Added basic api key support, request signature not implemented
This commit is contained in:
parent
c30449c4e0
commit
8852fd6bf0
18
yubikey.py
18
yubikey.py
|
@ -1,4 +1,5 @@
|
||||||
#!/usr/bin/env python
|
#!/usr/bin/env python
|
||||||
|
|
||||||
import requests
|
import requests
|
||||||
import string
|
import string
|
||||||
from random import choice
|
from random import choice
|
||||||
|
@ -48,7 +49,7 @@ class YubicoWS(object):
|
||||||
|
|
||||||
return ws_response
|
return ws_response
|
||||||
|
|
||||||
def verify(self, yubikey_id, otp):
|
def verify(self, yubikey_id, otp, key=None):
|
||||||
endpoint = 'verify'
|
endpoint = 'verify'
|
||||||
url = self.api_ws + endpoint
|
url = self.api_ws + endpoint
|
||||||
|
|
||||||
|
@ -64,6 +65,10 @@ class YubicoWS(object):
|
||||||
'nonce': nonce
|
'nonce': nonce
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Use API key for signing the message if key is provided
|
||||||
|
if key:
|
||||||
|
data = self.sign_otp(data, key)
|
||||||
|
|
||||||
response = requests.get(url, params=data)
|
response = requests.get(url, params=data)
|
||||||
|
|
||||||
ws_response = self.parse_ws_response(response.text)
|
ws_response = self.parse_ws_response(response.text)
|
||||||
|
@ -74,11 +79,15 @@ class YubicoWS(object):
|
||||||
and ws_response['otp'] != otp \
|
and ws_response['otp'] != otp \
|
||||||
and True):
|
and True):
|
||||||
raise WSInvalidResponse()
|
raise WSInvalidResponse()
|
||||||
|
# TODO check signature
|
||||||
else:
|
else:
|
||||||
raise WSError(self._errors[ws_response['status']])
|
raise WSError(self._errors[ws_response['status']])
|
||||||
|
|
||||||
return ws_response
|
return ws_response
|
||||||
|
|
||||||
|
def sign_otp(self, data, key):
|
||||||
|
return data
|
||||||
|
|
||||||
def parse_ws_response(self, text):
|
def parse_ws_response(self, text):
|
||||||
data = {}
|
data = {}
|
||||||
for line in text.strip().split('\n'):
|
for line in text.strip().split('\n'):
|
||||||
|
@ -98,10 +107,12 @@ class Yubikey(object):
|
||||||
|
|
||||||
_last_result = False
|
_last_result = False
|
||||||
|
|
||||||
def __init__(self, yubikey_id=None):
|
def __init__(self, yubikey_id=None, key=None):
|
||||||
self.ws = YubicoWS()
|
self.ws = YubicoWS()
|
||||||
if yubikey_id:
|
if yubikey_id:
|
||||||
self.id = yubikey_id
|
self.id = yubikey_id
|
||||||
|
if key:
|
||||||
|
self.key = key
|
||||||
|
|
||||||
def register(self, email, otp):
|
def register(self, email, otp):
|
||||||
result = False
|
result = False
|
||||||
|
@ -118,7 +129,7 @@ class Yubikey(object):
|
||||||
result = False
|
result = False
|
||||||
if self.id:
|
if self.id:
|
||||||
self.get_prefix(otp)
|
self.get_prefix(otp)
|
||||||
result = self.ws.verify(self.id, otp)
|
result = self.ws.verify(self.id, otp, key=self.key)
|
||||||
if result == 'OK':
|
if result == 'OK':
|
||||||
result = True
|
result = True
|
||||||
|
|
||||||
|
@ -146,5 +157,6 @@ class WSResponseError(Exception):
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
return repr(self.msg)
|
return repr(self.msg)
|
||||||
|
|
||||||
|
|
||||||
class OTPIncorrectFormat(Exception):
|
class OTPIncorrectFormat(Exception):
|
||||||
pass
|
pass
|
||||||
|
|
Loading…
Reference in New Issue