Exemplo n.º 1
0
    def getInitDetail(self, params, user=None):
        '''
        to complete the token normalisation, the response of the initialiastion
        should be build by the token specific method, the getInitDetails
        '''
        response_detail = {}

        info = self.getInfo()
        response_detail.update(info)
        response_detail['serial'] = self.getSerial()

        tok_type = self.type.lower()

        otpkey = None
        if 'otpkey' in info:
            otpkey = info.get('otpkey')

        if otpkey != None:
            response_detail["otpkey"] = {
                "order": '1',
                "description": _("OTP seed"),
                "value": "seed://%s" % otpkey,
                "img": create_img(otpkey, width=200),
            }
            try:
                p = {}
                p.update(params)
                p['otpkey'] = otpkey
                p['serial'] = self.getSerial()
                # label
                goo_url = create_google_authenticator(p, user=user)

                response_detail["googleurl"] = {
                    "order": '0',
                    "description": _("OTPAuth Url"),
                    "value": goo_url,
                    "img": create_img(goo_url, width=250)
                }

            except NoOtpAuthTokenException as exx:
                log.warning("%r" % exx)

            if user is not None:
                try:

                    oath_url = create_oathtoken_url(user.login,
                                                    user.realm,
                                                    otpkey,
                                                    tok_type,
                                                    serial=self.getSerial())
                    response_detail["oathurl"] = {
                        "order": '2',
                        "description": _("URL for OATH token"),
                        "value": oath_url,
                        "img": create_img(oath_url, width=250)
                    }
                except Exception as ex:
                    log.info('failed to set oath or google url: %r' % ex)

        return response_detail
Exemplo n.º 2
0
    def getInitDetail(self, params , user=None):
        '''
        to complete the token normalisation, the response of the initialiastion
        should be build by the token specific method, the getInitDetails
        '''
        response_detail = {}

        info = self.getInfo()
        response_detail.update(info)
        response_detail['serial'] = self.getSerial()

        tok_type = self.type.lower()

        otpkey = None
        if 'otpkey' in info:
            otpkey = info.get('otpkey')

        if otpkey != None:
            response_detail["otpkey"] = {
                  "order"      : '1',
                  "description": _("OTP seed"),
                  "value"      :  "seed://%s" % otpkey,
                  "img"        :  create_img(otpkey, width=200),
                     }
            try:
                p = {}
                p.update(params)
                p['otpkey'] = otpkey
                p['serial'] = self.getSerial()
                # label
                goo_url = create_google_authenticator(p, user=user,
                                                      context=self.context)

                response_detail["googleurl"] = {
                      "order"      : '0',
                      "description": _("OTPAuth Url"),
                      "value" :     goo_url,
                      "img"   :     create_img(goo_url, width=250)
                      }

            except NoOtpAuthTokenException as exx:
                log.warning("%r" % exx)

            if user is not None:
                try:

                    oath_url = create_oathtoken_url(user.login, user.realm,
                                                    otpkey, tok_type,
                                                    serial=self.getSerial(),
                                                    context=self.context)
                    response_detail["oathurl"] = {
                           "order"      : '2',
                           "description" : _("URL for OATH token"),
                           "value" : oath_url,
                           "img"   : create_img(oath_url, width=250)
                           }
                except Exception as ex:
                    log.info('failed to set oath or google url: %r' % ex)

        return response_detail
Exemplo n.º 3
0
    def getInitDetail(self, params , user=None):
        '''
        to complete the token normalisation, the response of the initialiastion
        should be build by the token specific method, the getInitDetails
        '''
        response_detail = {}

        info = self.getInfo()
        # add : app_import, serial and sharedsecret
        response_detail.update(info)

        otpkey = None
        if 'otpkey' in info:
            otpkey = info.get('otpkey')

        if otpkey != None:
            response_detail["otpkey"] = {
                        "order"      : '1',
                        "description": _("OTP seed"),
                        "value"      :  "seed://%s" % otpkey,
                        "img"        :  create_img(otpkey, width=200),
                        }

        ocra_url = info.get('app_import')

        response_detail["ocraurl"] = {
                    "order"      : '0',
                    "description" : _("URL for OCRA2 token"),
                    "value" : ocra_url,
                    "img"   : create_img(ocra_url, width=250)
                    }

        return response_detail
Exemplo n.º 4
0
    def getInitDetail(self, params, user=None):
        """
        to complete the token normalisation, the response of the initialiastion
        should be build by the token specific method, the getInitDetails
        """

        response_detail = {}

        info = self.getInfo()
        response_detail.update(info)
        response_detail["serial"] = self.getSerial()

        otpkey = None
        if "otpkey" in info:
            otpkey = info.get("otpkey")

        if otpkey is not None:
            response_detail["otpkey"] = {
                "order": "1",
                "description": _("OTP seed"),
                "value": "seed://%s" % otpkey,
                "img": create_img(otpkey, width=200),
            }

        return response_detail
Exemplo n.º 5
0
    def getInitDetail(self, params, user=None):
        '''
        to complete the token normalisation, the response of the initialiastion
        should be build by the token specific method, the getInitDetails
        '''

