def test_02_import_yubikey(self): tokens = parseYubicoCSV(YUBIKEY_CSV) self.assertTrue(len(tokens) == 7, len(tokens)) self.assertTrue("UBAM00508326_1" in tokens, tokens) tokens, _ = parsePSKCdata(YUBIKEY_PSKC_TOTP) self.assertTrue(len(tokens) == 1, len(tokens)) self.assertTrue("UBAM10944003_2" in tokens, tokens) self.assertEqual(tokens["UBAM10944003_2"]["type"], "yubikey") tokens, _ = parsePSKCdata(YUBIKEY_PSKC_HOTP) self.assertTrue(len(tokens) == 1, len(tokens)) self.assertTrue("UBOM10944003_1" in tokens, tokens) self.assertEqual(tokens["UBOM10944003_1"]["type"], "hotp")
def test_06_export_pskc(self): # create three tokens t1 = init_token({"serial": "t1", "type": "hotp", "otpkey": "123456", "description": u"söme ünicøde"}) t2 = init_token({"serial": "t2", "type": "totp", "otpkey": "123456", "description": "something <with> xml!"}) t3 = init_token({"serial": "t3", "type": "spass", "otpkey": "123456"}) tlist = [t1, t2, t3] # export the tokens psk, token_num, soup = export_pskc(tlist) # Only 2 tokens exported, the spass token does not get exported! self.assertEqual(token_num, 2) self.assertEqual(len(psk), 32) export = "{0!s}".format(soup) # remote the tokens remove_token("t1") remove_token("t2") remove_token("t3") # import the tokens again tokens = parsePSKCdata(export, preshared_key_hex=psk) self.assertEqual(len(tokens), 2) self.assertEqual(tokens.get("t1").get("type"), "hotp") self.assertEqual(tokens.get("t1").get("otpkey"), "123456") # unicode does not get exported self.assertEqual(tokens.get("t1").get("description"), "deleted during export") self.assertEqual(tokens.get("t2").get("type"), "totp") self.assertEqual(tokens.get("t2").get("timeStep"), "30") self.assertEqual(tokens.get("t2").get("description"), "something <with> xml!")
def test_06_export_pskc(self): # create three tokens t1 = init_token({"serial": "t1", "type": "hotp", "otpkey": "123456", "description": u"söme ünicøde"}) t2 = init_token({"serial": "t2", "type": "totp", "otpkey": "123456", "description": "something <with> xml!"}) t3 = init_token({"serial": "t3", "type": "spass", "otpkey": "123456"}) t4 = init_token({"serial": "t4", "type": "pw", "otpkey": "lässig", "description": "password token"}) tlist = [t1, t2, t3, t4] # export the tokens psk, token_num, soup = export_pskc(tlist) # Only 3 tokens exported, the spass token does not get exported! self.assertEqual(token_num, 3) self.assertEqual(len(psk), 32) export = "{0!s}".format(soup) # remote the tokens remove_token("t1") remove_token("t2") remove_token("t3") remove_token("t4") # import the tokens again tokens, _ = parsePSKCdata(export, preshared_key_hex=psk) self.assertEqual(len(tokens), 3) self.assertEqual(tokens.get("t1").get("type"), "hotp") self.assertEqual(tokens.get("t1").get("otpkey"), "123456") # unicode gets replaced self.assertEqual(tokens.get("t1").get("description"), "s?me ?nic?de") self.assertEqual(tokens.get("t2").get("type"), "totp") self.assertEqual(tokens.get("t2").get("timeStep"), "30") self.assertEqual(tokens.get("t2").get("description"), "something <with> xml!") # password token self.assertEqual(tokens.get("t4").get("otpkey"), u"lässig")
def test_04_import_pskc_aes(self): encryption_key_hex = "12345678901234567890123456789012" tokens = parsePSKCdata(XML_PSKC_AES, preshared_key_hex=encryption_key_hex) self.assertEqual(len(tokens), 1) self.assertEqual(tokens["987654321"].get("type"), "hotp") self.assertEqual(tokens["987654321"].get("otplen"), "8") self.assertEqual(tokens["987654321"].get("otpkey"), "3132333435363738393031323334353637383930") self.assertEqual(tokens["987654321"].get("description"), "Manufacturer")
