Navigation Menu

Skip to content

Instantly share code, notes, and snippets.

@laclaro
Created April 24, 2020 15:32
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save laclaro/d7b2dcb3416e1b8d0e26c214a999bbbc to your computer and use it in GitHub Desktop.
Save laclaro/d7b2dcb3416e1b8d0e26c214a999bbbc to your computer and use it in GitHub Desktop.
privacyidea server error to #49
[2020-04-24 17:29:57,728][6537][139756680177472][DEBUG][privacyidea.api.before_after:84] Begin handling of request '/auth?'
[2020-04-24 17:29:57,729][6537][139756680177472][DEBUG][privacyidea.api.lib.utils:254] Can not get param: Expecting value: line 1 column 1 (char 0)
[2020-04-24 17:29:57,729][6537][139756680177472][DEBUG][privacyidea.lib.audit:189] Entering getAudit with arguments HIDDEN and keywords HIDDEN
[2020-04-24 17:29:57,729][6537][139756680177472][DEBUG][privacyidea.lib.utils:1198] klass: <class 'privacyidea.lib.auditmodules.loggeraudit.Audit'>
[2020-04-24 17:29:57,729][6537][139756680177472][DEBUG][privacyidea.lib.audit:198] Exiting getAudit with result <privacyidea.lib.auditmodules.loggeraudit.Audit object at 0x7f1b92906860>
[2020-04-24 17:29:57,729][6537][139756680177472][DEBUG][privacyidea.lib.config:186] Entering get_from_config with arguments ('OverrideAuthorizationClient',) and keywords {}
[2020-04-24 17:29:57,729][6537][139756680177472][DEBUG][privacyidea.lib.config:323] Cloning request-local config from shared config object
[2020-04-24 17:29:57,731][6537][139756680177472][DEBUG][privacyidea.lib.config:198] Exiting get_from_config with result None
[2020-04-24 17:29:57,731][6537][139756680177472][DEBUG][privacyidea.lib.auditmodules.base:186] Entering log with arguments (<privacyidea.lib.auditmodules.loggeraudit.Audit object at 0x7f1b92906860>, {'success': False, 'client': '127.0.0.1', 'client_user_agent': None, 'privacyidea_server': 'localhost:5000', 'action': 'POST /auth', 'action_detail': '', 'info': ''}) and keywords {}
[2020-04-24 17:29:57,732][6537][139756680177472][DEBUG][privacyidea.lib.auditmodules.base:198] Exiting log with result None
[2020-04-24 17:29:57,732][6537][139756680177472][DEBUG][privacyidea.lib.tokens.webauthntoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,732][6537][139756680177472][DEBUG][privacyidea.lib.tokens.webauthntoken:198] Exiting get_class_info with result {'authentication': {'webauthn_allowed_transports': {'type': 'str', 'desc': 'A list of transports to prefer to communicate with WebAuthn tokens. Default: usb ble nfc internal lightning (All standard transports)'}, 'webauthn_timeout': {'type': 'int', 'desc': 'The time in seconds the user has to confirm authorization on his WebAuthn token. Note: You will want to increase the ChallengeValidityTime along with this. Default: 60'}, 'webauthn_user_verification_requirement': {'type': 'str', 'desc': "Whether the user's identity should be verified when authenticating with a WebAuthn token. Default: preferred (verify the user if supported by the token)", 'value': ['required', 'preferred', 'discouraged']}, 'challenge_text': {'type': 'str', 'desc': 'Use an alternative challenge text for telling the user to confirm with his WebAuthn token.'}}, 'authorization': {'webauthn_authenticator_selection_list': {'type': 'str', 'desc': 'A list of WebAuthn authenticators acceptable for authorization, given as a space-separated list of AAGUIDs. Per default all authenticators are acceptable.'}, 'webauthn_req': {'type': 'str', 'desc': 'Only the specified WebAuthn-tokens are authorized.'}}, 'enrollment': {'webauthn_relying_party_name': {'type': 'str', 'desc': 'A human readable name for the organization rolling out WebAuthn tokens.', 'group': 'WebAuthn'}, 'webauthn_relying_party_id': {'type': 'str', 'desc': 'A domain name that is a subset of the respective FQDNs for all the webservices the users should be able to sign in to using WebAuthn tokens.', 'group': 'WebAuthn'}, 'webauthn_timeout': {'type': 'int', 'desc': 'The time in seconds the user has to confirm enrollment on his WebAuthn token. Note: You will want to increase the ChallengeValidityTime along with this. Default: 60', 'group': 'WebAuthn'}, 'webauthn_authenticator_attachment': {'type': 'str', 'desc': 'Whether to limit roll out of WebAuthn tokens to either only platform authenticators, or only cross-platform authenticators. Default: either', 'group': 'WebAuthn', 'value': ['platform', 'cross-platform', 'either']}, 'webauthn_authenticator_selection_list': {'type': 'str', 'desc': 'A list of WebAuthn authenticators acceptable for enrollment, given as a space-separated list of AAGUIDs. Per default all authenticators are acceptable.', 'group': 'WebAuthn'}, 'webauthn_user_verification_requirement': {'type': 'str', 'desc': "Whether the user's identity should be verified when rolling out a new WebAuthn token. Default: preferred (verify the user if supported by the token)", 'group': 'WebAuthn', 'value': ['required', 'preferred', 'discouraged']}, 'webauthn_public_key_credential_algorithm_preference': {'type': 'str', 'desc': 'Which algorithm to use for creating public key credentials for WebAuthn tokens. Default: ecdsa_preferred', 'group': 'WebAuthn', 'value': ['ecdsa_preferred', 'ecdsa_only', 'rsassa-pss_preferred', 'rsassa-pss_only']}, 'webauthn_authenticator_attestation_form': {'type': 'str', 'desc': 'Whether to request attestation data when enrolling a new WebAuthn token. Note: for u2f_req to work with WebAuthn, this cannot be set to none. Default: direct (ask for non-anonymized attestation data)', 'group': 'WebAuthn', 'value': ['none', 'indirect', 'direct']}, 'webauthn_authenticator_attestation_level': {'type': 'str', 'desc': 'Whether and how strictly to check authenticator attestation data. Note: If the attestation form is none, the attestation level needs to also be none. Default: untrusted (attestation is required, but can be unknown or self-signed)', 'group': 'WebAuthn', 'value': ['none', 'untrusted', 'trusted']}, 'webauthn_req': {'type': 'str', 'desc': 'Only the specified WebAuthn-tokens are allowed to be registered.', 'group': 'WebAuthn'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this number of WebAuthn tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this number of active WebAuthn tokens assigned.', 'group': 'token'}, 'challenge_text': {'type': 'str', 'desc': 'Use an alternate challenge text for telling the user to confirm with his WebAuthn device.', 'group': 'WebAuthn'}}}
[2020-04-24 17:29:57,733][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>,) and keywords {'name': None, 'scope': 'authentication', 'realm': None, 'active': True, 'resolver': None, 'user': None, 'client': '127.0.0.1', 'action': 'webauthn_timeout', 'adminrealm': None, 'adminuser': None, 'sort_by_priority': True}
[2020-04-24 17:29:57,733][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [{'name': 'webauthn', 'active': True, 'scope': 'enrollment', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'webauthn_relying_party_id': 'privacyidea.local', 'webauthn_relying_party_name': 'privacyIDEA'}}, {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,733][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: []
[2020-04-24 17:29:57,734][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching action: []
[2020-04-24 17:29:57,734][6537][139756680177472][DEBUG][privacyidea.lib.policy:617] Policies after matching client: []
[2020-04-24 17:29:57,734][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result []
[2020-04-24 17:29:57,734][6537][139756680177472][DEBUG][privacyidea.lib.policy:683] Policies after matching time: []
[2020-04-24 17:29:57,734][6537][139756680177472][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions
[2020-04-24 17:29:57,734][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>,) and keywords {'name': None, 'scope': 'authentication', 'realm': None, 'active': True, 'resolver': None, 'user': None, 'client': '127.0.0.1', 'action': 'webauthn_user_verification_requirement', 'adminrealm': None, 'adminuser': None, 'sort_by_priority': True}
[2020-04-24 17:29:57,734][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [{'name': 'webauthn', 'active': True, 'scope': 'enrollment', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'webauthn_relying_party_id': 'privacyidea.local', 'webauthn_relying_party_name': 'privacyIDEA'}}, {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,734][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: []
[2020-04-24 17:29:57,734][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching action: []
[2020-04-24 17:29:57,734][6537][139756680177472][DEBUG][privacyidea.lib.policy:617] Policies after matching client: []
[2020-04-24 17:29:57,734][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result []
[2020-04-24 17:29:57,734][6537][139756680177472][DEBUG][privacyidea.lib.policy:683] Policies after matching time: []
[2020-04-24 17:29:57,735][6537][139756680177472][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions
[2020-04-24 17:29:57,735][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>,) and keywords {'name': None, 'scope': 'authentication', 'realm': None, 'active': True, 'resolver': None, 'user': None, 'client': '127.0.0.1', 'action': 'webauthn_allowed_transports', 'adminrealm': None, 'adminuser': None, 'sort_by_priority': True}
[2020-04-24 17:29:57,735][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [{'name': 'webauthn', 'active': True, 'scope': 'enrollment', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'webauthn_relying_party_id': 'privacyidea.local', 'webauthn_relying_party_name': 'privacyIDEA'}}, {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,735][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: []
[2020-04-24 17:29:57,735][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching action: []
[2020-04-24 17:29:57,735][6537][139756680177472][DEBUG][privacyidea.lib.policy:617] Policies after matching client: []
[2020-04-24 17:29:57,735][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result []
[2020-04-24 17:29:57,735][6537][139756680177472][DEBUG][privacyidea.lib.policy:683] Policies after matching time: []
[2020-04-24 17:29:57,735][6537][139756680177472][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions
[2020-04-24 17:29:57,735][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>,) and keywords {'name': None, 'scope': 'authentication', 'realm': None, 'active': True, 'resolver': None, 'user': None, 'client': '127.0.0.1', 'action': 'webauthn_challenge_text', 'adminrealm': None, 'adminuser': None, 'sort_by_priority': True}
[2020-04-24 17:29:57,736][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [{'name': 'webauthn', 'active': True, 'scope': 'enrollment', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'webauthn_relying_party_id': 'privacyidea.local', 'webauthn_relying_party_name': 'privacyIDEA'}}, {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,736][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: []
[2020-04-24 17:29:57,736][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching action: []
[2020-04-24 17:29:57,736][6537][139756680177472][DEBUG][privacyidea.lib.policy:617] Policies after matching client: []
[2020-04-24 17:29:57,736][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result []
[2020-04-24 17:29:57,736][6537][139756680177472][DEBUG][privacyidea.lib.policy:683] Policies after matching time: []
[2020-04-24 17:29:57,736][6537][139756680177472][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions
[2020-04-24 17:29:57,736][6537][139756680177472][DEBUG][privacyidea.lib.config:186] Entering get_from_config with arguments ('splitAtSign',) and keywords {'return_bool': True}
[2020-04-24 17:29:57,736][6537][139756680177472][DEBUG][privacyidea.lib.config:198] Exiting get_from_config with result True
[2020-04-24 17:29:57,736][6537][139756680177472][DEBUG][privacyidea.lib.user:186] Entering split_user with arguments ('admin',) and keywords {}
[2020-04-24 17:29:57,736][6537][139756680177472][DEBUG][privacyidea.lib.user:198] Exiting split_user with result ('admin', '')
[2020-04-24 17:29:57,736][6537][139756680177472][DEBUG][privacyidea.lib.realm:186] Entering get_default_realm with arguments () and keywords {}
[2020-04-24 17:29:57,737][6537][139756680177472][DEBUG][privacyidea.lib.realm:198] Exiting get_default_realm with result defrealm
[2020-04-24 17:29:57,737][6537][139756680177472][DEBUG][privacyidea.lib.auditmodules.base:186] Entering log with arguments (<privacyidea.lib.auditmodules.loggeraudit.Audit object at 0x7f1b92906860>, {'user': 'admin', 'realm': 'defrealm'}) and keywords {}
[2020-04-24 17:29:57,737][6537][139756680177472][DEBUG][privacyidea.lib.auditmodules.base:198] Exiting log with result None
[2020-04-24 17:29:57,737][6537][139756680177472][DEBUG][privacyidea.lib.user:186] Entering __init__ with arguments (User(login='', realm='', resolver=''),) and keywords {}
[2020-04-24 17:29:57,737][6537][139756680177472][DEBUG][privacyidea.lib.user:198] Exiting __init__ with result None
[2020-04-24 17:29:57,756][6537][139756680177472][DEBUG][privacyidea.lib.auditmodules.base:186] Entering log with arguments (<privacyidea.lib.auditmodules.loggeraudit.Audit object at 0x7f1b92906860>, {'success': True, 'user': '', 'administrator': 'admin', 'info': 'internal admin'}) and keywords {}
[2020-04-24 17:29:57,757][6537][139756680177472][DEBUG][privacyidea.lib.auditmodules.base:198] Exiting log with result None
[2020-04-24 17:29:57,757][6537][139756680177472][DEBUG][privacyidea.lib.auditmodules.base:186] Entering log with arguments (<privacyidea.lib.auditmodules.loggeraudit.Audit object at 0x7f1b92906860>, {'success': True}) and keywords {}
[2020-04-24 17:29:57,757][6537][139756680177472][DEBUG][privacyidea.lib.auditmodules.base:198] Exiting log with result None
[2020-04-24 17:29:57,757][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering ui_get_rights with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>, 'admin', '', 'admin', '127.0.0.1') and keywords {}
[2020-04-24 17:29:57,757][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>,) and keywords {'name': None, 'scope': 'admin', 'realm': None, 'active': True, 'resolver': None, 'user': None, 'client': '127.0.0.1', 'action': None, 'adminrealm': '', 'adminuser': 'admin', 'sort_by_priority': True}
[2020-04-24 17:29:57,757][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [{'name': 'webauthn', 'active': True, 'scope': 'enrollment', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'webauthn_relying_party_id': 'privacyidea.local', 'webauthn_relying_party_name': 'privacyIDEA'}}, {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,757][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: []
[2020-04-24 17:29:57,758][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching adminrealm: []
[2020-04-24 17:29:57,758][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching adminuser: []
[2020-04-24 17:29:57,758][6537][139756680177472][DEBUG][privacyidea.lib.policy:617] Policies after matching client: []
[2020-04-24 17:29:57,758][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result []
[2020-04-24 17:29:57,758][6537][139756680177472][DEBUG][privacyidea.lib.policy:683] Policies after matching time: []
[2020-04-24 17:29:57,758][6537][139756680177472][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions
[2020-04-24 17:29:57,758][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>,) and keywords {'scope': 'admin', 'active': True}
[2020-04-24 17:29:57,758][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [{'name': 'webauthn', 'active': True, 'scope': 'enrollment', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'webauthn_relying_party_id': 'privacyidea.local', 'webauthn_relying_party_name': 'privacyIDEA'}}, {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,758][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: []
[2020-04-24 17:29:57,758][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result []
[2020-04-24 17:29:57,758][6537][139756680177472][DEBUG][privacyidea.lib.policy:999] No policies defined, so we set all rights.
