def admin_temporarypasscode(): logger.debug("admin_temporarypasscode()") user_id = request.args.get('user_id') randcode = random_with_N_digits(6) okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) listfactors = okta_admin.list_enrolled_factors(user_id) for factor_info in listfactors: if "question" in factor_info['factorType']: factor_id = factor_info['id'] okta_admin.delete_factor(user_id=user_id, factor_id=factor_id) okta_admin.enroll_securityquestion(user_id, "favorite_security_question", str(randcode)) else: okta_admin.enroll_securityquestion(user_id, "favorite_security_question", str(randcode)) message = "Your Temporary Code is: {0}".format(str(randcode)) return redirect( url_for("admin_views_bp.admin_usersadvanced", _external="True", _scheme="https", message=message))
def admin_addkeytouser(): logger.debug("admin_addkeytouser()") user_id = request.args.get('userId') factor_profile_id = request.args.get('factorProfileId') shared_secret = request.args.get('sharedSecret') okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) listfactors = okta_admin.list_enrolled_factors(user_id) logger.debug(listfactors) for factor_info in listfactors: if "token:hotp" in factor_info['factorType']: factor_id = factor_info['id'] okta_admin.delete_factor(user_id=user_id, factor_id=factor_id) response = okta_admin.enroll_hardtoken(user_id, factor_profile_id, shared_secret) logger.debug(response) break else: response = okta_admin.enroll_hardtoken(user_id, factor_profile_id, shared_secret) logger.debug(response) break message = "Your Key is Setup" return message
def get_enrolled_factors(user_id): print("get_enrolled_factors()") okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) enrolled_factors = okta_admin.list_enrolled_factors(user_id) factors = [] for f in enrolled_factors: logger.debug(f["factorType"]) factor = {} factor["id"] = f["id"] factor["type"] = f["factorType"] factor["provider"] = f["provider"] factor["vendor"] = f["vendorName"] switcher = { 'token:software:totp': totp, 'push': push, 'webauthn': webauthn, 'sms': sms, 'call': call, 'question': question } if f["status"] == "ACTIVE": myfactor = switcher.get(f["factorType"]) else: myfactor = None if myfactor is not None: factor = myfactor(factor, f) factors.append(factor) return factors
def admin_temporarypasscode(): logger.debug("admin_temporarypasscode()") okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) user_id = request.args.get('user_id') user = okta_admin.get_user(user_id) randcode = random_with_N_digits(6) okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) listfactors = okta_admin.list_enrolled_factors(user_id) for factor_info in listfactors: if "question" in factor_info['factorType']: factor_id = factor_info['id'] okta_admin.delete_factor(user_id=user_id, factor_id=factor_id) okta_admin.enroll_securityquestion(user_id, "favorite_security_question", str(randcode)) else: okta_admin.enroll_securityquestion(user_id, "favorite_security_question", str(randcode)) usersname = user["profile"]["firstName"] + " " + user["profile"]["lastName"] message = "{0} - MFA Security Question Set to 'Favorite Security Question'. Users new code is: {1}".format( usersname, str(randcode)) return redirect( url_for("admin_views_bp.admin_usersadvanced", _external="True", _scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"], message=message))
def admin_getfactors(): logger.debug("admin_userverification()") okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) user_id = request.args.get('user_id') listfactors = okta_admin.list_enrolled_factors(user_id) return json.dumps(listfactors)
def get_enrolled_factors(user_id): print("get_enrolled_factors()") okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) enrolled_factors = okta_admin.list_enrolled_factors(user_id) factors = [] for f in enrolled_factors: factor = {} factor["id"] = f["id"] # default the name to the type, just in case factor["name"] = f["factorType"] factor["type"] = f["factorType"] factor["provider"] = f["provider"] factor["vendor"] = f["vendorName"] # factor["profile"] = f["profile"] factor["sortOrder"] = 100 factorType = factor["type"] provider = factor["provider"] if (factorType == "token:software:totp"): if (provider == "GOOGLE"): factor["name"] = "Google Authenticator" factor["profile"] = f["profile"]["credentialId"] factor["sortOrder"] = 20 elif (provider == "OKTA"): # don't list Okta Verify OTP continue elif (factorType == "push"): factor["name"] = "Okta Verify" if "profile" in f: factor["profile"] = f["profile"]["name"] else: factor["profile"] = None factor["sortOrder"] = 10 elif (factorType == "sms"): factor["name"] = "SMS" factor["profile"] = f["profile"]["phoneNumber"] factor["sortOrder"] = 30 elif (factorType == "call"): factor["name"] = "Voice Call" factor["profile"] = f["profile"]["phoneNumber"] factor["sortOrder"] = 40 elif (factorType == "question"): factor["name"] = "Security Question" factor["profile"] = f["profile"]["questionText"] factor["sortOrder"] = 50 else: # don't list Okta Verify OTP continue factors.append(factor) # return the sorted array return sorted(factors, key=lambda i: i["sortOrder"])