def getZipBytes(username): """get the bytes of the zip file with the JAuth client, customized to the user (secret is embedded)""" tmpd = tempfile.mkdtemp(dir='/tmp') try: zipdbasename = '%s-openauth' % username zipdpath = os.path.join(tmpd, zipdbasename) sh = "rsync -a %s/ %s/" % (core.shQuote(config2.ZIP_CONTENTS_DIR), core.shQuote(zipdpath)) core.getStdout(sh) f = open(os.path.join(zipdpath, 'JAuth', 'AuthenticatorGUI.class'),'r') classbytes = f.read() f.close() classbytes = classbytes.replace(config2.SECRET_PLACEHOLDER, getSecret(username),1) f = open(os.path.join(zipdpath, 'JAuth', 'AuthenticatorGUI.class'),'w') f.write(classbytes) f.close() sh = "cd %s && jar uf JAuth.jar JAuth/AuthenticatorGUI.class && rm JAuth/AuthenticatorGUI.class" % core.shQuote(zipdpath) core.getStdout(sh) sh = "cd %s && mv openauth.sh %s-openauth.sh && mv openauth.bat %s-openauth.bat && cd .. && zip -r %s.zip %s" % (core.shQuote(zipdpath), core.shQuote(username), core.shQuote(username), core.shQuote(zipdbasename), core.shQuote(zipdbasename)) core.getStdout(sh) f = open(os.path.join(tmpd, '%s.zip' % zipdbasename),'r') bytes = f.read() f.close() return bytes finally: try: if tmpd.startswith('/tmp'): sh = "rm -fr /tmp/%s" % core.shQuote(tmpd[len('/tmp/'):]) core.getStdout(sh) except Exception: pass
def _QRCode(data): """encode data as QR Code png image This returns the bytes; there is no file stored on disk. """ sh = 'qrencode -o - -s 6 %s' % core.shQuote(data) return core.getStdout(sh)
def makeSecretFile(username): """create the secret for the user This will overwrite the secret if it already exists (that's the behavior of google-authenticator itself). """ sdir = _makeSecretDir(username) ##old version had no command-line options, the below accomplishes a custom --secret with hack of $HOME -> $SDIR and manually changing the hard-coded filename #sh = "echo -e 'y\nn\nn\nn' | SDIR='%s' '%s/google-authenticator'" % (sdir, config2.GABIN) sh = "google-authenticator --secret=%s/s --time-based --force --disallow-reuse --window-size=5 --no-rate-limit" % core.shQuote(sdir) return core.getStdout(sh)
def makeSecretFile(username): """create the secret for the user This will overwrite the secret if it already exists (that's the behavior of google-authenticator itself). """ sdir = _makeSecretDir(username) ##old version had no command-line options, the below accomplishes a custom --secret with hack of $HOME -> $SDIR and manually changing the hard-coded filename #sh = "echo -e 'y\nn\nn\nn' | SDIR='%s' '%s/google-authenticator'" % (sdir, config2.GABIN) sh = "google-authenticator --secret=%s/s --time-based --force --disallow-reuse --window-size=5 --no-rate-limit" % core.shQuote( sdir) return core.getStdout(sh)
def getZipBytes(username): """get the bytes of the zip file with the JAuth client, customized to the user (secret is embedded)""" tmpd = tempfile.mkdtemp(dir='/tmp') try: zipdbasename = '%s-openauth' % username zipdpath = os.path.join(tmpd, zipdbasename) sh = "rsync -a %s/ %s/" % (core.shQuote( config2.ZIP_CONTENTS_DIR), core.shQuote(zipdpath)) core.getStdout(sh) f = open(os.path.join(zipdpath, 'JAuth', 'AuthenticatorGUI.class'), 'r') classbytes = f.read() f.close() classbytes = classbytes.replace(config2.SECRET_PLACEHOLDER, getSecret(username), 1) f = open(os.path.join(zipdpath, 'JAuth', 'AuthenticatorGUI.class'), 'w') f.write(classbytes) f.close() sh = "cd %s && jar uf JAuth.jar JAuth/AuthenticatorGUI.class && rm JAuth/AuthenticatorGUI.class" % core.shQuote( zipdpath) core.getStdout(sh) sh = "cd %s && mv openauth.sh %s-openauth.sh && mv openauth.bat %s-openauth.bat && cd .. && zip -r %s.zip %s" % ( core.shQuote(zipdpath), core.shQuote(username), core.shQuote(username), core.shQuote(zipdbasename), core.shQuote(zipdbasename)) core.getStdout(sh) f = open(os.path.join(tmpd, '%s.zip' % zipdbasename), 'r') bytes = f.read() f.close() return bytes finally: try: if tmpd.startswith('/tmp'): sh = "rm -fr /tmp/%s" % core.shQuote(tmpd[len('/tmp/'):]) core.getStdout(sh) except Exception: pass