def test_05_two_tokens(self): # Save some values to the database r = save_auth_item( SQLFILE, "cornelius", "TOK001", "HOTP", {"offline": [{ "username": "******", "response": RESP }]}) r = save_auth_item( SQLFILE, "cornelius", "TOK002", "HOTP", {"offline": [{ "username": "******", "response": RESP2 }]}) pamh = PAMH("cornelius", "test100001", "192.168.0.1") flags = None argv = [ "/path/privacyidea_pam.py", "url=http://my.privacyidea.server", "debug", "sqlfile=%s" % SQLFILE, "try_first_pass" ] r = pam_sm_authenticate(pamh, flags, argv) self.assertEqual(r, PAMH.PAM_SUCCESS) # An older OTP value of the first token is deleted pamh = PAMH("cornelius", "test100000", "192.168.0.1") flags = None argv = [ "/path/privacyidea_pam.py", "url=http://my.privacyidea.server", "debug", "sqlfile=%s" % SQLFILE, "try_first_pass" ] r = pam_sm_authenticate(pamh, flags, argv) self.assertNotEqual(r, PAMH.PAM_SUCCESS) # An older value with another token can authenticate! pamh = PAMH("cornelius", "TEST100000", "192.168.0.1") flags = None argv = [ "/path/privacyidea_pam.py", "url=http://my.privacyidea.server", "debug", "sqlfile=%s" % SQLFILE, "try_first_pass" ] r = pam_sm_authenticate(pamh, flags, argv) self.assertEqual(r, PAMH.PAM_SUCCESS)
def test_05_two_tokens(self): # Save some values to the database r = save_auth_item(SQLFILE, "cornelius", "TOK001", "HOTP", {"offline": [{"username": "******", "response": RESP} ] }) r = save_auth_item(SQLFILE, "cornelius", "TOK002", "HOTP", {"offline": [{"username": "******", "response": RESP2} ] }) pamh = PAMH("cornelius", "test100001") flags = None argv = ["url=http://my.privacyidea.server", "sqlfile=%s" % SQLFILE, "try_first_pass"] r = pam_sm_authenticate(pamh, flags, argv) self.assertEqual(r, PAMH.PAM_SUCCESS) # An older OTP value of the first token is deleted pamh = PAMH("cornelius", "test100000") flags = None argv = ["url=http://my.privacyidea.server", "sqlfile=%s" % SQLFILE, "try_first_pass"] r = pam_sm_authenticate(pamh, flags, argv) self.assertNotEqual(r, PAMH.PAM_SUCCESS) # An older value with another token can authenticate! pamh = PAMH("cornelius", "TEST100000") flags = None argv = ["url=http://my.privacyidea.server", "sqlfile=%s" % SQLFILE, "try_first_pass"] r = pam_sm_authenticate(pamh, flags, argv) self.assertEqual(r, PAMH.PAM_SUCCESS)
def test_01_check_offline_otp(self): # Check with no entries in the database r = check_offline_otp("cornelius", "test123456", SQLFILE) self.assertFalse(r) # Save some values to the database r = save_auth_item(SQLFILE, "cornelius", "TOK001", "HOTP", {"offline": [{"username": "******", "response": RESP} ] }) r = check_offline_otp("cornelius", "test100000", SQLFILE) self.assertTrue(r) # Authenticating with the same value a second time, fails r = check_offline_otp("cornelius", "test100000", SQLFILE) self.assertFalse(r)
def test_01_check_offline_otp(self): # Check with no entries in the database r, matching_serial = check_offline_otp(SQLFILE, "cornelius", "test123456") self.assertEqual(r, PAMH.PAM_AUTH_ERR) self.assertIsNone(matching_serial) # Save some values to the database r = save_auth_item( SQLFILE, "cornelius", "TOK001", "HOTP", {"offline": [{ "username": "******", "response": RESP }]}) r, matching_serial = check_offline_otp(SQLFILE, "cornelius", "test100000") self.assertEqual(r, PAMH.PAM_SUCCESS) self.assertEqual(matching_serial, "TOK001") # Authenticating with the same value a second time, fails r, matching_serial = check_offline_otp(SQLFILE, "cornelius", "test100000") self.assertEqual(r, PAMH.PAM_AUTH_ERR) self.assertIsNone(matching_serial)