Exemplo n.º 1
0
 def set_data(self, value):
     """
     :return: Return the encrypted value
     """
     aes = AESCipher(str(settings.SECRET_KEY) + str(self.login))
     self.encrypted_value = aes.encrypt(str(value)).decode('utf8')
     return self.encrypted_value
Exemplo n.º 2
0
 def decrypt(self):
     """
     :return: Return the password in cleartext
     """
     aes = AESCipher(str(settings.SECRET_KEY) + str(self.login))
     data = aes.decrypt(self.encrypted_value)
     if str(data) == '':
         return None
     return data
Exemplo n.º 3
0
 def get_data(self, to_decrypt, app_id, backend_id, login, name):
     """
     :return: Return the password in cleartext
     """
     self.encrypted_value = to_decrypt
     aes = AESCipher(
         str(settings.SECRET_KEY) + str(app_id) + str(backend_id) +
         str(login) + str(name))
     self.encrypted_name = aes.key.hex()
     data = aes.decrypt(self.encrypted_value)
     if str(data) == '':
         return None
     return data
Exemplo n.º 4
0
 def set_data(self, app_id, app_name, backend_id, repo_name, login, name,
              value):
     """
     :return: Return the encrypted value
     """
     aes = AESCipher(
         str(settings.SECRET_KEY) + str(app_id) + str(backend_id) +
         str(login) + str(name))
     self.app_name = str(app_name)
     self.repo_name = str(repo_name)
     self.login = str(login)
     self.encrypted_value = aes.encrypt(str(value))
     self.encrypted_name = aes.key.hex()
     return self.encrypted_value
Exemplo n.º 5
0
    def register_authentication(self, app_id, app_name, backend_id, login):
        """ This method interract with SSOProfile objects in Mongo """
        """ Try to retrieve the SSOProfile in internal database """
        try:
            logger.debug("TOTP::Register_authentication: Trying to retrieve encrypted key in Mongo")
            aes = AESCipher("{}{}{}{}{}".format(settings.SECRET_KEY, app_id, backend_id, login, "totp"))
            encrypted_field = aes.key.encode('hex')
            sso_profile = LearningProfile.objects.filter(encrypted_name=encrypted_field, login=login).first()
            if sso_profile:
                logger.info("TOTP::Register_authentication: Encrypted key successfully retrieved from Mongo")
                decrypted_value = sso_profile.get_data(sso_profile.encrypted_value, app_id, backend_id, login, "totp")
                if decrypted_value:
                    logger.info("TOTP:Register_authentication: Encrypted key successfully decrypted")
                    return False, decrypted_value
        except Exception as e:
            logger.exception(e)
            raise e

        logger.info("TOTP secret key not found. Creating-it.")

        """ If the SSOProfile does not exists, create-it and save-it """
        try:
            # returns a 16 character base32 secret.
            # Compatible with Google Authenticator and other OTP apps
            new_key = pyotp_random_base32()
            # Save in Mongo
            sso_profile = LearningProfile()
            sso_profile.set_data(app_id, app_name, backend_id, BaseRepository.objects.get(pk=backend_id).name,
                                 login, "totp", new_key)
            sso_profile.store()
            return True, new_key
        except Exception as e:
            logger.exception(e)
            raise e
Exemplo n.º 6
0
 def retrieve_sso_profile(self, username, field):
     aes = AESCipher(
         str(settings.SECRET_KEY) + str(self.application.id) +
         str(self.backend_id) + str(username) + str(field))
     encrypted_field = aes.key.encode('hex')
     sso = LearningProfile.objects.filter(encrypted_name=encrypted_field,
                                          login=username).first()
     return sso