[2020-04-24 17:29:57,758][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering get_static_policy_definitions with arguments ('admin',) and keywords {}
[2020-04-24 17:29:57,758][6537][139756680177472][DEBUG][privacyidea.lib.resolver:186] Entering get_resolver_list with arguments () and keywords {}
[2020-04-24 17:29:57,759][6537][139756680177472][DEBUG][privacyidea.lib.resolver:200] Exiting get_resolver_list with result HIDDEN
[2020-04-24 17:29:57,759][6537][139756680177472][DEBUG][privacyidea.lib.realm:186] Entering get_realms with arguments () and keywords {}
[2020-04-24 17:29:57,759][6537][139756680177472][DEBUG][privacyidea.lib.realm:198] Exiting get_realms with result {'defrealm': {'option': '', 'default': True, 'resolver': [{'priority': None, 'name': 'deflocal', 'type': 'passwdresolver'}]}, 'ldap': {'option': '', 'default': False, 'resolver': [{'priority': None, 'name': 'virtkolab', 'type': 'ldapresolver'}]}}
[2020-04-24 17:29:57,759][6537][139756680177472][DEBUG][privacyidea.lib.smtpserver:186] Entering get_smtpservers with arguments () and keywords {}
[2020-04-24 17:29:57,760][6537][139756680177472][DEBUG][privacyidea.lib.smtpserver:198] Exiting get_smtpservers with result []
[2020-04-24 17:29:57,760][6537][139756680177472][DEBUG][privacyidea.lib.radiusserver:186] Entering get_radiusservers with arguments () and keywords {}
[2020-04-24 17:29:57,760][6537][139756680177472][DEBUG][privacyidea.lib.radiusserver:198] Exiting get_radiusservers with result []
[2020-04-24 17:29:57,761][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting get_static_policy_definitions with result {'enable': {'type': 'bool', 'desc': 'Admin is allowed to enable tokens.', 'mainmenu': ['tokens'], 'group': 'token'}, 'disable': {'type': 'bool', 'desc': 'Admin is allowed to disable tokens.', 'mainmenu': ['tokens'], 'group': 'token'}, 'set': {'type': 'bool', 'desc': 'Admin is allowed to set token properties.', 'mainmenu': ['tokens'], 'group': 'token'}, 'setpin': {'type': 'bool', 'desc': 'Admin is allowed to set the OTP PIN of tokens.', 'mainmenu': ['tokens'], 'group': 'token'}, 'setrandompin': {'type': 'bool', 'desc': 'Admin is allowed to set a random OTP PIN of tokens.', 'mainmenu': ['tokens'], 'group': 'token'}, 'settokeninfo': {'type': 'bool', 'desc': 'Admin is allowed to manually set and delete token info.', 'mainmenu': ['tokens'], 'group': 'token'}, 'enrollpin': {'type': 'bool', 'desc': 'Admin is allowed to set the OTP PIN during enrollment.', 'mainmenu': ['tokens'], 'group': 'enrollment'}, 'resync': {'type': 'bool', 'desc': 'Admin is allowed to resync tokens.', 'mainmenu': ['tokens'], 'group': 'token'}, 'reset': {'type': 'bool', 'desc': 'Admin is allowed to reset the Failcounter of a token.', 'mainmenu': ['tokens'], 'group': 'token'}, 'revoke': {'tpye': 'bool', 'desc': 'Admin is allowed to revoke a token', 'mainmenu': ['tokens'], 'group': 'token'}, 'assign': {'type': 'bool', 'desc': 'Admin is allowed to assign a token to a user.', 'mainmenu': ['tokens', 'users'], 'group': 'token'}, 'unassign': {'type': 'bool', 'desc': 'Admin is allowed to remove the token from a user, i.e. unassign a token.', 'mainmenu': ['tokens'], 'group': 'token'}, 'importtokens': {'type': 'bool', 'desc': 'Admin is allowed to import token files.', 'mainmenu': ['tokens'], 'group': 'system'}, 'delete': {'type': 'bool', 'desc': 'Admin is allowed to remove tokens from the database.', 'mainmenu': ['tokens'], 'group': 'token'}, 'userlist': {'type': 'bool', 'desc': 'Admin is allowed to view the list of the users.', 'mainmenu': ['users'], 'group': 'general'}, 'machinelist': {'type': 'bool', 'desc': 'The Admin is allowed to list the machines.', 'mainmenu': ['machines'], 'group': 'machine'}, 'manage_machine_tokens': {'type': 'bool', 'desc': 'The Admin is allowed to attach and detach tokens to machines.', 'mainmenu': ['tokens', 'machines'], 'group': 'machine'}, 'fetch_authentication_items': {'type': 'bool', 'desc': 'The Admin is allowed to fetch authentication items of tokens assigned to machines.', 'group': 'general'}, 'tokenrealms': {'type': 'bool', 'desc': 'Admin is allowed to manage the realms of a token.', 'mainmenu': ['tokens'], 'group': 'token'}, 'tokenlist': {'type': 'bool', 'desc': 'Admin is allowed to list tokens.', 'mainmenu': ['tokens'], 'group': 'token'}, 'getserial': {'type': 'bool', 'desc': 'Admin is allowed to retrieve a serial for a given OTP value.', 'mainmenu': ['tokens'], 'group': 'tools'}, 'getrandom': {'type': 'bool', 'desc': 'Admin is allowed to retrieve random keys from privacyIDEA.', 'group': 'tools'}, 'copytokenpin': {'type': 'bool', 'desc': 'Admin is allowed to copy the PIN of one token to another token.', 'group': 'tools'}, 'copytokenuser': {'type': 'bool', 'desc': 'Admin is allowed to copy the assigned user to another token, i.e. assign a user ot another token.', 'group': 'tools'}, 'losttoken': {'type': 'bool', 'desc': 'Admin is allowed to trigger the lost token workflow.', 'mainmenu': ['tokens'], 'group': 'tools'}, 'configwrite': {'type': 'bool', 'desc': 'Admin is allowed to write and modify the system configuration.', 'group': 'system', 'mainmenu': ['config']}, 'configdelete': {'type': 'bool', 'desc': 'Admin is allowed to delete keys in the system configuration.', 'group': 'system', 'mainmenu': ['config']}, 'configread': {'type': 'bool', 'desc': 'Admin is allowed to read basic system configuration.', 'group': 'system', 'mainmenu': ['config']}, 'system_documentation': {'type': 'bool', 'desc': 'Admin is allowed to export a documentation of the complete configuration including resolvers and realm.', 'group': 'system', 'mainmenu': ['config']}, 'policywrite': {'type': 'bool', 'desc': 'Admin is allowed to write and modify the policies.', 'group': 'system', 'mainmenu': ['config']}, 'policydelete': {'type': 'bool', 'desc': 'Admin is allowed to delete policies.', 'group': 'system', 'mainmenu': ['config']}, 'policyread': {'type': 'bool', 'desc': 'Admin is allowed to read policies.', 'group': 'system', 'mainmenu': ['config']}, 'resolverwrite': {'type': 'bool', 'desc': 'Admin is allowed to write and modify the resolver and realm configuration.', 'group': 'system', 'mainmenu': ['config']}, 'resolverdelete': {'type': 'bool', 'desc': 'Admin is allowed to delete resolvers and realms.', 'group': 'system', 'mainmenu': ['config']}, 'resolverread': {'type': 'bool', 'desc': 'Admin is allowed to read resolvers.', 'group': 'system', ' mainmenu': ['config']}, 'caconnectorwrite': {'type': 'bool', 'desc': 'Admin is allowed to create new CA Connector definitions and modify existing ones.', 'group': 'system', 'mainmenu': ['config']}, 'caconnectordelete': {'type': 'bool', 'desc': 'Admin is allowed to delete CA Connector definitions.', 'group': 'system', 'mainmenu': ['config']}, 'caconnectorread': {'type': 'bool', 'desc': 'Admin is allowed to read CA Connector definitions.', 'group': 'system', 'mainmenu': ['config']}, 'mresolverwrite': {'type': 'bool', 'desc': 'Admin is allowed to write and modify the machine resolvers.', 'group': 'system', 'mainmenu': ['config']}, 'mresolverdelete': {'type': 'bool', 'desc': 'Admin is allowed to delete machine resolvers.', 'group': 'system', 'mainmenu': ['config']}, 'mresolverread': {'type': 'bool', 'desc': 'Admin is allowed to read machine resolvers.', 'group': 'system', 'mainmenu': ['config']}, 'otp_pin_maxlength': {'type': 'int', 'value': [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31], 'desc': 'Set the maximum allowed length of the OTP PIN.', 'group': 'pin'}, 'otp_pin_minlength': {'type': 'int', 'value': [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31], 'desc': 'Set the minimum required length of the OTP PIN.', 'group': 'pin'}, 'otp_pin_contents': {'type': 'str', 'desc': 'Specifiy the required contents of the OTP PIN. (c)haracters, (n)umeric, (s)pecial. Use modifiers +/- or a list of allowed characters [1234567890]', 'group': 'pin'}, 'otp_pin_set_random': {'type': 'int', 'value': [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31], 'desc': 'The length of a random PIN set by the administrator.', 'group': 'pin'}, 'auditlog': {'type': 'bool', 'desc': 'Admin is allowed to view the Audit log.', 'group': 'system', 'mainmenu': ['audit']}, 'auditlog_age': {'type': 'str', 'desc': 'The admin will only see audit entries of the last 10d, 3m or 2y.', 'group': 'system', 'mainmenu': ['audit']}, 'auditlog_download': {'type': 'bool', 'desc': 'The admin is allowed to download the complete auditlog.', 'group': 'system', 'mainmenu': ['audit']}, 'adduser': {'type': 'bool', 'desc': 'Admin is allowed to add users in a userstore/UserIdResolver.', 'group': 'user', 'mainmenu': ['users']}, 'updateuser': {'type': 'bool', 'desc': 'Admin is allowed to update the users data in a userstore.', 'group': 'user', 'mainmenu': ['users']}, 'deleteuser': {'type': 'bool', 'desc': 'Admin is allowed to delete a user object in a userstore.', 'mainmenu': ['users'], 'group': 'user'}, 'set_hsm_password': {'type': 'bool', 'desc': 'Admin is allowed to set the password of the HSM/Security Module.', 'group': 'system'}, 'getchallenges': {'type': 'bool', 'desc': 'Admin is allowed to retrieve the list of active challenges.', 'mainmenu': ['tokens'], 'group': 'general'}, 'smtpserver_write': {'type': 'bool', 'desc': 'Admin is allowed to write new SMTP server definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'smtpserver_read': {'type': 'bool', 'desc': 'Admin is allowed to read SMTP server definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'radiusserver_write': {'type': 'bool', 'desc': 'Admin is allowed to write new RADIUS server definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'radiusserver_read': {'type': 'bool', 'desc': 'Admin is allowed to read RADIUS server definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'privacyideaserver_write': {'type': 'bool', 'desc': 'Admin is allowed to write remote privacyIDEA server definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'privacyideaserver_read': {'type': 'bool', 'desc': 'Admin is allowed to read remote privacyIDEA server definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'periodictask_write': {'type': 'bool', 'desc': 'Admin is allowed to write periodic task definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'periodictask_read': {'type': 'bool', 'desc': 'Admin is allowed to read periodic task definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'statistics_read': {'type': 'bool', 'desc': 'Admin is allowed to read statistics data.', 'group': 'system'}, 'statistics_delete': {'type': 'bool', 'desc': 'Admin is allowed to delete statistics data.', 'group': 'system'}, 'eventhandling_write': {'type': 'bool', 'desc': 'Admin is allowed to write and modify the event handling configuration.', 'mainmenu': ['config'], 'group': 'system'}, 'eventhandling_read': {'type': 'bool', 'desc': 'Admin is allowed to read event handling configuration.', 'mainmenu': ['config'], 'group': 'system'}, 'smsgateway_write': {'type': 'bool', 'desc': 'Admin is allowed to write and modify SMS gateway definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'smsgateway_read': {'type': 'bool', 'desc': 'Admin is allowed to read SMS gateway definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'clienttype': {'type': 'bool', 'desc': 'Admin is allowed to get the list of authenticated clients and their types.', 'mainmenu': ['components'], 'group': 'system'}, 'managesubscription': {'type': 'bool', 'desc': 'Admin is allowed to add and delete component subscriptions.', 'mainmenu': ['components'], 'group': 'system'}, 'triggerchallenge': {'type': 'bool', 'desc': 'The Admin is allowed to trigger a challenge for e.g. SMS OTP token.', 'mainmenu': [], 'group': 'general'}}
[2020-04-24 17:29:57,763][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('yubico',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,764][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubicotoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,764][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubicotoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,764][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,764][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('yubico',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,764][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubicotoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,764][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubicotoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of Yubico tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active Yubico tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,764][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of Yubico tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active Yubico tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,764][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('yubico',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,764][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubicotoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,764][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubicotoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,765][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,765][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('question',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,765][6537][139756680177472][DEBUG][privacyidea.lib.tokens.questionnairetoken:186] Entering get_class_info with arguments (<class 'privacyidea.lib.tokens.questionnairetoken.QuestionnaireTokenClass'>, 'user') and keywords {}
[2020-04-24 17:29:57,765][6537][139756680177472][DEBUG][privacyidea.lib.tokens.questionnairetoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,765][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,765][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('question',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,765][6537][139756680177472][DEBUG][privacyidea.lib.tokens.questionnairetoken:186] Entering get_class_info with arguments (<class 'privacyidea.lib.tokens.questionnairetoken.QuestionnaireTokenClass'>, 'policy') and keywords {}
[2020-04-24 17:29:57,765][6537][139756680177472][DEBUG][privacyidea.lib.tokens.questionnairetoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of questionaire tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active questionaire tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,765][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of questionaire tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active questionaire tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,765][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('question',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,765][6537][139756680177472][DEBUG][privacyidea.lib.tokens.questionnairetoken:186] Entering get_class_info with arguments (<class 'privacyidea.lib.tokens.questionnairetoken.QuestionnaireTokenClass'>, 'pin_scopes') and keywords {}
[2020-04-24 17:29:57,766][6537][139756680177472][DEBUG][privacyidea.lib.tokens.questionnairetoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,766][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,766][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('sms',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,766][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,766][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('sms',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,767][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'authentication': {'smstext': {'type': 'str', 'desc': 'The text that will be send via SMS for an SMS token. Use <otp> and <serial> as parameters.'}, 'smsautosend': {'type': 'bool', 'desc': 'If set, a new SMS OTP will be sent after successful authentication with one SMS OTP.'}, 'challenge_text': {'type': 'str', 'desc': 'Use an alternate challenge text for telling the user to enter the code from the SMS.'}}, 'admin': {'sms_gateways': {'type': 'str', 'desc': 'Choose the gateways the administrator is allowed to set. ()'}}, 'user': {'sms_gateways': {'type': 'str', 'desc': 'Choose the gateways the user is allowed to set. ()'}}, 'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of SMS tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active SMS tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,767][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('sms',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,768][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,768][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('ocra',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,768][6537][139756680177472][DEBUG][privacyidea.lib.tokens.ocratoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,768][6537][139756680177472][DEBUG][privacyidea.lib.tokens.ocratoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,768][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,768][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('ocra',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,768][6537][139756680177472][DEBUG][privacyidea.lib.tokens.ocratoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,768][6537][139756680177472][DEBUG][privacyidea.lib.tokens.ocratoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of OCRA tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active OCRA tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,769][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of OCRA tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active OCRA tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,769][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('ocra',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,769][6537][139756680177472][DEBUG][privacyidea.lib.tokens.ocratoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,769][6537][139756680177472][DEBUG][privacyidea.lib.tokens.ocratoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,769][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,769][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('daplug',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,769][6537][139756680177472][DEBUG][privacyidea.lib.tokens.daplugtoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,769][6537][139756680177472][DEBUG][privacyidea.lib.tokens.daplugtoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,769][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,769][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('daplug',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,769][6537][139756680177472][DEBUG][privacyidea.lib.tokens.daplugtoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,769][6537][139756680177472][DEBUG][privacyidea.lib.tokens.daplugtoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of daplug tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active daplug tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,770][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of daplug tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active daplug tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,770][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('daplug',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,770][6537][139756680177472][DEBUG][privacyidea.lib.tokens.daplugtoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,770][6537][139756680177472][DEBUG][privacyidea.lib.tokens.daplugtoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,770][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,770][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('sshkey',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,770][6537][139756680177472][DEBUG][privacyidea.lib.tokens.sshkeytoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,770][6537][139756680177472][DEBUG][privacyidea.lib.tokens.sshkeytoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,770][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,770][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('sshkey',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,770][6537][139756680177472][DEBUG][privacyidea.lib.tokens.sshkeytoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,771][6537][139756680177472][DEBUG][privacyidea.lib.tokens.sshkeytoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of SSH keys assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active SSH keys assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,771][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of SSH keys assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active SSH keys assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,771][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('sshkey',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,771][6537][139756680177472][DEBUG][privacyidea.lib.tokens.sshkeytoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,771][6537][139756680177472][DEBUG][privacyidea.lib.tokens.sshkeytoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,771][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,771][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('paper',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,771][6537][139756680177472][DEBUG][privacyidea.lib.tokens.papertoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,771][6537][139756680177472][DEBUG][privacyidea.lib.tokens.papertoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,771][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,772][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('paper',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,772][6537][139756680177472][DEBUG][privacyidea.lib.tokens.papertoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,772][6537][139756680177472][DEBUG][privacyidea.lib.tokens.papertoken:198] Exiting get_class_info with result {'enrollment': {'papertoken_count': {'type': 'int', 'desc': 'The number of OTP values, which are printed on the paper.'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of paper tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active paper tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,772][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'papertoken_count': {'type': 'int', 'desc': 'The number of OTP values, which are printed on the paper.'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of paper tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active paper tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,772][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('paper',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,772][6537][139756680177472][DEBUG][privacyidea.lib.tokens.papertoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,772][6537][139756680177472][DEBUG][privacyidea.lib.tokens.papertoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,772][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,772][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('pw',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,772][6537][139756680177472][DEBUG][privacyidea.lib.tokens.passwordtoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,773][6537][139756680177472][DEBUG][privacyidea.lib.tokens.passwordtoken:198] Exiting get_class_info with result []
[2020-04-24 17:29:57,773][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result []
[2020-04-24 17:29:57,773][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('pw',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,773][6537][139756680177472][DEBUG][privacyidea.lib.tokens.passwordtoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,773][6537][139756680177472][DEBUG][privacyidea.lib.tokens.passwordtoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of password tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active password tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,773][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of password tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active password tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,773][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('pw',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,773][6537][139756680177472][DEBUG][privacyidea.lib.tokens.passwordtoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,773][6537][139756680177472][DEBUG][privacyidea.lib.tokens.passwordtoken:198] Exiting get_class_info with result None
[2020-04-24 17:29:57,773][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result None
