def __init__(self, config=None):
if config and config.user:
self.username = config.user["username"]
self.password = config.user["password"]
else:
self.username = '******' + id_generator()
self.password = id_generator() + id_generator()
self.srp_user = srp.User(self.username, self.password, srp.SHA256,
srp.NG_1024)
def test_authenticated_on_init(self):
usr = _pysrp.User('test', 'test')
self.assertTrue(not usr.authenticated())
usr = _ctsrp.User('test', 'test')
self.assertTrue(not usr.authenticated())
usr = _srp.User('test', 'test')
self.assertTrue(not usr.authenticated())
def run_tests():
login = '******' + id_generator()
password = id_generator() + "äöì" + id_generator()
usr = srp.User(login, password, srp.SHA256, srp.NG_1024)
print_and_parse(signup(login, password))
auth = print_and_parse(authenticate(usr))
verify_or_debug(auth, usr)
assert usr.authenticated()
def _login(username, passphrase, provider, api_uri, api_version):
usr = srp.User(username, passphrase, srp.SHA256, srp.NG_1024)
auth = None
try:
auth = _authenticate(api_uri, api_version, usr).json()
except requests.exceptions.ConnectionError:
_fail('Could not connect to server.')
if 'errors' in auth:
_fail(str(auth['errors']))
return api_uri, api_version, auth
def change_password(user_id, login, token):
password = id_generator() + id_generator()
salt, vkey = srp.create_salted_verification_key( login, password, srp.SHA256, srp.NG_1024 )
user_params = {
'user[password_verifier]': binascii.hexlify(vkey),
'user[password_salt]': binascii.hexlify(salt)
}
auth_headers = { 'Authorization': 'Token token="' + token + '"'}
print user_params
print_and_parse(requests.put(server + '/users/' + user_id + '.json', data = user_params, verify = False, headers = auth_headers))
return srp.User( login, password, srp.SHA256, srp.NG_1024 )
def run(self):
with open(r'roots.pem', 'rb') as f:
cert = f.read()
credentials = grpc.ssl_channel_credentials(root_certificates=cert)
channel = grpc.secure_channel('{0}:{1}'.format(self.server, self.port),
credentials)
util_stub = util_grpc.UtilityServicesStub(channel)
req = util.StartLoginSrpRequest(UserName=self.user, Domain=self.domain)
srp_start_response = util_stub.StartLoginSrp(req)
print('Start SRP result: ', srp_start_response.Response)
if srp_start_response.Response == 'success':
identity = '{0}@{1}'.format(self.user, self.domain)
g_hex = hex(int(srp_start_response.srpg))
n_hex = hex(int(srp_start_response.srpN))
srp.rfc5054_enable(True)
usr = srp.User(identity,
self.password,
hash_alg=srp.SHA256,
ng_type=srp.NG_CUSTOM,
n_hex=n_hex,
g_hex=g_hex)
srp.rfc5054_enable(False)
_, A = usr.start_authentication()
bytes_B = int(srp_start_response.srpb).to_bytes(128, 'big')
bytes_s = bytes.fromhex(srp_start_response.srpSalt)
M = usr.process_challenge(bytes_s, bytes_B)
strMc = hex(int.from_bytes(M, 'big')).lstrip('0x')
strEphA = str(int.from_bytes(A, 'big'))
srpTransactId = srp_start_response.srpTransactId
req = util.CompleteLoginSrpRequest(Identity=identity,
srpTransactId=srpTransactId,
strEphA=strEphA,
strMc=strMc,
UserName=self.user,
Domain=self.domain,
Locale=self.locale)
connect_response = util_stub.CompleteLoginSrp(req)
print('Connect result: ', connect_response.Response)
if connect_response.Response == 'success':
req = util.DisconnectRequest(
UserToken=connect_response.UserToken)
disconnect_response = util_stub.Disconnect(req)
print('Disconnect result: ',
disconnect_response.ServerResponse)
def run_tests(): login = '******' + id_generator() password = id_generator() + id_generator() usr = srp.User( login, password, srp.SHA256, srp.NG_1024 ) print_and_parse(signup(login, password)) auth = print_and_parse(authenticate(usr)) verify_or_debug(auth, usr) assert usr.authenticated() usr = change_password(auth['id'], login, auth['token']) auth = print_and_parse(authenticate(usr)) verify_or_debug(auth, usr) # At this point the authentication process is complete. assert usr.authenticated()
def get_srp_user(self):
username = self.username
password = self.initialization_key
return srp.User(username, password)
