From 087bec8efe6404c00e4b9104d66dbb2fe4ad7ae0 Mon Sep 17 00:00:00 2001
From: Quentin Lux <luxquent@mila.quebec>
Date: Fri, 30 Oct 2020 10:28:48 -0400
Subject: [PATCH] correct test

---
 .travis.yml              |   4 ----
 pam-test.sqlite          | Bin 20480 -> 20480 bytes
 privacyidea_pam.py       |  36 ++++++++++++++++--------------------
 tests/test_pam_module.py |   5 ++++-
 4 files changed, 20 insertions(+), 25 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index 1a06861..a6e598e 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -2,10 +2,6 @@ language: python
 sudo: false
 python:
   - 2.7
-  - 3.5
-  - 3.6
-  - 3.7
-  - 3.8
 
 # command to install dependencies
 install:
diff --git a/pam-test.sqlite b/pam-test.sqlite
index c17dc55948f2a84dfb482a6fa56290a43d7a7a51..59325a1a8af1590145799fbb68670a72ec59a811 100644
GIT binary patch
delta 233
zcmZozz}T>Wae|Z(n;HWH11k{2z?O+RMoesK8xt1si)k@1b3J3=InCX{^^89P0y(E|
zY^>*G;n8APKCy8zh+Z+VaS2bOJO>A(yrg)OAOrK{K55O#qSE<{?2}ui7cl2CES%Ul
zm$^}%b@B<BMU0a-7s^g$;%H^ypUB_JKX<dBLMp$mBFuU?&Dj*fEXfe!?`>dU#Mu-K
zV;d$kg-)KTpRmbbKR;88(&U5oTB3#qy2b_yh6Ywf7FH&Pdd3z8M&_2A9RBe$F)0B6
DD<U`9

delta 201
zcmZozz}T>Wae|Z((|iU7238=3fvAZ(ModieHzq9N7gJ$i=6b-ubCkP@>j8fR1aeN;
z*jT~I#G^9VL24O<TEWOU`J9aSB<U_jj>+B93z*Xx7EWxO%iJi>1{7b!ICEp;RHjJ^
zY#bd7{9pMy_$O}`G^pa|<*Z?rWC-#1HZU+ssGYn(KY^RG8YW`6$zVS}Q)ANPgZ5gY
h1{S)8mI{W(R;ET)hQ@k^CdQ`5Mw=Y|@iQ?z0sw1vHa7qO

diff --git a/privacyidea_pam.py b/privacyidea_pam.py
index 4b9f58e..9f64abd 100644
--- a/privacyidea_pam.py
+++ b/privacyidea_pam.py
@@ -246,10 +246,12 @@ def offline_refill(self, serial, password):
         startdb(self.sql)
         refilltoken = None
         # get all possible serial/tokens for a user
-        for row in sql_select_statement("SELECT refilltoken FROM refilltokens WHERE serial=?",
-                             (serial)):
+        c.execute(sql_abstract("SELECT refilltoken FROM refilltokens WHERE serial=?"),
+                             (serial, ))
+        for row in c.fetchall():
             refilltoken = row[0]
             syslog.syslog("Doing refill with token {0!s}".format(refilltoken))
+
         closedb()
 
         if refilltoken:
@@ -484,7 +486,6 @@ def pam_sm_authenticate(pamh, flags, argv):
         return pamh.PAM_AUTHINFO_UNAVAIL
 
     try:
-
         if grace_time is not None:
             syslog.syslog(syslog.LOG_DEBUG,
                     "Grace period in minutes: %s " % (str(grace_time)))
@@ -494,7 +495,6 @@ def pam_sm_authenticate(pamh, flags, argv):
                 rval = pamh.PAM_SUCCESS
 
         if rval != pamh.PAM_SUCCESS:
-
             # Check if user has tokens
             Auth.check_user_tokens(Auth.user)
 
@@ -571,15 +571,18 @@ def check_offline_otp(sql_params, user, otp, window=10, refill=True):
     # get all possible serial/tokens for a user
     serials = []
     matching_serial = None
-    for row in sql_select_statement("SELECT serial, user FROM authitems WHERE user=?"
-                         "GROUP by serial", (user,)):
+
+    c.execute(sql_abstract("SELECT serial, user FROM authitems WHERE user=?"
+                         "GROUP by serial"), (user,))
+    for row in c.fetchall():
         serials.append(row[0])
 
     for serial in serials:
-        for row in sql_select_statement("SELECT counter, user, otp, serial FROM authitems "
+        c.execute(sql_abstract("SELECT counter, user, otp, serial FROM authitems "
                              "WHERE user=? and serial=? ORDER by counter "
-                             "LIMIT ?",
-                             (user, serial, window)):
+                             "LIMIT ?"),
+                             (user, serial, window))
+        for row in c.fetchall():
             hash_value = row[2]
             if passlib.hash.pbkdf2_sha512.verify(otp, hash_value):
                 res = True
@@ -660,11 +663,12 @@ def check_last_history(sql_params, user, rhost, grace_time, window=10):
     res = False
     events = []
 
-    for row in sql_select_statement("SELECT user, rhost, serial, last_success, last_error "
+    c.execute(sql_abstract("SELECT user, rhost, serial, last_success, last_error "
                          "FROM history "
                          "WHERE user=? AND rhost=? ORDER by last_success "
-                         "LIMIT ?",
-                         (user, rhost, window)):
+                         "LIMIT ?"),
+                         (user, rhost, window))
+    for row in c.fetchall():
         events.append(row)
 
     if len(events)>0:
@@ -788,11 +792,3 @@ def sql_abstract(sql_statement):
         return sql_statement
     else:
         return sql_statement.replace('?','%s')
-
-# Handle SQLite/MySQL SELECT statement
-def sql_select_statement(select_statement, sql_args):
-    exec_statement = c.execute(sql_abstract(select_statement),sql_args)
-    if SQLite:
-        return exec_statement
-    else:
-        return c.fetchall()
diff --git a/tests/test_pam_module.py b/tests/test_pam_module.py
index 998d927..bb099e5 100644
--- a/tests/test_pam_module.py
+++ b/tests/test_pam_module.py
@@ -321,6 +321,10 @@ def test_06_refill(self):
 
         # now with refill
         with responses.RequestsMock() as rsps:
+            rsps.add(responses.GET,
+                      "http://my.privacyidea.server/token",
+                      body=json.dumps(USER_TOKEN_BODY),
+                      content_type="application/json")
             rsps.add(responses.POST,
                           "http://my.privacyidea.server/validate/offlinerefill",
                           body=json.dumps(REFILL_BODY),
@@ -335,7 +339,6 @@ def test_06_refill(self):
                     "try_first_pass"]
             r = pam_sm_authenticate(pamh, flags, argv)
             self.assertEqual(r, PAMH.PAM_SUCCESS)
-            print rsps.calls[1].request
             self.assertIn('refilltoken=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa',
                           rsps.calls[1].request.body)