[2020-04-24 17:29:57,773][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('spass',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,773][6537][139756680177472][DEBUG][privacyidea.lib.tokens.spasstoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,774][6537][139756680177472][DEBUG][privacyidea.lib.tokens.spasstoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,774][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,774][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('spass',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,774][6537][139756680177472][DEBUG][privacyidea.lib.tokens.spasstoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,774][6537][139756680177472][DEBUG][privacyidea.lib.tokens.spasstoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of SPASS tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active SPASS tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,774][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of SPASS tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active SPASS tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,774][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('spass',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,774][6537][139756680177472][DEBUG][privacyidea.lib.tokens.spasstoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,774][6537][139756680177472][DEBUG][privacyidea.lib.tokens.spasstoken:198] Exiting get_class_info with result ['admin', 'user']
[2020-04-24 17:29:57,774][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['admin', 'user']
[2020-04-24 17:29:57,775][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('motp',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,775][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,775][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('motp',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,775][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of mOTP tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active mOTP tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,775][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('motp',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,775][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,775][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('certificate',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,775][6537][139756680177472][DEBUG][privacyidea.lib.tokens.certificatetoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,775][6537][139756680177472][DEBUG][privacyidea.lib.tokens.certificatetoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,775][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,775][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('certificate',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,776][6537][139756680177472][DEBUG][privacyidea.lib.tokens.certificatetoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,776][6537][139756680177472][DEBUG][privacyidea.lib.tokens.certificatetoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of certificates assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active certificates assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,776][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of certificates assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active certificates assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,776][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('certificate',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,776][6537][139756680177472][DEBUG][privacyidea.lib.tokens.certificatetoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,776][6537][139756680177472][DEBUG][privacyidea.lib.tokens.certificatetoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,776][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,776][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('tan',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,776][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tantoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,776][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tantoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,776][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,777][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('tan',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,777][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tantoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,777][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tantoken:198] Exiting get_class_info with result {'enrollment': {'tantoken_count': {'type': 'int', 'desc': 'The number of OTP values, which are printed on the paper.'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of TAN tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active TAN tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,777][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'tantoken_count': {'type': 'int', 'desc': 'The number of OTP values, which are printed on the paper.'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of TAN tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active TAN tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,777][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('tan',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,777][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tantoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,777][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tantoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,777][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,777][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('vasco',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,777][6537][139756680177472][DEBUG][privacyidea.lib.tokens.vascotoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,778][6537][139756680177472][DEBUG][privacyidea.lib.tokens.vascotoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,778][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,778][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('vasco',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,778][6537][139756680177472][DEBUG][privacyidea.lib.tokens.vascotoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,778][6537][139756680177472][DEBUG][privacyidea.lib.tokens.vascotoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of Vasco tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active Vasco tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,778][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of Vasco tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active Vasco tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,778][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('vasco',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,778][6537][139756680177472][DEBUG][privacyidea.lib.tokens.vascotoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,778][6537][139756680177472][DEBUG][privacyidea.lib.tokens.vascotoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,778][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,778][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('registration',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,778][6537][139756680177472][DEBUG][privacyidea.lib.tokens.registrationtoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,779][6537][139756680177472][DEBUG][privacyidea.lib.tokens.registrationtoken:198] Exiting get_class_info with result []
[2020-04-24 17:29:57,779][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result []
[2020-04-24 17:29:57,779][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('registration',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,779][6537][139756680177472][DEBUG][privacyidea.lib.tokens.registrationtoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,779][6537][139756680177472][DEBUG][privacyidea.lib.tokens.registrationtoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of registration tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active registration tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,779][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of registration tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active registration tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,779][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('registration',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,779][6537][139756680177472][DEBUG][privacyidea.lib.tokens.registrationtoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,779][6537][139756680177472][DEBUG][privacyidea.lib.tokens.registrationtoken:198] Exiting get_class_info with result None
[2020-04-24 17:29:57,779][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result None
[2020-04-24 17:29:57,779][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('yubikey',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,780][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubikeytoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,780][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubikeytoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,780][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,780][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('yubikey',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,780][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubikeytoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,780][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubikeytoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of Yubikey tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active Yubikey tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,780][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of Yubikey tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active Yubikey tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,780][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('yubikey',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,780][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubikeytoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,780][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubikeytoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,780][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,781][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('radius',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,781][6537][139756680177472][DEBUG][privacyidea.lib.tokens.radiustoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,781][6537][139756680177472][DEBUG][privacyidea.lib.tokens.radiustoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,781][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,781][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('radius',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,781][6537][139756680177472][DEBUG][privacyidea.lib.tokens.radiustoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,781][6537][139756680177472][DEBUG][privacyidea.lib.tokens.radiustoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of RADIUS tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active RADIUS tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,781][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of RADIUS tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active RADIUS tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,781][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('radius',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,781][6537][139756680177472][DEBUG][privacyidea.lib.tokens.radiustoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,781][6537][139756680177472][DEBUG][privacyidea.lib.tokens.radiustoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,782][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,782][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('tiqr',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,782][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tiqrtoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,782][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tiqrtoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,782][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,782][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('tiqr',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,782][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tiqrtoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,782][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tiqrtoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of TiQR tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active TiQR tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,782][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of TiQR tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active TiQR tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,782][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('tiqr',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,782][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tiqrtoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,783][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tiqrtoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,783][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,783][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('hotp',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,783][6537][139756680177472][DEBUG][privacyidea.lib.tokens.hotptoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,783][6537][139756680177472][DEBUG][privacyidea.lib.tokens.hotptoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,783][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,783][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('hotp',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,783][6537][139756680177472][DEBUG][privacyidea.lib.tokens.hotptoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,783][6537][139756680177472][DEBUG][privacyidea.lib.tokens.hotptoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of HOTP tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active HOTP tokens assigned.', 'group': 'token'}, 'yubikey_access_code': {'type': 'str', 'desc': 'The Yubikey access code used to initialize Yubikeys.'}, 'hotp_2step_clientsize': {'type': 'int', 'desc': 'The size of the OTP seed part contributed by the client (in bytes)'}, 'hotp_2step_serversize': {'type': 'int', 'desc': 'The size of the OTP seed part contributed by the server (in bytes)'}, 'hotp_2step_difficulty': {'type': 'int', 'desc': 'The difficulty factor used for the OTP seed generation (should be at least 10000)'}, 'hotp_force_app_pin': {'type': 'bool', 'desc': 'Enforce setting an app pin for the privacyIDEA Authenticator App'}}, 'user': {'hotp_hashlib': {'type': 'str', 'value': ['sha1', 'sha256', 'sha512'], 'desc': 'Specify the hashlib to be used. Can be sha1 (1) or sha2-256 (2).'}, 'hotp_otplen': {'type': 'int', 'value': [6, 8], 'desc': 'Specify the otplen to be used. Can be 6 or 8 digits.'}, 'hotp_force_server_generate': {'type': 'bool', 'desc': 'Force the key to be generated on the server.'}, 'hotp_2step': {'type': 'str', 'value': ['allow', 'force'], 'desc': 'Specify whether users are allowed or forced to use two-step enrollment.'}}, 'admin': {'hotp_hashlib': {'type': 'str', 'value': ['sha1', 'sha256', 'sha512'], 'desc': 'Specify the hashlib to be used. Can be sha1 (1) or sha2-256 (2).'}, 'hotp_otplen': {'type': 'int', 'value': [6, 8], 'desc': 'Specify the otplen to be used. Can be 6 or 8 digits.'}, 'hotp_2step': {'type': 'str', 'value': ['allow', 'force'], 'desc': 'Specify whether admins are allowed or forced to use two-step enrollment.'}}}
[2020-04-24 17:29:57,784][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of HOTP tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active HOTP tokens assigned.', 'group': 'token'}, 'yubikey_access_code': {'type': 'str', 'desc': 'The Yubikey access code used to initialize Yubikeys.'}, 'hotp_2step_clientsize': {'type': 'int', 'desc': 'The size of the OTP seed part contributed by the client (in bytes)'}, 'hotp_2step_serversize': {'type': 'int', 'desc': 'The size of the OTP seed part contributed by the server (in bytes)'}, 'hotp_2step_difficulty': {'type': 'int', 'desc': 'The difficulty factor used for the OTP seed generation (should be at least 10000)'}, 'hotp_force_app_pin': {'type': 'bool', 'desc': 'Enforce setting an app pin for the privacyIDEA Authenticator App'}}, 'user': {'hotp_hashlib': {'type': 'str', 'value': ['sha1', 'sha256', 'sha512'], 'desc': 'Specify the hashlib to be used. Can be sha1 (1) or sha2-256 (2).'}, 'hotp_otplen': {'type': 'int', 'value': [6, 8], 'desc': 'Specify the otplen to be used. Can be 6 or 8 digits.'}, 'hotp_force_server_generate': {'type': 'bool', 'desc': 'Force the key to be generated on the server.'}, 'hotp_2step': {'type': 'str', 'value': ['allow', 'force'], 'desc': 'Specify whether users are allowed or forced to use two-step enrollment.'}}, 'admin': {'hotp_hashlib': {'type': 'str', 'value': ['sha1', 'sha256', 'sha512'], 'desc': 'Specify the hashlib to be used. Can be sha1 (1) or sha2-256 (2).'}, 'hotp_otplen': {'type': 'int', 'value': [6, 8], 'desc': 'Specify the otplen to be used. Can be 6 or 8 digits.'}, 'hotp_2step': {'type': 'str', 'value': ['allow', 'force'], 'desc': 'Specify whether admins are allowed or forced to use two-step enrollment.'}}}
[2020-04-24 17:29:57,784][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('hotp',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,784][6537][139756680177472][DEBUG][privacyidea.lib.tokens.hotptoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,784][6537][139756680177472][DEBUG][privacyidea.lib.tokens.hotptoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,785][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,785][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('webauthn',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,785][6537][139756680177472][DEBUG][privacyidea.lib.tokens.webauthntoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,785][6537][139756680177472][DEBUG][privacyidea.lib.tokens.webauthntoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,785][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,785][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('webauthn',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,785][6537][139756680177472][DEBUG][privacyidea.lib.tokens.webauthntoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,785][6537][139756680177472][DEBUG][privacyidea.lib.tokens.webauthntoken:198] Exiting get_class_info with result {'authentication': {'webauthn_allowed_transports': {'type': 'str', 'desc': 'A list of transports to prefer to communicate with WebAuthn tokens. Default: usb ble nfc internal lightning (All standard transports)'}, 'webauthn_timeout': {'type': 'int', 'desc': 'The time in seconds the user has to confirm authorization on his WebAuthn token. Note: You will want to increase the ChallengeValidityTime along with this. Default: 60'}, 'webauthn_user_verification_requirement': {'type': 'str', 'desc': "Whether the user's identity should be verified when authenticating with a WebAuthn token. Default: preferred (verify the user if supported by the token)", 'value': ['required', 'preferred', 'discouraged']}, 'challenge_text': {'type': 'str', 'desc': 'Use an alternative challenge text for telling the user to confirm with his WebAuthn token.'}}, 'authorization': {'webauthn_authenticator_selection_list': {'type': 'str', 'desc': 'A list of WebAuthn authenticators acceptable for authorization, given as a space-separated list of AAGUIDs. Per default all authenticators are acceptable.'}, 'webauthn_req': {'type': 'str', 'desc': 'Only the specified WebAuthn-tokens are authorized.'}}, 'enrollment': {'webauthn_relying_party_name': {'type': 'str', 'desc': 'A human readable name for the organization rolling out WebAuthn tokens.', 'group': 'WebAuthn'}, 'webauthn_relying_party_id': {'type': 'str', 'desc': 'A domain name that is a subset of the respective FQDNs for all the webservices the users should be able to sign in to using WebAuthn tokens.', 'group': 'WebAuthn'}, 'webauthn_timeout': {'type': 'int', 'desc': 'The time in seconds the user has to confirm enrollment on his WebAuthn token. Note: You will want to increase the ChallengeValidityTime along with this. Default: 60', 'group': 'WebAuthn'}, 'webauthn_authenticator_attachment': {'type': 'str', 'desc': 'Whether to limit roll out of WebAuthn tokens to either only platform authenticators, or only cross-platform authenticators. Default: either', 'group': 'WebAuthn', 'value': ['platform', 'cross-platform', 'either']}, 'webauthn_authenticator_selection_list': {'type': 'str', 'desc': 'A list of WebAuthn authenticators acceptable for enrollment, given as a space-separated list of AAGUIDs. Per default all authenticators are acceptable.', 'group': 'WebAuthn'}, 'webauthn_user_verification_requirement': {'type': 'str', 'desc': "Whether the user's identity should be verified when rolling out a new WebAuthn token. Default: preferred (verify the user if supported by the token)", 'group': 'WebAuthn', 'value': ['required', 'preferred', 'discouraged']}, 'webauthn_public_key_credential_algorithm_preference': {'type': 'str', 'desc': 'Which algorithm to use for creating public key credentials for WebAuthn tokens. Default: ecdsa_preferred', 'group': 'WebAuthn', 'value': ['ecdsa_preferred', 'ecdsa_only', 'rsassa-pss_preferred', 'rsassa-pss_only']}, 'webauthn_authenticator_attestation_form': {'type': 'str', 'desc': 'Whether to request attestation data when enrolling a new WebAuthn token. Note: for u2f_req to work with WebAuthn, this cannot be set to none. Default: direct (ask for non-anonymized attestation data)', 'group': 'WebAuthn', 'value': ['none', 'indirect', 'direct']}, 'webauthn_authenticator_attestation_level': {'type': 'str', 'desc': 'Whether and how strictly to check authenticator attestation data. Note: If the attestation form is none, the attestation level needs to also be none. Default: untrusted (attestation is required, but can be unknown or self-signed)', 'group': 'WebAuthn', 'value': ['none', 'untrusted', 'trusted']}, 'webauthn_req': {'type': 'str', 'desc': 'Only the specified WebAuthn-tokens are allowed to be registered.', 'group': 'WebAuthn'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this number of WebAuthn tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this number of active WebAuthn tokens assigned.', 'group': 'token'}, 'challenge_text': {'type': 'str', 'desc': 'Use an alternate challenge text for telling the user to confirm with his WebAuthn device.', 'group': 'WebAuthn'}}}
