def offlinerefill(): """ This endpoint allows to fetch new offline OTP values for a token, that is already offline. According to the definition it will send the missing OTP values, so that the client will have as much otp values as defined. :param serial: The serial number of the token, that should be refilled. :param refilltoken: The authorization token, that allows refilling. :param pass: the last password (maybe password+OTP) entered by the user :return: """ serial = getParam(request.all_data, "serial", required) refilltoken = getParam(request.all_data, "refilltoken", required) password = getParam(request.all_data, "pass", required) tokenobj_list = get_tokens(serial=serial) if len(tokenobj_list) != 1: raise ParameterError("The token does not exist") else: tokenobj = tokenobj_list[0] tokenattachments = list_machine_tokens(serial=serial, application="offline") if tokenattachments: # TODO: Currently we do not distinguish, if a token had more than one offline attachment # We need the options to pass the count and the rounds for the next offline OTP values, # which could have changed in the meantime. options = tokenattachments[0].get("options") # check refill token: if tokenobj.get_tokeninfo("refilltoken") == refilltoken: # refill otps = MachineApplication.get_refill(tokenobj, password, options) refilltoken = MachineApplication.generate_new_refilltoken( tokenobj) response = send_result(True) content = response.json content["auth_items"] = { "offline": [{ "refilltoken": refilltoken, "response": otps }] } response.set_data(json.dumps(content)) return response raise ParameterError( "Token is not an offline token or refill token is incorrect")
def offlinerefill(): """ This endpoint allows to fetch new offline OTP values for a token, that is already offline. According to the definition it will send the missing OTP values, so that the client will have as much otp values as defined. :param serial: The serial number of the token, that should be refilled. :param refilltoken: The authorization token, that allows refilling. :param pass: the last password (maybe password+OTP) entered by the user :return: """ result = False otps = {} serial = getParam(request.all_data, "serial", required) refilltoken = getParam(request.all_data, "refilltoken", required) password = getParam(request.all_data, "pass", required) tokenobj_list = get_tokens(serial=serial) if len(tokenobj_list) != 1: raise ParameterError("The token does not exist") else: tokenobj = tokenobj_list[0] machine_defs = list_token_machines(serial) # check if is still an offline token: for mdef in machine_defs: if mdef.get("application") == "offline": # check refill token: if tokenobj.get_tokeninfo("refilltoken") == refilltoken: # refill otps = MachineApplication.get_refill( tokenobj, password, mdef.get("options")) refilltoken = MachineApplication.generate_new_refilltoken( tokenobj) response = send_result(True) content = json.loads(response.data) content["auth_items"] = { "offline": [{ "refilltoken": refilltoken, "response": otps }] } response.data = json.dumps(content) return response raise ParameterError( "Token is not an offline token or refill token is incorrect")
def offlinerefill(): """ This endpoint allows to fetch new offline OTP values for a token, that is already offline. According to the definition it will send the missing OTP values, so that the client will have as much otp values as defined. :param serial: The serial number of the token, that should be refilled. :param refilltoken: The authorization token, that allows refilling. :param pass: the last password (maybe password+OTP) entered by the user :return: """ result = False otps = {} serial = getParam(request.all_data, "serial", required) refilltoken = getParam(request.all_data, "refilltoken", required) password = getParam(request.all_data, "pass", required) tokenobj_list = get_tokens(serial=serial) if len(tokenobj_list) != 1: raise ParameterError("The token does not exist") else: tokenobj = tokenobj_list[0] machine_defs = list_token_machines(serial) # check if is still an offline token: for mdef in machine_defs: if mdef.get("application") == "offline": # check refill token: if tokenobj.get_tokeninfo("refilltoken") == refilltoken: # refill otps = MachineApplication.get_refill(tokenobj, password, mdef.get("options")) refilltoken = MachineApplication.generate_new_refilltoken(tokenobj) response = send_result(True) content = json.loads(response.data) content["auth_items"] = {"offline": [{"refilltoken": refilltoken, "response": otps}]} response.data = json.dumps(content) return response raise ParameterError("Token is not an offline token or refill token is incorrect")