def test_21_failed_loading(self):
        transactionid = "123456098712"
        set_privacyidea_config("sms.providerConfig", "noJSON")
        set_privacyidea_config(
            "sms.provider", "privacyidea.lib.smsprovider."
            "HttpSMSProvider.HttpSMSProviderWRONG")
        db_token = Token.query.filter_by(serial=self.serial1).first()
        token = SmsTokenClass(db_token)

        c = token.create_challenge(transactionid)
        self.assertFalse(c[0], c)
        self.assertTrue("The PIN was correct, but" in c[1], c[1])

        set_privacyidea_config(
            "sms.provider", "privacyidea.lib.smsprovider."
            "HttpSMSProvider.HttpSMSProvider")
        c = token.create_challenge(transactionid)
        self.assertFalse(c[0], c)
        self.assertTrue("Failed to load sms.providerConfig" in c[1], c[1])
Exemplo n.º 2
0
    def test_21_failed_loading(self):
        transactionid = "123456098712"
        set_privacyidea_config("sms.providerConfig", "noJSON")
        set_privacyidea_config("sms.provider",
                               "privacyidea.lib.smsprovider."
                               "HttpSMSProvider.HttpSMSProviderWRONG")
        db_token = Token.query.filter_by(serial=self.serial1).first()
        token = SmsTokenClass(db_token)

        c = token.create_challenge(transactionid)
        self.assertFalse(c[0], c)
        self.assertTrue("The PIN was correct, but" in c[1], c[1])

        set_privacyidea_config("sms.provider",
                               "privacyidea.lib.smsprovider."
                               "HttpSMSProvider.HttpSMSProvider")
        c = token.create_challenge(transactionid)
        self.assertFalse(c[0], c)
        self.assertTrue("Failed to load sms.providerConfig" in c[1], c[1])
    def test_19_smstext(self):
        # The single quotes in the smstext "'Your <otp>'" is legacy and results in
        # the string without single quotes "Your <otp>".
        smstext_tests = {
            "'Your <otp>'": r"Your [0-9]{6}",
            "Your <otp>": r"Your [0-9]{6}",
            "{user} has the OTP: {otp}": r"Cornelius has the OTP: [0-9]{6}"
        }
        for pol_text, result_text in smstext_tests.items():
            # create a SMSTEXT policy:
            p = set_policy(name="smstext",
                           action="{0!s}={1!s}".format(SMSACTION.SMSTEXT,
                                                       pol_text),
                           scope=SCOPE.AUTH)
            self.assertTrue(p > 0)

            g = FakeFlaskG()
            P = PolicyClass()
            g.audit_object = FakeAudit()
            g.policy_object = P
            options = {"g": g, "user": User("cornelius", self.realm1)}

            responses.add(responses.POST,
                          self.SMSHttpUrl,
                          body=self.success_body)
            set_privacyidea_config("sms.providerConfig",
                                   self.SMSProviderConfig)
            db_token = Token.query.filter_by(serial=self.serial1).first()
            token = SmsTokenClass(db_token)
            c = token.create_challenge(options=options)
            self.assertTrue(c[0], c)
            display_message = c[1]
            self.assertEqual(display_message, _("Enter the OTP from the SMS:"))
            self.assertEqual(c[3].get("state"), None)

            smstext = token._get_sms_text(options)
            self.assertEqual(pol_text.strip("'"), smstext)
            r, message = token._send_sms(smstext, options)
            self.assertRegexpMatches(message, result_text)

        # Test AUTOSMS
        p = set_policy(name="autosms",
                       action=SMSACTION.SMSAUTO,
                       scope=SCOPE.AUTH)
        self.assertTrue(p > 0)

        g = FakeFlaskG()
        P = PolicyClass()
        g.policy_object = P
        g.audit_object = FakeAudit()
        options = {"g": g}

        r = token.check_otp(self.valid_otp_values[5 + len(smstext_tests)],
                            options=options)
        self.assertTrue(r > 0, r)
Exemplo n.º 4
0
    def test_18_challenge_request(self):
        responses.add(responses.POST, self.SMSHttpUrl, body=self.success_body)
        transactionid = "123456098712"
        set_privacyidea_config("sms.providerConfig", self.SMSProviderConfig)
        db_token = Token.query.filter_by(serial=self.serial1).first()
        token = SmsTokenClass(db_token)
        self.assertTrue(token.check_otp("123456", 1, 10) == -1)
        c = token.create_challenge(transactionid)
        self.assertTrue(c[0], c)
        otp = c[1]
        self.assertTrue(c[3].get("state"), transactionid)

