def test_03_set_new_password(self): smtpmock.setdata(response={"*****@*****.**": (200, "OK")}) # Get the recovery code recoverycode = "reccode" new_password = "******" user = User("corneliusReg", "register") r = create_recoverycode(user, recoverycode=recoverycode) self.assertEqual(r, True) # Use the recoverycode to set a new password with self.app.test_request_context('/recover/reset', method='POST', data={ "user": "******", "realm": "register", "recoverycode": recoverycode, "password": new_password }): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 200, res.data) data = json.loads(res.data) self.assertEqual(data.get("result").get("value"), True) # send an invalid recoverycode with self.app.test_request_context('/recover/reset', method='POST', data={ "user": "******", "realm": "register", "recoverycode": "asdf", "password": new_password }): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 200, res.data) data = json.loads(res.data) self.assertEqual(data.get("result").get("value"), False)
def test_03_set_new_password(self): smtpmock.setdata(response={"*****@*****.**": (200, "OK")}) # Get the recovery code recoverycode = "reccode" new_password = "******" user = User("corneliusReg", "register") r = create_recoverycode(user, recoverycode=recoverycode) self.assertEqual(r, True) # Use the recoverycode to set a new password with self.app.test_request_context( "/recover/reset", method="POST", data={"user": "******", "realm": "register", "recoverycode": recoverycode, "password": new_password}, ): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 200, res.data) data = json.loads(res.data) self.assertEqual(data.get("result").get("value"), True) # send an invalid recoverycode with self.app.test_request_context( "/recover/reset", method="POST", data={"user": "******", "realm": "register", "recoverycode": "asdf", "password": new_password}, ): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 200, res.data) data = json.loads(res.data) self.assertEqual(data.get("result").get("value"), False)
def test_19_emailtext(self): # create a EMAILTEXT policy: p = set_policy(name="emailtext", action="%s=%s" % (EMAILACTION.EMAILTEXT, "'Your <otp>'"), scope=SCOPE.AUTH) self.assertTrue(p > 0) g = FakeFlaskG() P = PolicyClass() g.policy_object = P options = {"g": g} smtpmock.setdata(response={"*****@*****.**": (200, "OK")}) transactionid = "123456098713" db_token = Token.query.filter_by(serial=self.serial1).first() token = EmailTokenClass(db_token) c = token.create_challenge(transactionid, options=options) self.assertTrue(c[0], c) display_message = c[1] self.assertTrue(c[3].get("state"), transactionid) self.assertEqual(display_message, "Enter the OTP from the Email:") # Test AUTOEMAIL p = set_policy(name="autoemail", action=EMAILACTION.EMAILAUTO, scope=SCOPE.AUTH) self.assertTrue(p > 0) g = FakeFlaskG() P = PolicyClass() g.policy_object = P options = {"g": g} r = token.check_otp("287922", options=options) self.assertTrue(r > 0, r)
def test_19_emailtext(self): # create a EMAILTEXT policy: p = set_policy(name="emailtext", action="{0!s}={1!s}".format(EMAILACTION.EMAILTEXT, "'Your <otp>'"), scope=SCOPE.AUTH) self.assertTrue(p > 0) g = FakeFlaskG() P = PolicyClass() g.policy_object = P options = {"g": g} smtpmock.setdata(response={"*****@*****.**": (200, "OK")}) transactionid = "123456098713" db_token = Token.query.filter_by(serial=self.serial1).first() token = EmailTokenClass(db_token) c = token.create_challenge(transactionid, options=options) self.assertTrue(c[0], c) display_message = c[1] self.assertTrue(c[3].get("state"), transactionid) self.assertEqual(display_message, "Enter the OTP from the Email:") _, mimetype = token._get_email_text_or_subject(options, EMAILACTION.EMAILTEXT) self.assertEqual(mimetype, "plain") # Test AUTOEMAIL p = set_policy(name="autoemail", action=EMAILACTION.EMAILAUTO, scope=SCOPE.AUTH) self.assertTrue(p > 0) g = FakeFlaskG() P = PolicyClass() g.policy_object = P options = {"g": g} r = token.check_otp("287922", options=options) self.assertTrue(r > 0, r) # create a EMAILTEXT policy with template p = set_policy(name="emailtext", action="{0!s}=file:{1!s}".format(EMAILACTION.EMAILTEXT, TEMPLATE_FILE), scope=SCOPE.AUTH) self.assertTrue(p > 0) g = FakeFlaskG() P = PolicyClass() g.policy_object = P options = {"g": g} smtpmock.setdata(response={"*****@*****.**": (200, "OK")}) transactionid = "123456098714" db_token = Token.query.filter_by(serial=self.serial1).first() token = EmailTokenClass(db_token) email_text, mimetype = token._get_email_text_or_subject(options, EMAILACTION.EMAILTEXT) self.assertTrue("<p>Hello,</p>" in email_text) self.assertEqual(mimetype, "html") c = token.create_challenge(transactionid, options=options) self.assertTrue(c[0], c) display_message = c[1] self.assertTrue(c[3].get("state"), transactionid) self.assertEqual(display_message, "Enter the OTP from the Email:")