[2020-04-24 17:29:57,786][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'authentication': {'webauthn_allowed_transports': {'type': 'str', 'desc': 'A list of transports to prefer to communicate with WebAuthn tokens. Default: usb ble nfc internal lightning (All standard transports)'}, 'webauthn_timeout': {'type': 'int', 'desc': 'The time in seconds the user has to confirm authorization on his WebAuthn token. Note: You will want to increase the ChallengeValidityTime along with this. Default: 60'}, 'webauthn_user_verification_requirement': {'type': 'str', 'desc': "Whether the user's identity should be verified when authenticating with a WebAuthn token. Default: preferred (verify the user if supported by the token)", 'value': ['required', 'preferred', 'discouraged']}, 'challenge_text': {'type': 'str', 'desc': 'Use an alternative challenge text for telling the user to confirm with his WebAuthn token.'}}, 'authorization': {'webauthn_authenticator_selection_list': {'type': 'str', 'desc': 'A list of WebAuthn authenticators acceptable for authorization, given as a space-separated list of AAGUIDs. Per default all authenticators are acceptable.'}, 'webauthn_req': {'type': 'str', 'desc': 'Only the specified WebAuthn-tokens are authorized.'}}, 'enrollment': {'webauthn_relying_party_name': {'type': 'str', 'desc': 'A human readable name for the organization rolling out WebAuthn tokens.', 'group': 'WebAuthn'}, 'webauthn_relying_party_id': {'type': 'str', 'desc': 'A domain name that is a subset of the respective FQDNs for all the webservices the users should be able to sign in to using WebAuthn tokens.', 'group': 'WebAuthn'}, 'webauthn_timeout': {'type': 'int', 'desc': 'The time in seconds the user has to confirm enrollment on his WebAuthn token. Note: You will want to increase the ChallengeValidityTime along with this. Default: 60', 'group': 'WebAuthn'}, 'webauthn_authenticator_attachment': {'type': 'str', 'desc': 'Whether to limit roll out of WebAuthn tokens to either only platform authenticators, or only cross-platform authenticators. Default: either', 'group': 'WebAuthn', 'value': ['platform', 'cross-platform', 'either']}, 'webauthn_authenticator_selection_list': {'type': 'str', 'desc': 'A list of WebAuthn authenticators acceptable for enrollment, given as a space-separated list of AAGUIDs. Per default all authenticators are acceptable.', 'group': 'WebAuthn'}, 'webauthn_user_verification_requirement': {'type': 'str', 'desc': "Whether the user's identity should be verified when rolling out a new WebAuthn token. Default: preferred (verify the user if supported by the token)", 'group': 'WebAuthn', 'value': ['required', 'preferred', 'discouraged']}, 'webauthn_public_key_credential_algorithm_preference': {'type': 'str', 'desc': 'Which algorithm to use for creating public key credentials for WebAuthn tokens. Default: ecdsa_preferred', 'group': 'WebAuthn', 'value': ['ecdsa_preferred', 'ecdsa_only', 'rsassa-pss_preferred', 'rsassa-pss_only']}, 'webauthn_authenticator_attestation_form': {'type': 'str', 'desc': 'Whether to request attestation data when enrolling a new WebAuthn token. Note: for u2f_req to work with WebAuthn, this cannot be set to none. Default: direct (ask for non-anonymized attestation data)', 'group': 'WebAuthn', 'value': ['none', 'indirect', 'direct']}, 'webauthn_authenticator_attestation_level': {'type': 'str', 'desc': 'Whether and how strictly to check authenticator attestation data. Note: If the attestation form is none, the attestation level needs to also be none. Default: untrusted (attestation is required, but can be unknown or self-signed)', 'group': 'WebAuthn', 'value': ['none', 'untrusted', 'trusted']}, 'webauthn_req': {'type': 'str', 'desc': 'Only the specified WebAuthn-tokens are allowed to be registered.', 'group': 'WebAuthn'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this number of WebAuthn tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this number of active WebAuthn tokens assigned.', 'group': 'token'}, 'challenge_text': {'type': 'str', 'desc': 'Use an alternate challenge text for telling the user to confirm with his WebAuthn device.', 'group': 'WebAuthn'}}}
[2020-04-24 17:29:57,787][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('webauthn',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,787][6537][139756680177472][DEBUG][privacyidea.lib.tokens.webauthntoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,787][6537][139756680177472][DEBUG][privacyidea.lib.tokens.webauthntoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,788][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,788][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('email',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,788][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,788][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('email',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,788][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'authentication': {'emailtext': {'type': 'str', 'desc': 'The text that will be sent via EMail for an EMail token. Use <otp> and <serial> as parameters. You may also specify a filename as email template starting with "file:".'}, 'emailsubject': {'type': 'str', 'desc': 'The subject of the EMail for an EMail token. Use <otp> and <serial> as parameters.'}, 'emailautosend': {'type': 'bool', 'desc': 'If set, a new EMail OTP will be sent after successful authentication with one EMail OTP.'}, 'challenge_text': {'type': 'str', 'desc': 'Use an alternate challenge text for telling the user to enter the code from the eMail.'}}, 'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of email tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active email tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,788][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('email',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,788][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,789][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('remote',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,789][6537][139756680177472][DEBUG][privacyidea.lib.tokens.remotetoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,789][6537][139756680177472][DEBUG][privacyidea.lib.tokens.remotetoken:198] Exiting get_class_info with result []
[2020-04-24 17:29:57,789][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result []
[2020-04-24 17:29:57,789][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('remote',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,789][6537][139756680177472][DEBUG][privacyidea.lib.tokens.remotetoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,789][6537][139756680177472][DEBUG][privacyidea.lib.tokens.remotetoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of remote tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active remote tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,789][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of remote tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active remote tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,789][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('remote',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,789][6537][139756680177472][DEBUG][privacyidea.lib.tokens.remotetoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,789][6537][139756680177472][DEBUG][privacyidea.lib.tokens.remotetoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,790][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,790][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('push',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,791][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,791][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('push',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,792][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'push_firebase_configuration': {'type': 'str', 'desc': 'The configuration of your Firebase application.', 'group': 'PUSH', 'value': []}, 'push_ssl_verify': {'type': 'str', 'desc': 'The smartphone needs to verify SSL during the enrollment. (default 1)', 'group': 'PUSH', 'value': ['0', '1']}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of Push tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active Push tokens assigned.', 'group': 'token'}}, 'authentication': {'push_text_on_mobile': {'type': 'str', 'desc': 'The question the user sees on his mobile phone.', 'group': 'PUSH'}, 'push_title_on_mobile': {'type': 'str', 'desc': 'The title of the notification, the user sees on his mobile phone.', 'group': 'PUSH'}, 'push_ssl_verify': {'type': 'str', 'desc': 'The smartphone needs to verify SSL during authentication. (default 1)', 'group': 'PUSH', 'value': ['0', '1']}, 'push_wait': {'type': 'int', 'desc': 'Wait for number of seconds for the user to confirm the challenge in the first request.', 'group': 'PUSH'}}}
[2020-04-24 17:29:57,792][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('push',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,792][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,793][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('indexedsecret',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,793][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,793][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('indexedsecret',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,793][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'authentication': {'challenge_text': {'type': 'str', 'desc': 'Use an alternate challenge text for telling the user which positions of the secret he should enter.', 'group': 'Indexed Secret Token'}, 'count': {'type': 'int', 'desc': 'Number of necessary positions to be answered by the user.', 'group': 'Indexed Secret Token'}}, 'webui': {'preset_attribute': {'type': 'str', 'desc': 'Preset the enrollment with the value of the given attribute.', 'group': 'token'}}, 'user': {'force_attribute': {'type': 'str', 'desc': 'The attribute whose value should be force set during enrollment.', 'group': 'enrollment'}}, 'admin': {'force_attribute': {'type': 'str', 'desc': 'The attribute whose value should be force set during enrollment.', 'group': 'enrollment'}}, 'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of indexed secret tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active indexed secret tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,793][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('indexedsecret',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,793][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,794][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('4eyes',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,794][6537][139756680177472][DEBUG][privacyidea.lib.tokens.foureyestoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,794][6537][139756680177472][DEBUG][privacyidea.lib.tokens.foureyestoken:198] Exiting get_class_info with result []
[2020-04-24 17:29:57,794][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result []
[2020-04-24 17:29:57,794][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('4eyes',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,794][6537][139756680177472][DEBUG][privacyidea.lib.tokens.foureyestoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,794][6537][139756680177472][DEBUG][privacyidea.lib.tokens.foureyestoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of 4eyes tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active 4eyes tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,794][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of 4eyes tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active 4eyes tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,794][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('4eyes',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,794][6537][139756680177472][DEBUG][privacyidea.lib.tokens.foureyestoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,794][6537][139756680177472][DEBUG][privacyidea.lib.tokens.foureyestoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,795][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,795][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('u2f',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,795][6537][139756680177472][DEBUG][privacyidea.lib.tokens.u2ftoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,795][6537][139756680177472][DEBUG][privacyidea.lib.tokens.u2ftoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,795][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,795][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('u2f',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,795][6537][139756680177472][DEBUG][privacyidea.lib.tokens.u2ftoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,795][6537][139756680177472][DEBUG][privacyidea.lib.tokens.u2ftoken:198] Exiting get_class_info with result {'authentication': {'u2f_facets': {'type': 'str', 'desc': 'This is a list of FQDN hostnames trusting the registered U2F tokens.'}, 'challenge_text': {'type': 'str', 'desc': 'Use an alternate challenge text for telling the user to confirm with his U2F device.'}}, 'authorization': {'u2f_req': {'type': 'str', 'desc': 'Only specified U2F tokens are authorized.'}}, 'enrollment': {'u2f_req': {'type': 'str', 'desc': 'Only specified U2F tokens are allowed to be registered.', 'group': 'token'}, 'u2f_no_verify_certificate': {'type': 'bool', 'desc': 'Do not verify the U2F attestation certificate.', 'group': 'token'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of U2F tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active U2F tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,795][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'authentication': {'u2f_facets': {'type': 'str', 'desc': 'This is a list of FQDN hostnames trusting the registered U2F tokens.'}, 'challenge_text': {'type': 'str', 'desc': 'Use an alternate challenge text for telling the user to confirm with his U2F device.'}}, 'authorization': {'u2f_req': {'type': 'str', 'desc': 'Only specified U2F tokens are authorized.'}}, 'enrollment': {'u2f_req': {'type': 'str', 'desc': 'Only specified U2F tokens are allowed to be registered.', 'group': 'token'}, 'u2f_no_verify_certificate': {'type': 'bool', 'desc': 'Do not verify the U2F attestation certificate.', 'group': 'token'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of U2F tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active U2F tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,796][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('u2f',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,796][6537][139756680177472][DEBUG][privacyidea.lib.tokens.u2ftoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,796][6537][139756680177472][DEBUG][privacyidea.lib.tokens.u2ftoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,796][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,796][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('totp',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,796][6537][139756680177472][DEBUG][privacyidea.lib.tokens.totptoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,796][6537][139756680177472][DEBUG][privacyidea.lib.tokens.totptoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,796][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,796][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('totp',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,796][6537][139756680177472][DEBUG][privacyidea.lib.tokens.totptoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,797][6537][139756680177472][DEBUG][privacyidea.lib.tokens.totptoken:198] Exiting get_class_info with result {'user': {'totp_timestep': {'type': 'int', 'value': [30, 60], 'desc': 'Specify the time step of the timebased OTP token.'}, 'totp_hashlib': {'type': 'str', 'value': ['sha1', 'sha256', 'sha512'], 'desc': 'Specify the hashlib to be used. Can be SHA1, SHA256 or SHA512.'}, 'totp_otplen': {'type': 'int', 'value': [6, 8], 'desc': 'Specify the OTP length to be used.'}, 'totp_force_server_generate': {'type': 'bool', 'desc': 'Force the key to be generated on the server.'}, '2step': {'type': 'str', 'value': ['allow', 'force'], 'desc': 'Specify whether users are allowed or forced to use two-step enrollment.'}}, 'admin': {'totp_timestep': {'type': 'int', 'value': [30, 60], 'desc': 'Specify the time step of the timebased OTP token.'}, 'totp_hashlib': {'type': 'str', 'value': ['sha1', 'sha256', 'sha512'], 'desc': 'Specify the hashlib to be used. Can be SHA1, SHA256 or SHA512.'}, 'totp_otplen': {'type': 'int', 'value': [6, 8], 'desc': 'Specify the OTP length to be used.'}, '2step': {'type': 'str', 'value': ['allow', 'force'], 'desc': 'Specify whether admins are allowed or forced to use two-step enrollment.'}}, 'enrollment': {'2step_clientsize': {'type': 'int', 'desc': 'The size of the OTP seed part contributed by the client (in bytes)'}, '2step_serversize': {'type': 'int', 'desc': 'The size of the OTP seed part contributed by the server (in bytes)'}, '2step_difficulty': {'type': 'int', 'desc': 'The difficulty factor used for the OTP seed generation (should be at least 10000)'}, 'totp_force_app_pin': {'type': 'bool', 'desc': 'Enforce setting an app pin for the privacyIDEA Authenticator App'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of remote tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active remote tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,797][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'user': {'totp_timestep': {'type': 'int', 'value': [30, 60], 'desc': 'Specify the time step of the timebased OTP token.'}, 'totp_hashlib': {'type': 'str', 'value': ['sha1', 'sha256', 'sha512'], 'desc': 'Specify the hashlib to be used. Can be SHA1, SHA256 or SHA512.'}, 'totp_otplen': {'type': 'int', 'value': [6, 8], 'desc': 'Specify the OTP length to be used.'}, 'totp_force_server_generate': {'type': 'bool', 'desc': 'Force the key to be generated on the server.'}, '2step': {'type': 'str', 'value': ['allow', 'force'], 'desc': 'Specify whether users are allowed or forced to use two-step enrollment.'}}, 'admin': {'totp_timestep': {'type': 'int', 'value': [30, 60], 'desc': 'Specify the time step of the timebased OTP token.'}, 'totp_hashlib': {'type': 'str', 'value': ['sha1', 'sha256', 'sha512'], 'desc': 'Specify the hashlib to be used. Can be SHA1, SHA256 or SHA512.'}, 'totp_otplen': {'type': 'int', 'value': [6, 8], 'desc': 'Specify the OTP length to be used.'}, '2step': {'type': 'str', 'value': ['allow', 'force'], 'desc': 'Specify whether admins are allowed or forced to use two-step enrollment.'}}, 'enrollment': {'2step_clientsize': {'type': 'int', 'desc': 'The size of the OTP seed part contributed by the client (in bytes)'}, '2step_serversize': {'type': 'int', 'desc': 'The size of the OTP seed part contributed by the server (in bytes)'}, '2step_difficulty': {'type': 'int', 'desc': 'The difficulty factor used for the OTP seed generation (should be at least 10000)'}, 'totp_force_app_pin': {'type': 'bool', 'desc': 'Enforce setting an app pin for the privacyIDEA Authenticator App'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of remote tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active remote tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,798][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('totp',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,798][6537][139756680177472][DEBUG][privacyidea.lib.tokens.totptoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,798][6537][139756680177472][DEBUG][privacyidea.lib.tokens.totptoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,798][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,798][6537][139756680177472][DEBUG][privacyidea.lib.policy:1003] returning the admin rights: ['enable', 'disable', 'set', 'setpin', 'setrandompin', 'settokeninfo', 'enrollpin', 'resync', 'reset', 'revoke', 'assign', 'unassign', 'importtokens', 'delete', 'userlist', 'machinelist', 'manage_machine_tokens', 'fetch_authentication_items', 'tokenrealms', 'tokenlist', 'getserial', 'getrandom', 'copytokenpin', 'copytokenuser', 'losttoken', 'configwrite', 'configdelete', 'configread', 'system_documentation', 'policywrite', 'policydelete', 'policyread', 'resolverwrite', 'resolverdelete', 'resolverread', 'caconnectorwrite', 'caconnectordelete', 'caconnectorread', 'mresolverwrite', 'mresolverdelete', 'mresolverread', 'otp_pin_maxlength', 'otp_pin_minlength', 'otp_pin_contents', 'otp_pin_set_random', 'auditlog', 'auditlog_age', 'auditlog_download', 'adduser', 'updateuser', 'deleteuser', 'set_hsm_password', 'getchallenges', 'smtpserver_write', 'smtpserver_read', 'radiusserver_write', 'radiusserver_read', 'privacyideaserver_write', 'privacyideaserver_read', 'periodictask_write', 'periodictask_read', 'statistics_read', 'statistics_delete', 'eventhandling_write', 'eventhandling_read', 'smsgateway_write', 'smsgateway_read', 'clienttype', 'managesubscription', 'triggerchallenge', 'enrollYUBICO', 'enrollQUESTION', 'enrollSMS', 'sms_gateways', 'enrollOCRA', 'enrollDAPLUG', 'enrollSSHKEY', 'enrollPAPER', 'enrollPW', 'enrollSPASS', 'spass_otp_pin_maxlength', 'spass_otp_pin_minlength', 'spass_otp_pin_contents', 'enrollMOTP', 'enrollCERTIFICATE', 'enrollTAN', 'enrollVASCO', 'enrollREGISTRATION', 'enrollYUBIKEY', 'enrollRADIUS', 'enrollTIQR', 'enrollHOTP', 'hotp_hashlib', 'hotp_otplen', 'hotp_2step', 'enrollWEBAUTHN', 'enrollEMAIL', 'enrollREMOTE', 'enrollPUSH', 'enrollINDEXEDSECRET', 'indexedsecret_force_attribute', 'enroll4EYES', 'enrollU2F', 'enrollTOTP', 'totp_timestep', 'totp_hashlib', 'totp_otplen', 'totp_2step']
[2020-04-24 17:29:57,798][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting ui_get_rights with result ['enable', 'disable', 'set', 'setpin', 'setrandompin', 'settokeninfo', 'enrollpin', 'resync', 'reset', 'revoke', 'assign', 'unassign', 'importtokens', 'delete', 'userlist', 'machinelist', 'manage_machine_tokens', 'fetch_authentication_items', 'tokenrealms', 'tokenlist', 'getserial', 'getrandom', 'copytokenpin', 'copytokenuser', 'losttoken', 'configwrite', 'configdelete', 'configread', 'system_documentation', 'policywrite', 'policydelete', 'policyread', 'resolverwrite', 'resolverdelete', 'resolverread', 'caconnectorwrite', 'caconnectordelete', 'caconnectorread', 'mresolverwrite', 'mresolverdelete', 'mresolverread', 'otp_pin_maxlength', 'otp_pin_minlength', 'otp_pin_contents', 'otp_pin_set_random', 'auditlog', 'auditlog_age', 'auditlog_download', 'adduser', 'updateuser', 'deleteuser', 'set_hsm_password', 'getchallenges', 'smtpserver_write', 'smtpserver_read', 'radiusserver_write', 'radiusserver_read', 'privacyideaserver_write', 'privacyideaserver_read', 'periodictask_write', 'periodictask_read', 'statistics_read', 'statistics_delete', 'eventhandling_write', 'eventhandling_read', 'smsgateway_write', 'smsgateway_read', 'clienttype', 'managesubscription', 'triggerchallenge', 'enrollYUBICO', 'enrollQUESTION', 'enrollSMS', 'sms_gateways', 'enrollOCRA', 'enrollDAPLUG', 'enrollSSHKEY', 'enrollPAPER', 'enrollPW', 'enrollSPASS', 'spass_otp_pin_maxlength', 'spass_otp_pin_minlength', 'spass_otp_pin_contents', 'enrollMOTP', 'enrollCERTIFICATE', 'enrollTAN', 'enrollVASCO', 'enrollREGISTRATION', 'enrollYUBIKEY', 'enrollRADIUS', 'enrollTIQR', 'enrollHOTP', 'hotp_hashlib', 'hotp_otplen', 'hotp_2step', 'enrollWEBAUTHN', 'enrollEMAIL', 'enrollREMOTE', 'enrollPUSH', 'enrollINDEXEDSECRET', 'indexedsecret_force_attribute', 'enroll4EYES', 'enrollU2F', 'enrollTOTP', 'totp_timestep', 'totp_hashlib', 'totp_otplen', 'totp_2step']
[2020-04-24 17:29:57,799][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering ui_get_main_menus with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>, {'username': 'admin', 'role': 'admin', 'realm': ''}, '127.0.0.1') and keywords {}
[2020-04-24 17:29:57,799][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering ui_get_rights with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>, 'admin', '', 'admin', '127.0.0.1') and keywords {}
[2020-04-24 17:29:57,799][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>,) and keywords {'name': None, 'scope': 'admin', 'realm': None, 'active': True, 'resolver': None, 'user': None, 'client': '127.0.0.1', 'action': None, 'adminrealm': '', 'adminuser': 'admin', 'sort_by_priority': True}
[2020-04-24 17:29:57,799][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [{'name': 'webauthn', 'active': True, 'scope': 'enrollment', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'webauthn_relying_party_id': 'privacyidea.local', 'webauthn_relying_party_name': 'privacyIDEA'}}, {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,799][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: []
[2020-04-24 17:29:57,800][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching adminrealm: []
[2020-04-24 17:29:57,800][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching adminuser: []
[2020-04-24 17:29:57,800][6537][139756680177472][DEBUG][privacyidea.lib.policy:617] Policies after matching client: []
[2020-04-24 17:29:57,800][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result []
[2020-04-24 17:29:57,800][6537][139756680177472][DEBUG][privacyidea.lib.policy:683] Policies after matching time: []
[2020-04-24 17:29:57,800][6537][139756680177472][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions
[2020-04-24 17:29:57,800][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>,) and keywords {'scope': 'admin', 'active': True}
[2020-04-24 17:29:57,800][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [{'name': 'webauthn', 'active': True, 'scope': 'enrollment', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'webauthn_relying_party_id': 'privacyidea.local', 'webauthn_relying_party_name': 'privacyIDEA'}}, {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,800][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: []
[2020-04-24 17:29:57,800][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result []
[2020-04-24 17:29:57,800][6537][139756680177472][DEBUG][privacyidea.lib.policy:999] No policies defined, so we set all rights.
