Пример #1
0
 def test_bogus_user(self):
     """ A bogus user is denied """
     os.environ['common_name'] = 'user-who-does-not-exist'
     os.environ['password'] = '******'
     library = DuoOpenVPN()
     library.log_to_stdout = False
     res = library.main_authentication()
     self.assertFalse(res, 'invalid users must be denied')
Пример #2
0
 def test_bogus_user(self):
     """ A bogus user is denied """
     os.environ['common_name'] = 'user-who-does-not-exist'
     os.environ['password'] = '******'
     library = DuoOpenVPN()
     library.log_to_stdout = False
     res = library.main_authentication()
     self.assertFalse(res, 'invalid users must be denied')
Пример #3
0
 def test_2fa_user_good(self):
     """ A 2FA user with a bad push fails  PLEASE ALLOW """
     if not self.deep_test_main:  # pragma: no cover
         return self.skipTest('because of .deep_testing preference')
     os.environ['common_name'] = self.normal_user
     os.environ['password'] = '******'
     library = DuoOpenVPN()
     library.log_to_stdout = False
     res = library.main_authentication()
     self.assertTrue(res, '2fa user with an allow must be True')
Пример #4
0
 def test_2fa_user_good(self):
     """ A 2FA user with a bad push fails  PLEASE ALLOW """
     if not self.deep_test_main:  # pragma: no cover
         return self.skipTest('because of .deep_testing preference')
     os.environ['common_name'] = self.normal_user
     os.environ['password'] = '******'
     library = DuoOpenVPN()
     library.log_to_stdout = False
     res = library.main_authentication()
     self.assertTrue(res, '2fa user with an allow must be True')
Пример #5
0
 def test_2fa_user_bad(self):
     """ A 2FA user with a bad push fails  PLEASE DENY """
     if not self.deep_test_main:
         return self.skipTest('because of .deep_testing preference')
     os.environ['common_name'] = self.normal_user
     os.environ['password'] = '******'
     library = DuoOpenVPN()
     library.log_to_stdout = False
     res = library.main_authentication()
     self.assertFalse(res, '2fa user with a deny must be False')
Пример #6
0
 def test_1fa_user_bad_pw(self):
     """ A 1FA user with a bad password fails """
     try:
         one_fa_user = self.main_object.configfile.get(
             'testing', 'one_fa_user')
     except (NoOptionError, NoSectionError):  # pragma: no cover
         return self.skipTest('No testing/one_fa_user defined')
     os.environ['common_name'] = one_fa_user
     os.environ['password'] = '******'
     library = DuoOpenVPN()
     library.log_to_stdout = False
     res = library.main_authentication()
     self.assertFalse(res, '1fa user with bad password must be denied')
Пример #7
0
 def test_1fa_user_bad_pw(self):
     """ A 1FA user with a bad password fails """
     try:
         one_fa_user = self.main_object.configfile.get('testing',
                                                       'one_fa_user')
     except (NoOptionError, NoSectionError):  # pragma: no cover
         return self.skipTest('No testing/one_fa_user defined')
     os.environ['common_name'] = one_fa_user
     os.environ['password'] = '******'
     library = DuoOpenVPN()
     library.log_to_stdout = False
     res = library.main_authentication()
     self.assertFalse(res, '1fa user with bad password must be denied')
Пример #8
0
 def test_1fa_user_bad_pw(self):
     """ A 1FA user with a bad password fails """
     if not self.main_object.configfile.has_section('testing'):
         return self.skipTest('No testing section defined')
     if not self.main_object.configfile.has_option('testing',
                                                   'one_fa_user'):
         return self.skipTest('No testing/one_fa_user defined')
     one_fa_user = self.main_object.configfile.get('testing', 'one_fa_user')
     os.environ['common_name'] = one_fa_user
     os.environ['password'] = '******'
     library = DuoOpenVPN()
     library.log_to_stdout = False
     res = library.main_authentication()
     self.assertFalse(res, '1fa user with bad password must be denied')
Пример #9
0
 def test_1fa_user_attempts_2fa(self):
     """ A 1FA user trying to 2FA fails """