def test_19_emailtext(self): # create a EMAILTEXT policy: p = set_policy(name="emailtext", action="{0!s}={1!s}".format(EMAILACTION.EMAILTEXT, "'Your <otp>'"), scope=SCOPE.AUTH) self.assertTrue(p > 0) g = FakeFlaskG() P = PolicyClass() g.policy_object = P options = {"g": g} smtpmock.setdata(response={"*****@*****.**": (200, "OK")}) transactionid = "123456098713" db_token = Token.query.filter_by(serial=self.serial1).first() token = EmailTokenClass(db_token) c = token.create_challenge(transactionid, options=options) self.assertTrue(c[0], c) display_message = c[1] self.assertTrue(c[3].get("state"), transactionid) self.assertEqual(display_message, _("Enter the OTP from the Email:")) _n, mimetype = token._get_email_text_or_subject(options, EMAILACTION.EMAILTEXT) self.assertEqual(mimetype, "plain") # Test AUTOEMAIL p = set_policy(name="autoemail", action=EMAILACTION.EMAILAUTO, scope=SCOPE.AUTH) self.assertTrue(p > 0) g = FakeFlaskG() P = PolicyClass() g.policy_object = P options = {"g": g} r = token.check_otp("287922", options=options) self.assertTrue(r > 0, r) # create a EMAILTEXT policy with template p = set_policy(name="emailtext", action="{0!s}=file:{1!s}".format(EMAILACTION.EMAILTEXT, TEMPLATE_FILE), scope=SCOPE.AUTH) self.assertTrue(p > 0) g = FakeFlaskG() P = PolicyClass() g.policy_object = P options = {"g": g} smtpmock.setdata(response={"*****@*****.**": (200, "OK")}) transactionid = "123456098714" db_token = Token.query.filter_by(serial=self.serial1).first() token = EmailTokenClass(db_token) email_text, mimetype = token._get_email_text_or_subject(options, EMAILACTION.EMAILTEXT) self.assertTrue("<p>Hello,</p>" in email_text) self.assertEqual(mimetype, "html") c = token.create_challenge(transactionid, options=options) self.assertTrue(c[0], c) display_message = c[1] self.assertTrue(c[3].get("state"), transactionid) self.assertEqual(display_message, _("Enter the OTP from the Email:"))
def test_21_test_email_config(self): from privacyidea.lib.tokens.emailtoken import TEST_SUCCESSFUL smtpmock.setdata(response={"*****@*****.**": (200, "OK")}) r = EmailTokenClass.test_config({"email.mailserver": "mail.example.com", "email.mailfrom": "*****@*****.**", "email.recipient": "*****@*****.**"}) self.assertEqual(r[0], True) self.assertEqual(r[1], TEST_SUCCESSFUL)
def test_20_sending_email_exception(self): smtpmock.setdata(exception=True) transactionid = "123456098714" db_token = Token.query.filter_by(serial=self.serial1).first() token = EmailTokenClass(db_token) c = token.create_challenge(transactionid) self.assertFalse(c[0]) self.assertTrue("The PIN was correct, but the EMail could not " "be sent" in c[1])
def test_20_sending_email_exception(self): smtpmock.setdata(exception=True) transactionid = "123456098712" db_token = Token.query.filter_by(serial=self.serial1).first() token = EmailTokenClass(db_token) c = token.create_challenge(transactionid) self.assertFalse(c[0]) self.assertEqual(c[1], "The PIN was correct, but the EMail could not " "be sent: SMTPException(u'MOCK TLS ERROR',)")
def test_13_challenge_response_email(self): smtpmock.setdata(response={}) # set a chalresp policy for Email with self.app.test_request_context('/policy/pol_chal_resp', data={'action': "challenge_response=email", 'scope': "authentication", 'realm': '', 'active': True}, method='POST', headers={'Authorization': self.at}): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 200, res) result = json.loads(res.data).get("result") self.assertTrue(result["status"] is True, result) self.assertTrue('"setPolicy pol_chal_resp": 1' in res.data, res.data) serial = "CHALRESP3" pin = "chalresp3" # create a token and assign to the user init_token({"serial": serial, "type": "email", "otpkey": self.otpkey, "email": "*****@*****.**", "pin": pin}, user=User("cornelius", self.realm1)) # create the challenge by authenticating with the OTP PIN with self.app.test_request_context('/validate/check', method='POST', data={"user": "******", "pass": pin}): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 200, res) result = json.loads(res.data).get("result") detail = json.loads(res.data).get("detail") self.assertFalse(result.get("value")) self.assertEqual(detail.get("message"), "Enter the OTP from the " "Email:") transaction_id = detail.get("transaction_id") # send the OTP value # Test with parameter state. with self.app.test_request_context('/validate/check', method='POST', data={"user": "******", "state": transaction_id, "pass": "******"}): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 200, res) result = json.loads(res.data).get("result") detail = json.loads(res.data).get("detail") self.assertTrue(result.get("value")) # delete the token remove_token(serial=serial)