        # check for the challenges response
        r = token.check_challenge_response(passw=otp)
        self.assertTrue(r, r)
Exemplo n.º 5
0
    def test_18_challenge_request(self):
        responses.add(responses.POST,
                      self.SMSHttpUrl,
                      body=self.success_body)
        transactionid = "123456098712"
        set_privacyidea_config("sms.providerConfig", self.SMSProviderConfig)
        db_token = Token.query.filter_by(serial=self.serial1).first()
        token = SmsTokenClass(db_token)
        self.assertTrue(token.check_otp("123456", 1, 10) == -1)
        c = token.create_challenge(transactionid)
        self.assertTrue(c[0], c)
        otp = c[1]
        self.assertTrue(c[3].get("state"), transactionid)

        # check for the challenges response
        r = token.check_challenge_response(passw=otp)
        self.assertTrue(r, r)
Exemplo n.º 6
0
    def test_18a_challenge_request_dynamic(self):
        # Send a challenge request for an SMS token with a dynamic phone number
        responses.add(responses.POST, self.SMSHttpUrl, body=self.success_body)
        transactionid = "123456098712"
        set_privacyidea_config("sms.providerConfig", self.SMSProviderConfig)
        db_token = Token.query.filter_by(serial=self.serial2).first()
        token = SmsTokenClass(db_token)
        self.assertTrue(token.check_otp("123456", 1, 10) == -1)
        c = token.create_challenge(transactionid)
        self.assertTrue(c[0], c)
        otp = c[1]
        self.assertTrue(c[3].get("state"), transactionid)

        # check for the challenges response
        r = token.check_challenge_response(
            passw=otp, options={"transaction_id": transactionid})
        self.assertTrue(r, r)
Exemplo n.º 7
0
 def test_18b_challenge_request_dynamic_multivalue(self):
     responses.add(responses.POST,
                   self.SMSHttpUrl,
                   body=self.success_body)
     transactionid = "123456098712"
     set_privacyidea_config("sms.providerConfig", self.SMSProviderConfig)
     db_token = Token.query.filter_by(serial=self.serial2).first()
     token = SmsTokenClass(db_token)
     # if the email is a multi-value attribute, the first address should be chosen
     new_user_info = token.user.info.copy()
     new_user_info['mobile'] = ['1234', '5678']
     with mock.patch('privacyidea.lib.resolvers.PasswdIdResolver.IdResolver.getUserInfo') as mock_user_info:
         mock_user_info.return_value = new_user_info
         c = token.create_challenge(transactionid)
         self.assertTrue(c[0], c)
         self.assertIn('destination=1234', responses.calls[0].request.body)
         self.assertNotIn('destination=5678', responses.calls[0].request.body)
Exemplo n.º 8
0
 def test_18b_challenge_request_dynamic_multivalue(self):
     responses.add(responses.POST,
                   self.SMSHttpUrl,
                   body=self.success_body)
     transactionid = "123456098712"
     set_privacyidea_config("sms.providerConfig", self.SMSProviderConfig)
     db_token = Token.query.filter_by(serial=self.serial2).first()
     token = SmsTokenClass(db_token)
     # if the email is a multi-value attribute, the first address should be chosen
     new_user_info = token.user.info.copy()
     new_user_info['mobile'] = ['1234', '5678']
     with mock.patch('privacyidea.lib.resolvers.PasswdIdResolver.IdResolver.getUserInfo') as mock_user_info:
         mock_user_info.return_value = new_user_info
         c = token.create_challenge(transactionid)
         self.assertTrue(c[0], c)
         self.assertIn('destination=1234', responses.calls[0].request.body)
         self.assertNotIn('destination=5678', responses.calls[0].request.body)
Exemplo n.º 9
0
    def test_19_smstext(self):
        # create a SMSTEXT policy:
        p = set_policy(name="smstext",
                       action="{0!s}={1!s}".format(SMSACTION.SMSTEXT, "'Your <otp>'"),
                       scope=SCOPE.AUTH)
        self.assertTrue(p > 0)

