def test_10_authenticate_challenge_response(self):
db_token = Token.query.filter(Token.serial == self.serial1).first()
token = RemoteTokenClass(db_token)
token.set_pin(self.otppin)
r = token.is_challenge_request(self.otppin)
# Return True, the PIN triggers a challenges request.
self.assertTrue(r)
def test_10_authenticate_challenge_response(self):
db_token = Token.query.filter(Token.serial == self.serial1).first()
token = RemoteTokenClass(db_token)
token.set_pin(self.otppin)
r = token.is_challenge_request(self.otppin)
# Return True, the PIN triggers a challenges request.
self.assertTrue(r)
def test_11_check_challenge_response(self):
db_token = Token.query.filter(Token.serial == self.serial1).first()
token = RemoteTokenClass(db_token)
token.set_pin(self.otppin)
r = token.check_challenge_response(passw="somePW",
options={"transactionid": "1234"})
self.assertTrue(r)
def __init__(self, aToken):
RemoteTokenClass.__init__(self, aToken)
self.setType(u"radius")
self.radiusServer = ""
self.radiusUser = ""
self.radiusLocal_checkpin = "0"
self.radiusSecret = VOID_RADIUS_SECRET
def test_11_check_challenge_response(self):
db_token = Token.query.filter(Token.serial == self.serial1).first()
token = RemoteTokenClass(db_token)
token.set_pin(self.otppin)
r = token.check_challenge_response(passw="somePW",
options={"transactionid": "1234"})
self.assertTrue(r)
def test_02_class_methods(self):
db_token = Token.query.filter(Token.serial == self.serial1).first()
token = RemoteTokenClass(db_token)
info = token.get_class_info()
self.assertTrue(info.get("title") == "Remote Token",
"%s" % info.get("title"))
info = token.get_class_info("title")
self.assertTrue(info == "Remote Token", info)
def test_07_do_request_missing_config(self):
responses.add(responses.POST,
"http://my.privacyidea.server/validate/check",
body=json.dumps(self.success_body),
content_type="application/json")
db_token = Token.query.filter(Token.serial == self.serial3).first()
token = RemoteTokenClass(db_token)
# Authentication will fail, since neither remote.serial nor remote.user
otpcount = token.check_otp("123456")
self.assertTrue(otpcount == -1, otpcount)
def test_04_do_request_success(self):
responses.add(responses.POST,
"http://my.privacyidea.server/validate/check",
body=json.dumps(self.success_body),
content_type="application/json")
db_token = Token.query.filter(Token.serial == self.serial1).first()
token = RemoteTokenClass(db_token)
otpcount = token.check_otp("123456")
self.assertTrue(otpcount > 0, otpcount)
def test_07_do_request_missing_config(self):
responses.add(responses.POST,
"http://my.privacyidea.server/validate/check",
body=json.dumps(self.success_body),
content_type="application/json")
db_token = Token.query.filter(Token.serial == self.serial3).first()
token = RemoteTokenClass(db_token)
# Authentication will fail, since neither remote.serial nor remote.user
otpcount = token.check_otp("123456")
self.assertTrue(otpcount == -1, otpcount)
def test_05_do_request_fail(self):
responses.add(responses.POST,
"http://my.privacyidea.server/validate/check",
body=json.dumps(self.fail_body),
content_type="application/json")
db_token = Token.query.filter(Token.serial == self.serial1).first()
token = RemoteTokenClass(db_token)
otpcount = token.check_otp("123456")
self.assertTrue(otpcount == -1, otpcount)
def test_06_do_request_success_remote_user(self):
# verify SSL
set_privacyidea_config("remote.verify_ssl_certificate", True)
responses.add(responses.POST,
"http://my.privacyidea.server/validate/check",
body=json.dumps(self.success_body),
content_type="application/json")
db_token = Token.query.filter(Token.serial == self.serial2).first()
token = RemoteTokenClass(db_token)
otpcount = token.check_otp("123456")
self.assertTrue(otpcount > 0, otpcount)
def test_06_do_request_success_remote_user(self):
# verify SSL
set_privacyidea_config("remote.verify_ssl_certificate", True)
responses.add(responses.POST,
"http://my.privacyidea.server/validate/check",
body=json.dumps(self.success_body),
content_type="application/json")
db_token = Token.query.filter(Token.serial == self.serial2).first()
token = RemoteTokenClass(db_token)
otpcount = token.check_otp("123456")
self.assertTrue(otpcount > 0, otpcount)
def test_09_authenticate_remote_pin(self):
responses.add(responses.POST,
"http://my.privacyidea.server/validate/check",
body=json.dumps(self.success_body),
content_type="application/json")
db_token = Token.query.filter(Token.serial == self.serial2).first()
token = RemoteTokenClass(db_token)
token.set_pin("")
r = token.authenticate("remotePIN123456")
self.assertTrue(r[0], r)
self.assertTrue(r[1] >= 0, r)
self.assertTrue(r[2].get("message") == "matching 1 tokens", r)
def test_09_authenticate_remote_pin(self):