def test_14_send_to_adminrealm(self): # setup realms self.setUp_user_realms() r = add_smtpserver(identifier="myserver", server="1.2.3.4", tls=False) self.assertTrue(r > 0) smtpmock.setdata(response={"*****@*****.**": (200, "OK")}, support_tls=False) g = FakeFlaskG() audit_object = FakeAudit() audit_object.audit_data["serial"] = "123456" g.logged_in_user = {"user": "******", "role": "admin", "realm": ""} g.audit_object = audit_object builder = EnvironBuilder(method='POST', data={'serial': "OATH123456"}, headers={}) env = builder.get_environ() # Set the remote address so that we can filter for it env["REMOTE_ADDR"] = "10.0.0.1" g.client_ip = env["REMOTE_ADDR"] req = Request(env) req.all_data = {"serial": "SomeSerial", "user": "******"} req.User = User("cornelius", self.realm1) resp = Response() resp.data = """{"result": {"value": true}, "detail": {"registrationcode": "12345678910"} } """ # send email to user in adminrealm "realm1" # Although this is no admin realm, but this realm contains some email # addresses. options = { "g": g, "request": req, "response": resp, "handler_def": { "conditions": { "serial": "123.*" }, "options": { "body": "your {registrationcode}", "emailconfig": "myserver", "To": NOTIFY_TYPE.ADMIN_REALM, "To " + NOTIFY_TYPE.ADMIN_REALM: "realm1" } } } un_handler = UserNotificationEventHandler() res = un_handler.do("sendmail", options=options) self.assertTrue(res)
def test_02_reset_password(self): smtpmock.setdata(response={"*****@*****.**": (200, "OK")}) set_privacyidea_config("recovery.identifier", "myserver") with self.app.test_request_context( "/recover", method="POST", data={"user": "******", "realm": "register", "email": "*****@*****.**"}, ): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 200, res.data) data = json.loads(res.data) self.assertEqual(data.get("result").get("value"), True)
def test_02_check_recoverycode(self): smtpmock.setdata(response={"*****@*****.**": (200, "OK")}) recoverycode = "reccode" user = User("cornelius", self.realm1) r = create_recoverycode(user, recoverycode=recoverycode) self.assertEqual(r, True) r = check_recoverycode(user, recoverycode) self.assertEqual(r, True) # The recovery code is not valid a second time r = check_recoverycode(user, recoverycode) self.assertEqual(r, False)
def test_02_reset_password(self): smtpmock.setdata(response={"*****@*****.**": (200, "OK")}) set_privacyidea_config("recovery.identifier", "myserver") with self.app.test_request_context('/recover', method='POST', data={"user": "******", "realm": "register", "email": "*****@*****.**"}): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 200, res.data) data = json.loads(res.data) self.assertEqual(data.get("result").get("value"), True)
def test_01_create_recovery(self): smtpmock.setdata(response={"*****@*****.**": (200, "OK")}) # missing configuration self.assertRaises(privacyIDEAError, create_recoverycode, user=User("cornelius", self.realm1)) # recover password with "recovery.identifier" r = add_smtpserver(identifier="myserver", server="1.2.3.4") self.assertTrue(r > 0) set_privacyidea_config("recovery.identifier", "myserver") r = create_recoverycode(User("cornelius", self.realm1)) self.assertEqual(r, True)
def test_02_send_email(self): r = add_smtpserver(identifier="myserver", server="1.2.3.4", tls=False) self.assertTrue(r > 0) server = get_smtpserver("myserver") smtpmock.setdata(response={"*****@*****.**": (200, "OK")}, support_tls=False) r = server.send_email(["*****@*****.**"], "Hallo", "Body") self.assertEqual(r, True) smtpmock.setdata( response={"*****@*****.**": (550, "Message rejected")}, support_tls=False) r = server.send_email(["*****@*****.**"], "Hallo", "Body") self.assertEqual(r, False) # Use TLS r = add_smtpserver(identifier="myserver", server="1.2.3.4", tls=True) self.assertTrue(r > 0) server = get_smtpserver("myserver") smtpmock.setdata(response={"*****@*****.**": (200, "OK")}, support_tls=True) r = server.send_email(["*****@*****.**"], "Hallo", "Body") self.assertEqual(r, True) # If we configure TLS but the server does not support this, we raise # an error smtpmock.setdata(response={"*****@*****.**": (200, "OK")}, support_tls=False) self.assertRaises(SMTPException, server.send_email, ["*****@*****.**"], "Hallo", "Body") delete_smtpserver("myserver")
def test_02_send_email(self): r = add_smtpserver(identifier="myserver", server="1.2.3.4", tls=False) self.assertTrue(r > 0) server = get_smtpserver("myserver") smtpmock.setdata(response={"*****@*****.**": (200, "OK")}, support_tls=False) r = server.send_email(["*****@*****.**"], "Hallo", "Body") self.assertEqual(r, True) smtpmock.setdata(response={"*****@*****.**": (550, "Message rejected")}, support_tls=False) r = server.send_email(["*****@*****.**"], "Hallo", "Body") self.assertEqual(r, False) # Use TLS r = add_smtpserver(identifier="myserver", server="1.2.3.4", tls=True) self.assertTrue(r > 0) server = get_smtpserver("myserver") smtpmock.setdata(response={"*****@*****.**": (200, "OK")}, support_tls=True) r = server.send_email(["*****@*****.**"], "Hallo", "Body") self.assertEqual(r, True) # If we configure TLS but the server does not support this, we raise # an error smtpmock.setdata(response={"*****@*****.**": (200, "OK")}, support_tls=False) self.assertRaises(SMTPException, server.send_email, ["*****@*****.**"], "Hallo", "Body") delete_smtpserver("myserver")
