本文整理汇总了Python中privacyidea.lib.policy.PolicyClass.is_auth_return方法的典型用法代码示例。如果您正苦于以下问题:Python PolicyClass.is_auth_return方法的具体用法?Python PolicyClass.is_auth_return怎么用?Python PolicyClass.is_auth_return使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类privacyidea.lib.policy.PolicyClass的用法示例。
在下文中一共展示了PolicyClass.is_auth_return方法的1个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: ValidateController
# 需要导入模块: from privacyidea.lib.policy import PolicyClass [as 别名]
# 或者: from privacyidea.lib.policy.PolicyClass import is_auth_return [as 别名]
class ValidateController(BaseController):
'''
The privacyidea.controllers are the implementation of the web-API to talk to the privacyIDEA server.
The ValidateController is used to validate the username with its given OTP value.
An Authentication module like pam_privacyidea or rlm_privacyidea uses this ValidateController.
The functions of the ValidateController are invoked like this
https://server/validate/<functionname>
The functions are described below in more detail.
'''
@log_with(log)
def __before__(self, action, **params):
try:
c.audit['client'] = get_client()
self.Policy = PolicyClass(request, config, c,
get_privacyIDEA_config(),
token_type_list = get_token_type_list())
return response
except Exception as exx:
log.error("exception %r" % (action, exx))
log.error(traceback.format_exc())
Session.rollback()
Session.close()
return sendError(response, exx, context='before')
finally:
pass
@log_with(log)
def __after__(self, action, **params):
self.audit.log(c.audit)
return response
@log_with(log)
def _check(self, param):
'''
basic check function, that can be used by different controllers
:param param: dict of all caller parameters
:type param: dict
:return: Tuple of True or False and opt
:rtype: Tuple(boolean, opt)
'''
opt = None
options = {}
## put everythin in the options but the user, pass, init
options.update(param)
for para in ["pass", "user", "init"]:
if options.has_key(para):
del options[para]
passw = getParam(param, "pass", optional)
user = getUserFromParam(param, optional)
# support for ocra application challenge verification
challenge = getParam(param, "challenge", optional)
if challenge is not None:
options = {}
options['challenge'] = challenge
c.audit['user'] = user.login
realm = user.realm or getDefaultRealm()
c.audit['realm'] = realm
# AUTHORIZATION Pre Check
# we need to overwrite the user.realm in case the user does not exist in the original realm (setrealm-policy)
user.realm = self.Policy.set_realm(user.login, realm, exception=True)
self.Policy.check_user_authorization(user.login, user.realm, exception=True)
if isSelfTest() == True:
initTime = getParam(param, "init", optional)
if initTime is not None:
if options is None:
options = {}
options['initTime'] = initTime
(ok, opt) = checkUserPass(user, passw, options=options)
c.audit['success'] = ok
if ok:
# AUTHORIZATION post check
toks = getTokens4UserOrSerial(None, c.audit["serial"])
if len(toks) > 0 and c.audit["serial"]:
# This might be empty in case of passOnNoToken
ttype = toks[0].getType().lower()
self.Policy.check_auth_tokentype(ttype, exception=True, user=user)
self.Policy.check_auth_serial(c.audit['serial'], exception=True, user=user)
# add additional details
if self.Policy.is_auth_return(ok, user=user):
#.........这里部分代码省略.........