def update(self, param, reset_failcount=True):
"""
update - process initialization parameters
:param param: dict of initialization parameters
:type param: dict
:return: nothing
"""
LOG.debug("[update] begin. adjust the token class with: param %r" %
param)
_ = context['translate']
# in the scope helpdesk we allways have a user
# to whom the token will be assigned
if param.get('::scope::', {}).get('helpdesk', False):
user = param['::scope::']['user']
u_info = getUserDetail(user)
param[self.EMAIL_ADDRESS_KEY] = u_info.get('email', None)
# specific - e-mail
self._email_address = param[self.EMAIL_ADDRESS_KEY]
# in scope selfservice - check if edit_email is allowed
# if not allowed to edit, check if the email is the same
# as from the user data
if param.get('::scope::', {}).get('selfservice', False):
user = param['::scope::']['user']
if not is_email_editable(user):
u_info = getUserDetail(user)
u_email = u_info.get('email', None)
if u_email.strip() != self._email_address.strip():
raise Exception(
_('User is not allowed to set '
'email address'))
# in case of the e-mail token, only the server must know the otpkey
# thus if none is provided, we let create one (in the TokenClass)
if 'genkey' not in param and 'otpkey' not in param:
param['genkey'] = 1
HmacTokenClass.update(self, param, reset_failcount)
LOG.debug("[update] end. all token parameters are set.")
return
def get_mobile_number(self, user=None):
"""
get the mobile number
- from the token info or
- if the policy allowes it, from the user info
"""
if not user:
return self._getPhone()
pol = get_client_policy(
context["Client"],
scope="authentication",
user=user,
action="sms_dynamic_mobile_number",
)
get_dynamic = get_action_value(
pol,
scope="authentication",
action="sms_dynamic_mobile_number",
default=False,
)
if not get_dynamic:
return self._getPhone()
user_detail = getUserDetail(user)
return user_detail.get("mobile", self._getPhone())
def get_mobile_number(self, user=None):
'''
get the mobile number
- from the token info or
- if the policy allowes it, from the user info
'''
if not user:
return self._getPhone()
pol = get_client_policy(context['Client'],
scope="authentication",
user=user,
action="sms_dynamic_mobile_number")
if not pol:
return self._getPhone()
get_dynamic = getPolicyActionValue(pol,
"sms_dynamic_mobile_number",
is_string=True)
if not get_dynamic:
return self._getPhone()
user_detail = getUserDetail(user)
return user_detail.get('mobile', self._getPhone())
def _get_email_address(self, user=None):
'''
get the email address
- from the token info or
- if the policy allowes it, from the user info
'''
if not user:
return self._email_address
pol = get_client_policy(context['Client'],
scope="authentication",
user=user,
action="dynamic_email_address")
if not pol:
return self._email_address
get_dynamic = get_action_value(pol,
scope="authentication",
action="dynamic_email_address",
default='')
if not get_dynamic:
return self._email_address
user_detail = getUserDetail(user)
return user_detail.get('email', self._email_address)
def get_mobile_number(self, user=None):
'''
get the mobile number
- from the token info or
- if the policy allowes it, from the user info
'''
if not user:
return self.get_phone()
pol = get_client_policy(context['Client'],
scope="authentication",
user=user,
action="voice_dynamic_mobile_number")
if not pol:
return self.get_phone()
get_dynamic = get_action_value(pol,
scope='authentication',
action="voice_dynamic_mobile_number",
default=False)
if not get_dynamic:
return self.get_phone()
user_detail = getUserDetail(user)
return user_detail.get('mobile', self.get_phone())
def update(self, param, reset_failcount=True):
"""
update - process initialization parameters
:param param: dict of initialization parameters
:type param: dict
:return: nothing
"""
LOG.debug("[update] begin. adjust the token class with: param %r" % param)
# specific - e-mail
self._email_address = param[self.EMAIL_ADDRESS_KEY]
# in scope selfservice - check if edit_email is allowed
# if not allowed to edit, check if the email is the same
# as from the user data
if param.get('::scope::', {}).get('selfservice', False):
user = param['::scope::']['user']
if not is_email_editable(user):
u_info = getUserDetail(user)
u_email = u_info.get('email', None)
if u_email.strip() != self._email_address.strip():
raise Exception(_('User is not allowed to set email address'))
## in case of the e-mail token, only the server must know the otpkey
## thus if none is provided, we let create one (in the TokenClass)
if not 'genkey' in param and not 'otpkey' in param:
param['genkey'] = 1
HmacTokenClass.update(self, param, reset_failcount)
LOG.debug("[update] end. all token parameters are set.")
return
def update(self, param, reset_failcount=True):
'''
update - process initialization parameters
:param param: dict of initialization parameters
:type param: dict
:return: nothing
'''
_ = context['translate']
log.debug("[update] begin. adjust the token class with: param %r" %
(param))
# specific - phone
phone = getParam(param, "phone", required)
# in scope selfservice - check if edit_sms is allowed
# if not allowed to edit, check if the phone is the same
# as from the user data
if param.get('::scope::', {}).get('selfservice', False):
user = param['::scope::']['user']
if not is_phone_editable(user):
u_info = getUserDetail(user)
u_phone = u_info.get('mobile', u_info.get('phone', None))
if u_phone != phone:
raise Exception(
_('User is not allowed to '
'set phone number'))
self.setPhone(phone)
# in case of the sms token, only the server must know the otpkey
# thus if none is provided, we let create one (in the TokenClass)
if 'genkey' not in param and 'otpkey' not in param:
param['genkey'] = 1
HmacTokenClass.update(self, param, reset_failcount)
log.debug("[update] end. all token parameters are set.")
