6.1.1.2.1.8. linotp.controllers.ocra module¶
ocra controller - Interface for the Challenge Response Token (OCRA)
- class linotp.controllers.ocra.OcraController(*args, **kw)[source]¶
Bases: linotp.lib.base.BaseController
The OcraController implements challenges/response tokens according to RFC 6287
- check_t()[source]¶
- method:
- ocra/check_t
- description:
- verify the response of the ocra token
- arguments:
- transactionid: (required - string)
Dies ist eine Transaktions-ID, die bei der Challenge ausgegeben wurde.
- pass: (required - string)
die response, die der OCRA Token auf Grund der Challenge berechnet hat
returns:
A JSON response:
{ "version": "LinOTP 2.4", "jsonrpc": "2.0", "result": { "status": true, "value": { "failcount" : 3, "result": false } }, "id": 0 }
exception:
- checkstatus()[source]¶
- method:
- ocra/checkstatus
- description:
- Methode zur assynchronen Ueberpruefungen eines Challenge Response Valiadation requests
arguments:
- transactionid: (required one of - string - (hex))
Dies ist eine Transaktions-ID, die bei der Challenge ausgegeben wurde.
- serial: (required one of - string)
die Serien Nummer des OCRA Token
- user: (required one of - string)
die Benutzer eines Tokens
required is one of (user,serial,transactionid)
returns:
A JSON response:
{ "version": "LinOTP 2.4", "jsonrpc": "2.0", "result": { "status": true, "value": [ { "serial": SERIENNUMMER1, "transactionid": TRANSACTIONID1, "received_tan": true, "valid_tan": true, "failcount": 0 }, { "serial": SERIENNUMMER1, "transactionid": TRANSACTIONID2, "received_tan": false, "valid_tan": false, "failcount": 0 }, { "serial": SERIENNUMMER2, "transactionid": TRANSACTIONID3, "received_tan": true, "valid_tan": false, "failcount": 2 }, ] }, "id": 0 }
exception:
- getActivationCode()[source]¶
- method:
- ocra/getActivationCode
- description:
- returns an valid example activcation code
- arguments:
- ./.
- returns:
- JSON with “activationcode”: “JZXW4ZI=2A”
- request()[source]¶
- method:
- ocra/request
- description:
- request a challenge for a user or for a serial number (token).
- arguments:
- serial: (required - string) Serial number of the token, for which a challenge should be generated (either serial or user is required)
- user: (required - string) The user for whose token a challenge should be generated If the user has more than one token, an error is returend. (either serial or user is required)
- data: (required - String: URLendoced) These are the display data, that can be used to generate the challenge
- remark:
the app will report a wrong qrcode, if the policy:
{'authentication' : qrtanurl=https://localhost }
is not defined !!
returns:
A JSON respone:
{ "version": "LinOTP 2.4", "jsonrpc": "2.0", "result": { "status": true, "value": false, }, "detail": { "transactionid" : TRANSAKTIONSID, "data" : DATAOBJECT, } }
- transactionid: This is the transaction ID, that is used later for verifying the Return code /TAN.
- data: This is an object (URL) which can be used to generate a QR-Code to be displayed to the QRTAN App