def check_configuration(self): """ This method checks the sanity of the configuration of this provider. If there is a configuration error, than an exception is raised. :return: """ json_file = self.smsgateway.option_dict.get(FIREBASE_CONFIG.JSON_CONFIG) server_config = None with open(json_file) as f: server_config = json.load(f) if server_config: if server_config.get("type") != "service_account": raise ConfigAdminError(description="The JSON file is not a valid firebase credentials file.") project_id = self.smsgateway.option_dict.get(FIREBASE_CONFIG.PROJECT_ID) if server_config.get("project_id") != project_id: raise ConfigAdminError(description="The project_id you entered does not match the project_id from the JSON file.") else: raise ConfigAdminError(description="Please check your configuration. Can not load JSON file.") # We need at least # FIREBASE_CONFIG.API_KEY_IOS and FIREBASE_CONFIG.APP_ID_IOS # or # FIREBASE_CONFIG.API_KEY and FIREBASE_CONFIG.APP_ID android_configured = bool(self.smsgateway.option_dict.get(FIREBASE_CONFIG.APP_ID)) and \ bool(self.smsgateway.option_dict.get(FIREBASE_CONFIG.API_KEY)) ios_configured = bool(self.smsgateway.option_dict.get(FIREBASE_CONFIG.APP_ID_IOS)) and \ bool(self.smsgateway.option_dict.get(FIREBASE_CONFIG.API_KEY_IOS)) if not android_configured and not ios_configured: raise ConfigAdminError(description="You need to at least configure either app_id and api_key or" " app_id_ios and api_key_ios.")
def check_signature(subscription): """ Raises an Exception, if the signature does not match """ public = """-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5gPkPYCAgab5nagG5G+ cUATHv/k5pNXU4z2Wc7h2BaJSJt2rspG109QNQyWqc28JwH/STzBQ8FZbxlyQ+zT 0xzrydfKBElLceFY/Jb7JtDdXarSvIFqejo2k5wW4yKWJYlIyqNQOYAnWVjQImOG 8Xu19uNxY+Fw5v5XBSgYPzt6q0AmzhD4udK8sYP7HLd+1LCa0X5H96Mef86NoPL3 W/E9n5Wel7Z621mPsx6lxgZiqLa2Bn79HMxkxkQ5muWIollss1yAKMStLkp7iISF GW0yofQJjWecUHwBkZlawBz0lJBKDQObtUsjHB80VTnPGTcs4KYH+if8UHoR6Aug 4wIDAQAB -----END PUBLIC KEY-----""" try: RSAkey = RSA.importKey(public) hashvalue = SHA256.new("%s%s%s%s%s" % (subscription.get("systemid"), subscription.get("customername"), subscription.get("subscription"), subscription.get("supportlevel"), subscription.get("expires"))).digest() signature = long(subscription.get("signature") or "100") r = RSAkey.verify(hashvalue, (signature,)) except Exception as exx: log.debug(traceback.format_exc()) raise ConfigAdminError("This is no valid subscription file. The " "signature check failed.", id=132) if r is False: raise ConfigAdminError("This is no valid subscription file. Invalid " "signature.", id=133) # check the expiration date if subscription.get("expires") != "never": date_now = datetime.datetime.utcnow() - datetime.timedelta(days=1) date_exp = datetime.datetime.strptime(subscription.get("expires"), "%Y-%m-%d") if date_now > date_exp: raise ConfigAdminError("Your subscription has expired. Please " "contact NetKnights for a new " "subscription!", id=134) return True
def get_radius(identifier): """ This returns the RADIUSServer object of the RADIUSServer definition "identifier". In case the identifier does not exist, an exception is raised. :param identifier: The name of the RADIUSserver definition :return: A RADIUSServer Object """ server_list = get_radiusservers(identifier=identifier) if not server_list: raise ConfigAdminError("The specified RADIUSServer configuration does " "not exist.") return server_list[0]
def create_sms_instance(identifier): """ This function creates and instance of SMS Provider (either HTTP, Smtp, Sipgate) depending on the given sms gateway identifier. :param identifier: The name of the SMS gateway configuration :return: SMS Provider object """ gateway_definition = get_smsgateway(identifier) if not gateway_definition: raise ConfigAdminError('Could not find gateway definition with ' 'identifier "{0!s}"'.format(identifier)) package_name, class_name = gateway_definition[0].providermodule.rsplit( ".", 1) sms_klass = get_sms_provider_class(package_name, class_name) sms_object = sms_klass(smsgateway=gateway_definition[0]) return sms_object
def create_recoverycode(user, email=None, expiration_seconds=3600, recoverycode=None, base_url=""): """ Create and send a password recovery code :param user: User for whom the password reset code should be sent :type user: User Object :param email: The optional email of the user :param recoverycode: Only used for testing purpose :return: bool """ base_url = base_url.strip("recover") base_url += "#" recoverycode = recoverycode or generate_password(size=24) hash_code = hash_with_pepper(recoverycode) # send this recoverycode # pwreset = PasswordReset(hash_code, username=user.login, realm=user.realm, expiration_seconds=expiration_seconds) pwreset.save() res = False if not user: raise UserError("User required for recovery token.") user_email = user.info.get("email") if email and email.lower() != user_email.lower(): raise UserError("The email does not match the users email.") identifier = get_from_config("recovery.identifier") if identifier: # send email r = send_email_identifier( identifier, user_email, "Your password reset", BODY.format(base_url, user.login, user.realm, recoverycode)) if not r: raise privacyIDEAError("Failed to send email. {0!s}".format(r)) else: raise ConfigAdminError("Missing configuration " "recovery.identifier.") res = True return res