def test_03_sendsms(self): # setup realms self.setUp_user_realms() r = set_smsgateway(identifier="myGW", providermodule="privacyidea.lib.smsprovider." "SmtpSMSProvider.SmtpSMSProvider", options={ "SMTPIDENTIFIER": "myserver", "MAILTO": "*****@*****.**" }) self.assertTrue(r > 0) smtpmock.setdata(response={"*****@*****.**": (200, "OK")}, support_tls=False) g = FakeFlaskG() audit_object = FakeAudit() audit_object.audit_data["serial"] = "123456" g.logged_in_user = {"user": "******", "role": "admin", "realm": ""} g.audit_object = audit_object builder = EnvironBuilder(method='POST', data={'serial': "OATH123456"}, headers={}) env = builder.get_environ() # Set the remote address so that we can filter for it env["REMOTE_ADDR"] = "10.0.0.1" g.client_ip = env["REMOTE_ADDR"] req = Request(env) req.all_data = {"serial": "SomeSerial", "user": "******"} req.User = User("cornelius", self.realm1) resp = Response() resp.data = """{"result": {"value": true}}""" options = { "g": g, "request": req, "response": resp, "handler_def": { "options": { "smsconfig": "myGW" } } } un_handler = UserNotificationEventHandler() res = un_handler.do("sendsms", options=options) self.assertTrue(res)
def test_02_send_email(self): r = add_smtpserver(identifier="myserver", server="1.2.3.4") self.assertTrue(r > 0) server = get_smtpserver("myserver") smtpmock.setdata(response={"*****@*****.**": (200, "OK")}) r = server.send_email(["*****@*****.**"], "Hallo", "Body") self.assertEqual(r, True) smtpmock.setdata( response={"*****@*****.**": (550, "Message rejected")}) r = server.send_email(["*****@*****.**"], "Hallo", "Body") self.assertEqual(r, False) delete_smtpserver("myserver")
def test_02_send_email(self): r = add_smtpserver(identifier="myserver", server="1.2.3.4") self.assertTrue(r > 0) server = get_smtpserver("myserver") smtpmock.setdata(response={"*****@*****.**": (200, "OK")}) r = server.send_email(["*****@*****.**"], "Hallo", "Body") self.assertEqual(r, True) smtpmock.setdata(response={"*****@*****.**": (550, "Message rejected")}) r = server.send_email(["*****@*****.**"], "Hallo", "Body") self.assertEqual(r, False) delete_smtpserver("myserver")
def test_08_smsgateway_success(self): r = add_smtpserver("myServer", "1.2.3.4", sender="*****@*****.**") self.assertTrue(r > 0) smtpmock.setdata(response={"*****@*****.**": (200, "OK")}) identifier = "myMail" provider_module = "privacyidea.lib.smsprovider.SmtpSMSProvider" \ ".SmtpSMSProvider" id = set_smsgateway(identifier, provider_module, description="test", options={"SMTPIDENTIFIER": "myServer", "MAILTO": "*****@*****.**", "SUBJECT": "{phone}", "BODY": "{otp}"}) self.assertTrue(id > 0) sms = create_sms_instance(identifier) r = sms.submit_message("123456", "Halo") self.assertTrue(r)
def test_07_locked_token_wrong_pin(self): tok = init_token({ "serial": "lock2", "type": "spass", "pin": "pin" }, user=User("cornelius", "realm1")) # lock it tok.set_failcount(10) uhandler = UserNotificationEventHandler() resp = Response() resp.data = """{"result": {"value": false}}""" builder = EnvironBuilder(method='POST') env = builder.get_environ() req = Request(env) req.all_data = {"user": "******", "pass": "******"} req.User = User("cornelius", self.realm1) # check the do action. g = FakeFlaskG() audit_object = FakeAudit() audit_object.audit_data["serial"] = None g.audit_object = audit_object options = { "g": g, "handler_def": { "conditions": { "token_locked": "True" } }, "response": resp, "request": req } r = add_smtpserver(identifier="myserver", server="1.2.3.4", tls=False) self.assertTrue(r > 0) smtpmock.setdata(response={"*****@*****.**": (200, "OK")}, support_tls=False) r = uhandler.check_condition(options) self.assertEqual(r, True) r = uhandler.do("sendmail", options=options) self.assertEqual(r, True)
def test_18_challenge_request(self): smtpmock.setdata(response={"*****@*****.**": (200, 'OK')}) transactionid = "123456098712" set_privacyidea_config("email.mailserver", "localhost") set_privacyidea_config("email.username", "user") set_privacyidea_config("email.username", "password") set_privacyidea_config("email.tls", True) db_token = Token.query.filter_by(serial=self.serial1).first() token = EmailTokenClass(db_token) self.assertTrue(token.check_otp("123456", 1, 10) == -1) c = token.create_challenge(transactionid) self.assertTrue(c[0], c) otp = c[1] self.assertTrue(c[3].get("state"), transactionid) # check for the challenges response r = token.check_challenge_response(passw=otp) self.assertTrue(r, r)