responses.add(responses.POST,
"http://my.privacyidea.server/validate/check",
body=json.dumps(self.success_body),
content_type="application/json")
db_token = Token.query.filter(Token.serial == self.serial2).first()
token = RemoteTokenClass(db_token)
token.set_pin("")
r = token.authenticate("remotePIN123456")
self.assertTrue(r[0], r)
self.assertTrue(r[1] >= 0, r)
self.assertTrue(r[2].get("message") == "matching 1 tokens", r)
def test_04_do_request_success(self):
responses.add(responses.POST,
"http://my.privacyidea.server/validate/check",
body=json.dumps(self.success_body),
content_type="application/json")
db_token = Token.query.filter(Token.serial == self.serial1).first()
token = RemoteTokenClass(db_token)
otpcount = token.check_otp("123456")
self.assertTrue(otpcount > 0, otpcount)
remote_serial = token.get_tokeninfo("last_matching_remote_serial")
self.assertEqual("PISP0000AB00", remote_serial)
def test_08_authenticate_local_pin(self):
responses.add(responses.POST,
"http://my.privacyidea.server/validate/check",
body=json.dumps(self.success_body),
content_type="application/json")
db_token = Token.query.filter(Token.serial == self.serial1).first()
token = RemoteTokenClass(db_token)
# wrong PIN
r = token.authenticate("wrong" + "123456")
self.assertFalse(r[0], r)
self.assertTrue(r[1] == -1, r)
self.assertTrue(r[2].get("message") == "Wrong PIN", r)
# rigth PIN
r = token.authenticate(self.otppin + "123456")
self.assertTrue(r[0], r)
self.assertTrue(r[1] >= 0, r)
self.assertTrue(r[2].get("message") == "matching 1 tokens", r)
def test_08_authenticate_local_pin(self):
responses.add(responses.POST,
"http://my.privacyidea.server/validate/check",
body=json.dumps(self.success_body),
content_type="application/json")
db_token = Token.query.filter(Token.serial == self.serial1).first()
token = RemoteTokenClass(db_token)
# wrong PIN
r = token.authenticate("wrong"+"123456")
self.assertFalse(r[0], r)
self.assertTrue(r[1] == -1, r)
self.assertTrue(r[2].get("message") == "Wrong PIN", r)
# rigth PIN
r = token.authenticate(self.otppin+"123456")
self.assertTrue(r[0], r)
self.assertTrue(r[1] >= 0, r)
self.assertTrue(r[2].get("message") == "matching 1 tokens", r)
def checkPin(self, pin, options=None):
'''
check the pin - either remote or localy
- in case of remote, we return true, as the
the splitPinPass will put the passw then in the otpVal
:param pin: the pin which should be checked
:param options: the additional request parameters
'''
res = True
if self.check_pin_local():
log.debug("checking PIN locally")
res = RemoteTokenClass.checkPin(self, pin)
return res
def __init__(self, db_token):
RemoteTokenClass.__init__(self, db_token)
self.set_type(u"radius")
self.mode = ['authenticate', 'challenge']
def __init__(self, db_token):
RemoteTokenClass.__init__(self, db_token)
self.set_type(u"radius")
self.mode = ['authenticate', 'challenge']
def test_01_create_token(self):
db_token = Token(self.serial3, tokentype="remote")
db_token.save()
token = RemoteTokenClass(db_token)
token.update(self.params3)
token.set_pin(self.otppin)
db_token = Token(self.serial2, tokentype="remote")
db_token.save()
token = RemoteTokenClass(db_token)
token.update(self.params2)
token.set_pin(self.otppin)
db_token = Token(self.serial1, tokentype="remote")
db_token.save()
token = RemoteTokenClass(db_token)
token.update(self.params1)
token.set_pin(self.otppin)
self.assertTrue(token.token.serial == self.serial1, token)
self.assertTrue(token.token.tokentype == "remote",
token.token.tokentype)
self.assertTrue(token.type == "remote", token)
class_prefix = token.get_class_prefix()
self.assertTrue(class_prefix == "PIRE", class_prefix)
self.assertTrue(token.get_class_type() == "remote", token)
def test_01_create_token(self):
db_token = Token(self.serial3, tokentype="remote")
db_token.save()
token = RemoteTokenClass(db_token)
token.update(self.params3)
token.set_pin(self.otppin)
db_token = Token(self.serial2, tokentype="remote")
db_token.save()
token = RemoteTokenClass(db_token)
token.update(self.params2)
token.set_pin(self.otppin)
db_token = Token(self.serial1, tokentype="remote")
db_token.save()
token = RemoteTokenClass(db_token)
token.update(self.params1)
token.set_pin(self.otppin)
self.assertTrue(token.token.serial == self.serial1, token)
self.assertTrue(token.token.tokentype == "remote",
token.token.tokentype)
self.assertTrue(token.type == "remote", token)
class_prefix = token.get_class_prefix()
self.assertTrue(class_prefix == "PIRE", class_prefix)
self.assertTrue(token.get_class_type() == "remote", token)
def test_03_check_pin_local(self):
db_token = Token.query.filter(Token.serial == self.serial1).first()
token = RemoteTokenClass(db_token)
r = token.check_pin_local
self.assertTrue(r, r)