        _ = context['translate']

        response_detail = {}

        info = self.getInfo()
        response_detail.update(info)
        response_detail['serial'] = self.getSerial()

        otpkey = None
        if 'otpkey' in info:
            otpkey = info.get('otpkey')

        if otpkey is not None:
            response_detail["otpkey"] = {
                "order": '1',
                "description": _("OTP seed"),
                "value": "seed://%s" % otpkey,
                "img": create_img(otpkey, width=200),
            }

        return response_detail
Exemplo n.º 6
0
    def getInitDetail(self, params, user=None):
        '''
        to complete the token normalisation, the response of the initialiastion
        should be build by the token specific method, the getInitDetails
        '''

        _ = context['translate']

        response_detail = {}

        info = self.getInfo()
        response_detail.update(info)
        response_detail['serial'] = self.getSerial()

        otpkey = None
        if 'otpkey' in info:
            otpkey = info.get('otpkey')

        if otpkey is not None:
            response_detail["otpkey"] = {"order": '1',
                                         "description": _("OTP seed"),
                                         "value":  "seed://%s" % otpkey,
                                         "img":  create_img(otpkey, width=200),
                                         }

        return response_detail
Exemplo n.º 7
0
    def getInitDetail(self, params, user=None):
        '''
        to complete the token normalisation, the response of the initialiastion
        should be build by the token specific method, the getInitDetails
        '''

        _ = context['translate']

        response_detail = {}

        info = self.getInfo()
        # add : app_import, serial and sharedsecret
        response_detail.update(info)

        otpkey = None
        if 'otpkey' in info:
            otpkey = info.get('otpkey')

        if otpkey is not None:
            response_detail["otpkey"] = {
                "order": '1',
                "description": _("OTP seed"),
                "value": "seed://%s" % otpkey,
                "img": create_img(otpkey, width=200),
            }

        ocra_url = info.get('app_import')

        response_detail["ocraurl"] = {
            "order": '0',
            "description": _("URL for OCRA token"),
            "value": ocra_url,
            "img": create_img(ocra_url, width=250),
        }

        return response_detail
Exemplo n.º 8
0
    def getInitDetail(self, params , user=None):
        '''
        to complete the token normalisation, the response of the initialiastion
        should be build by the token specific method, the getInitDetails
        '''
        response_detail = {}

        info = self.getInfo()
        response_detail.update(info)

        ocra_url = info.get('app_import')
        response_detail["ocraurl"] = {
               "description" : _("URL for OCRA token"),
               "value" : ocra_url,
               "img"   : create_img(ocra_url, width=250)}

        return response_detail
Exemplo n.º 9
0
    def getInitDetail(self, params, user=None):

        """
        returns initialization details in the enrollment process
        (gets called after update method). used here to pass the
        pairing url to the user

        :param params: parameters provided by the client

        :param user: (unused)

        :raises TokenStateError: If token state is not 'initialized'

        :returns: a dict consisting of a 'pairing_url' entry, containing
            the pairing url and a 'pushtoken_pairing_url' entry containing
            a data structure used in the manage frontend in the enrollment
            process
        """

        _ = context['translate']
        response_detail = {}

        self.ensure_state('initialized')

        # ------------------------------------------------------------------- --

        # collect data used for generating the pairing url

        serial = self.getSerial()

        # ------------------------------------------------------------------- --

        owner = get_token_owner(self)
        if owner and owner.login and owner.realm:
            realms = [owner.realm]
        else:
            realms = self.getRealms()

        # it is guaranteed, that cb_url has a value
        # because we checked it in the update method

        cb_url = get_single_auth_policy('pushtoken_pairing_callback_url',
                                        user=owner, realms=realms)

        # --------------------------------------------------------------- --

        partition = self.getFromTokenInfo('partition')

        # FIXME: certificate usage

        pairing_url = generate_pairing_url(token_type='push',
                                           partition=partition,
                                           serial=serial,
                                           callback_url=cb_url,
                                           use_cert=False)

        # --------------------------------------------------------------- --

        self.addToInfo('pairing_url', pairing_url)
        response_detail['pairing_url'] = pairing_url

