def __init__(self, config=None): if config and config.user: self.username = config.user["username"] self.password = config.user["password"] else: self.username = '******' + id_generator() self.password = id_generator() + id_generator() self.srp_user = srp.User(self.username, self.password, srp.SHA256, srp.NG_1024)
def test_authenticated_on_init(self): usr = _pysrp.User('test', 'test') self.assertTrue(not usr.authenticated()) usr = _ctsrp.User('test', 'test') self.assertTrue(not usr.authenticated()) usr = _srp.User('test', 'test') self.assertTrue(not usr.authenticated())
def run_tests(): login = '******' + id_generator() password = id_generator() + "äöì" + id_generator() usr = srp.User(login, password, srp.SHA256, srp.NG_1024) print_and_parse(signup(login, password)) auth = print_and_parse(authenticate(usr)) verify_or_debug(auth, usr) assert usr.authenticated()
def _login(username, passphrase, provider, api_uri, api_version): usr = srp.User(username, passphrase, srp.SHA256, srp.NG_1024) auth = None try: auth = _authenticate(api_uri, api_version, usr).json() except requests.exceptions.ConnectionError: _fail('Could not connect to server.') if 'errors' in auth: _fail(str(auth['errors'])) return api_uri, api_version, auth
def change_password(user_id, login, token): password = id_generator() + id_generator() salt, vkey = srp.create_salted_verification_key( login, password, srp.SHA256, srp.NG_1024 ) user_params = { 'user[password_verifier]': binascii.hexlify(vkey), 'user[password_salt]': binascii.hexlify(salt) } auth_headers = { 'Authorization': 'Token token="' + token + '"'} print user_params print_and_parse(requests.put(server + '/users/' + user_id + '.json', data = user_params, verify = False, headers = auth_headers)) return srp.User( login, password, srp.SHA256, srp.NG_1024 )
def run(self): with open(r'roots.pem', 'rb') as f: cert = f.read() credentials = grpc.ssl_channel_credentials(root_certificates=cert) channel = grpc.secure_channel('{0}:{1}'.format(self.server, self.port), credentials) util_stub = util_grpc.UtilityServicesStub(channel) req = util.StartLoginSrpRequest(UserName=self.user, Domain=self.domain) srp_start_response = util_stub.StartLoginSrp(req) print('Start SRP result: ', srp_start_response.Response) if srp_start_response.Response == 'success': identity = '{0}@{1}'.format(self.user, self.domain) g_hex = hex(int(srp_start_response.srpg)) n_hex = hex(int(srp_start_response.srpN)) srp.rfc5054_enable(True) usr = srp.User(identity, self.password, hash_alg=srp.SHA256, ng_type=srp.NG_CUSTOM, n_hex=n_hex, g_hex=g_hex) srp.rfc5054_enable(False) _, A = usr.start_authentication() bytes_B = int(srp_start_response.srpb).to_bytes(128, 'big') bytes_s = bytes.fromhex(srp_start_response.srpSalt) M = usr.process_challenge(bytes_s, bytes_B) strMc = hex(int.from_bytes(M, 'big')).lstrip('0x') strEphA = str(int.from_bytes(A, 'big')) srpTransactId = srp_start_response.srpTransactId req = util.CompleteLoginSrpRequest(Identity=identity, srpTransactId=srpTransactId, strEphA=strEphA, strMc=strMc, UserName=self.user, Domain=self.domain, Locale=self.locale) connect_response = util_stub.CompleteLoginSrp(req) print('Connect result: ', connect_response.Response) if connect_response.Response == 'success': req = util.DisconnectRequest( UserToken=connect_response.UserToken) disconnect_response = util_stub.Disconnect(req) print('Disconnect result: ', disconnect_response.ServerResponse)
def run_tests(): login = '******' + id_generator() password = id_generator() + id_generator() usr = srp.User( login, password, srp.SHA256, srp.NG_1024 ) print_and_parse(signup(login, password)) auth = print_and_parse(authenticate(usr)) verify_or_debug(auth, usr) assert usr.authenticated() usr = change_password(auth['id'], login, auth['token']) auth = print_and_parse(authenticate(usr)) verify_or_debug(auth, usr) # At this point the authentication process is complete. assert usr.authenticated()
def get_srp_user(self): username = self.username password = self.initialization_key return srp.User(username, password)