"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "linotpd/src/linotp/lib/auth/validate.py" between
LinOTP-release-2.11.2.tar.gz and LinOTP-release-2.12.tar.gz

About: LinOTP is a flexible and versatile OTP-platform for strong user authentication (two-factor authentication with one time passwords).

validate.py  (LinOTP-release-2.11.2):validate.py  (LinOTP-release-2.12)
skipping to change at line 50 skipping to change at line 50
from linotp.lib.error import ParameterError from linotp.lib.error import ParameterError
from linotp.lib.realm import getDefaultRealm from linotp.lib.realm import getDefaultRealm
from linotp.lib.resolver import getResolverObject from linotp.lib.resolver import getResolverObject
from linotp.lib.token import TokenHandler from linotp.lib.token import TokenHandler
from linotp.lib.token import get_token_owner from linotp.lib.token import get_token_owner
from linotp.lib.token import getTokens4UserOrSerial from linotp.lib.token import getTokens4UserOrSerial
from linotp.lib.token import add_last_accessed_info from linotp.lib.token import add_last_accessed_info
from linotp.lib.token import add_last_verified_info
from linotp.tokens import tokenclass_registry from linotp.tokens import tokenclass_registry
from linotp.lib.user import User, getUserId, getUserInfo from linotp.lib.user import User, getUserId, getUserInfo
from linotp.lib.util import modhex_decode from linotp.lib.util import modhex_decode
from linotp.lib.policy import supports_offline from linotp.lib.policy import supports_offline
from linotp.lib.policy import get_auth_forward from linotp.lib.policy import get_auth_forward
from linotp.lib.policy import disable_on_authentication_exceed from linotp.lib.policy import disable_on_authentication_exceed
from linotp.lib.policy import delete_on_authentication_exceed from linotp.lib.policy import delete_on_authentication_exceed
skipping to change at line 112 skipping to change at line 114
otppin_mode = _get_otppin_mode(get_pin_policies(user)) otppin_mode = _get_otppin_mode(get_pin_policies(user))
if 1 == otppin_mode: if 1 == otppin_mode:
# We check the Users Password as PIN # We check the Users Password as PIN
log.debug("pin policy=1: checking the users password as pin") log.debug("pin policy=1: checking the users password as pin")
# this should not be the case # this should not be the case
if not options: if not options:
options = {} options = {}
if context.get(
'selfservice', {}).get(
'state', '') == 'credentials_verified':
return True
if 'pin_match' not in options: if 'pin_match' not in options:
options['pin_match'] = {} options['pin_match'] = {}
hashed_passw = sha256(passw.encode('utf-8')).hexdigest() hashed_passw = sha256(passw.encode('utf-8')).hexdigest()
# if password already found, we can return result again # if password already found, we can return result again
if hashed_passw in options['pin_match']: if hashed_passw in options['pin_match']:
log.debug("check if password already checked! %r " % log.debug("check if password already checked! %r " %
options['pin_match'][hashed_passw]) options['pin_match'][hashed_passw])
return options['pin_match'][hashed_passw] return options['pin_match'][hashed_passw]
skipping to change at line 852 skipping to change at line 859
fh = FinishTokens(valid_tokens, fh = FinishTokens(valid_tokens,
challenge_tokens, challenge_tokens,
pin_matching_tokens, pin_matching_tokens,
invalid_tokens, invalid_tokens,
validation_results, validation_results,
user, options, user, options,
audit_entry=audit_entry) audit_entry=audit_entry)
(res, reply) = fh.finish_checked_tokens() (res, reply) = fh.finish_checked_tokens()
# add to all tokens the last accessd time stamp # ------------------------------------------------------------------ --
add_last_accessed_info([
valid_tokens, pin_matching_tokens, challenge_tokens, invalid_tokens # add to all tokens the last accessed time stamp
])
add_last_accessed_info(valid_tokens + pin_matching_tokens +
challenge_tokens + invalid_tokens)
# add time stamp to all valid tokens
add_last_verified_info(valid_tokens)
# ------------------------------------------------------------------ --
# now we care for all involved tokens and their challenges # now we care for all involved tokens and their challenges
for token in (valid_tokens + pin_matching_tokens + for token in (valid_tokens + pin_matching_tokens +
challenge_tokens + invalid_tokens): challenge_tokens + invalid_tokens):
expired, _valid = Challenges.get_challenges(token) expired, _valid = Challenges.get_challenges(token)
if expired: if expired:
Challenges.delete_challenges(None, expired) Challenges.delete_challenges(None, expired)
log.debug("Number of valid tokens found " log.debug("Number of valid tokens found "
"(validTokenNum): %d" % len(valid_tokens)) "(validTokenNum): %d" % len(valid_tokens))
 End of changes. 3 change blocks. 
4 lines changed or deleted 19 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)