def test_18_challenge_request(self): smtpmock.setdata(response={}) transactionid = "123456098712" set_privacyidea_config("email.mailserver", "localhost") set_privacyidea_config("email.username", "user") set_privacyidea_config("email.username", "password") set_privacyidea_config("email.tls", True) db_token = Token.query.filter_by(serial=self.serial1).first() token = EmailTokenClass(db_token) self.assertTrue(token.check_otp("123456", 1, 10) == -1) c = token.create_challenge(transactionid) self.assertTrue(c[0], c) otp = c[1] self.assertTrue(c[3].get("state"), transactionid) # check for the challenges response r = token.check_challenge_response(passw=otp) self.assertTrue(r, r)
def test_02_sendmail(self): # setup realms self.setUp_user_realms() r = add_smtpserver(identifier="myserver", server="1.2.3.4", tls=False) self.assertTrue(r > 0) smtpmock.setdata(response={"*****@*****.**": (200, "OK")}, support_tls=False) g = FakeFlaskG() audit_object = FakeAudit() audit_object.audit_data["serial"] = "123456" g.logged_in_user = {"user": "******", "role": "admin", "realm": ""} g.audit_object = audit_object builder = EnvironBuilder(method='POST', data={'serial': "OATH123456"}, headers={}) env = builder.get_environ() # Set the remote address so that we can filter for it env["REMOTE_ADDR"] = "10.0.0.1" g.client_ip = env["REMOTE_ADDR"] req = Request(env) req.all_data = {"serial": "SomeSerial", "user": "******"} req.User = User("cornelius", self.realm1) resp = Response() resp.data = """{"result": {"value": true}}""" options = { "g": g, "request": req, "response": resp, "handler_def": { "options": { "emailconfig": "myserver" } } } un_handler = UserNotificationEventHandler() res = un_handler.do("sendmail", options=options) self.assertTrue(res)
def test_22_new_email_config(self): smtpmock.setdata(response={"*****@*****.**": (200, 'OK')}) transactionid = "123456098717" # send the email with the new configuration r = add_smtpserver(identifier="myServer", server="1.2.3.4") set_privacyidea_config("email.identifier", "myServer") db_token = Token.query.filter_by(serial=self.serial1).first() token = EmailTokenClass(db_token) self.assertTrue(token.check_otp("123456", 1, 10) == -1) c = token.create_challenge(transactionid) self.assertTrue(c[0], c) otp = c[1] self.assertTrue(c[3].get("state"), transactionid) # check for the challenges response r = token.check_challenge_response(passw=otp) self.assertTrue(r, r) delete_smtpserver("myServer") delete_privacyidea_config("email.identifier")
def test_02_send_test_email(self): smtpmock.setdata(response={"*****@*****.**": (200, "OK")}) with self.app.test_request_context('/smtpserver/send_test_email', method='POST', data={"identifier": "someServer", "username": "******", "password": "******", "port": "123", "server": "1.2.3.4", "sender": "privacyidea@local", "recipient": "*****@*****.**", "description": "myServer"}, headers={'Authorization': self.at}): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 200, res) data = json.loads(res.data) self.assertEqual(data.get("result").get("value"), True)
def test_05_test_email(self): smtpmock.setdata(response={"*****@*****.**": (200, "OK")}, support_tls=True) identifier = "newConfig" server = "mailsever" port = 25 username = "******" password = "******" sender = "*****@*****.**" tls = True recipient = "*****@*****.**" s = SMTPServerDB(identifier=identifier, server=server, port=port, username=username, password=password, sender=sender, tls=tls) r = SMTPServer.test_email(s, recipient, "Test Email from privacyIDEA", "This is a test email from privacyIDEA. " "The configuration %s is working." % identifier)
def test_03_sendsms(self): # setup realms self.setUp_user_realms() r = set_smsgateway(identifier="myGW", providermodule="privacyidea.lib.smsprovider." "SmtpSMSProvider.SmtpSMSProvider", options={"SMTPIDENTIFIER": "myserver", "MAILTO": "*****@*****.**"}) self.assertTrue(r > 0) smtpmock.setdata(response={"*****@*****.**": (200, "OK")}, support_tls=False) g = FakeFlaskG() audit_object = FakeAudit() audit_object.audit_data["serial"] = "123456" g.logged_in_user = {"user": "******", "role": "admin", "realm": ""} g.audit_object = audit_object builder = EnvironBuilder(method='POST', data={'serial': "OATH123456"}, headers={}) env = builder.get_environ() # Set the remote address so that we can filter for it env["REMOTE_ADDR"] = "10.0.0.1" g.client_ip = env["REMOTE_ADDR"] req = Request(env) req.all_data = {"serial": "SomeSerial", "user": "******"} options = {"g": g, "request": req, "smsconfig": "myGW"} un_handler = UserNotificationEventHandler() res = un_handler.do("sendsms", options=options) self.assertTrue(res)