def test_05_import_pskc_password(self): password = "******" self.assertRaises(ImportException, parsePSKCdata, XML_PSKC_PASSWORD_PREFIX) tokens = parsePSKCdata(XML_PSKC_PASSWORD_PREFIX, password=password) self.assertEqual(len(tokens), 1) self.assertEqual(tokens["987654321"].get("type"), "hotp") self.assertEqual(tokens["987654321"].get("otplen"), "8") self.assertEqual(tokens["987654321"].get("otpkey"), binascii.hexlify("12345678901234567890")) self.assertEqual(tokens["987654321"].get("description"), "TokenVendorAcme")
def test_04_import_pskc_aes(self): # Test default and all tokens are valid encryption_key_hex = "12345678901234567890123456789012" tokens, not_imported = parsePSKCdata(XML_PSKC_AES, preshared_key_hex=encryption_key_hex) self.assertEqual(len(tokens), 1) self.assertEqual(len(not_imported), 0) self.assertEqual(tokens["987654321"].get("type"), "hotp") self.assertEqual(tokens["987654321"].get("otplen"), "8") self.assertEqual(tokens["987654321"].get("otpkey"), "3132333435363738393031323334353637383930") self.assertEqual(tokens["987654321"].get("description"), "Manufacturer") # Test 'check_fail_hard' no token parsed xml_wrong_mac = XML_PSKC_AES.replace("Su+NvtQfmvfJzF6bmQiJqoLRExc=", "Su+NvtQfmvfJzF6XYZiJqoLRExc=") tokens, not_imported = parsePSKCdata(xml_wrong_mac, preshared_key_hex=encryption_key_hex) self.assertEqual(len(tokens), 0) self.assertEqual(len(not_imported), 1) # Test 'no_check' all tokens parsed and no exception xml_wrong_mac = XML_PSKC_AES.replace("Su+NvtQfmvfJzF6bmQiJqoLRExc=", "Su+NvtQfmvfJzF6XYZiJqoLRExc=") tokens, not_imported = parsePSKCdata(xml_wrong_mac, preshared_key_hex=encryption_key_hex, validate_mac='no_check') self.assertEqual(len(tokens), 1) self.assertEqual(len(not_imported), 0) self.assertEqual(tokens["987654321"].get("type"), "hotp") self.assertEqual(tokens["987654321"].get("otplen"), "8") self.assertEqual(tokens["987654321"].get("otpkey"), "3132333435363738393031323334353637383930") self.assertEqual(tokens["987654321"].get("description"), "Manufacturer") # Test 'check_fail_soft' no token parsed and no exception xml_wrong_mac = XML_PSKC_AES.replace("Su+NvtQfmvfJzF6bmQiJqoLRExc=", "Su+NvtQfmvfJzF6XYZiJqoLRExc=") tokens, not_imported = parsePSKCdata(xml_wrong_mac, preshared_key_hex=encryption_key_hex, validate_mac='check_fail_soft') self.assertEqual(len(tokens), 0) self.assertEqual(len(not_imported), 1)
def test_03_import_pskc(self): tokens = parsePSKCdata(XML_PSKC) self.assertEqual(len(tokens), 7) self.assertEqual(tokens["1000133508267"].get("type"), "hotp") self.assertEqual(tokens["2600135004013"].get("type"), "totp") # Check the TOTP counter... self.assertEqual(tokens["2600135004013"].get("counter"), "121212") self.assertEqual(tokens["2600135004013"].get("timeShift"), "-122") self.assertEqual(tokens["2600135004013"].get("timeStep"), "60") # check the PW token self.assertEqual(tokens["PW001"].get("type"), "pw") self.assertEqual(tokens["PW001"].get("otplen"), "12") # The secret (password) of the pw token is "123456789012" self.assertEqual(tokens["PW001"].get("otpkey"), hexlify_and_unicode("123456789012"))
def test_03_import_pskc(self): tokens = parsePSKCdata(XML_PSKC) self.assertEqual(len(tokens), 7) self.assertEqual(tokens["1000133508267"].get("type"), "hotp") self.assertEqual(tokens["2600135004013"].get("type"), "totp") # Check the TOTP counter... self.assertEqual(tokens["2600135004013"].get("counter"), "121212") self.assertEqual(tokens["2600135004013"].get("timeShift"), "-122") self.assertEqual(tokens["2600135004013"].get("timeStep"), "60") # check the PW token self.assertEqual(tokens["PW001"].get("type"), "pw") self.assertEqual(tokens["PW001"].get("otplen"), "12") # The secret (password) of the pw token is "123456789012" self.assertEqual(tokens["PW001"].get("otpkey"), binascii.hexlify("123456789012"))
