def test_20_check_challenge_response(self):
db_token = Token.query.filter_by(serial=self.serial1).first()
db_token.set_pin("test")
token = TokenClass(db_token)
r = token.check_challenge_response(user=None,
passw="123454")
# check that challenge does not match
self.assertTrue(r == -1)
# create a challenge and match the transaction_id
c = Challenge(self.serial1, transaction_id="mytransaction",
challenge="Blah, what now?")
# save challenge to the database
c.save()
r = token.check_challenge_response(user=None,
passw="123454",
options={"state": "mytransaction"})
# The challenge matches, but the OTP does not match!
self.assertTrue(r == -1, r)
# test the challenge janitor
c1 = Challenge(self.serial1, transaction_id="t1", validitytime=0)
c1.save()
c2 = Challenge(self.serial1, transaction_id="t2", validitytime=0)
c2.save()
c3 = Challenge(self.serial1, transaction_id="t3", validitytime=0)
c3.save()
c4 = Challenge(self.serial1, transaction_id="t4", validitytime=0)
c4.save()
# Delete potentiall expired challenges
token.challenge_janitor()
# Check, that the challenge does not exist anymore
r = Challenge.query.filter(Challenge.transaction_id == "t1").count()
self.assertTrue(r == 0, r)
