def getResolvers(self, defaultValue={}, **extraParams):
''' get all resolvers and delete them '''
res = self.invokeLinotp('system',
'getResolvers',
expectedValue=None,
**extraParams)
return JsonUtils.getJson(res, ['result', 'value'], defaultValue)
def getConfiguration(self, key=None, defaultValue=None,
**extraParams):
res = self.invokeLinotp('system', 'getConfig',
expectedValue={}, # dictionary expected.
**extraParams)
if not key is None:
path = [] #['result', 'value']
if isinstance(key, list):
path.extend(key)
else:
path.append(key)
return JsonUtils.getJson(res, path, defaultValue)
inf = JsonUtils.getJson(res, ['result', 'value'])
if defaultValue is None:
return inf
return TestAdvancedController.appendDict(defaultValue, inf)
def getConfiguration(self, key=None, defaultValue=None, **extraParams):
res = self.invokeLinotp(
'system',
'getConfig',
expectedValue={}, # dictionary expected.
**extraParams)
if not key is None:
path = [] #['result', 'value']
if isinstance(key, list):
path.extend(key)
else:
path.append(key)
return JsonUtils.getJson(res, path, defaultValue)
inf = JsonUtils.getJson(res, ['result', 'value'])
if defaultValue is None:
return inf
return TestAdvancedController.appendDict(defaultValue, inf)
def getRealmUsers(self,
realm,
username=None,
defaultValue={},
**extraParams):
res = self.invokeLinotp('admin',
'userlist',
realm=realm,
username=username or '*',
**extraParams)
return JsonUtils.getJson(res, ['result', 'value'], defaultValue)
def test_userprincipal(self):
"""
Verify LinOTP for UserPrincipal (user@domain) authentication
the test will create a static-password token, and
will try to verify the user in different situations.
2015.07.10: due to lack of information about what is
the purpose of this test, only one case
is implemented (with user@domain + realm
specified)
"""
user = "******"
pin = "1234"
realm = 'myDefRealm'
# Initialize authorization (we need authorization in
# token creation/deletion)...
self.setAuthorization(self.getDefaultAuthorization())
# Create test token...
res = self.createToken(user=user,
realm=realm,
serial="F722362",
pin=pin,
otpkey="AD8EABE235FC57C815B26CEF37090755",
type='spass')
serial = JsonUtils.getJson(res, ['detail', 'serial'])
# although not needed, we assign token...
self.assignToken(serial=serial, user=user, realm=realm)
self.enableToken(serial=serial)
# Revoke authorization...
self.setAuthorization(None)
# test user-principal authentication
self.validateCheck(user=user, password=pin, realm=realm)
# Reactivate authentication
self.setAuthorization(self.getDefaultAuthorization())
self.removeTokenBySerial(serial)
def test_userprincipal(self):
"""
Verify LinOTP for UserPrincipal (user@domain) authentication
the test will create a static-password token, and
will try to verify the user in different situations.
"""
user = "******"
pin = "1234"
realm = 'myDefRealm'
# Initialize authorization (we need authorization in
# token creation/deletion)...
self.setAuthorization(self.getDefaultAuthorization())
# Create test token...
res = self.createToken(user=user,
realm=realm,
serial="F722362",
pin=pin,
otpkey="AD8EABE235FC57C815B26CEF37090755",
type='spass')
serial = JsonUtils.getJson(res, ['serial'])
# although not needed, we assign token...
self.assignToken(serial=serial, user=user, realm=realm)
self.enableToken(serial=serial)
# Revoke authorization...
self.setAuthorization(None)
# test user-principal authentication
self.validateCheck(user=user, password=pin, realm=realm)
# Reactivate authentication
self.setAuthorization(self.getDefaultAuthorization())
self.removeTokenBySerial(serial)
def deleteAllTokens(self):
''' get all tokens and delete them '''
vals = self.getTokens()
data = JsonUtils.getJson(vals, ['data'])
for token in data:
self.removeTokenBySerial(serial=token['LinOtp.TokenSerialnumber'])
def invokeLinotp(self, linotpController, linotpAction,
expectedValue=None, valueErrorMessage=None, passResponse=False,
headers=None, **params):