def test_05_import_pskc_password(self): password = "******" self.assertRaises(ImportException, parsePSKCdata, XML_PSKC_PASSWORD_PREFIX) tokens = parsePSKCdata(XML_PSKC_PASSWORD_PREFIX, password=password) self.assertEqual(len(tokens), 1) self.assertEqual(tokens["987654321"].get("type"), "hotp") self.assertEqual(tokens["987654321"].get("otplen"), "8") self.assertEqual(tokens["987654321"].get("otpkey"), hexlify_and_unicode("12345678901234567890")) self.assertEqual(tokens["987654321"].get("description"), "TokenVendorAcme")
def test_06_export_pskc(self): # create three tokens t1 = init_token({"serial": "t1", "type": "hotp", "otpkey": "123456"}) t2 = init_token({"serial": "t2", "type": "totp", "otpkey": "123456"}) t3 = init_token({"serial": "t3", "type": "spass", "otpkey": "123456"}) tlist = [t1, t2, t3] # export the tokens psk, soup = export_pskc(tlist) self.assertEqual(len(psk), 32) export = "{0!s}".format(soup) # remote the tokens remove_token("t1") remove_token("t2") remove_token("t3") # import the tokens again tokens = parsePSKCdata(export, preshared_key_hex=psk) self.assertEqual(len(tokens), 2) self.assertEqual(tokens.get("t1").get("type"), "hotp") self.assertEqual(tokens.get("t1").get("otpkey"), "123456") self.assertEqual(tokens.get("t2").get("type"), "totp") self.assertEqual(tokens.get("t2").get("timeStep"), "30")
def loadtokens_api(filename=None): """ The call imports the given file containing token definitions. The file can be an OATH CSV file, an aladdin XML file or a Yubikey CSV file exported from the yubikey initialization tool. The function is called as a POST request with the file upload. :param filename: The name of the token file, that is imported :type filename: basestring :param type: The file type. Can be "aladdin-xml", "oathcsv" or "yubikeycsv". :type type: basestring :return: The number of the imported tokens :rtype: int """ if not filename: filename = getParam(request.all_data, "filename", required) known_types = ['aladdin-xml', 'oathcsv', "OATH CSV", 'yubikeycsv', 'Yubikey CSV', 'pskc'] file_type = getParam(request.all_data, "type", required) hashlib = getParam(request.all_data, "aladdin_hashlib") TOKENS = {} token_file = request.files['file'] file_contents = "" # In case of form post requests, it is a "instance" of FieldStorage # i.e. the Filename is selected in the browser and the data is # transferred # in an iframe. see: http://jquery.malsup.com/form/#sample4 # if type(token_file) == FieldStorage: # pragma: no cover log.debug("Field storage file: %s", token_file) file_contents = token_file.value elif type(token_file) == FileStorage: log.debug("Werkzeug File storage file: %s", token_file) file_contents = token_file.read() else: # pragma: no cover file_contents = token_file if file_contents == "": log.error("Error loading/importing token file. file %s empty!" % filename) raise ParameterError("Error loading token file. File empty!") if file_type not in known_types: log.error("Unknown file type: >>%s<<. We only know the types: %s" % (file_type, ', '.join(known_types))) raise TokenAdminError("Unknown file type: >>%s<<. We only know the " "types: %s" % (file_type, ', '.join(known_types))) # Parse the tokens from file and get dictionary if file_type == "aladdin-xml": TOKENS = parseSafeNetXML(file_contents) elif file_type in ["oathcsv", "OATH CSV"]: TOKENS = parseOATHcsv(file_contents) elif file_type in ["yubikeycsv", "Yubikey CSV"]: TOKENS = parseYubicoCSV(file_contents) elif file_type in ["pskc"]: # At the moment we only process unencrypted data # TODO: We need to also parse encryption! TOKENS = parsePSKCdata(file_contents) # Now import the Tokens from the dictionary ret = "" for serial in TOKENS: log.debug("importing token %s" % TOKENS[serial]) # TODO: Migration # this needs to return the valid realms of the admin. # it also checks the license token number # res = self.Policy.checkPolicyPre('admin', 'import', {}) # we put the token in the FIRST realm of the admin. # so