def get_auth_items(hostname, ip=None, application=None, serial=None, challenge=None, filter_param=None): """ Return the authentication items for a given hostname and the application. The hostname is used to identify the machine object. Then all attached tokens to this machines and its applications are searched. :param hostname: :param ip: :param application: :param challenge: A challenge for the authitme :type challenge: basestring :param filter_param: Additional application specific parameter to filter the return value :type filter_param: dict :return: dictionary of lists of the application auth items **Example response**: .. sourcecode:: json { "luks": [ { "slot": "....", "partition": "....", "challenge": "....", "response": "...." } ], "ssh": [ { "username": "******", "sshkey": "...."}, { "username": "******", "sshkey": "...." } ] } """ # # TODO: We should check, if the IP Address matches the hostname # auth_items = {} machinetokens = list_machine_tokens(hostname=hostname, serial=serial, application=application) for mtoken in machinetokens: auth_item = get_auth_item(mtoken.get("application"), mtoken.get("type"), mtoken.get("serial"), challenge, options=mtoken.get("options"), filter_param=filter_param) if auth_item: if mtoken.get("application") not in auth_items: # we create a new empty list for the new application type auth_items[mtoken.get("application")] = [] # Add the options the the auth_item for k, v in mtoken.get("options", {}).iteritems(): auth_item[k] = v # append the auth_item to the list auth_items[mtoken.get("application")].append(auth_item) return auth_items
def get_token_apps(machine=None, application=None, application_module=None, serial=None, client_ip=None, challenge=None): ''' This method returns the authentication data for the requested application and token :param machine: the machine name (optional) :param application: the name of the application (optional) :param client: the IP of the client (required) :param serial: the serial number of a specific token (optional) :param challenge: a challenge parameter, that can be passed in selfTest ''' if not client_ip: log.warning("No client IP.") return {} if not IPAddress(client_ip): log.warning("No valid client IP: %r" % client_ip) return {} # if the application has allow_bulk_action set, we need to # remove the IP filer. if application_module: if is_application_allow_bulk_call(application_module): client_ip = None res = showtoken(machine_name=machine, client_ip=client_ip, application=application, serial=serial) ''' depending on the application type we do need to take some action Each application should know, what to provide... Determine this by 1. application 2. token type 3. serial number ''' machines = res.get("machines") if application: for machine in machines.values(): # add token information serial = machine.get("serial") token_type = getTokenType(serial) auth_item = get_auth_item(application, application_module, token_type, serial, challenge=challenge) machine["auth_item"] = auth_item # add options machine_options = get_options(machinetoken_id=machine.get("id")) machine["options"] = machine_options return res
def get_token_apps(machine=None, application=None, application_module=None, serial=None, client_ip=None, challenge=None): ''' This method returns the authentication data for the requested application and token :param machine: the machine name (optional) :param application: the name of the application (optional) :param client: the IP of the client (required) :param serial: the serial number of a specific token (optional) :param challenge: a challenge parameter, that can be passed in selfTest ''' if not client_ip: log.warning("No client IP.") return {} if not IPAddress(client_ip): log.warning("No valid client IP: %r" % client_ip) return {} res = showtoken(machine_name=machine, client_ip=client_ip, application=application, serial=serial) ''' depending on the application type we do need to take some action Each application should know, what to provide... Determine this by 1. application 2. token type 3. serial number ''' if application and serial: token_type = getTokenType(serial) auth_item = get_auth_item(application, application_module, token_type, serial, challenge=challenge) res["auth_item"] = auth_item return res
def test_02_get_auth_item(self): auth_item = get_auth_item("base", "hotp", "serial") self.assertEqual(auth_item, "nothing")