14.2.1.2.3. Daplug Token

class edumfa.lib.tokens.daplugtoken.DaplugTokenClass(a_token)[source]

daplug token class implementation

create a token object

Parameters:

aToken (orm object) – instance of the orm db object

check_otp(anOtpVal, counter=None, window=None, options=None)[source]

checkOtp - validate the token otp against a given otpvalue

Parameters:
  • anOtpVal (string, format: efekeiebekeh) – the otpvalue to be verified

  • counter (int) – the counter state, that should be verified

  • window (int) – the counter +window, which should be checked

  • options (dict) – the dict, which could contain token specific info

Returns:

the counter state or -1

Return type:

int

check_otp_exist(otp, window=10)[source]

checks if the given OTP value is/are values of this very token. This is used to autoassign and to determine the serial number of a token.

Parameters:
  • otp (string) – the to be verified otp value

  • window (int) – the lookahead window for the counter

Returns:

counter or -1 if otp does not exist

Return type:

int

static get_class_info(key=None, ret='all')[source]

returns a subtree of the token definition

Parameters:
  • key (string) – subsection identifier

  • ret (user defined) – default return value, if nothing is found

Returns:

subsection if key exists or user defined

Return type:

dict or string

static get_class_prefix()[source]

Return the prefix, that is used as a prefix for the serial numbers. :return: oath

static get_class_type()[source]

return the token type shortname

Returns:

‘hotp’

Return type:

string

get_multi_otp(count=0, epoch_start=0, epoch_end=0, curTime=None, timestamp=None)[source]

return a dictionary of multiple future OTP values of the HOTP/HMAC token

WARNING: the dict that is returned contains a sequence number as key.

This it NOT the otp counter!

Parameters:
  • count (int) – how many otp values should be returned

  • epoch_start – Not used in HOTP

  • epoch_end – Not used in HOTP

  • curTime – Not used in HOTP

  • timestamp – not used in HOTP

  • counter_index – whether the counter should be used as index

Returns:

tuple of status: boolean, error: text and the OTP dictionary

get_otp(current_time=None)[source]

return the next otp value

Parameters:

curTime – Not Used in HOTP

Returns:

next otp value and PIN if possible

Return type:

tuple

is_multichallenge_enrollable = False
resync(otp1, otp2, options=None)[source]

resync the token based on two otp values - external method to do the resync of the token

Parameters:
  • otp1 (string) – the first otp value

  • otp2 (string) – the second otp value

  • options (dict or None) – optional token specific parameters

Returns:

counter or -1 if otp does not exist

Return type:

int

split_pin_pass(passw, user=None, options=None)[source]

Split the password into the token PIN and the OTP value

take the given password and split it into the PIN and the OTP value. The splitting can be dependent of certain policies. The policies may depend on the user.

Each token type may define its own way to slit the PIN and the OTP value.

Parameters:
  • passw – the password to split

  • user (User object) – The user/owner of the token

  • options (dict) – can be used be the token types.

Returns:

tuple of pin and otp value

Returns:

tuple of (split status, pin, otp value)

Return type:

tuple