[2020-04-24 17:29:57,800][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering get_static_policy_definitions with arguments ('admin',) and keywords {}
[2020-04-24 17:29:57,801][6537][139756680177472][DEBUG][privacyidea.lib.resolver:186] Entering get_resolver_list with arguments () and keywords {}
[2020-04-24 17:29:57,801][6537][139756680177472][DEBUG][privacyidea.lib.resolver:200] Exiting get_resolver_list with result HIDDEN
[2020-04-24 17:29:57,801][6537][139756680177472][DEBUG][privacyidea.lib.realm:186] Entering get_realms with arguments () and keywords {}
[2020-04-24 17:29:57,801][6537][139756680177472][DEBUG][privacyidea.lib.realm:198] Exiting get_realms with result {'defrealm': {'option': '', 'default': True, 'resolver': [{'priority': None, 'name': 'deflocal', 'type': 'passwdresolver'}]}, 'ldap': {'option': '', 'default': False, 'resolver': [{'priority': None, 'name': 'virtkolab', 'type': 'ldapresolver'}]}}
[2020-04-24 17:29:57,801][6537][139756680177472][DEBUG][privacyidea.lib.smtpserver:186] Entering get_smtpservers with arguments () and keywords {}
[2020-04-24 17:29:57,802][6537][139756680177472][DEBUG][privacyidea.lib.smtpserver:198] Exiting get_smtpservers with result []
[2020-04-24 17:29:57,802][6537][139756680177472][DEBUG][privacyidea.lib.radiusserver:186] Entering get_radiusservers with arguments () and keywords {}
[2020-04-24 17:29:57,802][6537][139756680177472][DEBUG][privacyidea.lib.radiusserver:198] Exiting get_radiusservers with result []
[2020-04-24 17:29:57,803][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting get_static_policy_definitions with result {'enable': {'type': 'bool', 'desc': 'Admin is allowed to enable tokens.', 'mainmenu': ['tokens'], 'group': 'token'}, 'disable': {'type': 'bool', 'desc': 'Admin is allowed to disable tokens.', 'mainmenu': ['tokens'], 'group': 'token'}, 'set': {'type': 'bool', 'desc': 'Admin is allowed to set token properties.', 'mainmenu': ['tokens'], 'group': 'token'}, 'setpin': {'type': 'bool', 'desc': 'Admin is allowed to set the OTP PIN of tokens.', 'mainmenu': ['tokens'], 'group': 'token'}, 'setrandompin': {'type': 'bool', 'desc': 'Admin is allowed to set a random OTP PIN of tokens.', 'mainmenu': ['tokens'], 'group': 'token'}, 'settokeninfo': {'type': 'bool', 'desc': 'Admin is allowed to manually set and delete token info.', 'mainmenu': ['tokens'], 'group': 'token'}, 'enrollpin': {'type': 'bool', 'desc': 'Admin is allowed to set the OTP PIN during enrollment.', 'mainmenu': ['tokens'], 'group': 'enrollment'}, 'resync': {'type': 'bool', 'desc': 'Admin is allowed to resync tokens.', 'mainmenu': ['tokens'], 'group': 'token'}, 'reset': {'type': 'bool', 'desc': 'Admin is allowed to reset the Failcounter of a token.', 'mainmenu': ['tokens'], 'group': 'token'}, 'revoke': {'tpye': 'bool', 'desc': 'Admin is allowed to revoke a token', 'mainmenu': ['tokens'], 'group': 'token'}, 'assign': {'type': 'bool', 'desc': 'Admin is allowed to assign a token to a user.', 'mainmenu': ['tokens', 'users'], 'group': 'token'}, 'unassign': {'type': 'bool', 'desc': 'Admin is allowed to remove the token from a user, i.e. unassign a token.', 'mainmenu': ['tokens'], 'group': 'token'}, 'importtokens': {'type': 'bool', 'desc': 'Admin is allowed to import token files.', 'mainmenu': ['tokens'], 'group': 'system'}, 'delete': {'type': 'bool', 'desc': 'Admin is allowed to remove tokens from the database.', 'mainmenu': ['tokens'], 'group': 'token'}, 'userlist': {'type': 'bool', 'desc': 'Admin is allowed to view the list of the users.', 'mainmenu': ['users'], 'group': 'general'}, 'machinelist': {'type': 'bool', 'desc': 'The Admin is allowed to list the machines.', 'mainmenu': ['machines'], 'group': 'machine'}, 'manage_machine_tokens': {'type': 'bool', 'desc': 'The Admin is allowed to attach and detach tokens to machines.', 'mainmenu': ['tokens', 'machines'], 'group': 'machine'}, 'fetch_authentication_items': {'type': 'bool', 'desc': 'The Admin is allowed to fetch authentication items of tokens assigned to machines.', 'group': 'general'}, 'tokenrealms': {'type': 'bool', 'desc': 'Admin is allowed to manage the realms of a token.', 'mainmenu': ['tokens'], 'group': 'token'}, 'tokenlist': {'type': 'bool', 'desc': 'Admin is allowed to list tokens.', 'mainmenu': ['tokens'], 'group': 'token'}, 'getserial': {'type': 'bool', 'desc': 'Admin is allowed to retrieve a serial for a given OTP value.', 'mainmenu': ['tokens'], 'group': 'tools'}, 'getrandom': {'type': 'bool', 'desc': 'Admin is allowed to retrieve random keys from privacyIDEA.', 'group': 'tools'}, 'copytokenpin': {'type': 'bool', 'desc': 'Admin is allowed to copy the PIN of one token to another token.', 'group': 'tools'}, 'copytokenuser': {'type': 'bool', 'desc': 'Admin is allowed to copy the assigned user to another token, i.e. assign a user ot another token.', 'group': 'tools'}, 'losttoken': {'type': 'bool', 'desc': 'Admin is allowed to trigger the lost token workflow.', 'mainmenu': ['tokens'], 'group': 'tools'}, 'configwrite': {'type': 'bool', 'desc': 'Admin is allowed to write and modify the system configuration.', 'group': 'system', 'mainmenu': ['config']}, 'configdelete': {'type': 'bool', 'desc': 'Admin is allowed to delete keys in the system configuration.', 'group': 'system', 'mainmenu': ['config']}, 'configread': {'type': 'bool', 'desc': 'Admin is allowed to read basic system configuration.', 'group': 'system', 'mainmenu': ['config']}, 'system_documentation': {'type': 'bool', 'desc': 'Admin is allowed to export a documentation of the complete configuration including resolvers and realm.', 'group': 'system', 'mainmenu': ['config']}, 'policywrite': {'type': 'bool', 'desc': 'Admin is allowed to write and modify the policies.', 'group': 'system', 'mainmenu': ['config']}, 'policydelete': {'type': 'bool', 'desc': 'Admin is allowed to delete policies.', 'group': 'system', 'mainmenu': ['config']}, 'policyread': {'type': 'bool', 'desc': 'Admin is allowed to read policies.', 'group': 'system', 'mainmenu': ['config']}, 'resolverwrite': {'type': 'bool', 'desc': 'Admin is allowed to write and modify the resolver and realm configuration.', 'group': 'system', 'mainmenu': ['config']}, 'resolverdelete': {'type': 'bool', 'desc': 'Admin is allowed to delete resolvers and realms.', 'group': 'system', 'mainmenu': ['config']}, 'resolverread': {'type': 'bool', 'desc': 'Admin is allowed to read resolvers.', 'group': 'system', ' mainmenu': ['config']}, 'caconnectorwrite': {'type': 'bool', 'desc': 'Admin is allowed to create new CA Connector definitions and modify existing ones.', 'group': 'system', 'mainmenu': ['config']}, 'caconnectordelete': {'type': 'bool', 'desc': 'Admin is allowed to delete CA Connector definitions.', 'group': 'system', 'mainmenu': ['config']}, 'caconnectorread': {'type': 'bool', 'desc': 'Admin is allowed to read CA Connector definitions.', 'group': 'system', 'mainmenu': ['config']}, 'mresolverwrite': {'type': 'bool', 'desc': 'Admin is allowed to write and modify the machine resolvers.', 'group': 'system', 'mainmenu': ['config']}, 'mresolverdelete': {'type': 'bool', 'desc': 'Admin is allowed to delete machine resolvers.', 'group': 'system', 'mainmenu': ['config']}, 'mresolverread': {'type': 'bool', 'desc': 'Admin is allowed to read machine resolvers.', 'group': 'system', 'mainmenu': ['config']}, 'otp_pin_maxlength': {'type': 'int', 'value': [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31], 'desc': 'Set the maximum allowed length of the OTP PIN.', 'group': 'pin'}, 'otp_pin_minlength': {'type': 'int', 'value': [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31], 'desc': 'Set the minimum required length of the OTP PIN.', 'group': 'pin'}, 'otp_pin_contents': {'type': 'str', 'desc': 'Specifiy the required contents of the OTP PIN. (c)haracters, (n)umeric, (s)pecial. Use modifiers +/- or a list of allowed characters [1234567890]', 'group': 'pin'}, 'otp_pin_set_random': {'type': 'int', 'value': [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31], 'desc': 'The length of a random PIN set by the administrator.', 'group': 'pin'}, 'auditlog': {'type': 'bool', 'desc': 'Admin is allowed to view the Audit log.', 'group': 'system', 'mainmenu': ['audit']}, 'auditlog_age': {'type': 'str', 'desc': 'The admin will only see audit entries of the last 10d, 3m or 2y.', 'group': 'system', 'mainmenu': ['audit']}, 'auditlog_download': {'type': 'bool', 'desc': 'The admin is allowed to download the complete auditlog.', 'group': 'system', 'mainmenu': ['audit']}, 'adduser': {'type': 'bool', 'desc': 'Admin is allowed to add users in a userstore/UserIdResolver.', 'group': 'user', 'mainmenu': ['users']}, 'updateuser': {'type': 'bool', 'desc': 'Admin is allowed to update the users data in a userstore.', 'group': 'user', 'mainmenu': ['users']}, 'deleteuser': {'type': 'bool', 'desc': 'Admin is allowed to delete a user object in a userstore.', 'mainmenu': ['users'], 'group': 'user'}, 'set_hsm_password': {'type': 'bool', 'desc': 'Admin is allowed to set the password of the HSM/Security Module.', 'group': 'system'}, 'getchallenges': {'type': 'bool', 'desc': 'Admin is allowed to retrieve the list of active challenges.', 'mainmenu': ['tokens'], 'group': 'general'}, 'smtpserver_write': {'type': 'bool', 'desc': 'Admin is allowed to write new SMTP server definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'smtpserver_read': {'type': 'bool', 'desc': 'Admin is allowed to read SMTP server definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'radiusserver_write': {'type': 'bool', 'desc': 'Admin is allowed to write new RADIUS server definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'radiusserver_read': {'type': 'bool', 'desc': 'Admin is allowed to read RADIUS server definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'privacyideaserver_write': {'type': 'bool', 'desc': 'Admin is allowed to write remote privacyIDEA server definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'privacyideaserver_read': {'type': 'bool', 'desc': 'Admin is allowed to read remote privacyIDEA server definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'periodictask_write': {'type': 'bool', 'desc': 'Admin is allowed to write periodic task definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'periodictask_read': {'type': 'bool', 'desc': 'Admin is allowed to read periodic task definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'statistics_read': {'type': 'bool', 'desc': 'Admin is allowed to read statistics data.', 'group': 'system'}, 'statistics_delete': {'type': 'bool', 'desc': 'Admin is allowed to delete statistics data.', 'group': 'system'}, 'eventhandling_write': {'type': 'bool', 'desc': 'Admin is allowed to write and modify the event handling configuration.', 'mainmenu': ['config'], 'group': 'system'}, 'eventhandling_read': {'type': 'bool', 'desc': 'Admin is allowed to read event handling configuration.', 'mainmenu': ['config'], 'group': 'system'}, 'smsgateway_write': {'type': 'bool', 'desc': 'Admin is allowed to write and modify SMS gateway definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'smsgateway_read': {'type': 'bool', 'desc': 'Admin is allowed to read SMS gateway definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'clienttype': {'type': 'bool', 'desc': 'Admin is allowed to get the list of authenticated clients and their types.', 'mainmenu': ['components'], 'group': 'system'}, 'managesubscription': {'type': 'bool', 'desc': 'Admin is allowed to add and delete component subscriptions.', 'mainmenu': ['components'], 'group': 'system'}, 'triggerchallenge': {'type': 'bool', 'desc': 'The Admin is allowed to trigger a challenge for e.g. SMS OTP token.', 'mainmenu': [], 'group': 'general'}}
[2020-04-24 17:29:57,805][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('yubico',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,805][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubicotoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,805][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubicotoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,806][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,806][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('yubico',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,806][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubicotoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,806][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubicotoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of Yubico tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active Yubico tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,806][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of Yubico tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active Yubico tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,806][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('yubico',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,806][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubicotoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,806][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubicotoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,806][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,806][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('question',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,806][6537][139756680177472][DEBUG][privacyidea.lib.tokens.questionnairetoken:186] Entering get_class_info with arguments (<class 'privacyidea.lib.tokens.questionnairetoken.QuestionnaireTokenClass'>, 'user') and keywords {}
[2020-04-24 17:29:57,807][6537][139756680177472][DEBUG][privacyidea.lib.tokens.questionnairetoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,807][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,807][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('question',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,807][6537][139756680177472][DEBUG][privacyidea.lib.tokens.questionnairetoken:186] Entering get_class_info with arguments (<class 'privacyidea.lib.tokens.questionnairetoken.QuestionnaireTokenClass'>, 'policy') and keywords {}
[2020-04-24 17:29:57,807][6537][139756680177472][DEBUG][privacyidea.lib.tokens.questionnairetoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of questionaire tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active questionaire tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,807][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of questionaire tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active questionaire tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,807][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('question',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,807][6537][139756680177472][DEBUG][privacyidea.lib.tokens.questionnairetoken:186] Entering get_class_info with arguments (<class 'privacyidea.lib.tokens.questionnairetoken.QuestionnaireTokenClass'>, 'pin_scopes') and keywords {}
[2020-04-24 17:29:57,807][6537][139756680177472][DEBUG][privacyidea.lib.tokens.questionnairetoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,807][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,808][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('sms',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,808][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,808][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('sms',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,809][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'authentication': {'smstext': {'type': 'str', 'desc': 'The text that will be send via SMS for an SMS token. Use <otp> and <serial> as parameters.'}, 'smsautosend': {'type': 'bool', 'desc': 'If set, a new SMS OTP will be sent after successful authentication with one SMS OTP.'}, 'challenge_text': {'type': 'str', 'desc': 'Use an alternate challenge text for telling the user to enter the code from the SMS.'}}, 'admin': {'sms_gateways': {'type': 'str', 'desc': 'Choose the gateways the administrator is allowed to set. ()'}}, 'user': {'sms_gateways': {'type': 'str', 'desc': 'Choose the gateways the user is allowed to set. ()'}}, 'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of SMS tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active SMS tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,809][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('sms',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,810][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,810][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('ocra',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,810][6537][139756680177472][DEBUG][privacyidea.lib.tokens.ocratoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,810][6537][139756680177472][DEBUG][privacyidea.lib.tokens.ocratoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,810][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,810][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('ocra',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,810][6537][139756680177472][DEBUG][privacyidea.lib.tokens.ocratoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,810][6537][139756680177472][DEBUG][privacyidea.lib.tokens.ocratoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of OCRA tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active OCRA tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,810][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of OCRA tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active OCRA tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,810][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('ocra',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,811][6537][139756680177472][DEBUG][privacyidea.lib.tokens.ocratoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,811][6537][139756680177472][DEBUG][privacyidea.lib.tokens.ocratoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,811][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,811][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('daplug',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,811][6537][139756680177472][DEBUG][privacyidea.lib.tokens.daplugtoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,811][6537][139756680177472][DEBUG][privacyidea.lib.tokens.daplugtoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,811][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,811][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('daplug',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,811][6537][139756680177472][DEBUG][privacyidea.lib.tokens.daplugtoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,811][6537][139756680177472][DEBUG][privacyidea.lib.tokens.daplugtoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of daplug tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active daplug tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,811][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of daplug tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active daplug tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,812][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('daplug',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,812][6537][139756680177472][DEBUG][privacyidea.lib.tokens.daplugtoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,812][6537][139756680177472][DEBUG][privacyidea.lib.tokens.daplugtoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,812][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,812][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('sshkey',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,812][6537][139756680177472][DEBUG][privacyidea.lib.tokens.sshkeytoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,812][6537][139756680177472][DEBUG][privacyidea.lib.tokens.sshkeytoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,812][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,812][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('sshkey',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,812][6537][139756680177472][DEBUG][privacyidea.lib.tokens.sshkeytoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,812][6537][139756680177472][DEBUG][privacyidea.lib.tokens.sshkeytoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of SSH keys assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active SSH keys assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,812][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of SSH keys assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active SSH keys assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,813][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('sshkey',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,813][6537][139756680177472][DEBUG][privacyidea.lib.tokens.sshkeytoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,813][6537][139756680177472][DEBUG][privacyidea.lib.tokens.sshkeytoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,813][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,813][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('paper',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,813][6537][139756680177472][DEBUG][privacyidea.lib.tokens.papertoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,813][6537][139756680177472][DEBUG][privacyidea.lib.tokens.papertoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,813][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,813][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('paper',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,813][6537][139756680177472][DEBUG][privacyidea.lib.tokens.papertoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,813][6537][139756680177472][DEBUG][privacyidea.lib.tokens.papertoken:198] Exiting get_class_info with result {'enrollment': {'papertoken_count': {'type': 'int', 'desc': 'The number of OTP values, which are printed on the paper.'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of paper tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active paper tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,814][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'papertoken_count': {'type': 'int', 'desc': 'The number of OTP values, which are printed on the paper.'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of paper tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active paper tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,814][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('paper',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,814][6537][139756680177472][DEBUG][privacyidea.lib.tokens.papertoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,814][6537][139756680177472][DEBUG][privacyidea.lib.tokens.papertoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,814][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,814][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('pw',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,814][6537][139756680177472][DEBUG][privacyidea.lib.tokens.passwordtoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,814][6537][139756680177472][DEBUG][privacyidea.lib.tokens.passwordtoken:198] Exiting get_class_info with result []
[2020-04-24 17:29:57,814][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result []
[2020-04-24 17:29:57,814][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('pw',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,814][6537][139756680177472][DEBUG][privacyidea.lib.tokens.passwordtoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,814][6537][139756680177472][DEBUG][privacyidea.lib.tokens.passwordtoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of password tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active password tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,815][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of password tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active password tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,815][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('pw',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,815][6537][139756680177472][DEBUG][privacyidea.lib.tokens.passwordtoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,815][6537][139756680177472][DEBUG][privacyidea.lib.tokens.passwordtoken:198] Exiting get_class_info with result None
[2020-04-24 17:29:57,815][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result None
