linotp.lib.user module

contains user - related functions

class linotp.lib.user.User(login='', realm='', resolver_config_identifier='')[source]

Bases: object

addResolverUId(resolver, uid, conf='', resId='', resCId='')[source]
checkPass(password)[source]
does_exists(resolvers=None)[source]
exists()[source]

check if a user exists in the given realm

getRealm()[source]
getResolverConf(resolver_spec)[source]
getResolverUId(resolver_spec)[source]
getResolvers()[source]
getUser()[source]
getUserInfo(resolver=None)[source]
static getUserObject(login, realm=None, check_if_exist=False)[source]
getUserPerConf()[source]

a wildcard usr (realm = *) could have multiple configurations this method will return a list of uniq users, one per configuration

Returns:list of users
static get_fq_resolver(res)[source]
get_uid_resolver(resolvers=None)[source]
isEmpty()[source]
saveResolvers(resolvers)[source]

save the resolver objects as list as part of the user

linotp.lib.user.find_resolver_spec_for_config_identifier(realms_dict, config_identifier)[source]

Iterates through a realms dictionary, extracts the resolver specification and returns it, when its config identifier matches the provided config_identifier argument

Parameters:
  • realms_dict – A realms dictionary
  • config_identifier – The config identifier to search for

:return Resolver specification (or None if no match occured)

linotp.lib.user.getRealmBox()[source]

returns the config value of selfservice.realmbox. if True, the realmbox in the selfservice login will be displayed. if False, the realmbox will not be displayed and the user needs to login

linotp.lib.user.getResolvers(user)[source]

get the list of the Resolvers within a users.realm or from the resolver conf, if given in the user object

Note:It ignores the user.login attribute!
Parameters:user (User object) – User with realm or resolver conf
linotp.lib.user.getResolversOfUser(user, use_default_realm=True, allRealms=None, defaultRealm=None)[source]

This returns the list of the Resolvers of a user in a given realm. Usually this should only return one resolver

input:
user.login, user.realm
returns:
array of resolvers, the user was found in
linotp.lib.user.getSearchFields(user)[source]
linotp.lib.user.getSplitAtSign()[source]

returns the config value of splitAtSign. if True, the username should be split if there is an at sign. if False, the username will be taken unchanged for loginname.

linotp.lib.user.getUserDetail(user)[source]

Returns userinfo of an user

Parameters:user – the user
Returns:the userinfo dict
linotp.lib.user.getUserFromParam(param, optionalOrRequired, optional=False, required=False)[source]
linotp.lib.user.getUserFromRequest(request, config=None)[source]
This function first tries to get the user from
  • a DigestAuth and otherwise from
  • basic auth and otherwise from
  • the client certificate
linotp.lib.user.getUserId(userObject)[source]

return (uid,resId,resIdC)

linotp.lib.user.getUserInfo(userid, resolver, resolver_spec)[source]
linotp.lib.user.getUserList(param, search_user)[source]
linotp.lib.user.getUserListIterators(param, search_user)[source]

return a list of iterators for all userid resolvers

Parameters:
  • param – request params (dict), which might be realm or resolver conf
  • search_user – restrict the resolvers to those of the search_user
linotp.lib.user.getUserPhone(user, phone_type='phone')[source]

Returns the phone numer of a user

Parameters:
  • user (user object) – the user with the phone
  • phone_type (string) – The type of the phone, i.e. either mobile or phone (land line)
Returns:

list with phone numbers of this user object

linotp.lib.user.getUserRealms(user, allRealms=None, defaultRealm=None)[source]

Returns the realms, a user belongs to. If the user has no realm but only a useridresolver, than all realms, containing this resolver are returned. This function is used for the policy module

linotp.lib.user.getUserResolverId(user, report=False)[source]
linotp.lib.user.get_authenticated_user(username, realm, password=None, realm_box=False, authenticate=True, options=None)[source]

check the username and password against a userstore.

remark: the method is called in the context of repoze.who
during authentication and during auto_enrollToken/auto_assignToken
Parameters:
  • username – the user login name
  • realm – the realm, where the user belongs to
  • password – the to be checked userstore password
  • realm_box – take the information, if realmbox is displayed
Parm authenticate:
 

for the selftest, we skip the authentication

Returns:

None or authenticated user object

linotp.lib.user.setRealm(realm, resolvers)[source]
linotp.lib.user.splitUser(username)[source]

split the username into the user and realm

Parameters:username – the given username
Returns:tuple of (user and group/realm)