"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "linotpd/src/linotp/tests/functional/test_userservice/test_otplogin_userselfservice.py" between
LinOTP-release-2.11.2.tar.gz and LinOTP-release-2.12.tar.gz

About: LinOTP is a flexible and versatile OTP-platform for strong user authentication (two-factor authentication with one time passwords).

test_otplogin_userselfservice.py  (LinOTP-release-2.11.2):test_otplogin_userselfservice.py  (LinOTP-release-2.12)
skipping to change at line 335 skipping to change at line 335
test authentication with challenge response test authentication with challenge response
with a single token with a single token
the authentication is running in multiple steps: the authentication is running in multiple steps:
1. get the credentials_verified step 1. get the credentials_verified step
2. by calling the login with the 'credentials_verified' cookie 2. by calling the login with the 'credentials_verified' cookie
and no otp, we trigger a challenge and no otp, we trigger a challenge
3. reply with the previous cookie 'challenge_triggered' 3a. reply with the previous cookie 'challenge_triggered'
and an wrong otp should increment the token fail count
3b. reply with the previous cookie 'challenge_triggered'
and the otp should return the final 'authenticated' cookie and the otp should return the final 'authenticated' cookie
After the 3 step any operation could be made, like history After the 3 step any operation could be made, like history
""" """
# ------------------------------------------------------------------ -- # ------------------------------------------------------------------ --
# run the credential verification step # run the credential verification step
skipping to change at line 402 skipping to change at line 405
response) response)
# response should contain the challenge information # response should contain the challenge information
cookies = TestController.get_cookies(response) cookies = TestController.get_cookies(response)
auth_cookie = cookies.get('user_selfservice') auth_cookie = cookies.get('user_selfservice')
TestController.set_cookie(self.app, 'user_selfservice', auth_cookie) TestController.set_cookie(self.app, 'user_selfservice', auth_cookie)
# ------------------------------------------------------------------ -- # ------------------------------------------------------------------ --
# next request replies to the challenge response with a wrong otp
# and check if the fail counter is incremented
params = {
'serial': 'LoginToken'
}
response = self.make_admin_request('show', params)
token_data = json.loads(response.body)['result']['value']['data'][0]
failcount = token_data["LinOtp.FailCount"]
TestController.set_cookie(self.app, 'user_selfservice', auth_cookie)
params = {}
params['session'] = auth_cookie
otp = self.otps.pop()
params['otp'] = otp[::-1]
response = self.app.get(url(controller='userservice',
action='login'), params=params)
self.assertTrue('"value": false' in response, response)
params = {
'serial': 'LoginToken'
}
response = self.make_admin_request('show', params)
token_data = json.loads(response.body)['result']['value']['data'][0]
new_failcount = token_data["LinOtp.FailCount"]
assert new_failcount > failcount
# ------------------------------------------------------------------ --
# next request replies to the challenge response with an emptyotp
# and check if the fail counter is incremented
params = {
'serial': 'LoginToken'
}
response = self.make_admin_request('show', params)
token_data = json.loads(response.body)['result']['value']['data'][0]
failcount = token_data["LinOtp.FailCount"]
TestController.set_cookie(self.app, 'user_selfservice', auth_cookie)
params = {}
params['session'] = auth_cookie
otp = self.otps.pop()
params['otp'] = ''
response = self.app.get(url(controller='userservice',
action='login'), params=params)
self.assertTrue('"value": false' in response, response)
params = {
'serial': 'LoginToken'
}
response = self.make_admin_request('show', params)
token_data = json.loads(response.body)['result']['value']['data'][0]
new_failcount = token_data["LinOtp.FailCount"]
assert new_failcount > failcount
# ------------------------------------------------------------------ --
# next request replies to the challenge response and # next request replies to the challenge response and
# finishes the authorisation # finishes the authorisation
TestController.set_cookie(self.app, 'user_selfservice', auth_cookie)
params = {} params = {}
params['session'] = auth_cookie params['session'] = auth_cookie
params['otp'] = self.otps.pop() params['otp'] = self.otps.pop()
response = self.app.get(url(controller='userservice', response = self.app.get(url(controller='userservice',
action='login'), params=params) action='login'), params=params)
self.assertTrue('"value": true' in response, response) self.assertTrue('"value": true' in response, response)
cookies = TestController.get_cookies(response) cookies = TestController.get_cookies(response)
 End of changes. 3 change blocks. 
1 lines changed or deleted 72 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)