def test_02_send_test_email(self): smtpmock.setdata(response={"*****@*****.**": (200, "OK")}) with self.app.test_request_context('/smtpserver/send_test_email', method='POST', data={ "identifier": "someServer", "username": "******", "password": "******", "port": "123", "server": "1.2.3.4", "sender": "privacyidea@local", "recipient": "*****@*****.**", "description": "myServer" }, headers={'Authorization': self.at}): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 200, res) data = json.loads(res.data) self.assertEqual(data.get("result").get("value"), True)
def test_02_sendmail(self): # setup realms self.setUp_user_realms() r = add_smtpserver(identifier="myserver", server="1.2.3.4", tls=False) self.assertTrue(r > 0) smtpmock.setdata(response={"*****@*****.**": (200, "OK")}, support_tls=False) g = FakeFlaskG() audit_object = FakeAudit() audit_object.audit_data["serial"] = "123456" g.logged_in_user = {"user": "******", "role": "admin", "realm": ""} g.audit_object = audit_object builder = EnvironBuilder(method='POST', data={'serial': "OATH123456"}, headers={}) env = builder.get_environ() # Set the remote address so that we can filter for it env["REMOTE_ADDR"] = "10.0.0.1" g.client_ip = env["REMOTE_ADDR"] req = Request(env) req.all_data = {"serial": "SomeSerial", "user": "******"} options = {"g": g, "request": req, "emailconfig": "myserver"} un_handler = UserNotificationEventHandler() res = un_handler.do("sendmail", options=options) self.assertTrue(res)
def test_05_test_email(self): smtpmock.setdata(response={"*****@*****.**": (200, "OK")}, support_tls=True) identifier = "newConfig" server = "mailsever" port = 25 username = "******" password = "******" sender = "*****@*****.**" tls = True recipient = "*****@*****.**" s = SMTPServerDB(identifier=identifier, server=server, port=port, username=username, password=password, sender=sender, tls=tls) r = SMTPServer.test_email( s, recipient, "Test Email from privacyIDEA", "This is a test email from privacyIDEA. " "The configuration %s is working." % identifier)
def test_04_create_recovery_nonascii(self): smtpmock.setdata(response={"*****@*****.**": (200, "OK")}) recoverycode = "reccode" # create resolver and realm param = self.parameters param["resolver"] = "register" param["type"] = "sqlresolver" r = save_resolver(param) self. assertTrue(r > 0) # recover password with "recovery.identifier" r = add_smtpserver(identifier="myserver", server="1.2.3.4") self.assertTrue(r > 0) set_privacyidea_config("recovery.identifier", "myserver") r = create_recoverycode(User(u"nönäscii", "register"), recoverycode=recoverycode) self.assertEqual(r, True) user = User(u"nönäscii", "register") r = check_recoverycode(user, recoverycode) self.assertEqual(r, True) # The recovery code is not valid a second time r = check_recoverycode(user, recoverycode) self.assertEqual(r, False)
def test_02_simple_config_success(self): smtpmock.setdata(response={"*****@*****.**": (200, "OK")}) r = self.simple_provider.submit_message("123456", "Hello") self.assertRaises(r)
def test_08_create_token_for_user(self): smtpmock.setdata(response={"*****@*****.**": (200, 'OK')}) transactionid = "123456098712" # send the email with the old configuration set_privacyidea_config("email.mailserver", "localhost") set_privacyidea_config("email.username", "user") set_privacyidea_config("email.username", "password") set_privacyidea_config("email.tls", True) # We create a token for a user, who has currently no token! # create an event configuration param = { "name": "Create Email Token for untokened user", "event": "validate_check", "action": "enroll", "handlermodule": "Token", "position": "pre", "conditions": '{"user_token_number": "0"}', "option.user": "******", "option.tokentype": "email", "option.dynamic_email": "1", "option.additional_params": "{'pin':'1234'}" } with self.app.test_request_context('/event', data=param, method='POST', headers={'Authorization': self.at}): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 200, res) result = json.loads(res.data).get("result") detail = json.loads(res.data).get("detail") self.assertEqual(result.get("value"), 1) self.setUp_user_realm2() # usernotoken, self.realm2 # check that the user has no tokens with self.app.test_request_context('/token/', data={"user": "******", "realm": self.realm2}, method='GET', headers={'Authorization': self.at}): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 200, res) result = json.loads(res.data).get("result") detail = json.loads(res.data).get("detail") self.assertEqual(result.get("value").get("tokens"), []) # user tries to authenticate. with the pin 1234. # He gets an email token enrolled and gets the transaction code in the response with self.app.test_request_context('/validate/check', data={"user": "******", "realm": self.realm2, "pass": "******"}, method="POST", headers={'Authorization': self.at}): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 200, res) result = json.loads(res.data).get("result") detail = json.loads(res.data).get("detail") self.assertFalse(result.get("value")) self.assertTrue(detail.get("serial").startswith("PIEM")) # This is a challenge response! self.assertTrue("transaction_id" in detail, detail) self.assertTrue("multi_challenge" in detail, detail) self.assertEqual(detail.get("message"), u"Enter the OTP from the Email:") # check user has a token with self.app.test_request_context('/token/', data={"user": "******", "realm": self.realm2}, method='GET', headers={'Authorization': self.at}): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 200, res) result = json.loads(res.data).get("result") detail = json.loads(res.data).get("detail") self.assertEqual(result.get("value").get("count"), 1) self.assertEqual(result.get("value").get("tokens")[0].get("tokentype"), u"email")
