def test_04_check_yubikey_pass(self): # Check_yubikey_pass only works without pin! db_token = Token.query.filter(Token.serial == self.serial1).first() token = YubikeyTokenClass(db_token) token.set_pin("") token.save() r, opt = YubikeyTokenClass.check_yubikey_pass(self.further_otps[1]) self.assertTrue(r) self.assertTrue(opt.get("message") == "matching 1 tokens", opt) # check failcounter self.assertEqual(db_token.failcount, 0) # the same otp value must not be usable again r, opt = YubikeyTokenClass.check_yubikey_pass(self.further_otps[1]) self.assertFalse(r) self.assertTrue(opt.get("message") == "wrong otp value", opt) # check failcounter self.assertEqual(db_token.failcount, 1) # check an otp value, that does not match a token r, opt = YubikeyTokenClass.check_yubikey_pass( "fcebeeejedecebegfcniufvgvjturjgvinhebbbertjnihit") self.assertFalse(r) self.assertTrue(opt.get("action_detail") == "The serial UBAM@1382015 could not be found!", opt) # check for an invalid OTP r, opt = YubikeyTokenClass.check_yubikey_pass(self.further_otps[0]) self.assertFalse(r) self.assertTrue(opt.get("message") == "wrong otp value", opt) # check failcounter self.assertEqual(db_token.failcount, 2)
def test_04_check_yubikey_pass(self): # Check_yubikey_pass only works without pin! db_token = Token.query.filter(Token.serial == self.serial1).first() token = YubikeyTokenClass(db_token) token.set_pin("") token.save() r, opt = YubikeyTokenClass.check_yubikey_pass(self.further_otps[1]) self.assertTrue(r) self.assertTrue(opt.get("message") == "matching 1 tokens", opt) # check failcounter self.assertEqual(db_token.failcount, 0) # the same otp value must not be usable again r, opt = YubikeyTokenClass.check_yubikey_pass(self.further_otps[1]) self.assertFalse(r) self.assertTrue(opt.get("message") == "wrong otp value", opt) # check failcounter self.assertEqual(db_token.failcount, 1) # check an otp value, that does not match a token r, opt = YubikeyTokenClass.check_yubikey_pass( "fcebeeejedecebegfcniufvgvjturjgvinhebbbertjnihit") self.assertFalse(r) #self.assertTrue(opt.get("action_detail") == # "The serial UBAM@1382015 could not be found!", opt) self.assertTrue(opt.get("action_detail") == "The prefix fcebeeejedecebeg could not be found!", opt) # check for an invalid OTP r, opt = YubikeyTokenClass.check_yubikey_pass(self.further_otps[0]) self.assertFalse(r) self.assertTrue(opt.get("message") == "wrong otp value", opt) # check failcounter self.assertEqual(db_token.failcount, 2)
def test_05_check_maxfail(self): # Check_yubikey_pass only works without pin! db_token = Token.query.filter(Token.serial == self.serial1).first() token = YubikeyTokenClass(db_token) token.set_pin("") token.save() token.set_maxfail(5) old_failcounter = token.get_failcount() token.set_failcount(5) # Failcount equals maxfail, so an authentication with a valid OTP # will fail r, opt = YubikeyTokenClass.check_yubikey_pass(self.further_otps[2]) self.assertFalse(r) self.assertTrue(opt.get("message") == "matching 1 tokens, " "Failcounter exceeded", opt) # check failcounter self.assertEqual(db_token.failcount, 5) token.set_failcount(old_failcounter)