        # --------------------------------------------------------------- --

        # add response tabs (used in the manage view on enrollment)

        response_detail['lse_qr_url'] = {
            'description': _('Pairing URL'),
            'img': create_img(pairing_url, width=250),
            'order': 0,
            'value': pairing_url}

        response_detail['serial'] = self.getSerial()

        # ------------------------------------------------------------------ --

        self.change_state('unpaired')

        return response_detail
Exemplo n.º 10
0
    def getInitDetail(self, params, user=None):

        _ = context['translate']
        response_detail = {}

        param_keys = set(params.keys())
        init_rollout_state_keys = {'type', 'hashlib', 'serial', '::scope::',
                                   'key_size', 'user.login', 'description',
                                   'user.realm', 'session', 'otplen', 'pin',
                                   'resConf', 'user', 'realm', 'qr'}

        # ----------------------------------------------------------------------

        if param_keys.issubset(init_rollout_state_keys):

            # collect data used for generating the pairing url

            serial = self.getSerial()
            # for qrtoken hashlib is ignored
            hash_algorithm = None
            pub_key = get_qrtoken_public_key()
            otp_pin_length = int(self.getOtpLen())

            owner = get_token_owner(self)
            if owner and owner.login and owner.realm:
                realms = [owner.realm]
                user = owner
            else:
                realms = self.getRealms()

            pairing_policies = ['qrtoken_pairing_callback_url',
                                'qrtoken_pairing_callback_sms']

            # it is guaranteed, that either cb_url or cb_sms has a value
            # because we checked it in the update method

            cb_url = get_single_auth_policy(pairing_policies[0],
                                            user=owner, realms=realms)
            cb_sms = get_single_auth_policy(pairing_policies[1],
                                            user=owner, realms=realms)

            cert_id = get_pairing_certificate_id(realms=realms, user=user)

            # ------------------------------------------------------------------

            pairing_url = generate_pairing_url('qrtoken',
                                               server_public_key=pub_key,
                                               serial=serial,
                                               callback_url=cb_url,
                                               callback_sms_number=cb_sms,
                                               otp_pin_length=otp_pin_length,
                                               hash_algorithm=hash_algorithm,
                                               cert_id=cert_id)

            # ------------------------------------------------------------------

            self.addToInfo('pairing_url', pairing_url)
            response_detail['pairing_url'] = pairing_url

            # create response tabs
            response_detail['lse_qr_url'] = {
                'description': _('QRToken Pairing Url'),
                'img': create_img(pairing_url, width=250),
                'order': 0,
                'value': pairing_url}
            response_detail['lse_qr_cert'] = {
                'description': _('QRToken Certificate'),
                'img': create_img(pairing_url, width=250),
                'order': 1,
                'value': pairing_url}

            response_detail['serial'] = self.getSerial()

        # ------------------------------------------------------------------ --

        else:

            # make sure the call aborts, if request
            # type wasn't recognized

            raise Exception('Unknown request type for token type qr')

        # ----------------------------------------------------------------------

        self.change_state('pairing_url_sent')

        return response_detail
Exemplo n.º 11
0
    def getInitDetail(self, params, user=None):

        _ = context['translate']
        response_detail = {}

        param_keys = set(params.keys())
        init_rollout_state_keys = set([
            'type', 'hashlib', 'serial', '::scope::', 'key_size', 'user.login',
            'description', 'user.realm', 'session', 'otplen', 'pin', 'resConf',
            'user', 'realm', 'qr'
        ])

        # ------------------------------------------------------------------- --

        if param_keys.issubset(init_rollout_state_keys):

            # collect data used for generating the pairing url

            serial = self.getSerial()
            # for qrtoken hashlib is ignored
            hash_algorithm = None
            otp_pin_length = int(self.getOtpLen())

            owner = get_token_owner(self)
            if owner and owner.login and owner.realm:
                realms = [owner.realm]
                user = owner
            else:
                realms = self.getRealms()

            pairing_policies = [
                'qrtoken_pairing_callback_url', 'qrtoken_pairing_callback_sms'
            ]

            # it is guaranteed, that either cb_url or cb_sms has a value
            # because we checked it in the update method

            cb_url = get_single_auth_policy(pairing_policies[0],
                                            user=owner,
                                            realms=realms)
            cb_sms = get_single_auth_policy(pairing_policies[1],
                                            user=owner,
                                            realms=realms)

            # --------------------------------------------------------------- --

            partition = self.getFromTokenInfo('partition')

            # FIXME: certificate usage

            pairing_url = generate_pairing_url(token_type='qr',
                                               partition=partition,
                                               serial=serial,
                                               callback_url=cb_url,
                                               callback_sms_number=cb_sms,
                                               otp_pin_length=otp_pin_length,
                                               hash_algorithm=hash_algorithm,
                                               use_cert=False)

