def _auth_push_thread(self): info={ 'Server': self.server.name, } platform_name = None if self.platform == 'linux': platform_name = 'Linux' elif self.platform == 'mac' or self.platform == 'ios': platform_name = 'Apple' elif self.platform == 'win': platform_name = 'Windows' elif self.platform == 'chrome': platform_name = 'Chrome OS' if self.device_name: info['Device'] = '%s (%s)' % (self.device_name, platform_name) if self.push_type == DUO_AUTH: allow, _ = sso.auth_duo( self.user.name, ipaddr=self.remote_ip, type='Connection', info=info, ) elif self.push_type == SAML_OKTA_AUTH: allow = sso.auth_okta_push( self.user.name, ipaddr=self.remote_ip, type='Connection', info=info, ) else: raise ValueError('Unkown push auth type') if not allow: self.user.audit_event('user_connection', ('User connection to "%s" denied. ' + 'Push authentication failed') % ( self.server.name), remote_addr=self.remote_ip, ) raise AuthError('User failed push authentication')
def _auth_push_thread(self): info = { 'Server': self.server.name, } platform_name = None if self.platform == 'linux': platform_name = 'Linux' elif self.platform == 'mac' or self.platform == 'ios': platform_name = 'Apple' elif self.platform == 'win': platform_name = 'Windows' elif self.platform == 'chrome': platform_name = 'Chrome OS' if self.device_name: info['Device'] = '%s (%s)' % (self.device_name, platform_name) if self.push_type == DUO_AUTH: allow, _ = sso.auth_duo( self.user.name, ipaddr=self.remote_ip, type='Connection', info=info, ) elif self.push_type == SAML_OKTA_AUTH: allow = sso.auth_okta_push( self.user.name, ipaddr=self.remote_ip, type='Connection', info=info, ) else: raise ValueError('Unkown push auth type') if not allow: self.user.audit_event( 'user_connection', ('User connection to "%s" denied. ' + 'Push authentication failed') % (self.server.name), remote_addr=self.remote_ip, ) raise AuthError('User failed push authentication')
def _auth_push_thread(self): info = { 'Server': self.server.name, } platform_name = None if self.platform == 'linux': platform_name = 'Linux' elif self.platform == 'mac' or self.platform == 'ios': platform_name = 'Apple' elif self.platform == 'win': platform_name = 'Windows' elif self.platform == 'chrome': platform_name = 'Chrome OS' if self.device_name: info['Device'] = '%s (%s)' % (self.device_name, platform_name) if self.push_type == DUO_AUTH: allow, _ = sso.auth_duo( self.user.name, ipaddr=self.remote_ip, type='Connection', info=info, ) elif self.push_type == SAML_OKTA_AUTH: allow = sso.auth_okta_push( self.user.name, ipaddr=self.remote_ip, type='Connection', info=info, ) else: raise ValueError('Unkown push auth type') if not allow: self.user.audit_event( 'user_connection', ('User connection to "%s" denied. ' + 'Push authentication failed') % (self.server.name), remote_addr=self.remote_ip, ) raise AuthError('User failed push authentication') if settings.app.sso_cache: self.sso_cache_collection.update( { 'user_id': self.user.id, 'server_id': self.server.id, 'remote_ip': self.remote_ip, 'mac_addr': self.mac_addr, 'platform': self.platform, 'device_id': self.device_id, 'device_name': self.device_name, }, { 'user_id': self.user.id, 'server_id': self.server.id, 'remote_ip': self.remote_ip, 'mac_addr': self.mac_addr, 'platform': self.platform, 'device_id': self.device_id, 'device_name': self.device_name, 'timestamp': utils.now(), }, upsert=True)
def _auth_push_thread(self): info={ 'Server': self.server.name, } platform_name = None if self.platform == 'linux': platform_name = 'Linux' elif self.platform == 'mac' or self.platform == 'ios': platform_name = 'Apple' elif self.platform == 'win': platform_name = 'Windows' elif self.platform == 'chrome': platform_name = 'Chrome OS' if self.device_name: info['Device'] = '%s (%s)' % (self.device_name, platform_name) if self.push_type == DUO_AUTH: allow, _ = sso.auth_duo( self.user.name, ipaddr=self.remote_ip, type='Connection', info=info, ) elif self.push_type == SAML_OKTA_AUTH: allow = sso.auth_okta_push( self.user.name, ipaddr=self.remote_ip, type='Connection', info=info, ) else: raise ValueError('Unkown push auth type') if not allow: self.user.audit_event('user_connection', ('User connection to "%s" denied. ' + 'Push authentication failed') % ( self.server.name), remote_addr=self.remote_ip, ) raise AuthError('User failed push authentication') if settings.app.sso_cache: self.sso_cache_collection.update({ 'user_id': self.user.id, 'server_id': self.server.id, 'remote_ip': self.remote_ip, 'mac_addr': self.mac_addr, 'platform': self.platform, 'device_id': self.device_id, 'device_name': self.device_name, }, { 'user_id': self.user.id, 'server_id': self.server.id, 'remote_ip': self.remote_ip, 'mac_addr': self.mac_addr, 'platform': self.platform, 'device_id': self.device_id, 'device_name': self.device_name, 'timestamp': utils.now(), }, upsert=True)