tokenrealm will either be ONE realm or NONE # log.info("setting tokenrealm %s" % res['realms']) tokenrealms = [] #if res['realms']: # tokenrealm = res.get('realms')[0] log.info("initialize token. serial: %s, realm: %s" % (serial, tokenrealms)) init_param = {'serial': serial, 'type': TOKENS[serial]['type'], 'description': TOKENS[serial].get("description", "imported"), 'otpkey': TOKENS[serial]['otpkey'], 'otplen': TOKENS[serial].get('otplen'), 'timeStep': TOKENS[serial].get('timeStep'), 'hashlib': TOKENS[serial].get('hashlib')} if hashlib and hashlib != "auto": init_param['hashlib'] = hashlib #if tokenrealm: # self.Policy.checkPolicyPre('admin', 'loadtokens', # {'tokenrealm': tokenrealm }) init_token(init_param, tokenrealms=tokenrealms) g.audit_object.log({'info': "%s, %s (imported: %i)" % (file_type, token_file, len(TOKENS)), 'serial': ', '.join(TOKENS.keys())}) # logTokenNum() return send_result(len(TOKENS))
def loadtokens_api(filename=None): """ The call imports the given file containing token definitions. The file can be an OATH CSV file, an aladdin XML file or a Yubikey CSV file exported from the yubikey initialization tool. The function is called as a POST request with the file upload. :jsonparam filename: The name of the token file, that is imported :jsonparam type: The file type. Can be "aladdin-xml", "oathcsv" or "yubikeycsv". :jsonparam tokenrealms: comma separated list of tokens. :jsonparam psk: Pre Shared Key, when importing PSKC :return: The number of the imported tokens :rtype: int """ if not filename: filename = getParam(request.all_data, "filename", required) known_types = [ 'aladdin-xml', 'oathcsv', "OATH CSV", 'yubikeycsv', 'Yubikey CSV', 'pskc' ] file_type = getParam(request.all_data, "type", required) hashlib = getParam(request.all_data, "aladdin_hashlib") aes_psk = getParam(request.all_data, "psk") aes_password = getParam(request.all_data, "password") if aes_psk and len(aes_psk) != 32: raise TokenAdminError("The Pre Shared Key must be 128 Bit hex " "encoded. It must be 32 characters long!") trealms = getParam(request.all_data, "tokenrealms") or "" tokenrealms = [] if trealms: tokenrealms = trealms.split(",") TOKENS = {} token_file = request.files['file'] file_contents = "" # In case of form post requests, it is a "instance" of FieldStorage # i.e. the Filename is selected in the browser and the data is # transferred # in an iframe. see: http://jquery.malsup.com/form/#sample4 # if type(token_file) == FieldStorage: # pragma: no cover log.debug("Field storage file: %s", token_file) file_contents = token_file.value elif type(token_file) == FileStorage: log.debug("Werkzeug File storage file: %s", token_file) file_contents = token_file.read() else: # pragma: no cover file_contents = token_file if file_contents == "": log.error( "Error loading/importing token file. file {0!s} empty!".format( filename)) raise ParameterError("Error loading token file. File empty!") if file_type not in known_types: log.error( "Unknown file type: >>{0!s}<<. We only know the types: {1!s}". format(file_type, ', '.join(known_types))) raise TokenAdminError("Unknown file type: >>%s<<. We only know the " "types: %s" % (file_type, ', '.join(known_types))) # Decrypt file, if necessary if file_contents.startswith("-----BEGIN PGP MESSAGE-----"): GPG = GPGImport(current_app.config) file_contents = GPG.decrypt(file_contents) # Parse the tokens from file and get dictionary if file_type == "aladdin-xml": TOKENS = parseSafeNetXML(file_contents) elif file_type in ["oathcsv", "OATH CSV"]: TOKENS = parseOATHcsv(file_contents) elif file_type in ["yubikeycsv", "Yubikey CSV"]: TOKENS = parseYubicoCSV(file_contents) elif file_type in ["pskc"]: TOKENS = parsePSKCdata(file_contents, preshared_key_hex=aes_psk, password=aes_password) # Now import the Tokens from the