Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Token-Handler: Reassign Token to another user #1941

Closed
cornelinux opened this issue Nov 22, 2019 · 2 comments
Labels

Comments

@cornelinux
Copy link
Member

@cornelinux cornelinux commented Nov 22, 2019

We could have an action in the token handler to reassign a token to another user.

The question is, how could we change the uid?
Or: The reassignment should probably be dependent on the existing tokenowner.
Or should we only change the assigned resolver and assigned realm and not change the uid?

@NuvandaPV NuvandaPV added this to the 3.3 milestone Nov 25, 2019
@cornelinux

This comment has been minimized.

Copy link
Member Author

@cornelinux cornelinux commented Nov 29, 2019

We might also want to add several examples of scripts for the script handler and have a script, that reassigns the token like this:

#!/opt/privacyidea/bin/python

from flask import Flask
from privacyidea.lib.token import unassign_token, assign_token
from privacyidea.lib.user import User
import argparse


NEW_REALM = "new_realm"


def reassign_token(serial, username):
    app = Flask(__name__, static_folder="static",
                template_folder="static/templates")
    app.config.from_pyfile("/etc/privacyidea/pi.cfg", silent=True)

    with app.app_context():
        # Set global values
        unassign_token(serial)
        assign_token(serial, User(username, NEW_REALM))


parser = argparse.ArgumentParser()
parser.add_argument('--serial', dest='serial')
parser.add_argument('--user', dest='username')
args = parser.parse_args()

# reassign the token to a new realm
reassign_token(args.serial, args.username)

This might acutally help users to create their own scripts!

@cornelinux cornelinux removed this from the 3.3 milestone Nov 30, 2019
@cornelinux

This comment has been minimized.

Copy link
Member Author

@cornelinux cornelinux commented Nov 30, 2019

I think this is very specific.
Such a script has been published in the new scripts repository here: https://github.com/privacyidea/scripts/blob/master/reassign-token.py

I think it is a good idea to collect scripts, that perform a very specifc task or to collect such scripts and later decide which actions should make it into the main software.

@cornelinux cornelinux closed this Nov 30, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.