# Append dictionaries and convert all unicode names or values
# to predefined encoded string (in praxis utf-8).
def encodeDict(encoding, *anotherDict):
retDict = {}
for temp in anotherDict:
if not temp is None:
for key in temp.keys():
value = temp[key]
if isinstance(key, unicode):
key = key.encode(encoding)
if isinstance(value, unicode):
value = value.encode(encoding)
elif not isinstance(value, basestring):
value = str(value)
retDict[key] = value
return retDict;
# By default we perform only get requests
postMethod = False
if 'method' in params:
# Allow only get and post methods!
self.assertTrue(params['method'].lower() in ['get', 'post'],
"Invalid or unsupported Web method: " + params['method'])
postMethod = params['method'] == 'post'
# Process params and headers...
# We do not allow transport of Unicode strings. If Unicode string
# is provided, we convert the unicode value to utf-8 string!
req_params = encodeDict('utf-8', self.GlobalParams.get(), params)
req_headers = encodeDict('utf-8', self.Headers.get(), headers)
# Perform the web-request...
if postMethod:
rsp = self.app.post(
url(controller=linotpController, action=linotpAction),
params=req_params, headers=req_headers)
else:
rsp = self.app.get(
url(controller=linotpController, action=linotpAction),
params=req_params, headers=req_headers)
# The web-request must not fail!
self.assertEqual(rsp.status_int, 200, rsp.status)
# The result is always json!
res = JsonUtils.getBody(rsp) # rsp.json_body
# result Status must be always True!
self.assertTrue(JsonUtils.getJson(res, ['result', 'status']) == True,
("Failed LinOTP %s.%s invocation (result: %s)"
% (linotpController, linotpAction, str(rsp))))
value = JsonUtils.getJson(res, ['result', 'value'])
if value is None:
self.fail(
("The LinOTP %s.%s invocation returned no value (result: %s)"
% (linotpController, linotpAction, str(rsp))))
elif not expectedValue is None:
# If an explicit value is expected, then we compare the value
if not JsonUtils.checkJsonValues(value, expectedValue, params):
# Ups, the invocation failed!
if valueErrorMessage is None or len(valueErrorMessage) == 0:
valueErrorMessage = ('Unexpected LinOTP %s.%s invocation'
' value: %s (expected was: %s)'
% (linotpController, linotpAction, str(value),
str(expectedValue)))
self.fail(valueErrorMessage)
else:
if passResponse is None or \
isinstance(passResponse, bool):
if passResponse:
return res
else:
# If no value is expected and the full response is not needed,
# then return only the value!
return value
else:
# return both value and passResponse lookup value..
return (value, JsonUtils.getJson(res, passResponse))
if passResponse is None or \
isinstance(passResponse, bool):
if passResponse:
# return full response
return res
else:
pass # return nothing
else:
# value is Ok, then return only the passResponse lookup value...
return JsonUtils.getJson(res, passResponse)
def deleteAllTokens(self):
''' get all tokens and delete them '''
vals = self.getTokens()
data = JsonUtils.getJson(vals, ['data'])
for token in data:
self.removeTokenBySerial(serial=token['LinOtp.TokenSerialnumber'])
def invokeLinotp(self,
linotpController,
linotpAction,
expectedValue=None,
valueErrorMessage=None,
passResponse=False,
headers=None,
**params):
# Append dictionaries and convert all unicode names or values
# to predefined encoded string (in praxis utf-8).
def encodeDict(encoding, *anotherDict):
retDict = {}
for temp in anotherDict:
if not temp is None:
for key in temp.keys():
value = temp[key]
if isinstance(key, unicode):
key = key.encode(encoding)
if isinstance(value, unicode):
value = value.encode(encoding)
elif not isinstance(value, basestring):
value = str(value)
retDict[key] = value
return retDict
# By default we perform only get requests
postMethod = False
if 'method' in params:
# Allow only get and post methods!
self.assertTrue(
params['method'].lower() in ['get', 'post'],
"Invalid or unsupported Web method: " + params['method'])
postMethod = params['method'] == 'post'