dictionary ret = "" for serial in TOKENS: log.debug("importing token {0!s}".format(TOKENS[serial])) log.info("initialize token. serial: {0!s}, realm: {1!s}".format( serial, tokenrealms)) init_param = { 'serial': serial, 'type': TOKENS[serial]['type'], 'description': TOKENS[serial].get("description", "imported"), 'otpkey': TOKENS[serial]['otpkey'], 'otplen': TOKENS[serial].get('otplen'), 'timeStep': TOKENS[serial].get('timeStep'), 'hashlib': TOKENS[serial].get('hashlib') } if hashlib and hashlib != "auto": init_param['hashlib'] = hashlib #if tokenrealm: # self.Policy.checkPolicyPre('admin', 'loadtokens', # {'tokenrealm': tokenrealm }) init_token(init_param, tokenrealms=tokenrealms) g.audit_object.log({ 'info': "{0!s}, {1!s} (imported: {2:d})".format(file_type, token_file, len(TOKENS)), 'serial': ', '.join(TOKENS.keys()) }) # logTokenNum() return send_result(len(TOKENS))
def loadtokens_api(filename=None): """ The call imports the given file containing token definitions. The file can be an OATH CSV file, an aladdin XML file or a Yubikey CSV file exported from the yubikey initialization tool. The function is called as a POST request with the file upload. :jsonparam basestring filename: The name of the token file, that is imported :jsonparam basestring type: The file type. Can be "aladdin-xml", "oathcsv" or "yubikeycsv". :jsonparam basestring tokenrealms: comma separated list of tokens. :return: The number of the imported tokens :rtype: int """ if not filename: filename = getParam(request.all_data, "filename", required) known_types = ["aladdin-xml", "oathcsv", "OATH CSV", "yubikeycsv", "Yubikey CSV", "pskc"] file_type = getParam(request.all_data, "type", required) hashlib = getParam(request.all_data, "aladdin_hashlib") trealms = getParam(request.all_data, "tokenrealms") or "" tokenrealms = [] if trealms: tokenrealms = trealms.split(",") TOKENS = {} token_file = request.files["file"] file_contents = "" # In case of form post requests, it is a "instance" of FieldStorage # i.e. the Filename is selected in the browser and the data is # transferred # in an iframe. see: http://jquery.malsup.com/form/#sample4 # if type(token_file) == FieldStorage: # pragma: no cover log.debug("Field storage file: %s", token_file) file_contents = token_file.value elif type(token_file) == FileStorage: log.debug("Werkzeug File storage file: %s", token_file) file_contents = token_file.read() else: # pragma: no cover file_contents = token_file if file_contents == "": log.error("Error loading/importing token file. file %s empty!" % filename) raise ParameterError("Error loading token file. File empty!") if file_type not in known_types: log.error("Unknown file type: >>%s<<. We only know the types: %s" % (file_type, ", ".join(known_types))) raise TokenAdminError( "Unknown file type: >>%s<<. We only know the " "types: %s" % (file_type, ", ".join(known_types)) ) # Parse the tokens from file and get dictionary if file_type == "aladdin-xml": TOKENS = parseSafeNetXML(file_contents) elif file_type in ["oathcsv", "OATH CSV"]: TOKENS = parseOATHcsv(file_contents) elif file_type in ["yubikeycsv", "Yubikey CSV"]: TOKENS = parseYubicoCSV(file_contents) elif file_type in ["pskc"]: # At the moment we only process unencrypted data # TODO: We need to also parse encryption! TOKENS = parsePSKCdata(file_contents) # Now import the Tokens from the dictionary ret = "" for serial in TOKENS: log.debug("importing token %s" % TOKENS[serial]) log.info("initialize token. serial: %s, realm: %s" % (serial, tokenrealms)) init_param = { "serial": serial, "type": TOKENS[serial]["type"], "description": TOKENS[serial].get("description", "imported"), "otpkey": TOKENS[serial]["otpkey"], "otplen": TOKENS[serial].get("otplen"), "timeStep": TOKENS[serial].get("timeStep"), "hashlib": TOKENS[serial].get("hashlib"), } if hashlib and hashlib != "auto": init_param["hashlib"] = hashlib # if tokenrealm: # self.Policy.checkPolicyPre('admin', 'loadtokens', # {'tokenrealm': tokenrealm }) init_token(init_param, tokenrealms=tokenrealms) g.audit_object.log( {"info": "%s, %s (imported: %i)" % (file_type, token_file, len(TOKENS)), "serial": ", ".join(TOKENS.keys())} ) # logTokenNum() return send_result(len(TOKENS))