[2020-04-24 17:29:57,815][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('spass',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,815][6537][139756680177472][DEBUG][privacyidea.lib.tokens.spasstoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,815][6537][139756680177472][DEBUG][privacyidea.lib.tokens.spasstoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,815][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,815][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('spass',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,815][6537][139756680177472][DEBUG][privacyidea.lib.tokens.spasstoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,816][6537][139756680177472][DEBUG][privacyidea.lib.tokens.spasstoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of SPASS tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active SPASS tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,816][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of SPASS tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active SPASS tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,816][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('spass',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,816][6537][139756680177472][DEBUG][privacyidea.lib.tokens.spasstoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,816][6537][139756680177472][DEBUG][privacyidea.lib.tokens.spasstoken:198] Exiting get_class_info with result ['admin', 'user']
[2020-04-24 17:29:57,816][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['admin', 'user']
[2020-04-24 17:29:57,816][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('motp',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,816][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,816][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('motp',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,816][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of mOTP tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active mOTP tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,817][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('motp',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,817][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,817][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('certificate',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,817][6537][139756680177472][DEBUG][privacyidea.lib.tokens.certificatetoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,817][6537][139756680177472][DEBUG][privacyidea.lib.tokens.certificatetoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,817][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,817][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('certificate',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,817][6537][139756680177472][DEBUG][privacyidea.lib.tokens.certificatetoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,817][6537][139756680177472][DEBUG][privacyidea.lib.tokens.certificatetoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of certificates assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active certificates assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,817][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of certificates assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active certificates assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,817][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('certificate',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,818][6537][139756680177472][DEBUG][privacyidea.lib.tokens.certificatetoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,818][6537][139756680177472][DEBUG][privacyidea.lib.tokens.certificatetoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,818][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,818][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('tan',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,818][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tantoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,818][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tantoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,818][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,818][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('tan',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,818][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tantoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,818][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tantoken:198] Exiting get_class_info with result {'enrollment': {'tantoken_count': {'type': 'int', 'desc': 'The number of OTP values, which are printed on the paper.'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of TAN tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active TAN tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,818][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'tantoken_count': {'type': 'int', 'desc': 'The number of OTP values, which are printed on the paper.'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of TAN tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active TAN tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,819][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('tan',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,819][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tantoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,819][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tantoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,819][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,819][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('vasco',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,819][6537][139756680177472][DEBUG][privacyidea.lib.tokens.vascotoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,819][6537][139756680177472][DEBUG][privacyidea.lib.tokens.vascotoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,819][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,819][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('vasco',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,819][6537][139756680177472][DEBUG][privacyidea.lib.tokens.vascotoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,819][6537][139756680177472][DEBUG][privacyidea.lib.tokens.vascotoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of Vasco tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active Vasco tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,819][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of Vasco tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active Vasco tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,820][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('vasco',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,820][6537][139756680177472][DEBUG][privacyidea.lib.tokens.vascotoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,820][6537][139756680177472][DEBUG][privacyidea.lib.tokens.vascotoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,820][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,820][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('registration',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,820][6537][139756680177472][DEBUG][privacyidea.lib.tokens.registrationtoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,820][6537][139756680177472][DEBUG][privacyidea.lib.tokens.registrationtoken:198] Exiting get_class_info with result []
[2020-04-24 17:29:57,820][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result []
[2020-04-24 17:29:57,820][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('registration',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,820][6537][139756680177472][DEBUG][privacyidea.lib.tokens.registrationtoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,820][6537][139756680177472][DEBUG][privacyidea.lib.tokens.registrationtoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of registration tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active registration tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,821][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of registration tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active registration tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,821][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('registration',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,821][6537][139756680177472][DEBUG][privacyidea.lib.tokens.registrationtoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,821][6537][139756680177472][DEBUG][privacyidea.lib.tokens.registrationtoken:198] Exiting get_class_info with result None
[2020-04-24 17:29:57,821][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result None
[2020-04-24 17:29:57,821][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('yubikey',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,821][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubikeytoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,821][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubikeytoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,821][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,821][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('yubikey',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,821][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubikeytoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,822][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubikeytoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of Yubikey tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active Yubikey tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,822][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of Yubikey tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active Yubikey tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,822][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('yubikey',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,822][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubikeytoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,822][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubikeytoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,822][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,822][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('radius',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,822][6537][139756680177472][DEBUG][privacyidea.lib.tokens.radiustoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,822][6537][139756680177472][DEBUG][privacyidea.lib.tokens.radiustoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,822][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,822][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('radius',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,823][6537][139756680177472][DEBUG][privacyidea.lib.tokens.radiustoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,823][6537][139756680177472][DEBUG][privacyidea.lib.tokens.radiustoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of RADIUS tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active RADIUS tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,823][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of RADIUS tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active RADIUS tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,823][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('radius',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,823][6537][139756680177472][DEBUG][privacyidea.lib.tokens.radiustoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,823][6537][139756680177472][DEBUG][privacyidea.lib.tokens.radiustoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,823][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,823][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('tiqr',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,823][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tiqrtoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,823][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tiqrtoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,823][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,824][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('tiqr',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,824][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tiqrtoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,824][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tiqrtoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of TiQR tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active TiQR tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,824][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of TiQR tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active TiQR tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,824][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('tiqr',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,824][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tiqrtoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,824][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tiqrtoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,824][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,824][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('hotp',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,824][6537][139756680177472][DEBUG][privacyidea.lib.tokens.hotptoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,825][6537][139756680177472][DEBUG][privacyidea.lib.tokens.hotptoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,825][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,825][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('hotp',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,825][6537][139756680177472][DEBUG][privacyidea.lib.tokens.hotptoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,825][6537][139756680177472][DEBUG][privacyidea.lib.tokens.hotptoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of HOTP tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active HOTP tokens assigned.', 'group': 'token'}, 'yubikey_access_code': {'type': 'str', 'desc': 'The Yubikey access code used to initialize Yubikeys.'}, 'hotp_2step_clientsize': {'type': 'int', 'desc': 'The size of the OTP seed part contributed by the client (in bytes)'}, 'hotp_2step_serversize': {'type': 'int', 'desc': 'The size of the OTP seed part contributed by the server (in bytes)'}, 'hotp_2step_difficulty': {'type': 'int', 'desc': 'The difficulty factor used for the OTP seed generation (should be at least 10000)'}, 'hotp_force_app_pin': {'type': 'bool', 'desc': 'Enforce setting an app pin for the privacyIDEA Authenticator App'}}, 'user': {'hotp_hashlib': {'type': 'str', 'value': ['sha1', 'sha256', 'sha512'], 'desc': 'Specify the hashlib to be used. Can be sha1 (1) or sha2-256 (2).'}, 'hotp_otplen': {'type': 'int', 'value': [6, 8], 'desc': 'Specify the otplen to be used. Can be 6 or 8 digits.'}, 'hotp_force_server_generate': {'type': 'bool', 'desc': 'Force the key to be generated on the server.'}, 'hotp_2step': {'type': 'str', 'value': ['allow', 'force'], 'desc': 'Specify whether users are allowed or forced to use two-step enrollment.'}}, 'admin': {'hotp_hashlib': {'type': 'str', 'value': ['sha1', 'sha256', 'sha512'], 'desc': 'Specify the hashlib to be used. Can be sha1 (1) or sha2-256 (2).'}, 'hotp_otplen': {'type': 'int', 'value': [6, 8], 'desc': 'Specify the otplen to be used. Can be 6 or 8 digits.'}, 'hotp_2step': {'type': 'str', 'value': ['allow', 'force'], 'desc': 'Specify whether admins are allowed or forced to use two-step enrollment.'}}}
[2020-04-24 17:29:57,825][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of HOTP tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active HOTP tokens assigned.', 'group': 'token'}, 'yubikey_access_code': {'type': 'str', 'desc': 'The Yubikey access code used to initialize Yubikeys.'}, 'hotp_2step_clientsize': {'type': 'int', 'desc': 'The size of the OTP seed part contributed by the client (in bytes)'}, 'hotp_2step_serversize': {'type': 'int', 'desc': 'The size of the OTP seed part contributed by the server (in bytes)'}, 'hotp_2step_difficulty': {'type': 'int', 'desc': 'The difficulty factor used for the OTP seed generation (should be at least 10000)'}, 'hotp_force_app_pin': {'type': 'bool', 'desc': 'Enforce setting an app pin for the privacyIDEA Authenticator App'}}, 'user': {'hotp_hashlib': {'type': 'str', 'value': ['sha1', 'sha256', 'sha512'], 'desc': 'Specify the hashlib to be used. Can be sha1 (1) or sha2-256 (2).'}, 'hotp_otplen': {'type': 'int', 'value': [6, 8], 'desc': 'Specify the otplen to be used. Can be 6 or 8 digits.'}, 'hotp_force_server_generate': {'type': 'bool', 'desc': 'Force the key to be generated on the server.'}, 'hotp_2step': {'type': 'str', 'value': ['allow', 'force'], 'desc': 'Specify whether users are allowed or forced to use two-step enrollment.'}}, 'admin': {'hotp_hashlib': {'type': 'str', 'value': ['sha1', 'sha256', 'sha512'], 'desc': 'Specify the hashlib to be used. Can be sha1 (1) or sha2-256 (2).'}, 'hotp_otplen': {'type': 'int', 'value': [6, 8], 'desc': 'Specify the otplen to be used. Can be 6 or 8 digits.'}, 'hotp_2step': {'type': 'str', 'value': ['allow', 'force'], 'desc': 'Specify whether admins are allowed or forced to use two-step enrollment.'}}}
[2020-04-24 17:29:57,826][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('hotp',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,826][6537][139756680177472][DEBUG][privacyidea.lib.tokens.hotptoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,826][6537][139756680177472][DEBUG][privacyidea.lib.tokens.hotptoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,826][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,826][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('webauthn',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,826][6537][139756680177472][DEBUG][privacyidea.lib.tokens.webauthntoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,827][6537][139756680177472][DEBUG][privacyidea.lib.tokens.webauthntoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,827][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,827][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('webauthn',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,827][6537][139756680177472][DEBUG][privacyidea.lib.tokens.webauthntoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,827][6537][139756680177472][DEBUG][privacyidea.lib.tokens.webauthntoken:198] Exiting get_class_info with result {'authentication': {'webauthn_allowed_transports': {'type': 'str', 'desc': 'A list of transports to prefer to communicate with WebAuthn tokens. Default: usb ble nfc internal lightning (All standard transports)'}, 'webauthn_timeout': {'type': 'int', 'desc': 'The time in seconds the user has to confirm authorization on his WebAuthn token. Note: You will want to increase the ChallengeValidityTime along with this. Default: 60'}, 'webauthn_user_verification_requirement': {'type': 'str', 'desc': "Whether the user's identity should be verified when authenticating with a WebAuthn token. Default: preferred (verify the user if supported by the token)", 'value': ['required', 'preferred', 'discouraged']}, 'challenge_text': {'type': 'str', 'desc': 'Use an alternative challenge text for telling the user to confirm with his WebAuthn token.'}}, 'authorization': {'webauthn_authenticator_selection_list': {'type': 'str', 'desc': 'A list of WebAuthn authenticators acceptable for authorization, given as a space-separated list of AAGUIDs. Per default all authenticators are acceptable.'}, 'webauthn_req': {'type': 'str', 'desc': 'Only the specified WebAuthn-tokens are authorized.'}}, 'enrollment': {'webauthn_relying_party_name': {'type': 'str', 'desc': 'A human readable name for the organization rolling out WebAuthn tokens.', 'group': 'WebAuthn'}, 'webauthn_relying_party_id': {'type': 'str', 'desc': 'A domain name that is a subset of the respective FQDNs for all the webservices the users should be able to sign in to using WebAuthn tokens.', 'group': 'WebAuthn'}, 'webauthn_timeout': {'type': 'int', 'desc': 'The time in seconds the user has to confirm enrollment on his WebAuthn token. Note: You will want to increase the ChallengeValidityTime along with this. Default: 60', 'group': 'WebAuthn'}, 'webauthn_authenticator_attachment': {'type': 'str', 'desc': 'Whether to limit roll out of WebAuthn tokens to either only platform authenticators, or only cross-platform authenticators. Default: either', 'group': 'WebAuthn', 'value': ['platform', 'cross-platform', 'either']}, 'webauthn_authenticator_selection_list': {'type': 'str', 'desc': 'A list of WebAuthn authenticators acceptable for enrollment, given as a space-separated list of AAGUIDs. Per default all authenticators are acceptable.', 'group': 'WebAuthn'}, 'webauthn_user_verification_requirement': {'type': 'str', 'desc': "Whether the user's identity should be verified when rolling out a new WebAuthn token. Default: preferred (verify the user if supported by the token)", 'group': 'WebAuthn', 'value': ['required', 'preferred', 'discouraged']}, 'webauthn_public_key_credential_algorithm_preference': {'type': 'str', 'desc': 'Which algorithm to use for creating public key credentials for WebAuthn tokens. Default: ecdsa_preferred', 'group': 'WebAuthn', 'value': ['ecdsa_preferred', 'ecdsa_only', 'rsassa-pss_preferred', 'rsassa-pss_only']}, 'webauthn_authenticator_attestation_form': {'type': 'str', 'desc': 'Whether to request attestation data when enrolling a new WebAuthn token. Note: for u2f_req to work with WebAuthn, this cannot be set to none. Default: direct (ask for non-anonymized attestation data)', 'group': 'WebAuthn', 'value': ['none', 'indirect', 'direct']}, 'webauthn_authenticator_attestation_level': {'type': 'str', 'desc': 'Whether and how strictly to check authenticator attestation data. Note: If the attestation form is none, the attestation level needs to also be none. Default: untrusted (attestation is required, but can be unknown or self-signed)', 'group': 'WebAuthn', 'value': ['none', 'untrusted', 'trusted']}, 'webauthn_req': {'type': 'str', 'desc': 'Only the specified WebAuthn-tokens are allowed to be registered.', 'group': 'WebAuthn'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this number of WebAuthn tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this number of active WebAuthn tokens assigned.', 'group': 'token'}, 'challenge_text': {'type': 'str', 'desc': 'Use an alternate challenge text for telling the user to confirm with his WebAuthn device.', 'group': 'WebAuthn'}}}
[2020-04-24 17:29:57,828][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'authentication': {'webauthn_allowed_transports': {'type': 'str', 'desc': 'A list of transports to prefer to communicate with WebAuthn tokens. Default: usb ble nfc internal lightning (All standard transports)'}, 'webauthn_timeout': {'type': 'int', 'desc': 'The time in seconds the user has to confirm authorization on his WebAuthn token. Note: You will want to increase the ChallengeValidityTime along with this. Default: 60'}, 'webauthn_user_verification_requirement': {'type': 'str', 'desc': "Whether the user's identity should be verified when authenticating with a WebAuthn token. Default: preferred (verify the user if supported by the token)", 'value': ['required', 'preferred', 'discouraged']}, 'challenge_text': {'type': 'str', 'desc': 'Use an alternative challenge text for telling the user to confirm with his WebAuthn token.'}}, 'authorization': {'webauthn_authenticator_selection_list': {'type': 'str', 'desc': 'A list of WebAuthn authenticators acceptable for authorization, given as a space-separated list of AAGUIDs. Per default all authenticators are acceptable.'}, 'webauthn_req': {'type': 'str', 'desc': 'Only the specified WebAuthn-tokens are authorized.'}}, 'enrollment': {'webauthn_relying_party_name': {'type': 'str', 'desc': 'A human readable name for the organization rolling out WebAuthn tokens.', 'group': 'WebAuthn'}, 'webauthn_relying_party_id': {'type': 'str', 'desc': 'A domain name that is a subset of the respective FQDNs for all the webservices the users should be able to sign in to using WebAuthn tokens.', 'group': 'WebAuthn'}, 'webauthn_timeout': {'type': 'int', 'desc': 'The time in seconds the user has to confirm enrollment on his WebAuthn token. Note: You will want to increase the ChallengeValidityTime along with this. Default: 60', 'group': 'WebAuthn'}, 'webauthn_authenticator_attachment': {'type': 'str', 'desc': 'Whether to limit roll out of WebAuthn tokens to either only platform authenticators, or only cross-platform authenticators. Default: either', 'group': 'WebAuthn', 'value': ['platform', 'cross-platform', 'either']}, 'webauthn_authenticator_selection_list': {'type': 'str', 'desc': 'A list of WebAuthn authenticators acceptable for enrollment, given as a space-separated list of AAGUIDs. Per default all authenticators are acceptable.', 'group': 'WebAuthn'}, 'webauthn_user_verification_requirement': {'type': 'str', 'desc': "Whether the user's identity should be verified when rolling out a new WebAuthn token. Default: preferred (verify the user if supported by the token)", 'group': 'WebAuthn', 'value': ['required', 'preferred', 'discouraged']}, 'webauthn_public_key_credential_algorithm_preference': {'type': 'str', 'desc': 'Which algorithm to use for creating public key credentials for WebAuthn tokens. Default: ecdsa_preferred', 'group': 'WebAuthn', 'value': ['ecdsa_preferred', 'ecdsa_only', 'rsassa-pss_preferred', 'rsassa-pss_only']}, 'webauthn_authenticator_attestation_form': {'type': 'str', 'desc': 'Whether to request attestation data when enrolling a new WebAuthn token. Note: for u2f_req to work with WebAuthn, this cannot be set to none. Default: direct (ask for non-anonymized attestation data)', 'group': 'WebAuthn', 'value': ['none', 'indirect', 'direct']}, 'webauthn_authenticator_attestation_level': {'type': 'str', 'desc': 'Whether and how strictly to check authenticator attestation data. Note: If the attestation form is none, the attestation level needs to also be none. Default: untrusted (attestation is required, but can be unknown or self-signed)', 'group': 'WebAuthn', 'value': ['none', 'untrusted', 'trusted']}, 'webauthn_req': {'type': 'str', 'desc': 'Only the specified WebAuthn-tokens are allowed to be registered.', 'group': 'WebAuthn'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this number of WebAuthn tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this number of active WebAuthn tokens assigned.', 'group': 'token'}, 'challenge_text': {'type': 'str', 'desc': 'Use an alternate challenge text for telling the user to confirm with his WebAuthn device.', 'group': 'WebAuthn'}}}