def test_05_check_conditions(self): uhandler = UserNotificationEventHandler() resp = Response() resp.data = """{"result": {"value": false}}""" builder = EnvironBuilder(method='POST') env = builder.get_environ() req = Request(env) req.all_data = {} req.User = User() r = uhandler.check_condition( {"g": {}, "handler_def": {"conditions": {"logged_in_user": "******"}}, "response": resp, "request": req}) self.assertEqual(r, False) r = uhandler.check_condition( {"g": {}, "handler_def": {"conditions": {"result_value": True}}, "response": resp, "request": req}) self.assertEqual(r, False) # check a locked token with maxfail = failcount builder = EnvironBuilder(method='POST', data={'serial': "OATH123456"}, headers={}) req.all_data = {"user": "******"} resp.data = """{"result": {"value": false}, "detail": {"serial": "lockedtoken"} } """ tok = init_token({"serial": "lockedtoken", "type": "spass"}) r = uhandler.check_condition( {"g": {}, "handler_def": {"conditions": {"token_locked": "True"}}, "response": resp, "request": req } ) # not yet locked self.assertEqual(r, False) # lock it tok.set_failcount(10) options = {"g": {}, "handler_def": {"conditions": {"token_locked": "True"}}, "response": resp, "request": req } r = uhandler.check_condition(options) # now locked self.assertEqual(r, True) # check the do action. g = FakeFlaskG() audit_object = FakeAudit() audit_object.audit_data["serial"] = "123456" g.audit_object = audit_object options = {"g": g, "handler_def": {"conditions": {"token_locked": "True"}}, "response": resp, "request": req } r = add_smtpserver(identifier="myserver", server="1.2.3.4", tls=False) self.assertTrue(r > 0) smtpmock.setdata(response={"*****@*****.**": (200, "OK")}, support_tls=False) r = uhandler.do("sendmail", options=options) self.assertEqual(r, True)
def test_03_simple_config_fail(self): smtpmock.setdata(response={"*****@*****.**": (550, "mailbox unavailable")}) self.assertRaises(SMSError, self.simple_provider.submit_message, "123456", "Hello")
def test_06_auth_config_fail(self): smtpmock.setdata(response={}, authenticated=False, config=self.auth_config) self.assertRaises(SMSError, self.auth_provider.submit_message, "123456", "Hello")
def test_01_register_user(self): smtpmock.setdata(response={"*****@*****.**": (200, "OK")}) # create resolver and realm param = self.parameters param["resolver"] = "register" param["type"] = "sqlresolver" r = save_resolver(param) self.assertTrue(r > 0) added, failed = set_realm("register", resolvers=["register"]) self.assertTrue(added > 0) self.assertEqual(len(failed), 0) # create policy r = set_policy( name="pol2", scope=SCOPE.REGISTER, action="%s=%s, %s=%s" % (ACTION.REALM, "register", ACTION.RESOLVER, "register"), ) # Try to register, but missing parameter with self.app.test_request_context( "/register", method="POST", data={"username": "******", "surname": "Kölbel"} ): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 400, res) # Register fails, missing SMTP config with self.app.test_request_context( "/register", method="POST", data={ "username": "******", "surname": "Kölbel", "givenname": "Cornelius", "password": "******", "email": "*****@*****.**", }, ): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 400, res) data = json.loads(res.data) self.assertEqual( data.get("result").get("error").get("message"), u"ERR10: No SMTP server configuration specified!" ) # Set SMTP config and policy add_smtpserver("myserver", "1.2.3.4", sender="pi@localhost") set_policy("pol3", scope=SCOPE.REGISTER, action="%s=myserver" % ACTION.EMAILCONFIG) with self.app.test_request_context( "/register", method="POST", data={ "username": "******", "surname": "Kölbel", "givenname": "Cornelius", "password": "******", "email": "*****@*****.**", }, ): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 200, res) # Registering the user a second time will fail with self.app.test_request_context( "/register", method="POST", data={ "username": "******", "surname": "Kölbel", "givenname": "Cornelius", "password": "******", "email": "*****@*****.**", }, ): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 400, res) # get the register status with self.app.test_request_context("/register", method="GET"): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 200, res) data = json.loads(res.data) self.assertEqual(data.get("result").get("value"), True)