# Process params and headers...
# We do not allow transport of Unicode strings. If Unicode string
# is provided, we convert the unicode value to utf-8 string!
req_params = encodeDict('utf-8', self.GlobalParams.get(), params)
req_headers = encodeDict('utf-8', self.Headers.get(), headers)
# Perform the web-request...
if postMethod:
rsp = self.app.post(url(controller=linotpController,
action=linotpAction),
params=req_params,
headers=req_headers)
else:
rsp = self.app.get(url(controller=linotpController,
action=linotpAction),
params=req_params,
headers=req_headers)
# The web-request must not fail!
self.assertEqual(rsp.status_int, 200, rsp.status)
# The result is always json!
res = JsonUtils.getBody(rsp) # rsp.json_body
# result Status must be always True!
self.assertTrue(
JsonUtils.getJson(res, ['result', 'status']) is True,
("Failed LinOTP %s.%s invocation (result: %s)" %
(linotpController, linotpAction, str(rsp))))
value = JsonUtils.getJson(res, ['result', 'value'])
if value is None:
self.fail(
("The LinOTP %s.%s invocation returned no value (result: %s)" %
(linotpController, linotpAction, str(rsp))))
elif not expectedValue is None:
# If an explicit value is expected, then we compare the value
if not JsonUtils.checkJsonValues(value, expectedValue, params):
# Ups, the invocation failed!
if valueErrorMessage is None or len(valueErrorMessage) == 0:
valueErrorMessage = ('Unexpected LinOTP %s.%s invocation'
' value: %s (expected was: %s)' %
(linotpController, linotpAction,
str(value), str(expectedValue)))
self.fail(valueErrorMessage)
else:
if passResponse is None or \
isinstance(passResponse, bool):
if passResponse:
return res
else:
# If no value is expected and the full response is not needed,
# then return only the value!
return value
else:
# return both value and passResponse lookup value..
return (value, JsonUtils.getJson(res, passResponse))
if passResponse is None or \
isinstance(passResponse, bool):
if passResponse:
# return full response
return res
else:
pass # return nothing
else:
# value is Ok, then return only the passResponse lookup value...
return JsonUtils.getJson(res, passResponse)
def getTokens(self, defaultValue={}, **extraParams):
res = self.invokeLinotp('admin',
'show',
expectedValue=None,
**extraParams)
return JsonUtils.getJson(res, ['result', 'value'], defaultValue)
def getPolicies(self, defaultValue={}, **extraParams):
res = self.invokeLinotp('system',
'getPolicy',
expectedValue=None,
**extraParams)
return JsonUtils.getJson(res, ['result', 'value'], defaultValue)
def getTokens(self, defaultValue={}, **extraParams):
res = self.invokeLinotp('admin', 'show',
expectedValue=None,
**extraParams)
return JsonUtils.getJson(res, ['result', 'value'], defaultValue)
def getPolicies(self, defaultValue={}, **extraParams):
res = self.invokeLinotp('system', 'getPolicy',
expectedValue=None,
**extraParams)
return JsonUtils.getJson(res, ['result', 'value'], defaultValue)
def getRealmUsers(self, realm, username=None, defaultValue={},
**extraParams):
res = self.invokeLinotp('admin', 'userlist',
realm=realm, username=username or '*',
**extraParams)
return JsonUtils.getJson(res, ['result', 'value'], defaultValue)
def getResolvers(self, defaultValue={}, **extraParams):
''' get all resolvers and delete them '''
res = self.invokeLinotp('system', 'getResolvers',
expectedValue=None,
**extraParams)
return JsonUtils.getJson(res, ['result', 'value'], defaultValue)