        g = FakeFlaskG()
        P = PolicyClass()
        g.audit_object = FakeAudit()
        g.policy_object = P
        options = {"g": g}

        responses.add(responses.POST,
                      self.SMSHttpUrl,
                      body=self.success_body)
        set_privacyidea_config("sms.providerConfig", self.SMSProviderConfig)
        db_token = Token.query.filter_by(serial=self.serial1).first()
        token = SmsTokenClass(db_token)
        c = token.create_challenge(options=options)
        self.assertTrue(c[0], c)
        display_message = c[1]
        self.assertEqual(display_message, _("Enter the OTP from the SMS:"))
        self.assertEqual(c[3].get("state"), None)

        # check for the challenges response
        # r = token.check_challenge_response(passw="287922")
        # self.assertTrue(r, r)

        # Test AUTOSMS
        p = set_policy(name="autosms",
                       action=SMSACTION.SMSAUTO,
                       scope=SCOPE.AUTH)
        self.assertTrue(p > 0)

        g = FakeFlaskG()
        P = PolicyClass()
        g.policy_object = P
        g.audit_object = FakeAudit()
        options = {"g": g}

        r = token.check_otp("287922", options=options)
        self.assertTrue(r > 0, r)
Exemplo n.º 10
0
    def test_19_smstext(self):
        # create a SMSTEXT policy:
        p = set_policy(name="smstext",
                       action="{0!s}={1!s}".format(SMSACTION.SMSTEXT, "'Your <otp>'"),
                       scope=SCOPE.AUTH)
        self.assertTrue(p > 0)

        g = FakeFlaskG()
        P = PolicyClass()
        g.audit_object = FakeAudit()
        g.policy_object = P
        options = {"g": g}

        responses.add(responses.POST,
                      self.SMSHttpUrl,
                      body=self.success_body)
        set_privacyidea_config("sms.providerConfig", self.SMSProviderConfig)
        db_token = Token.query.filter_by(serial=self.serial1).first()
        token = SmsTokenClass(db_token)
        c = token.create_challenge(options=options)
        self.assertTrue(c[0], c)
        display_message = c[1]
        self.assertEqual(display_message, _("Enter the OTP from the SMS:"))
        self.assertEqual(c[3].get("state"), None)

        # check for the challenges response
        # r = token.check_challenge_response(passw="287922")
        # self.assertTrue(r, r)

        # Test AUTOSMS
        p = set_policy(name="autosms",
                       action=SMSACTION.SMSAUTO,
                       scope=SCOPE.AUTH)
        self.assertTrue(p > 0)

        g = FakeFlaskG()
        P = PolicyClass()
        g.policy_object = P
        g.audit_object = FakeAudit()
        options = {"g": g}

        r = token.check_otp("287922", options=options)
        self.assertTrue(r > 0, r)
Exemplo n.º 11
0
    def test_18a_challenge_request_dynamic(self):
        # Send a challenge request for an SMS token with a dynamic phone number
        responses.add(responses.POST,
                      self.SMSHttpUrl,
                      body=self.success_body)
        transactionid = "123456098712"
        set_privacyidea_config("sms.providerConfig", self.SMSProviderConfig)
        db_token = Token.query.filter_by(serial=self.serial2).first()
        token = SmsTokenClass(db_token)
        self.assertTrue(token.check_otp("123456", 1, 10) == -1)
        c = token.create_challenge(transactionid)
        self.assertTrue(c[0], c)
        otp = c[1]
        self.assertTrue(c[3].get("state"), transactionid)

        # check for the challenges response
        r = token.check_challenge_response(passw=otp,
                                           options={"transaction_id":
                                                        transactionid})
        self.assertTrue(r, r)