linotp.controllers.tokens module¶
- class linotp.controllers.tokens.TokenAdapter(linotp_token)¶
Bases:
objectData class to hold a token representation based on the one returned by the TokenIterator, but transforming some of the fields.
The goal is not to have to repeat ourselves across all endpoint functions and keep the returned data structures in a consistent format.
- to_JSON_format()¶
Return a JSON-compatible dictionary representation of the Token.
Some attributes are related to each other and grouped by “topic”, namely: tokenConfiguration, userInfo, usageData, and validityPeriod.
- class linotp.controllers.tokens.TokensController(name, install_name='', **kwargs)¶
Bases:
BaseControllerThe linotp.controllers are the implementation of the web-API to talk to the LinOTP server. The TokenController is used for listing, creating, deleting and modifying tokens.
The following is the type definition of a Token:
{ "id": number, "description": string, "serial": string, "type": string, "creationDate": date, "isActive": boolean, "realms": [string], "tokenConfiguration": { "countWindow": number, "syncWindow": number, "otpLength": number, "otpCounter": number, }, "userInfo": { "id": string, "username": string, "description": string, "idResolverInfo": { "name": string, "class": string } }, "usageCounters": { "loginAttempts": number, "maxLoginAttempts": number, "maxSuccessfulLoginAttempts": number, "lastSuccessfulLoginAttempts": date, "failedLoginAttempts": number, "maxFailedLoginAttempts": number, "lastAuthenticationMatch": date }, "validityPeriod": { "start": date, "end": date, } }
Note: If a Token has no user,
userInfowill beNone- get_token_by_serial(serial)¶
Method: GET /api/v2/tokens/<serial>
Display all the information on a single token.
- Parameters
serial (string) – the unique token serial
- Returns
a JSON-RPC response with
resultin the following format:{ "status": boolean, "value": Token }
- Raises
PolicyException – if the logged-in admin does not have the correct permissions to view the token, return an HTTP 403 error response
Exception – if any other error occurs the exception message is serialized and returned in an HTTP 500 error response
- get_tokens()¶
Method: GET /api/v2/tokens
Display the list of all tokens visible to the logged-in administrator.
Should the
pageSizeparameter be defined, the list of tokens is truncated to the given length. By default, the first page is returned. Setting thepageparameter allows retrieving other pages.- Parameters
pageSize (int, optional) – limit the number of returned tokens, defaults to 50 (unless another value is specified in the configuration). Setting it to 0 returns all tokens.
page (int, optional) – request a certain page, defaults to 0
sortBy (str, optional) – sort the output by column, defaults to ‘serial’
sortOrder (str, optional) – ‘asc’ or ‘desc’, defaults to ‘asc’
searchTerm (str, optional) – limit entries to those partially matching the searchTerm
userId (str, optional) – limit the results to the tokens owned by the users with this user ID
username (str, optional) – limit the results to the tokens owned by the users with this username. Supports * as wildcard operator.
realm (str, optional) – limit the results to the tokens owned by the users in this realm. Supports * as wildcard operator.
resolverName (str, optional) – limit the results to the tokens owned by users in this resolver
- Returns
a JSON-RPC response with
resultin the following format:{ "status": boolean, "value": { "page": number, "pageSize": number, "totalPages": number, "totalRecords": number, "pageRecords": [ Token ] } }
- Raises
PolicyException – if the logged-in admin does not have the correct permissions to list tokens, return an HTTP 403 error response
Exception – if any other error occurs the exception message is serialized and returned in an HTTP 500 error response