linotp.tokens.passwordtoken module

This file containes PasswordTokenClass

class linotp.tokens.passwordtoken.PasswordTokenClass(aToken)[source]

Bases: linotp.tokens.hmactoken.HmacTokenClass

This Token does use a static Password as the OTP value. In addition, the OTP PIN can be used with this token. This Token can be used for a scenario like losttoken

checkOtp(anOtpVal, counter, window, options=None)[source]

checks the static password - using the secret object password comparison method

  • anOtpVal – the password to be compared
  • counter
    • not used for the password token -
  • window
    • not used for the password token -
  • options
    • not used for the password token -

counter, which is 0 for success and -1 for failure

check_otp_exist(otp, window=10, user=None, autoassign=False)[source]

checks if the given OTP value is/are values of this very token. This is used to autoassign and to determine the serial number of a token.

  • otp (string) – the to be verified otp value
  • window (int) – the lookahead window for the counter

counter or -1 if otp does not exist

Return type:


classmethod getClassInfo(key=None, ret='all')[source]

getClassInfo - returns a subtree of the token definition

  • key (string) – subsection identifier
  • ret (user defined) – default return value, if nothing is found

subsection if key exists or user defined

Return type:


classmethod getClassPrefix()[source]
classmethod getClassType()[source]

getClassType - return the token type shortname

Return type:string
setOtpKey(otpKey, reset_failcount=True)[source]

the seed / secret for the password token contains the unix hashed (hmac256) format of the password. the iv is used as indicator that we are using the new format, which is the ‘:1:’ indicator

  • otpKey – the token seed / secret
  • reset_failcount – boolean, if the failcounter should be reseted

update - the api, which is called during the token enrollment

we have to make sure that the otpkey, which carries our password is encoded as utf-8 to not break the storing

Raises:otpkey contains the password and is required therefore otherewise raises ParameterError