def test_03_import_pskc(self): tokens = parsePSKCdata(XML_PSKC) self.assertEqual(len(tokens), 6) self.assertEqual(tokens["1000133508267"].get("type"), "hotp") self.assertEqual(tokens["2600135004013"].get("type"), "totp") self.assertEqual(tokens["2600135004013"].get("timeStep"), "60")
def loadtokens_api(filename=None): """ The call imports the given file containing token definitions. The file can be an OATH CSV file, an aladdin XML file or a Yubikey CSV file exported from the yubikey initialization tool. The function is called as a POST request with the file upload. :jsonparam filename: The name of the token file, that is imported :jsonparam type: The file type. Can be "aladdin-xml", "oathcsv" or "yubikeycsv". :jsonparam tokenrealms: comma separated list of tokens. :jsonparam psk: Pre Shared Key, when importing PSKC :return: The number of the imported tokens :rtype: int """ if not filename: filename = getParam(request.all_data, "filename", required) known_types = ['aladdin-xml', 'oathcsv', "OATH CSV", 'yubikeycsv', 'Yubikey CSV', 'pskc'] file_type = getParam(request.all_data, "type", required) hashlib = getParam(request.all_data, "aladdin_hashlib") aes_psk = getParam(request.all_data, "psk") aes_password = getParam(request.all_data, "password") if aes_psk and len(aes_psk) != 32: raise TokenAdminError("The Pre Shared Key must be 128 Bit hex " "encoded. It must be 32 characters long!") trealms = getParam(request.all_data, "tokenrealms") or "" tokenrealms = [] if trealms: tokenrealms = trealms.split(",") TOKENS = {} token_file = request.files['file'] file_contents = "" # In case of form post requests, it is a "instance" of FieldStorage # i.e. the Filename is selected in the browser and the data is # transferred # in an iframe. see: http://jquery.malsup.com/form/#sample4 # if type(token_file) == FieldStorage: # pragma: no cover log.debug("Field storage file: %s", token_file) file_contents = token_file.value elif type(token_file) == FileStorage: log.debug("Werkzeug File storage file: %s", token_file) file_contents = token_file.read() else: # pragma: no cover file_contents = token_file if file_contents == "": log.error("Error loading/importing token file. file {0!s} empty!".format( filename)) raise ParameterError("Error loading token file. File empty!") if file_type not in known_types: log.error("Unknown file type: >>{0!s}<<. We only know the types: {1!s}".format(file_type, ', '.join(known_types))) raise TokenAdminError("Unknown file type: >>%s<<. We only know the " "types: %s" % (file_type, ', '.join(known_types))) # Parse the tokens from file and get dictionary if file_type == "aladdin-xml": TOKENS = parseSafeNetXML(file_contents) elif file_type in ["oathcsv", "OATH CSV"]: TOKENS = parseOATHcsv(file_contents) elif file_type in ["yubikeycsv", "Yubikey CSV"]: TOKENS = parseYubicoCSV(file_contents) elif file_type in ["pskc"]: TOKENS = parsePSKCdata(file_contents, preshared_key_hex=aes_psk, password=aes_password) # Now import the Tokens from the dictionary ret = "" for serial in TOKENS: log.debug("importing token {0!s}".format(TOKENS[serial])) log.info("initialize token. serial: {0!s}, realm: {1!s}".format(serial, tokenrealms)) init_param = {'serial': serial, 'type': TOKENS[serial]['type'], 'description': TOKENS[serial].get("description", "imported"), 'otpkey': TOKENS[serial]['otpkey'], 'otplen': TOKENS[serial].get('otplen'), 'timeStep': TOKENS[serial].get('timeStep'), 'hashlib': TOKENS[serial].get('hashlib')} if hashlib and hashlib != "auto": init_param['hashlib'] = hashlib #if tokenrealm: # self.Policy.checkPolicyPre('admin', 'loadtokens', # {'tokenrealm': tokenrealm }) init_token(init_param, tokenrealms=tokenrealms) g.audit_object.log({'info': "{0!s}, {1!s} (imported: {2:d})".format(file_type, token_file, len(TOKENS)), 'serial': ', '.join(TOKENS.keys())}) # logTokenNum() return send_result(len(TOKENS))
