def enrollment_complete(self, enrollment, data):
with transaction.atomic():
assert enrollment.status == Enrollment.STATUS_IN_PROGRESS
assert not enrollment.is_expired()
# mark the enrollment as failed
enrollment.status = Enrollment.STATUS_FAILED
private_details, err = self.get_enrollment_private_details_model(
enrollment.private_details)
if err:
logger.error(
'failed to retrieve private details for OTP enrollment `{0}`: {1}'
.format(enrollment.pk, err))
return False, err
# create the provisioning uri
totp = pyotp.TOTP(s=private_details['secret'],
digits=private_details['digits'],
interval=private_details['interval'])
ok = totp.verify(data['token'],
valid_window=self._configuration['valid_window'])
if not ok:
logger.error(
'failed to verify OTP `{0}` as valid for enrollment `{1}`'.
format(data['token'], enrollment.pk))
return False, errors.MFASecurityError(
'token mismatch: `{0}` is not a valid OTP token for enrollment `{1}`'
.format(data['token'], enrollment.pk))
# extract the device details
details = OTPDeviceDetails(
data={
'issuer_name': private_details['issuer_name'],
'digits': private_details['digits'],
'interval': private_details['interval'],
'secret': private_details['secret'],
'valid_window': private_details['valid_window'],
'algorithm': private_details['algorithm']
})
if not details.is_valid():
logger.info(
'could not validate OTP device details: {0}'.format(
details.errors))
# create the device
device = Device()
device.name = 'OTP [{0}]'.format(enrollment.username)
device.kind = enrollment.device_selection.kind
device.enrollment = enrollment
# save the device details
device.details = details.validated_data
return device, None
def create_space(self):
device = Device()
device.name = "Device 1"
device.registered_at = timezone.now()
device.save()
space = Space()
space.device = device
space.name = "Space 1"
space.area = 22.5
space.save()
return space
def test_creating_device_and_saving_it(self):
device = Device()
device.name = "Device 1"
device.registered_at = timezone.now()
device.save()
# Retreive it
all_devices = Device.objects.all()
self.assertEquals(len(all_devices), 1)
self.assertEquals(all_devices[0].name, "Device 1")
self.assertIsInstance(uuid.UUID(all_devices[0].uuid), uuid.UUID)
self.assertEquals(all_devices[0].registered_at, device.registered_at)
def setup_device():
device = Device()
device.user = setup_admin()
device.name = 'Testdevice'
device.type = 'RPB'
device.wifi_chip = 'Atheros'
device.os = 'Debian'
device.description = 'This is a test device.'
device.tags = ['test','zurich','othertag']
device.latitude = '40.0'
device.longitude = '83.0'
device.save()
return device
def enrollment_complete(self, enrollment, data):
assert enrollment.status == Enrollment.STATUS_IN_PROGRESS
assert not enrollment.is_expired()
# compare given token to privately stored token
private_details = EmailDeviceEnrollmentPrivateDetails(
data=enrollment.private_details)
if not private_details.is_valid():
return None, errors.MFAInconsistentStateError(
'enrollment private details is invalid: {0}'.format(
private_details.errors))
# if the token don't match, fail.
if private_details.validated_data['token'] != data['token']:
return None, errors.MFASecurityError(
'token mismatch, expected `{0}` however received `{1}`'.format(
private_details.validated_data['token'], data['token']))
# extract the device details
details = EmailDeviceDetails(
data={'address': private_details.validated_data['address']})
assert details.is_valid()
# create the device
device = Device()
device.name = u'Email [@{0}]'.format(
EmailDeviceKindModule.mask_address(
private_details.validated_data['address']))
device.kind = enrollment.device_selection.kind
device.enrollment = enrollment
# save the device details
device.details = details.validated_data
return device, None
def test_repr_looks_ok(self):
device = Device()
device.name = "Device 1"
device.registered_at = timezone.now()
self.assertTrue(unicode(device).startswith("Device 1 -"))