     # This is a weird test that stems from a 1FA user pretending to
     # have a Duo.
     try:
         one_fa_user = self.main_object.configfile.get(
             'testing', 'one_fa_user')
     except (NoOptionError, NoSectionError):  # pragma: no cover
         return self.skipTest('No testing/one_fa_user defined')
     os.environ['common_name'] = one_fa_user
     os.environ['password'] = '******'
     library = DuoOpenVPN()
     library.log_to_stdout = False
     res = library.main_authentication()
     self.assertFalse(res, '1fa user attempting to 2fa must be denied')
Пример #10
0
 def test_1fa_user_attempts_2fa(self):
     """ A 1FA user trying to 2FA fails """
     # This is a weird test that stems from a 1FA user pretending to
     # have a Duo.
     try:
         one_fa_user = self.main_object.configfile.get('testing',
                                                       'one_fa_user')
     except (NoOptionError, NoSectionError):  # pragma: no cover
         return self.skipTest('No testing/one_fa_user defined')
     os.environ['common_name'] = one_fa_user
     os.environ['password'] = '******'
     library = DuoOpenVPN()
     library.log_to_stdout = False
     res = library.main_authentication()
     self.assertFalse(res, '1fa user attempting to 2fa must be denied')
Пример #11
0
 def test_1fa_user_good_pw(self):
     """ A 1FA user with a good password works """
     try:
         one_fa_user = self.main_object.configfile.get(
             'testing', 'one_fa_user')
     except (NoOptionError, NoSectionError):  # pragma: no cover
         return self.skipTest('No testing/one_fa_user defined')
     try:
         one_fa_pass = self.main_object.configfile.get(
             'testing', 'one_fa_pass')
     except (NoOptionError, NoSectionError):  # pragma: no cover
         return self.skipTest('No testing/one_fa_pass defined')
     os.environ['common_name'] = one_fa_user
     os.environ['password'] = one_fa_pass
     library = DuoOpenVPN()
     library.log_to_stdout = False
     res = library.main_authentication()
     self.assertTrue(res, '1fa user with good password gets accepted')
Пример #12
0
 def test_1fa_user_good_pw(self):
     """ A 1FA user with a good password works """
     try:
         one_fa_user = self.main_object.configfile.get('testing',
                                                       'one_fa_user')
     except (NoOptionError, NoSectionError):  # pragma: no cover
         return self.skipTest('No testing/one_fa_user defined')
     try:
         one_fa_pass = self.main_object.configfile.get('testing',
                                                       'one_fa_pass')
     except (NoOptionError, NoSectionError):  # pragma: no cover
         return self.skipTest('No testing/one_fa_pass defined')
     os.environ['common_name'] = one_fa_user
     os.environ['password'] = one_fa_pass
     library = DuoOpenVPN()
     library.log_to_stdout = False
     res = library.main_authentication()
     self.assertTrue(res, '1fa user with good password gets accepted')
Пример #13
0
 def test_1fa_user_good_pw(self):
     """ A 1FA user with a good password works """
     if not self.main_object.configfile.has_section('testing'):
         return self.skipTest('No testing section defined')
     if not self.main_object.configfile.has_option('testing',
                                                   'one_fa_user'):
         return self.skipTest('No testing/one_fa_user defined')
     one_fa_user = self.main_object.configfile.get('testing', 'one_fa_user')
     if not self.main_object.configfile.has_option('testing',
                                                   'one_fa_pass'):
         return self.skipTest('No testing/one_fa_pass defined')
     one_fa_pass = self.main_object.configfile.get('testing', 'one_fa_pass')
     os.environ['common_name'] = one_fa_user
     os.environ['password'] = one_fa_pass
     library = DuoOpenVPN()
     library.log_to_stdout = False
     res = library.main_authentication()
     self.assertTrue(res, '1fa user with good password gets accepted')