def loadtokens_api(filename=None): """ The call imports the given file containing token definitions. The file can be an OATH CSV file, an aladdin XML file or a Yubikey CSV file exported from the yubikey initialization tool. The function is called as a POST request with the file upload. :jsonparam basestring filename: The name of the token file, that is imported :jsonparam basestring type: The file type. Can be "aladdin-xml", "oathcsv" or "yubikeycsv". :jsonparam basestring tokenrealms: comma separated list of tokens. :return: The number of the imported tokens :rtype: int """ if not filename: filename = getParam(request.all_data, "filename", required) known_types = [ 'aladdin-xml', 'oathcsv', "OATH CSV", 'yubikeycsv', 'Yubikey CSV', 'pskc' ] file_type = getParam(request.all_data, "type", required) hashlib = getParam(request.all_data, "aladdin_hashlib") trealms = getParam(request.all_data, "tokenrealms") or "" tokenrealms = [] if trealms: tokenrealms = trealms.split(",") TOKENS = {} token_file = request.files['file'] file_contents = "" # In case of form post requests, it is a "instance" of FieldStorage # i.e. the Filename is selected in the browser and the data is # transferred # in an iframe. see: http://jquery.malsup.com/form/#sample4 # if type(token_file) == FieldStorage: # pragma: no cover log.debug("Field storage file: %s", token_file) file_contents = token_file.value elif type(token_file) == FileStorage: log.debug("Werkzeug File storage file: %s", token_file) file_contents = token_file.read() else: # pragma: no cover file_contents = token_file if file_contents == "": log.error("Error loading/importing token file. file %s empty!" % filename) raise ParameterError("Error loading token file. File empty!") if file_type not in known_types: log.error("Unknown file type: >>%s<<. We only know the types: %s" % (file_type, ', '.join(known_types))) raise TokenAdminError("Unknown file type: >>%s<<. We only know the " "types: %s" % (file_type, ', '.join(known_types))) # Parse the tokens from file and get dictionary if file_type == "aladdin-xml": TOKENS = parseSafeNetXML(file_contents) elif file_type in ["oathcsv", "OATH CSV"]: TOKENS = parseOATHcsv(file_contents) elif file_type in ["yubikeycsv", "Yubikey CSV"]: TOKENS = parseYubicoCSV(file_contents) elif file_type in ["pskc"]: # At the moment we only process unencrypted data # TODO: We need to also parse encryption! TOKENS = parsePSKCdata(file_contents) # Now import the Tokens from the dictionary ret = "" for serial in TOKENS: log.debug("importing token %s" % TOKENS[serial]) log.info("initialize token. serial: %s, realm: %s" % (serial, tokenrealms)) init_param = { 'serial': serial, 'type': TOKENS[serial]['type'], 'description': TOKENS[serial].get("description", "imported"), 'otpkey': TOKENS[serial]['otpkey'], 'otplen': TOKENS[serial].get('otplen'), 'timeStep': TOKENS[serial].get('timeStep'), 'hashlib': TOKENS[serial].get('hashlib') } if hashlib and hashlib != "auto": init_param['hashlib'] = hashlib #if tokenrealm: # self.Policy.checkPolicyPre('admin', 'loadtokens', # {'tokenrealm': tokenrealm }) init_token(init_param, tokenrealms=tokenrealms) g.audit_object.log({ 'info': "%s, %s (imported: %i)" % (file_type, token_file, len(TOKENS)), 'serial': ', '.join(TOKENS.keys()) }) # logTokenNum() return send_result(len(TOKENS))