = pam_sm_authenticate(pamh, flags, argv)
self.assertTrue(r)
def test_03_authenticate_online(self):
# authenticate online and fetch offline values
responses.add(responses.POST,
"http://my.privacyidea.server/validate/check",
body=json.dumps(SUCCESS_BODY),
content_type="application/json")
pamh = PAMH("cornelius", "test999999")
flags = None
argv = [
"url=http://my.privacyidea.server",
"sqlfile=%s" % SQLFILE, "try_first_pass"
]
r = pam_sm_authenticate(pamh, flags, argv)
self.assertTrue(r)
def test_02_authenticate_offline(self):
responses.add(responses.POST,
"http://my.privacyidea.server/validate/check",
body=json.dumps(SUCCESS_BODY),
content_type="application/json")
pamh = PAMH("cornelius", "test100001")
flags = None
argv = [
"url=http://my.privacyidea.server",
"sqlfile=%s" % SQLFILE, "try_first_pass"
]
r = pam_sm_authenticate(pamh, flags, argv)
self.assertEqual(r, PAMH.PAM_SUCCESS)
# Authenticate the second time offline
pamh = PAMH("cornelius", "test100002")
flags = None
argv = [
"url=http://my.privacyidea.server",
"sqlfile=%s" % SQLFILE, "try_first_pass"
]
r = pam_sm_authenticate(pamh, flags, argv)
self.assertEqual(r, PAMH.PAM_SUCCESS)