            # --------------------------------------------------------------- --

            self.addToInfo('pairing_url', pairing_url)
            response_detail['pairing_url'] = pairing_url

            # create response tabs
            response_detail['lse_qr_url'] = {
                'description': _('QRToken Pairing Url'),
                'img': create_img(pairing_url, width=250),
                'order': 0,
                'value': pairing_url
            }
            response_detail['lse_qr_cert'] = {
                'description': _('QRToken Certificate'),
                'img': create_img(pairing_url, width=250),
                'order': 1,
                'value': pairing_url
            }

            response_detail['serial'] = self.getSerial()

        # ------------------------------------------------------------------ --

        else:

            # make sure the call aborts, if request
            # type wasn't recognized

            raise Exception('Unknown request type for token type qr')

        # ------------------------------------------------------------------- --

        self.change_state('pairing_url_sent')

        return response_detail
Exemplo n.º 12
0
    def getInitDetail(self, params, user=None):
        """
        to complete the token normalisation, the response of the initialiastion
        should be build by the token specific method, the getInitDetails
        """
        response_detail = {}

        info = self.getInfo()
        response_detail.update(info)
        response_detail["serial"] = self.getSerial()

        tok_type = self.type.lower()

        otpkey = None
        if "otpkey" in info:
            otpkey = info.get("otpkey")

        if otpkey is not None:
            response_detail["otpkey"] = {
                "order": "1",
                "description": _("OTP seed"),
                "value": "seed://%s" % otpkey,
                "img": create_img(otpkey, width=200),
            }
            try:
                p = {}
                p.update(params)
                p["otpkey"] = otpkey
                p["serial"] = self.getSerial()
                # label
                goo_url = create_google_authenticator(p, user=user)

                response_detail["googleurl"] = {
                    "order": "0",
                    "description": _("OTPAuth Url"),
                    "value": goo_url,
                    "img": create_img(goo_url, width=250),
                }

            except NoOtpAuthTokenException as exx:
                log.warning(exx)

            oath_support = getFromConfig("OATHTokenSupport", "False") == "True"
            if oath_support:
                if user is not None:
                    try:

                        oath_url = create_oathtoken_url(
                            user.login,
                            user.realm,
                            otpkey,
                            tok_type,
                            serial=self.getSerial(),
                        )
                        response_detail["oathurl"] = {
                            "order": "2",
                            "description": _("URL for OATH token"),
                            "value": oath_url,
                            "img": create_img(oath_url, width=250),
                        }
                    except Exception as ex:
                        log.info("failed to set oath or google url: %r", ex)

        return response_detail
Exemplo n.º 13
0
    def getInitDetail(self, params, user=None):

        """
        returns initialization details in the enrollment process
        (gets called after update method). used here to pass the
        pairing url to the user

        :param params: parameters provided by the client

        :param user: (unused)

        :raises TokenStateError: If token state is not 'initialized'

        :returns: a dict consisting of a 'pairing_url' entry, containing
            the pairing url and a 'pushtoken_pairing_url' entry containing
            a data structure used in the manage frontend in the enrollment
            process
        """

        _ = context['translate']
        response_detail = {}

        self.ensure_state('initialized')

        # ------------------------------------------------------------------- --

        # collect data used for generating the pairing url

        serial = self.getSerial()

        # ------------------------------------------------------------------- --

        owner = get_token_owner(self)
        if owner and owner.login and owner.realm:
            realms = [owner.realm]
        else:
            realms = self.getRealms()

        # it is guaranteed, that cb_url has a value
        # because we checked it in the update method

        cb_url = get_single_auth_policy('pushtoken_pairing_callback_url',
                                        user=owner, realms=realms)

        # --------------------------------------------------------------- --

        partition = self.getFromTokenInfo('partition')

        # FIXME: certificate usage

        pairing_url = generate_pairing_url(token_type='push',
                                           partition=partition,
                                           serial=serial,
                                           callback_url=cb_url,
                                           use_cert=False)

        # --------------------------------------------------------------- --

        self.addToInfo('pairing_url', pairing_url)
        response_detail['pairing_url'] = pairing_url

        # --------------------------------------------------------------- --

        # add response tabs (used in the manage view on enrollment)

        response_detail['lse_qr_url'] = {
            'description': _('Pairing URL'),
            'img': create_img(pairing_url, width=250),
            'order': 0,
            'value': pairing_url}

        response_detail['serial'] = self.getSerial()

        # ------------------------------------------------------------------ --

        self.change_state('unpaired')

        return response_detail