[2020-04-24 17:29:57,829][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('webauthn',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,829][6537][139756680177472][DEBUG][privacyidea.lib.tokens.webauthntoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,829][6537][139756680177472][DEBUG][privacyidea.lib.tokens.webauthntoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,829][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,829][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('email',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,829][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,830][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('email',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,830][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'authentication': {'emailtext': {'type': 'str', 'desc': 'The text that will be sent via EMail for an EMail token. Use <otp> and <serial> as parameters. You may also specify a filename as email template starting with "file:".'}, 'emailsubject': {'type': 'str', 'desc': 'The subject of the EMail for an EMail token. Use <otp> and <serial> as parameters.'}, 'emailautosend': {'type': 'bool', 'desc': 'If set, a new EMail OTP will be sent after successful authentication with one EMail OTP.'}, 'challenge_text': {'type': 'str', 'desc': 'Use an alternate challenge text for telling the user to enter the code from the eMail.'}}, 'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of email tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active email tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,830][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('email',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,830][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,830][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('remote',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,830][6537][139756680177472][DEBUG][privacyidea.lib.tokens.remotetoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,830][6537][139756680177472][DEBUG][privacyidea.lib.tokens.remotetoken:198] Exiting get_class_info with result []
[2020-04-24 17:29:57,830][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result []
[2020-04-24 17:29:57,830][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('remote',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,831][6537][139756680177472][DEBUG][privacyidea.lib.tokens.remotetoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,831][6537][139756680177472][DEBUG][privacyidea.lib.tokens.remotetoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of remote tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active remote tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,831][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of remote tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active remote tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,831][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('remote',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,831][6537][139756680177472][DEBUG][privacyidea.lib.tokens.remotetoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,831][6537][139756680177472][DEBUG][privacyidea.lib.tokens.remotetoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,831][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,831][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('push',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,832][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,832][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('push',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,833][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'push_firebase_configuration': {'type': 'str', 'desc': 'The configuration of your Firebase application.', 'group': 'PUSH', 'value': []}, 'push_ssl_verify': {'type': 'str', 'desc': 'The smartphone needs to verify SSL during the enrollment. (default 1)', 'group': 'PUSH', 'value': ['0', '1']}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of Push tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active Push tokens assigned.', 'group': 'token'}}, 'authentication': {'push_text_on_mobile': {'type': 'str', 'desc': 'The question the user sees on his mobile phone.', 'group': 'PUSH'}, 'push_title_on_mobile': {'type': 'str', 'desc': 'The title of the notification, the user sees on his mobile phone.', 'group': 'PUSH'}, 'push_ssl_verify': {'type': 'str', 'desc': 'The smartphone needs to verify SSL during authentication. (default 1)', 'group': 'PUSH', 'value': ['0', '1']}, 'push_wait': {'type': 'int', 'desc': 'Wait for number of seconds for the user to confirm the challenge in the first request.', 'group': 'PUSH'}}}
[2020-04-24 17:29:57,833][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('push',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,834][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,834][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('indexedsecret',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,834][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,834][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('indexedsecret',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,834][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'authentication': {'challenge_text': {'type': 'str', 'desc': 'Use an alternate challenge text for telling the user which positions of the secret he should enter.', 'group': 'Indexed Secret Token'}, 'count': {'type': 'int', 'desc': 'Number of necessary positions to be answered by the user.', 'group': 'Indexed Secret Token'}}, 'webui': {'preset_attribute': {'type': 'str', 'desc': 'Preset the enrollment with the value of the given attribute.', 'group': 'token'}}, 'user': {'force_attribute': {'type': 'str', 'desc': 'The attribute whose value should be force set during enrollment.', 'group': 'enrollment'}}, 'admin': {'force_attribute': {'type': 'str', 'desc': 'The attribute whose value should be force set during enrollment.', 'group': 'enrollment'}}, 'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of indexed secret tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active indexed secret tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,835][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('indexedsecret',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,835][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,835][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('4eyes',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,835][6537][139756680177472][DEBUG][privacyidea.lib.tokens.foureyestoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,835][6537][139756680177472][DEBUG][privacyidea.lib.tokens.foureyestoken:198] Exiting get_class_info with result []
[2020-04-24 17:29:57,835][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result []
[2020-04-24 17:29:57,835][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('4eyes',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,835][6537][139756680177472][DEBUG][privacyidea.lib.tokens.foureyestoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,835][6537][139756680177472][DEBUG][privacyidea.lib.tokens.foureyestoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of 4eyes tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active 4eyes tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,835][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of 4eyes tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active 4eyes tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,836][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('4eyes',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,836][6537][139756680177472][DEBUG][privacyidea.lib.tokens.foureyestoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,836][6537][139756680177472][DEBUG][privacyidea.lib.tokens.foureyestoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,836][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,836][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('u2f',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,836][6537][139756680177472][DEBUG][privacyidea.lib.tokens.u2ftoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,836][6537][139756680177472][DEBUG][privacyidea.lib.tokens.u2ftoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,836][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,836][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('u2f',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,836][6537][139756680177472][DEBUG][privacyidea.lib.tokens.u2ftoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,836][6537][139756680177472][DEBUG][privacyidea.lib.tokens.u2ftoken:198] Exiting get_class_info with result {'authentication': {'u2f_facets': {'type': 'str', 'desc': 'This is a list of FQDN hostnames trusting the registered U2F tokens.'}, 'challenge_text': {'type': 'str', 'desc': 'Use an alternate challenge text for telling the user to confirm with his U2F device.'}}, 'authorization': {'u2f_req': {'type': 'str', 'desc': 'Only specified U2F tokens are authorized.'}}, 'enrollment': {'u2f_req': {'type': 'str', 'desc': 'Only specified U2F tokens are allowed to be registered.', 'group': 'token'}, 'u2f_no_verify_certificate': {'type': 'bool', 'desc': 'Do not verify the U2F attestation certificate.', 'group': 'token'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of U2F tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active U2F tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,837][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'authentication': {'u2f_facets': {'type': 'str', 'desc': 'This is a list of FQDN hostnames trusting the registered U2F tokens.'}, 'challenge_text': {'type': 'str', 'desc': 'Use an alternate challenge text for telling the user to confirm with his U2F device.'}}, 'authorization': {'u2f_req': {'type': 'str', 'desc': 'Only specified U2F tokens are authorized.'}}, 'enrollment': {'u2f_req': {'type': 'str', 'desc': 'Only specified U2F tokens are allowed to be registered.', 'group': 'token'}, 'u2f_no_verify_certificate': {'type': 'bool', 'desc': 'Do not verify the U2F attestation certificate.', 'group': 'token'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of U2F tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active U2F tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,837][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('u2f',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,837][6537][139756680177472][DEBUG][privacyidea.lib.tokens.u2ftoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,837][6537][139756680177472][DEBUG][privacyidea.lib.tokens.u2ftoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,837][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,837][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('totp',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,837][6537][139756680177472][DEBUG][privacyidea.lib.tokens.totptoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,838][6537][139756680177472][DEBUG][privacyidea.lib.tokens.totptoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,838][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,838][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('totp',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,838][6537][139756680177472][DEBUG][privacyidea.lib.tokens.totptoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,838][6537][139756680177472][DEBUG][privacyidea.lib.tokens.totptoken:198] Exiting get_class_info with result {'user': {'totp_timestep': {'type': 'int', 'value': [30, 60], 'desc': 'Specify the time step of the timebased OTP token.'}, 'totp_hashlib': {'type': 'str', 'value': ['sha1', 'sha256', 'sha512'], 'desc': 'Specify the hashlib to be used. Can be SHA1, SHA256 or SHA512.'}, 'totp_otplen': {'type': 'int', 'value': [6, 8], 'desc': 'Specify the OTP length to be used.'}, 'totp_force_server_generate': {'type': 'bool', 'desc': 'Force the key to be generated on the server.'}, '2step': {'type': 'str', 'value': ['allow', 'force'], 'desc': 'Specify whether users are allowed or forced to use two-step enrollment.'}}, 'admin': {'totp_timestep': {'type': 'int', 'value': [30, 60], 'desc': 'Specify the time step of the timebased OTP token.'}, 'totp_hashlib': {'type': 'str', 'value': ['sha1', 'sha256', 'sha512'], 'desc': 'Specify the hashlib to be used. Can be SHA1, SHA256 or SHA512.'}, 'totp_otplen': {'type': 'int', 'value': [6, 8], 'desc': 'Specify the OTP length to be used.'}, '2step': {'type': 'str', 'value': ['allow', 'force'], 'desc': 'Specify whether admins are allowed or forced to use two-step enrollment.'}}, 'enrollment': {'2step_clientsize': {'type': 'int', 'desc': 'The size of the OTP seed part contributed by the client (in bytes)'}, '2step_serversize': {'type': 'int', 'desc': 'The size of the OTP seed part contributed by the server (in bytes)'}, '2step_difficulty': {'type': 'int', 'desc': 'The difficulty factor used for the OTP seed generation (should be at least 10000)'}, 'totp_force_app_pin': {'type': 'bool', 'desc': 'Enforce setting an app pin for the privacyIDEA Authenticator App'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of remote tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active remote tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,838][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'user': {'totp_timestep': {'type': 'int', 'value': [30, 60], 'desc': 'Specify the time step of the timebased OTP token.'}, 'totp_hashlib': {'type': 'str', 'value': ['sha1', 'sha256', 'sha512'], 'desc': 'Specify the hashlib to be used. Can be SHA1, SHA256 or SHA512.'}, 'totp_otplen': {'type': 'int', 'value': [6, 8], 'desc': 'Specify the OTP length to be used.'}, 'totp_force_server_generate': {'type': 'bool', 'desc': 'Force the key to be generated on the server.'}, '2step': {'type': 'str', 'value': ['allow', 'force'], 'desc': 'Specify whether users are allowed or forced to use two-step enrollment.'}}, 'admin': {'totp_timestep': {'type': 'int', 'value': [30, 60], 'desc': 'Specify the time step of the timebased OTP token.'}, 'totp_hashlib': {'type': 'str', 'value': ['sha1', 'sha256', 'sha512'], 'desc': 'Specify the hashlib to be used. Can be SHA1, SHA256 or SHA512.'}, 'totp_otplen': {'type': 'int', 'value': [6, 8], 'desc': 'Specify the OTP length to be used.'}, '2step': {'type': 'str', 'value': ['allow', 'force'], 'desc': 'Specify whether admins are allowed or forced to use two-step enrollment.'}}, 'enrollment': {'2step_clientsize': {'type': 'int', 'desc': 'The size of the OTP seed part contributed by the client (in bytes)'}, '2step_serversize': {'type': 'int', 'desc': 'The size of the OTP seed part contributed by the server (in bytes)'}, '2step_difficulty': {'type': 'int', 'desc': 'The difficulty factor used for the OTP seed generation (should be at least 10000)'}, 'totp_force_app_pin': {'type': 'bool', 'desc': 'Enforce setting an app pin for the privacyIDEA Authenticator App'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of remote tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active remote tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,839][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('totp',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,839][6537][139756680177472][DEBUG][privacyidea.lib.tokens.totptoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,839][6537][139756680177472][DEBUG][privacyidea.lib.tokens.totptoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,839][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,839][6537][139756680177472][DEBUG][privacyidea.lib.policy:1003] returning the admin rights: ['enable', 'disable', 'set', 'setpin', 'setrandompin', 'settokeninfo', 'enrollpin', 'resync', 'reset', 'revoke', 'assign', 'unassign', 'importtokens', 'delete', 'userlist', 'machinelist', 'manage_machine_tokens', 'fetch_authentication_items', 'tokenrealms', 'tokenlist', 'getserial', 'getrandom', 'copytokenpin', 'copytokenuser', 'losttoken', 'configwrite', 'configdelete', 'configread', 'system_documentation', 'policywrite', 'policydelete', 'policyread', 'resolverwrite', 'resolverdelete', 'resolverread', 'caconnectorwrite', 'caconnectordelete', 'caconnectorread', 'mresolverwrite', 'mresolverdelete', 'mresolverread', 'otp_pin_maxlength', 'otp_pin_minlength', 'otp_pin_contents', 'otp_pin_set_random', 'auditlog', 'auditlog_age', 'auditlog_download', 'adduser', 'updateuser', 'deleteuser', 'set_hsm_password', 'getchallenges', 'smtpserver_write', 'smtpserver_read', 'radiusserver_write', 'radiusserver_read', 'privacyideaserver_write', 'privacyideaserver_read', 'periodictask_write', 'periodictask_read', 'statistics_read', 'statistics_delete', 'eventhandling_write', 'eventhandling_read', 'smsgateway_write', 'smsgateway_read', 'clienttype', 'managesubscription', 'triggerchallenge', 'enrollYUBICO', 'enrollQUESTION', 'enrollSMS', 'sms_gateways', 'enrollOCRA', 'enrollDAPLUG', 'enrollSSHKEY', 'enrollPAPER', 'enrollPW', 'enrollSPASS', 'spass_otp_pin_maxlength', 'spass_otp_pin_minlength', 'spass_otp_pin_contents', 'enrollMOTP', 'enrollCERTIFICATE', 'enrollTAN', 'enrollVASCO', 'enrollREGISTRATION', 'enrollYUBIKEY', 'enrollRADIUS', 'enrollTIQR', 'enrollHOTP', 'hotp_hashlib', 'hotp_otplen', 'hotp_2step', 'enrollWEBAUTHN', 'enrollEMAIL', 'enrollREMOTE', 'enrollPUSH', 'enrollINDEXEDSECRET', 'indexedsecret_force_attribute', 'enroll4EYES', 'enrollU2F', 'enrollTOTP', 'totp_timestep', 'totp_hashlib', 'totp_otplen', 'totp_2step']
[2020-04-24 17:29:57,840][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting ui_get_rights with result ['enable', 'disable', 'set', 'setpin', 'setrandompin', 'settokeninfo', 'enrollpin', 'resync', 'reset', 'revoke', 'assign', 'unassign', 'importtokens', 'delete', 'userlist', 'machinelist', 'manage_machine_tokens', 'fetch_authentication_items', 'tokenrealms', 'tokenlist', 'getserial', 'getrandom', 'copytokenpin', 'copytokenuser', 'losttoken', 'configwrite', 'configdelete', 'configread', 'system_documentation', 'policywrite', 'policydelete', 'policyread', 'resolverwrite', 'resolverdelete', 'resolverread', 'caconnectorwrite', 'caconnectordelete', 'caconnectorread', 'mresolverwrite', 'mresolverdelete', 'mresolverread', 'otp_pin_maxlength', 'otp_pin_minlength', 'otp_pin_contents', 'otp_pin_set_random', 'auditlog', 'auditlog_age', 'auditlog_download', 'adduser', 'updateuser', 'deleteuser', 'set_hsm_password', 'getchallenges', 'smtpserver_write', 'smtpserver_read', 'radiusserver_write', 'radiusserver_read', 'privacyideaserver_write', 'privacyideaserver_read', 'periodictask_write', 'periodictask_read', 'statistics_read', 'statistics_delete', 'eventhandling_write', 'eventhandling_read', 'smsgateway_write', 'smsgateway_read', 'clienttype', 'managesubscription', 'triggerchallenge', 'enrollYUBICO', 'enrollQUESTION', 'enrollSMS', 'sms_gateways', 'enrollOCRA', 'enrollDAPLUG', 'enrollSSHKEY', 'enrollPAPER', 'enrollPW', 'enrollSPASS', 'spass_otp_pin_maxlength', 'spass_otp_pin_minlength', 'spass_otp_pin_contents', 'enrollMOTP', 'enrollCERTIFICATE', 'enrollTAN', 'enrollVASCO', 'enrollREGISTRATION', 'enrollYUBIKEY', 'enrollRADIUS', 'enrollTIQR', 'enrollHOTP', 'hotp_hashlib', 'hotp_otplen', 'hotp_2step', 'enrollWEBAUTHN', 'enrollEMAIL', 'enrollREMOTE', 'enrollPUSH', 'enrollINDEXEDSECRET', 'indexedsecret_force_attribute', 'enroll4EYES', 'enrollU2F', 'enrollTOTP', 'totp_timestep', 'totp_hashlib', 'totp_otplen', 'totp_2step']
[2020-04-24 17:29:57,840][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering get_static_policy_definitions with arguments ('admin',) and keywords {}
[2020-04-24 17:29:57,840][6537][139756680177472][DEBUG][privacyidea.lib.resolver:186] Entering get_resolver_list with arguments () and keywords {}
[2020-04-24 17:29:57,840][6537][139756680177472][DEBUG][privacyidea.lib.resolver:200] Exiting get_resolver_list with result HIDDEN
[2020-04-24 17:29:57,840][6537][139756680177472][DEBUG][privacyidea.lib.realm:186] Entering get_realms with arguments () and keywords {}
[2020-04-24 17:29:57,841][6537][139756680177472][DEBUG][privacyidea.lib.realm:198] Exiting get_realms with result {'defrealm': {'option': '', 'default': True, 'resolver': [{'priority': None, 'name': 'deflocal', 'type': 'passwdresolver'}]}, 'ldap': {'option': '', 'default': False, 'resolver': [{'priority': None, 'name': 'virtkolab', 'type': 'ldapresolver'}]}}
[2020-04-24 17:29:57,841][6537][139756680177472][DEBUG][privacyidea.lib.smtpserver:186] Entering get_smtpservers with arguments () and keywords {}
[2020-04-24 17:29:57,841][6537][139756680177472][DEBUG][privacyidea.lib.smtpserver:198] Exiting get_smtpservers with result []
[2020-04-24 17:29:57,842][6537][139756680177472][DEBUG][privacyidea.lib.radiusserver:186] Entering get_radiusservers with arguments () and keywords {}
[2020-04-24 17:29:57,842][6537][139756680177472][DEBUG][privacyidea.lib.radiusserver:198] Exiting get_radiusservers with result []
