Пример #1
0
    def test_03_set_new_password(self):
        smtpmock.setdata(response={"*****@*****.**": (200, "OK")})
        # Get the recovery code
        recoverycode = "reccode"
        new_password = "******"
        user = User("corneliusReg", "register")
        r = create_recoverycode(user, recoverycode=recoverycode)
        self.assertEqual(r, True)
        # Use the recoverycode to set a new password
        with self.app.test_request_context('/recover/reset',
                                           method='POST',
                                           data={
                                               "user": "******",
                                               "realm": "register",
                                               "recoverycode": recoverycode,
                                               "password": new_password
                                           }):
            res = self.app.full_dispatch_request()
            self.assertTrue(res.status_code == 200, res.data)
            data = json.loads(res.data.decode('utf8'))
            self.assertEqual(data.get("result").get("value"), True)

        # send an invalid recoverycode
        with self.app.test_request_context('/recover/reset',
                                           method='POST',
                                           data={
                                               "user": "******",
                                               "realm": "register",
                                               "recoverycode": "asdf",
                                               "password": new_password
                                           }):
            res = self.app.full_dispatch_request()
            self.assertTrue(res.status_code == 200, res.data)
            data = json.loads(res.data.decode('utf8'))
            self.assertEqual(data.get("result").get("value"), False)
Пример #2
0
    def test_03_set_new_password(self):
        smtpmock.setdata(response={"*****@*****.**": (200, "OK")})
        # Get the recovery code
        recoverycode = "reccode"
        new_password = "******"
        user = User("corneliusReg", "register")
        r = create_recoverycode(user, recoverycode=recoverycode)
        self.assertEqual(r, True)
        # Use the recoverycode to set a new password
        with self.app.test_request_context('/recover/reset',
                                           method='POST',
                                           data={"user": "******",
                                                 "realm": "register",
                                                 "recoverycode": recoverycode,
                                                 "password": new_password}):
            res = self.app.full_dispatch_request()
            self.assertTrue(res.status_code == 200, res.data)
            data = json.loads(res.data.decode('utf8'))
            self.assertEqual(data.get("result").get("value"), True)

        # send an invalid recoverycode
        with self.app.test_request_context('/recover/reset',
                                           method='POST',
                                           data={"user": "******",
                                                 "realm": "register",
                                                 "recoverycode": "asdf",
                                                 "password": new_password}):
            res = self.app.full_dispatch_request()
            self.assertTrue(res.status_code == 200, res.data)
            data = json.loads(res.data.decode('utf8'))
            self.assertEqual(data.get("result").get("value"), False)
Пример #3
0
    def test_04_create_recovery_nonascii(self):
        smtpmock.setdata(response={"*****@*****.**": (200, "OK")})
        recoverycode = "reccode"
        # create resolver and realm
        param = self.parameters
        param["resolver"] = "register"
        param["type"] = "sqlresolver"
        r = save_resolver(param)
        self.assertTrue(r > 0)
        # recover password with "recovery.identifier"
        r = add_smtpserver(identifier="myserver", server="1.2.3.4")
        self.assertTrue(r > 0)
        set_privacyidea_config("recovery.identifier", "myserver")
        r = create_recoverycode(User(u"nönäscii", "register"),
                                recoverycode=recoverycode)
        self.assertEqual(r, True)

        user = User(u"nönäscii", "register")

        r = check_recoverycode(user, recoverycode)
        self.assertEqual(r, True)

        # The recovery code is not valid a second time
        r = check_recoverycode(user, recoverycode)
        self.assertEqual(r, False)
Пример #4
0
    def test_02_check_recoverycode(self):
        smtpmock.setdata(response={"*****@*****.**": (200, "OK")})
        recoverycode = "reccode"
        user = User("cornelius", self.realm1)
        r = create_recoverycode(user, recoverycode=recoverycode)
        self.assertEqual(r, True)

        r = check_recoverycode(user, recoverycode)
        self.assertEqual(r, True)

        # The recovery code is not valid a second time
        r = check_recoverycode(user, recoverycode)
        self.assertEqual(r, False)
Пример #5
0
    def test_01_create_recovery(self):
        smtpmock.setdata(response={"*****@*****.**": (200, "OK")})

        # missing configuration
        self.assertRaises(privacyIDEAError, create_recoverycode,
                          user=User("cornelius", self.realm1))

        # recover password with "recovery.identifier"
        r = add_smtpserver(identifier="myserver", server="1.2.3.4")
        self.assertTrue(r > 0)
        set_privacyidea_config("recovery.identifier", "myserver")
        r = create_recoverycode(User("cornelius", self.realm1))
        self.assertEqual(r, True)
Пример #6
0
def get_recover_code():
    """
    This method requests a recover code for a user. The recover code it sent
    via email to the user.

    :queryparam user: username of the user
    :queryparam realm: realm of the user
    :queryparam email: email of the user
    :return: JSON with value=True or value=False
    """
    param = request.all_data
    user_obj = get_user_from_param(param, required)
    email = getParam(param, "email", required)
    r = create_recoverycode(user_obj, email, base_url=request.base_url)
    g.audit_object.log({"success": r, "info": u"{0!s}".format(user_obj)})
    return send_result(r)
Пример #7
0
def get_recover_code():
    """
    This method requests a recover code for a user. The recover code it sent
    via email to the user.

    :queryparam user: username of the user
    :queryparam realm: realm of the user
    :queryparam email: email of the user
    :return: JSON with value=True or value=False
    """
    param = request.all_data
    user_obj = get_user_from_param(param, required)
    email = getParam(param, "email", required)
    r = create_recoverycode(user_obj, email, base_url=request.base_url)
    g.audit_object.log({"success": r,
                        "info": u"{0!s}".format(user_obj)})
    return send_result(r)
Пример #8
0
    def test_04_create_recovery_nonascii(self):
        smtpmock.setdata(response={"*****@*****.**": (200, "OK")})
        recoverycode = "reccode"
        # create resolver and realm
        param = self.parameters
        param["resolver"] = "register"
        param["type"] = "sqlresolver"
        r = save_resolver(param)
        self. assertTrue(r > 0)
        # recover password with "recovery.identifier"
        r = add_smtpserver(identifier="myserver", server="1.2.3.4")
        self.assertTrue(r > 0)
        set_privacyidea_config("recovery.identifier", "myserver")
        r = create_recoverycode(User(u"nönäscii", "register"), recoverycode=recoverycode)
        self.assertEqual(r, True)

        user = User(u"nönäscii", "register")

        r = check_recoverycode(user, recoverycode)
        self.assertEqual(r, True)

        # The recovery code is not valid a second time
        r = check_recoverycode(user, recoverycode)
        self.assertEqual(r, False)