return
def update(self, param, reset_failcount=True):
'''
update - process initialization parameters
:param param: dict of initialization parameters
:type param: dict
:return: nothing
'''
_ = context['translate']
# specific - phone
try:
phone = param['phone']
except KeyError:
raise ParameterError("Missing parameter: 'phone'")
# in scope selfservice - check if edit_sms is allowed
# if not allowed to edit, check if the phone is the same
# as from the user data
if param.get('::scope::', {}).get('selfservice', False):
user = param['::scope::']['user']
if not is_phone_editable(user):
u_info = getUserDetail(user)
u_phone = u_info.get('mobile', u_info.get('phone', None))
if u_phone != phone:
raise Exception(
_('User is not allowed to '
'set phone number'))
self.setPhone(phone)
# in case of the sms token, only the server must know the otpkey
# thus if none is provided, we let create one (in the TokenClass)
if 'genkey' not in param and 'otpkey' not in param:
param['genkey'] = 1
HmacTokenClass.update(self, param, reset_failcount)
return
def update(self, param, reset_failcount=True):
'''
update - process initialization parameters
:param param: dict of initialization parameters
:type param: dict
:return: nothing
'''
_ = context['translate']
log.debug("[update] begin. adjust the token class with: param %r"
% (param))
# specific - phone
phone = getParam(param, "phone", required)
# in scope selfservice - check if edit_sms is allowed
# if not allowed to edit, check if the phone is the same
# as from the user data
if param.get('::scope::', {}).get('selfservice', False):
user = param['::scope::']['user']
if not is_phone_editable(user):
u_info = getUserDetail(user)
u_phone = u_info.get('mobile', u_info.get('phone', None))
if u_phone != phone:
raise Exception(_('User is not allowed to '
'set phone number'))
self.setPhone(phone)
# in case of the sms token, only the server must know the otpkey
# thus if none is provided, we let create one (in the TokenClass)
if 'genkey' not in param and 'otpkey' not in param:
param['genkey'] = 1
HmacTokenClass.update(self, param, reset_failcount)
log.debug("[update] end. all token parameters are set.")
return
def update(self, param, reset_failcount=True):
"""
update - process initialization parameters
:param param: dict of initialization parameters
:type param: dict
:return: nothing
"""
# specific - phone
try:
phone = param["phone"]
except KeyError:
raise ParameterError("Missing parameter: 'phone'")
# in scope selfservice - check if edit_sms is allowed
# if not allowed to edit, check if the phone is the same
# as from the user data
if param.get("::scope::", {}).get("selfservice", False):
user = param["::scope::"]["user"]
if not is_phone_editable(user):
u_info = getUserDetail(user)
u_phone = u_info.get("mobile", u_info.get("phone", None))
if u_phone != phone:
raise Exception(
_("User is not allowed to set phone number")
)
self.setPhone(phone)
# in case of the sms token, only the server must know the otpkey
# thus if none is provided, we let create one (in the TokenClass)
if "genkey" not in param and "otpkey" not in param:
param["genkey"] = 1
HmacTokenClass.update(self, param, reset_failcount)
return
def update(self, param, reset_failcount=True):
"""
update - process initialization parameters
:param param: dict of initialization parameters
:type param: dict
:return: nothing
"""
LOG.debug("[update] begin. adjust the token class with: param %r",
param)
# specific - e-mail
self._email_address = param[self.EMAIL_ADDRESS_KEY]
# in scope selfservice - check if edit_email is allowed
# if not allowed to edit, check if the email is the same
# as from the user data
if param.get("::scope::", {}).get("selfservice", False):
user = param["::scope::"]["user"]
if not is_email_editable(user):
u_info = getUserDetail(user)
u_email = u_info.get("email", None)
if u_email.strip() != self._email_address.strip():
raise Exception(
_("User is not allowed to set email address"))
# in case of the e-mail token, only the server must know the otpkey
# thus if none is provided, we let create one (in the TokenClass)
if "genkey" not in param and "otpkey" not in param:
param["genkey"] = 1
HmacTokenClass.update(self, param, reset_failcount)
LOG.debug("[update] end. all token parameters are set.")
return
def update(self, param, reset_failcount=True):
"""
update - process initialization parameters
:param param: dict of initialization parameters
:type param: dict
:return: nothing
"""
log.debug("[update] begin. adjust the token class with: param %r" % (param))
# specific - phone
phone = getParam(param, "phone", required)
# in scope selfservice - check if edit_sms is allowed
# if not allowed to edit, check if the phone is the same
# as from the user data
if param.get("::scope::", {}).get("selfservice", False):
user = param["::scope::"]["user"]
if not is_phone_editable(user):
u_info = getUserDetail(user)
u_phone = u_info.get("mobile", u_info.get("phone", None))
if u_phone != phone:
raise Exception(_("User is not allowed to " "set phone number"))
self.setPhone(phone)
# in case of the sms token, only the server must know the otpkey
# thus if none is provided, we let create one (in the TokenClass)
if "genkey" not in param and "otpkey" not in param:
param["genkey"] = 1
HmacTokenClass.update(self, param, reset_failcount)
log.debug("[update] end. all token parameters are set.")
return
