[Freeipa-devel] [PATCH 0055] Add /session/token_sync POST support

Alexander Bokovoy abokovoy at redhat.com
Wed Jun 25 10:21:39 UTC 2014 

On Tue, 24 Jun 2014, Nathaniel McCallum wrote:
>On Mon, 2014-06-02 at 23:07 -0400, Nathaniel McCallum wrote:
>> This HTTP call takes the following parameters:
>>  * user
>>  * password
>>  * first_code
>>  * second_code
>>  * token (optional)
>>
>> Using this information, the server will perform token synchronization.
>> If the token is not specified, all tokens will be searched for
>> synchronization.
>> Otherwise, only the token specified will be searched.
>>
>> This patch depends on my patch #0054.
>
>Attached is a new revision. This version should force an update
>to /etc/httpd/conf.d/ipa.conf on update. It is also rebased on master.
ACK with condition that you apply attached fixups.

Since token that is passed by 'ipa otptoken-sync' command is not a full
DN, we need to support both cases, when DN and just a name is passed.
Attached patch fixes this.

-- 
/ Alexander Bokovoy
-------------- next part --------------
>From ac31c6c6ce0b7bc163696968e07e8dd3c75accef Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <abokovoy at redhat.com>
Date: Wed, 25 Jun 2014 13:17:08 +0300
Subject: [PATCH 9/9] fixup! Add /session/token_sync POST support

---
 ipaserver/rpcserver.py | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/ipaserver/rpcserver.py b/ipaserver/rpcserver.py
index 39134af..33d03e2 100644
--- a/ipaserver/rpcserver.py
+++ b/ipaserver/rpcserver.py
@@ -1165,8 +1165,12 @@ class sync_token(Backend, HTTP_Status):
         sr.setComponentByName('firstCode', data['first_code'])
         sr.setComponentByName('secondCode', data['second_code'])
         if 'token' in data:
-            token_dn = DN((self.api.Object.otptoken.primary_key.name, data['token']),
-                          self.api.env.container_otp, self.api.env.basedn)
+            try:
+                token_dn = DN(data['token'])
+            except ValueError:
+                token_dn = DN((self.api.Object.otptoken.primary_key.name, data['token']),
+                              self.api.env.container_otp, self.api.env.basedn)
+
             sr.setComponentByName('tokenDN', str(token_dn))
         rc = ldap.controls.RequestControl(sr.OID, True, encoder.encode(sr))
 
-- 
1.9.3

More information about the Freeipa-devel mailing list