def test_05_auth_config_success(self): smtpmock.setdata(response={}) r = self.auth_provider.submit_message("123456", "Hello")
def test_07_identifier_config_success(self): r = add_smtpserver("myServer", "1.2.3.4", sender="*****@*****.**") self.assertTrue(r > 0) smtpmock.setdata(response={"*****@*****.**": (200, "OK")}) r = self.identifier_provider.submit_message("123456", "Halo") self.assertTrue(r)
def test_05_auth_config_success(self): smtpmock.setdata(response={"*****@*****.**": (200, "OK")}) r = self.auth_provider.submit_message("123456", "Hello") self.assertTrue(r)
def test_03_simple_config_fail(self): smtpmock.setdata( response={"*****@*****.**": (550, "mailbox unavailable")}) self.assertRaises(SMSError, self.simple_provider.submit_message, "123456", "Hello")
def test_01_register_user(self): smtpmock.setdata(response={"*****@*****.**": (200, "OK")}) # create resolver and realm param = self.parameters param["resolver"] = "register" param["type"] = "sqlresolver" r = save_resolver(param) self.assertTrue(r > 0) added, failed = set_realm("register", resolvers=["register"]) self.assertTrue(added > 0) self.assertEqual(len(failed), 0) # create policy r = set_policy(name="pol2", scope=SCOPE.REGISTER, action="{0!s}={1!s}, {2!s}={3!s}".format( ACTION.REALM, "register", ACTION.RESOLVER, "register")) # Try to register, but missing parameter with self.app.test_request_context('/register', method='POST', data={ "username": "******", "surname": "Kölbel" }): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 400, res) # Register fails, missing SMTP config with self.app.test_request_context('/register', method='POST', data={ "username": "******", "surname": "Kölbel", "givenname": "Cornelius", "password": "******", "email": "*****@*****.**" }): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 400, res) data = json.loads(res.data) self.assertEqual( data.get("result").get("error").get("message"), u'ERR10: No SMTP server configuration specified!') # Set SMTP config and policy add_smtpserver("myserver", "1.2.3.4", sender="pi@localhost") set_policy("pol3", scope=SCOPE.REGISTER, action="{0!s}=myserver".format(ACTION.EMAILCONFIG)) with self.app.test_request_context('/register', method='POST', data={ "username": "******", "surname": "Kölbel", "givenname": "Cornelius", "password": "******", "email": "*****@*****.**" }): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 200, res) # Registering the user a second time will fail with self.app.test_request_context('/register', method='POST', data={ "username": "******", "surname": "Kölbel", "givenname": "Cornelius", "password": "******", "email": "*****@*****.**" }): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 400, res) # get the register status with self.app.test_request_context('/register', method='GET'): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 200, res) data = json.loads(res.data) self.assertEqual(data.get("result").get("value"), True)
def test_13_challenge_response_email(self): smtpmock.setdata(response={"*****@*****.**": (200, 'OK')}) # set a chalresp policy for Email with self.app.test_request_context('/policy/pol_chal_resp', data={ 'action': "challenge_response=email", 'scope': "authentication", 'realm': '', 'active': True }, method='POST', headers={'Authorization': self.at}): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 200, res) result = json.loads(res.data).get("result") self.assertTrue(result["status"] is True, result) self.assertTrue('"setPolicy pol_chal_resp": 1' in res.data, res.data) serial = "CHALRESP3" pin = "chalresp3" # create a token and assign to the user init_token( { "serial": serial, "type": "email", "otpkey": self.otpkey, "email": "*****@*****.**", "pin": pin }, user=User("cornelius", self.realm1)) # create the challenge by authenticating with the OTP PIN with self.app.test_request_context('/validate/check', method='POST', data={ "user": "******", "pass": pin }): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 200, res) result = json.loads(res.data).get("result") detail = json.loads(res.data).get("detail") self.assertFalse(result.get("value")) self.assertEqual(detail.get("message"), "Enter the OTP from the " "Email:") transaction_id = detail.get("transaction_id") # send the OTP value # Test with parameter state. with self.app.test_request_context('/validate/check', method='POST', data={ "user": "******", "state": transaction_id, "pass": "******" }): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 200, res) result = json.loads(res.data).get("result") detail = json.loads(res.data).get("detail") self.assertTrue(result.get("value")) # delete the token remove_token(serial=serial)