本文整理汇总了Python中linotp.lib.HMAC.HmacOtp.checkOtp方法的典型用法代码示例。如果您正苦于以下问题:Python HmacOtp.checkOtp方法的具体用法?Python HmacOtp.checkOtp怎么用?Python HmacOtp.checkOtp使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类linotp.lib.HMAC.HmacOtp的用法示例。
在下文中一共展示了HmacOtp.checkOtp方法的5个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: resync
# 需要导入模块: from linotp.lib.HMAC import HmacOtp [as 别名]
# 或者: from linotp.lib.HMAC.HmacOtp import checkOtp [as 别名]
def resync(self, otp1, otp2, options=None):
'''
resync the token based on two otp values
- external method to do the resync of the token
:param otp1: the first otp value
:type otp1: string
:param otp2: the second otp value
:type otp2: string
:param options: optional token specific parameters
:type options: dict or None
:return: counter or -1 if otp does not exist
:rtype: int
'''
log.debug("[resync] .begin. Resync the token based on: %r, anOtpVal: %r, options: %r" % (otp1, otp2, options))
ret = False
try:
otplen = int(self.token.LinOtpOtpLen)
except ValueError as ex:
log.debug("[resync] otplen ValueError: %r ret: %r " % (ex, ret))
raise Exception(ex)
self.hashlibStr = self.getFromTokenInfo("hashlib", 'sha1')
secretHOtp = self.token.getHOtpKey()
counter = self.token.getOtpCounter()
syncWindow = self.token.getSyncWindow()
#log.debug("serial: %s",serialNum)
hmac2Otp = HmacOtp(secretHOtp, counter, otplen, self.getHashlib(self.hashlibStr))
counter = hmac2Otp.checkOtp(otp1, syncWindow)
if counter == -1:
log.debug("[resync] exit. First counter (-1) not found ret: %r" % (ret))
return ret
nextOtp = hmac2Otp.generate(counter + 1)
if nextOtp != otp2:
log.debug("[resync] exit. Failed to verify second otp: nextOtp: %r != otp2: %r ret: %r" % (nextOtp, otp2, ret))
return ret
ret = True
self.incOtpCounter(counter + 1, True)
log.debug("[resync] end. resync was successful: ret: %r" % (ret))
return ret示例2: checkOtp
# 需要导入模块: from linotp.lib.HMAC import HmacOtp [as 别名]
# 或者: from linotp.lib.HMAC.HmacOtp import checkOtp [as 别名]
def checkOtp(self, anOtpVal, counter, window, options=None):
'''
checkOtp - validate the token otp against a given otpvalue
:param anOtpVal: the to be verified otpvalue
:type anOtpVal: string
:param counter: the counter state, that should be verified
:type counter: int
:param window: the counter +window, which should be checked
:type window: int
:param options: the dict, which could contain token specific info
:type options: dict
:return: the counter state or -1
:rtype: int
'''
log.debug("[checkOtp] begin. Validate the token otp: anOtpVal: %r ,counter: %r,window: %r, options: %r " % (anOtpVal, counter, window, options))
res = -1
try:
otplen = int(self.getOtpLen())
except ValueError as ex:
log.exception('[checkOtp] failed to initialize otplen: ValueError %r %r' % (ex, self.token.LinOtpOtpLen))
raise Exception(ex)
try:
self.hashlibStr = self.getFromTokenInfo("hashlib", 'sha1')
except Exception as ex:
log.exception('[checkOtp] failed to initialize hashlibStr: %r' % (ex))
raise Exception(ex)
secretHOtp = self.token.getHOtpKey()
#serialNum = self.token.LinOtpTokenSerialnumber
#log.debug("serial: %s",serialNum)
hmac2Otp = HmacOtp(secretHOtp, counter, otplen,
self.getHashlib(self.hashlibStr))
res = hmac2Otp.checkOtp(anOtpVal, window)
if -1 == res:
res = self.autosync(hmac2Otp, anOtpVal)
log.debug("[checkOtp] end. otp verification result was: res %r" % (res))
return res示例3: check_otp_exist
# 需要导入模块: from linotp.lib.HMAC import HmacOtp [as 别名]
# 或者: from linotp.lib.HMAC.HmacOtp import checkOtp [as 别名]
def check_otp_exist(self, otp, window=10, user=None, autoassign=False):
'''
checks if the given OTP value is/are values of this very token.
