def _auth_push_thread(self):
info={
'Server': self.server.name,
}
platform_name = None
if self.platform == 'linux':
platform_name = 'Linux'
elif self.platform == 'mac' or self.platform == 'ios':
platform_name = 'Apple'
elif self.platform == 'win':
platform_name = 'Windows'
elif self.platform == 'chrome':
platform_name = 'Chrome OS'
if self.device_name:
info['Device'] = '%s (%s)' % (self.device_name, platform_name)
if self.push_type == DUO_AUTH:
allow, _ = sso.auth_duo(
self.user.name,
ipaddr=self.remote_ip,
type='Connection',
info=info,
)
elif self.push_type == SAML_OKTA_AUTH:
allow = sso.auth_okta_push(
self.user.name,
ipaddr=self.remote_ip,
type='Connection',
info=info,
)
else:
raise ValueError('Unkown push auth type')
if not allow:
self.user.audit_event('user_connection',
('User connection to "%s" denied. ' +
'Push authentication failed') % (
self.server.name),
remote_addr=self.remote_ip,
)
raise AuthError('User failed push authentication')
def _auth_push_thread(self):
info = {
'Server': self.server.name,
}
platform_name = None
if self.platform == 'linux':
platform_name = 'Linux'
elif self.platform == 'mac' or self.platform == 'ios':
platform_name = 'Apple'
elif self.platform == 'win':
platform_name = 'Windows'
elif self.platform == 'chrome':
platform_name = 'Chrome OS'
if self.device_name:
info['Device'] = '%s (%s)' % (self.device_name, platform_name)
if self.push_type == DUO_AUTH:
allow, _ = sso.auth_duo(
self.user.name,
ipaddr=self.remote_ip,
type='Connection',
info=info,
)
elif self.push_type == SAML_OKTA_AUTH:
allow = sso.auth_okta_push(
self.user.name,
ipaddr=self.remote_ip,
type='Connection',
info=info,
)
else:
raise ValueError('Unkown push auth type')
if not allow:
self.user.audit_event(
'user_connection',
('User connection to "%s" denied. ' +
'Push authentication failed') % (self.server.name),
remote_addr=self.remote_ip,
)
raise AuthError('User failed push authentication')
def _auth_push_thread(self):
info = {
'Server': self.server.name,
}
platform_name = None
if self.platform == 'linux':
platform_name = 'Linux'
elif self.platform == 'mac' or self.platform == 'ios':
platform_name = 'Apple'
elif self.platform == 'win':
platform_name = 'Windows'
elif self.platform == 'chrome':
platform_name = 'Chrome OS'
if self.device_name:
info['Device'] = '%s (%s)' % (self.device_name, platform_name)
if self.push_type == DUO_AUTH:
allow, _ = sso.auth_duo(
self.user.name,
ipaddr=self.remote_ip,
type='Connection',
info=info,
)
elif self.push_type == SAML_OKTA_AUTH:
allow = sso.auth_okta_push(
self.user.name,
ipaddr=self.remote_ip,
type='Connection',
info=info,
)
else:
raise ValueError('Unkown push auth type')
if not allow:
self.user.audit_event(
'user_connection',
('User connection to "%s" denied. ' +
'Push authentication failed') % (self.server.name),
remote_addr=self.remote_ip,
)
raise AuthError('User failed push authentication')
if settings.app.sso_cache:
self.sso_cache_collection.update(
{
'user_id': self.user.id,
'server_id': self.server.id,
'remote_ip': self.remote_ip,
'mac_addr': self.mac_addr,
'platform': self.platform,
'device_id': self.device_id,
'device_name': self.device_name,
}, {
'user_id': self.user.id,
'server_id': self.server.id,
'remote_ip': self.remote_ip,
'mac_addr': self.mac_addr,
'platform': self.platform,
'device_id': self.device_id,
'device_name': self.device_name,
'timestamp': utils.now(),
},
upsert=True)
def _auth_push_thread(self):
info={
'Server': self.server.name,
}
platform_name = None
if self.platform == 'linux':
platform_name = 'Linux'
elif self.platform == 'mac' or self.platform == 'ios':
platform_name = 'Apple'
elif self.platform == 'win':
platform_name = 'Windows'
elif self.platform == 'chrome':
platform_name = 'Chrome OS'
if self.device_name:
info['Device'] = '%s (%s)' % (self.device_name, platform_name)
if self.push_type == DUO_AUTH:
allow, _ = sso.auth_duo(
self.user.name,
ipaddr=self.remote_ip,
type='Connection',
info=info,
)
elif self.push_type == SAML_OKTA_AUTH:
allow = sso.auth_okta_push(
self.user.name,
ipaddr=self.remote_ip,
type='Connection',
info=info,
)
else:
raise ValueError('Unkown push auth type')
if not allow:
self.user.audit_event('user_connection',
('User connection to "%s" denied. ' +
'Push authentication failed') % (
self.server.name),
remote_addr=self.remote_ip,
)
raise AuthError('User failed push authentication')
if settings.app.sso_cache:
self.sso_cache_collection.update({
'user_id': self.user.id,
'server_id': self.server.id,
'remote_ip': self.remote_ip,
'mac_addr': self.mac_addr,
'platform': self.platform,
'device_id': self.device_id,
'device_name': self.device_name,
}, {
'user_id': self.user.id,
'server_id': self.server.id,
'remote_ip': self.remote_ip,
'mac_addr': self.mac_addr,
'platform': self.platform,
'device_id': self.device_id,
'device_name': self.device_name,
'timestamp': utils.now(),
}, upsert=True)