This is used to autoassign and to determine the serial number of
a token.
:param otp: the to be verified otp value
:type otp: string
:param window: the lookahead window for the counter
:type window: int
:return: counter or -1 if otp does not exist
:rtype: int
'''
log.debug("[check_otp_exist] begin. checks if the given OTP value exists: otp %r, window %r " %
(otp, window))
res = -1
try:
otplen = int(self.token.LinOtpOtpLen)
counter = int(self.token.LinOtpCount)
except ValueError as ex:
log.warning("[check_otp_exist] a value error occurred while converting: otplen %r, counter %r : ValueError: %r ret: %r "
% (self.token.LinOtpOtpLen, self.token.LinOtpCount, ex, res))
return res
self.hashlibStr = self.getFromTokenInfo("hashlib", "sha1")
secObj = self._get_secret_object()
hmac2Otp = HmacOtp(secObj, counter, otplen,
self.getHashlib(self.hashlibStr))
res = hmac2Otp.checkOtp(otp, window)
if res >= 0:
# As usually the counter is increased in auth.validate.checkUserPass, we
# need to do this manually here:
self.incOtpCounter(res)
if res == -1:
msg = "otp counter %r was not found" % otp
else:
msg = "otp counter %r was found" % otp
log.debug("[check_otp_exist] end. %r: res %r" % (msg, res))
return res示例4: resync
# 需要导入模块: from linotp.lib.HMAC import HmacOtp [as 别名]
# 或者: from linotp.lib.HMAC.HmacOtp import checkOtp [as 别名]
def resync(self, otp1, otp2, options=None):
'''
resync the token based on two otp values
- external method to do the resync of the token
:param otp1: the first otp value
:type otp1: string
:param otp2: the second otp value
:type otp2: string
:param options: optional token specific parameters
:type options: dict or None
:return: counter or -1 if otp does not exist
:rtype: int
'''
log.debug("[resync] .begin. Resync the token based on: %r, anOtpVal: %r, options: %r" % (otp1, otp2, options))
ret = False
try:
otplen = int(self.token.LinOtpOtpLen)
except ValueError:
return ret
secretHOtp = self.token.getHOtpKey()
self.hashlibStr = self.getFromTokenInfo("hashlib", 'sha1')
timeStepping = int(self.getFromTokenInfo("timeStep", 30))
shift = int(self.getFromTokenInfo("timeShift", 0))
try:
window = int(self.token.LinOtpSyncWindow) * timeStepping
except:
window = 10 * timeStepping
log.debug("[resync] timestep: %r, syncWindow: %r, timeShift: %r"
% (timeStepping, window, shift))
T0 = time.time() + shift
log.debug("[resync] T0 : %i" % T0)
counter = int((T0 / timeStepping) + 0.5) # T = (Current Unix time - T0) / timeStepping
log.debug("[resync] counter (current time): %i" % counter)
oCount = self.getOtpCount()
log.debug("[resync] tokenCounter: %r" % oCount)
log.debug("[resync] now checking window %s, timeStepping %s" % (window, timeStepping))
# check 2nd value
hmac2Otp = HmacOtp(secretHOtp, counter, otplen, self.getHashlib(self.hashlibStr))
log.debug("[resync] %s in otpkey: %s " % (otp2, secretHOtp))
res2 = hmac2Otp.checkOtp(otp2, int (window / timeStepping), symetric=True) #TEST -remove the 10
log.debug("[resync] res 2: %r" % res2)
# check 1st value
hmac2Otp = HmacOtp(secretHOtp, counter - 1, otplen, self.getHashlib(self.hashlibStr))
log.debug("[resync] %s in otpkey: %s " % (otp1, secretHOtp))
res1 = hmac2Otp.checkOtp(otp1, int (window / timeStepping), symetric=True) #TEST -remove the 10
log.debug("[resync] res 1: %r" % res1)
if res1 < oCount:
# A previous OTP value was used again!
log.warning("[resync] a previous OTP value was used again! tokencounter: %i, presented counter %i" %
(oCount, res1))
res1 = -1
if res1 != -1 and res1 + 1 == res2:
# here we calculate the new drift/shift between the server time and the tokentime
tokentime = (res2 + 0.5) * timeStepping
currenttime = T0 - shift
new_shift = (tokentime - currenttime)
log.debug("[resync] the counters %r and %r matched. New shift: %r"
% (res1, res2, new_shift))
self.addToTokenInfo('timeShift', new_shift)
# The OTP value that was used for resync must not be used again!
self.setOtpCount(res2 + 1)
ret = True
if ret == True:
msg = "resync was successful"
else:
msg = "resync was not successful"
log.debug("[resync] end. %s: ret: %r" % (msg, ret))
return ret示例5: checkOtp
# 需要导入模块: from linotp.lib.HMAC import HmacOtp [as 别名]
# 或者: from linotp.lib.HMAC.HmacOtp import checkOtp [as 别名]
def checkOtp(self, anOtpVal, counter, window, options=None):
'''
checkOtp - validate the token otp against a given otpvalue
:param anOtpVal: the to be verified otpvalue
@type anOtpVal: string
:param counter: the counter state, that should be verified
:type counter: int
:param window: the counter +window, which should be checked
:type window: int
:param options: the dict, which could contain token specific info
:type options: dict
:return: the counter state or -1
:rtype: int
'''
log.debug("[checkOtp] begin. Validate the token otp: anOtpVal: %r ,\
counter: %r,window: %r, options: %r " %
(anOtpVal, counter, window, options))
try:
otplen = int(self.token.LinOtpOtpLen)
except ValueError as e:
raise e
secretHOtp = self.token.getHOtpKey()
self.hashlibStr = self.getFromTokenInfo("hashlib", self.hashlibStr)
timeStepping = int(self.getFromTokenInfo("timeStep", self.timeStep))
window = int(self.getFromTokenInfo("timeWindow", self.timeWindow))
shift = int(self.getFromTokenInfo("timeShift", self.timeShift))
## oldCounter we have to remove one, as the normal otp handling will increment
oCount = self.getOtpCount() - 1
initTime = -1
if options != None and type(options) == dict:
initTime = int(options.get('initTime', -1))
if oCount < 0: oCount = 0
log.debug("[checkOTP] timestep: %i, timeWindow: %i, timeShift: %i" %
(timeStepping, window, shift))
inow = int(time.time())
T0 = time.time() + shift
if initTime != -1: T0 = int(initTime)
log.debug("[checkOTP] T0 : %i" % T0)
counter = self._time2counter_(T0, timeStepping=timeStepping)
otime = self._getTimeFromCounter(oCount, timeStepping=timeStepping)
ttime = self._getTimeFromCounter(counter, timeStepping=timeStepping)
log.debug("[checkOTP] last log: %r :: %r" % (oCount, otime))
log.debug("[checkOTP] counter : %r :: %r <==> %r" %
(counter, ttime, datetime.datetime.now()))
log.debug("[checkOTP] shift : %r " % (shift))
hmac2Otp = HmacOtp(secretHOtp, counter, otplen, self.getHashlib(self.hashlibStr))
res = hmac2Otp.checkOtp(anOtpVal, int (window / timeStepping), symetric=True)
log.debug("[checkOTP] comparing the result %i to the old counter %i." % (res, oCount))
if res != -1 and oCount != 0 and res <= oCount:
if initTime == -1:
log.warning("[checkOTP] a previous OTP value was used again!\n former tokencounter: %i, presented counter %i" %
(oCount, res))
res = -1
return res
if -1 == res :
## autosync: test if two consecutive otps have been provided
res = self.autosync(hmac2Otp, anOtpVal)
if res != -1:
## on success, we have to save the last attempt
self.setOtpCount(counter)
#
# here we calculate the new drift/shift between the server time and the tokentime
#
tokentime = self._counter2time_(res, timeStepping)
tokenDt = datetime.datetime.fromtimestamp(tokentime / 1.0)
nowDt = datetime.datetime.fromtimestamp(inow / 1.0)
lastauth = self._counter2time_(oCount, timeStepping)
lastauthDt = datetime.datetime.fromtimestamp(lastauth / 1.0)
log.debug("[checkOTP] last auth : %r" % (lastauthDt))
log.debug("[checkOTP] tokentime : %r" % (tokenDt))
#.........这里部分代码省略.........