[2020-04-24 17:29:57,843][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting get_static_policy_definitions with result {'enable': {'type': 'bool', 'desc': 'Admin is allowed to enable tokens.', 'mainmenu': ['tokens'], 'group': 'token'}, 'disable': {'type': 'bool', 'desc': 'Admin is allowed to disable tokens.', 'mainmenu': ['tokens'], 'group': 'token'}, 'set': {'type': 'bool', 'desc': 'Admin is allowed to set token properties.', 'mainmenu': ['tokens'], 'group': 'token'}, 'setpin': {'type': 'bool', 'desc': 'Admin is allowed to set the OTP PIN of tokens.', 'mainmenu': ['tokens'], 'group': 'token'}, 'setrandompin': {'type': 'bool', 'desc': 'Admin is allowed to set a random OTP PIN of tokens.', 'mainmenu': ['tokens'], 'group': 'token'}, 'settokeninfo': {'type': 'bool', 'desc': 'Admin is allowed to manually set and delete token info.', 'mainmenu': ['tokens'], 'group': 'token'}, 'enrollpin': {'type': 'bool', 'desc': 'Admin is allowed to set the OTP PIN during enrollment.', 'mainmenu': ['tokens'], 'group': 'enrollment'}, 'resync': {'type': 'bool', 'desc': 'Admin is allowed to resync tokens.', 'mainmenu': ['tokens'], 'group': 'token'}, 'reset': {'type': 'bool', 'desc': 'Admin is allowed to reset the Failcounter of a token.', 'mainmenu': ['tokens'], 'group': 'token'}, 'revoke': {'tpye': 'bool', 'desc': 'Admin is allowed to revoke a token', 'mainmenu': ['tokens'], 'group': 'token'}, 'assign': {'type': 'bool', 'desc': 'Admin is allowed to assign a token to a user.', 'mainmenu': ['tokens', 'users'], 'group': 'token'}, 'unassign': {'type': 'bool', 'desc': 'Admin is allowed to remove the token from a user, i.e. unassign a token.', 'mainmenu': ['tokens'], 'group': 'token'}, 'importtokens': {'type': 'bool', 'desc': 'Admin is allowed to import token files.', 'mainmenu': ['tokens'], 'group': 'system'}, 'delete': {'type': 'bool', 'desc': 'Admin is allowed to remove tokens from the database.', 'mainmenu': ['tokens'], 'group': 'token'}, 'userlist': {'type': 'bool', 'desc': 'Admin is allowed to view the list of the users.', 'mainmenu': ['users'], 'group': 'general'}, 'machinelist': {'type': 'bool', 'desc': 'The Admin is allowed to list the machines.', 'mainmenu': ['machines'], 'group': 'machine'}, 'manage_machine_tokens': {'type': 'bool', 'desc': 'The Admin is allowed to attach and detach tokens to machines.', 'mainmenu': ['tokens', 'machines'], 'group': 'machine'}, 'fetch_authentication_items': {'type': 'bool', 'desc': 'The Admin is allowed to fetch authentication items of tokens assigned to machines.', 'group': 'general'}, 'tokenrealms': {'type': 'bool', 'desc': 'Admin is allowed to manage the realms of a token.', 'mainmenu': ['tokens'], 'group': 'token'}, 'tokenlist': {'type': 'bool', 'desc': 'Admin is allowed to list tokens.', 'mainmenu': ['tokens'], 'group': 'token'}, 'getserial': {'type': 'bool', 'desc': 'Admin is allowed to retrieve a serial for a given OTP value.', 'mainmenu': ['tokens'], 'group': 'tools'}, 'getrandom': {'type': 'bool', 'desc': 'Admin is allowed to retrieve random keys from privacyIDEA.', 'group': 'tools'}, 'copytokenpin': {'type': 'bool', 'desc': 'Admin is allowed to copy the PIN of one token to another token.', 'group': 'tools'}, 'copytokenuser': {'type': 'bool', 'desc': 'Admin is allowed to copy the assigned user to another token, i.e. assign a user ot another token.', 'group': 'tools'}, 'losttoken': {'type': 'bool', 'desc': 'Admin is allowed to trigger the lost token workflow.', 'mainmenu': ['tokens'], 'group': 'tools'}, 'configwrite': {'type': 'bool', 'desc': 'Admin is allowed to write and modify the system configuration.', 'group': 'system', 'mainmenu': ['config']}, 'configdelete': {'type': 'bool', 'desc': 'Admin is allowed to delete keys in the system configuration.', 'group': 'system', 'mainmenu': ['config']}, 'configread': {'type': 'bool', 'desc': 'Admin is allowed to read basic system configuration.', 'group': 'system', 'mainmenu': ['config']}, 'system_documentation': {'type': 'bool', 'desc': 'Admin is allowed to export a documentation of the complete configuration including resolvers and realm.', 'group': 'system', 'mainmenu': ['config']}, 'policywrite': {'type': 'bool', 'desc': 'Admin is allowed to write and modify the policies.', 'group': 'system', 'mainmenu': ['config']}, 'policydelete': {'type': 'bool', 'desc': 'Admin is allowed to delete policies.', 'group': 'system', 'mainmenu': ['config']}, 'policyread': {'type': 'bool', 'desc': 'Admin is allowed to read policies.', 'group': 'system', 'mainmenu': ['config']}, 'resolverwrite': {'type': 'bool', 'desc': 'Admin is allowed to write and modify the resolver and realm configuration.', 'group': 'system', 'mainmenu': ['config']}, 'resolverdelete': {'type': 'bool', 'desc': 'Admin is allowed to delete resolvers and realms.', 'group': 'system', 'mainmenu': ['config']}, 'resolverread': {'type': 'bool', 'desc': 'Admin is allowed to read resolvers.', 'group': 'system', ' mainmenu': ['config']}, 'caconnectorwrite': {'type': 'bool', 'desc': 'Admin is allowed to create new CA Connector definitions and modify existing ones.', 'group': 'system', 'mainmenu': ['config']}, 'caconnectordelete': {'type': 'bool', 'desc': 'Admin is allowed to delete CA Connector definitions.', 'group': 'system', 'mainmenu': ['config']}, 'caconnectorread': {'type': 'bool', 'desc': 'Admin is allowed to read CA Connector definitions.', 'group': 'system', 'mainmenu': ['config']}, 'mresolverwrite': {'type': 'bool', 'desc': 'Admin is allowed to write and modify the machine resolvers.', 'group': 'system', 'mainmenu': ['config']}, 'mresolverdelete': {'type': 'bool', 'desc': 'Admin is allowed to delete machine resolvers.', 'group': 'system', 'mainmenu': ['config']}, 'mresolverread': {'type': 'bool', 'desc': 'Admin is allowed to read machine resolvers.', 'group': 'system', 'mainmenu': ['config']}, 'otp_pin_maxlength': {'type': 'int', 'value': [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31], 'desc': 'Set the maximum allowed length of the OTP PIN.', 'group': 'pin'}, 'otp_pin_minlength': {'type': 'int', 'value': [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31], 'desc': 'Set the minimum required length of the OTP PIN.', 'group': 'pin'}, 'otp_pin_contents': {'type': 'str', 'desc': 'Specifiy the required contents of the OTP PIN. (c)haracters, (n)umeric, (s)pecial. Use modifiers +/- or a list of allowed characters [1234567890]', 'group': 'pin'}, 'otp_pin_set_random': {'type': 'int', 'value': [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31], 'desc': 'The length of a random PIN set by the administrator.', 'group': 'pin'}, 'auditlog': {'type': 'bool', 'desc': 'Admin is allowed to view the Audit log.', 'group': 'system', 'mainmenu': ['audit']}, 'auditlog_age': {'type': 'str', 'desc': 'The admin will only see audit entries of the last 10d, 3m or 2y.', 'group': 'system', 'mainmenu': ['audit']}, 'auditlog_download': {'type': 'bool', 'desc': 'The admin is allowed to download the complete auditlog.', 'group': 'system', 'mainmenu': ['audit']}, 'adduser': {'type': 'bool', 'desc': 'Admin is allowed to add users in a userstore/UserIdResolver.', 'group': 'user', 'mainmenu': ['users']}, 'updateuser': {'type': 'bool', 'desc': 'Admin is allowed to update the users data in a userstore.', 'group': 'user', 'mainmenu': ['users']}, 'deleteuser': {'type': 'bool', 'desc': 'Admin is allowed to delete a user object in a userstore.', 'mainmenu': ['users'], 'group': 'user'}, 'set_hsm_password': {'type': 'bool', 'desc': 'Admin is allowed to set the password of the HSM/Security Module.', 'group': 'system'}, 'getchallenges': {'type': 'bool', 'desc': 'Admin is allowed to retrieve the list of active challenges.', 'mainmenu': ['tokens'], 'group': 'general'}, 'smtpserver_write': {'type': 'bool', 'desc': 'Admin is allowed to write new SMTP server definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'smtpserver_read': {'type': 'bool', 'desc': 'Admin is allowed to read SMTP server definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'radiusserver_write': {'type': 'bool', 'desc': 'Admin is allowed to write new RADIUS server definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'radiusserver_read': {'type': 'bool', 'desc': 'Admin is allowed to read RADIUS server definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'privacyideaserver_write': {'type': 'bool', 'desc': 'Admin is allowed to write remote privacyIDEA server definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'privacyideaserver_read': {'type': 'bool', 'desc': 'Admin is allowed to read remote privacyIDEA server definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'periodictask_write': {'type': 'bool', 'desc': 'Admin is allowed to write periodic task definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'periodictask_read': {'type': 'bool', 'desc': 'Admin is allowed to read periodic task definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'statistics_read': {'type': 'bool', 'desc': 'Admin is allowed to read statistics data.', 'group': 'system'}, 'statistics_delete': {'type': 'bool', 'desc': 'Admin is allowed to delete statistics data.', 'group': 'system'}, 'eventhandling_write': {'type': 'bool', 'desc': 'Admin is allowed to write and modify the event handling configuration.', 'mainmenu': ['config'], 'group': 'system'}, 'eventhandling_read': {'type': 'bool', 'desc': 'Admin is allowed to read event handling configuration.', 'mainmenu': ['config'], 'group': 'system'}, 'smsgateway_write': {'type': 'bool', 'desc': 'Admin is allowed to write and modify SMS gateway definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'smsgateway_read': {'type': 'bool', 'desc': 'Admin is allowed to read SMS gateway definitions.', 'mainmenu': ['config'], 'group': 'system'}, 'clienttype': {'type': 'bool', 'desc': 'Admin is allowed to get the list of authenticated clients and their types.', 'mainmenu': ['components'], 'group': 'system'}, 'managesubscription': {'type': 'bool', 'desc': 'Admin is allowed to add and delete component subscriptions.', 'mainmenu': ['components'], 'group': 'system'}, 'triggerchallenge': {'type': 'bool', 'desc': 'The Admin is allowed to trigger a challenge for e.g. SMS OTP token.', 'mainmenu': [], 'group': 'general'}}
[2020-04-24 17:29:57,845][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('yubico',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,845][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubicotoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,845][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubicotoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,845][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,845][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('yubico',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,846][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubicotoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,846][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubicotoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of Yubico tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active Yubico tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,846][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of Yubico tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active Yubico tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,846][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('yubico',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,846][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubicotoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,846][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubicotoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,846][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,846][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('question',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,846][6537][139756680177472][DEBUG][privacyidea.lib.tokens.questionnairetoken:186] Entering get_class_info with arguments (<class 'privacyidea.lib.tokens.questionnairetoken.QuestionnaireTokenClass'>, 'user') and keywords {}
[2020-04-24 17:29:57,846][6537][139756680177472][DEBUG][privacyidea.lib.tokens.questionnairetoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,846][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,847][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('question',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,847][6537][139756680177472][DEBUG][privacyidea.lib.tokens.questionnairetoken:186] Entering get_class_info with arguments (<class 'privacyidea.lib.tokens.questionnairetoken.QuestionnaireTokenClass'>, 'policy') and keywords {}
[2020-04-24 17:29:57,847][6537][139756680177472][DEBUG][privacyidea.lib.tokens.questionnairetoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of questionaire tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active questionaire tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,847][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of questionaire tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active questionaire tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,847][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('question',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,847][6537][139756680177472][DEBUG][privacyidea.lib.tokens.questionnairetoken:186] Entering get_class_info with arguments (<class 'privacyidea.lib.tokens.questionnairetoken.QuestionnaireTokenClass'>, 'pin_scopes') and keywords {}
[2020-04-24 17:29:57,847][6537][139756680177472][DEBUG][privacyidea.lib.tokens.questionnairetoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,847][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,847][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('sms',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,848][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,848][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('sms',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,848][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'authentication': {'smstext': {'type': 'str', 'desc': 'The text that will be send via SMS for an SMS token. Use <otp> and <serial> as parameters.'}, 'smsautosend': {'type': 'bool', 'desc': 'If set, a new SMS OTP will be sent after successful authentication with one SMS OTP.'}, 'challenge_text': {'type': 'str', 'desc': 'Use an alternate challenge text for telling the user to enter the code from the SMS.'}}, 'admin': {'sms_gateways': {'type': 'str', 'desc': 'Choose the gateways the administrator is allowed to set. ()'}}, 'user': {'sms_gateways': {'type': 'str', 'desc': 'Choose the gateways the user is allowed to set. ()'}}, 'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of SMS tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active SMS tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,849][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('sms',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,849][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,849][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('ocra',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,850][6537][139756680177472][DEBUG][privacyidea.lib.tokens.ocratoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,850][6537][139756680177472][DEBUG][privacyidea.lib.tokens.ocratoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,850][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,850][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('ocra',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,850][6537][139756680177472][DEBUG][privacyidea.lib.tokens.ocratoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,850][6537][139756680177472][DEBUG][privacyidea.lib.tokens.ocratoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of OCRA tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active OCRA tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,850][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of OCRA tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active OCRA tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,850][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('ocra',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,850][6537][139756680177472][DEBUG][privacyidea.lib.tokens.ocratoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,850][6537][139756680177472][DEBUG][privacyidea.lib.tokens.ocratoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,850][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,851][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('daplug',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,851][6537][139756680177472][DEBUG][privacyidea.lib.tokens.daplugtoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,851][6537][139756680177472][DEBUG][privacyidea.lib.tokens.daplugtoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,851][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,851][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('daplug',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,851][6537][139756680177472][DEBUG][privacyidea.lib.tokens.daplugtoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,851][6537][139756680177472][DEBUG][privacyidea.lib.tokens.daplugtoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of daplug tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active daplug tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,851][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of daplug tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active daplug tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,851][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('daplug',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,851][6537][139756680177472][DEBUG][privacyidea.lib.tokens.daplugtoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,851][6537][139756680177472][DEBUG][privacyidea.lib.tokens.daplugtoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,851][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,852][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('sshkey',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,852][6537][139756680177472][DEBUG][privacyidea.lib.tokens.sshkeytoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,852][6537][139756680177472][DEBUG][privacyidea.lib.tokens.sshkeytoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,852][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,852][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('sshkey',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,852][6537][139756680177472][DEBUG][privacyidea.lib.tokens.sshkeytoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,852][6537][139756680177472][DEBUG][privacyidea.lib.tokens.sshkeytoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of SSH keys assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active SSH keys assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,852][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of SSH keys assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active SSH keys assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,852][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('sshkey',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,852][6537][139756680177472][DEBUG][privacyidea.lib.tokens.sshkeytoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,853][6537][139756680177472][DEBUG][privacyidea.lib.tokens.sshkeytoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,853][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,853][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('paper',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,853][6537][139756680177472][DEBUG][privacyidea.lib.tokens.papertoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,853][6537][139756680177472][DEBUG][privacyidea.lib.tokens.papertoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,853][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,853][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('paper',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,853][6537][139756680177472][DEBUG][privacyidea.lib.tokens.papertoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,853][6537][139756680177472][DEBUG][privacyidea.lib.tokens.papertoken:198] Exiting get_class_info with result {'enrollment': {'papertoken_count': {'type': 'int', 'desc': 'The number of OTP values, which are printed on the paper.'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of paper tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active paper tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,853][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'papertoken_count': {'type': 'int', 'desc': 'The number of OTP values, which are printed on the paper.'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of paper tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active paper tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,853][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('paper',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,854][6537][139756680177472][DEBUG][privacyidea.lib.tokens.papertoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,854][6537][139756680177472][DEBUG][privacyidea.lib.tokens.papertoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,854][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,854][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('pw',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,854][6537][139756680177472][DEBUG][privacyidea.lib.tokens.passwordtoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,854][6537][139756680177472][DEBUG][privacyidea.lib.tokens.passwordtoken:198] Exiting get_class_info with result []
[2020-04-24 17:29:57,854][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result []
[2020-04-24 17:29:57,854][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('pw',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,854][6537][139756680177472][DEBUG][privacyidea.lib.tokens.passwordtoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,854][6537][139756680177472][DEBUG][privacyidea.lib.tokens.passwordtoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of password tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active password tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,854][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of password tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active password tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,855][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('pw',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,855][6537][139756680177472][DEBUG][privacyidea.lib.tokens.passwordtoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,855][6537][139756680177472][DEBUG][privacyidea.lib.tokens.passwordtoken:198] Exiting get_class_info with result None
[2020-04-24 17:29:57,855][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result None
[2020-04-24 17:29:57,855][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('spass',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,855][6537][139756680177472][DEBUG][privacyidea.lib.tokens.spasstoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,855][6537][139756680177472][DEBUG][privacyidea.lib.tokens.spasstoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,855][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,855][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('spass',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,855][6537][139756680177472][DEBUG][privacyidea.lib.tokens.spasstoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,855][6537][139756680177472][DEBUG][privacyidea.lib.tokens.spasstoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of SPASS tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active SPASS tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,855][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of SPASS tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active SPASS tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,856][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('spass',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,856][6537][139756680177472][DEBUG][privacyidea.lib.tokens.spasstoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,856][6537][139756680177472][DEBUG][privacyidea.lib.tokens.spasstoken:198] Exiting get_class_info with result ['admin', 'user']
[2020-04-24 17:29:57,856][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['admin', 'user']
[2020-04-24 17:29:57,856][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('motp',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,856][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,856][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('motp',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,856][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of mOTP tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active mOTP tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,856][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('motp',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,856][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,857][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('certificate',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,857][6537][139756680177472][DEBUG][privacyidea.lib.tokens.certificatetoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,857][6537][139756680177472][DEBUG][privacyidea.lib.tokens.certificatetoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,857][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,857][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('certificate',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,857][6537][139756680177472][DEBUG][privacyidea.lib.tokens.certificatetoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,857][6537][139756680177472][DEBUG][privacyidea.lib.tokens.certificatetoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of certificates assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active certificates assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,857][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of certificates assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active certificates assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,857][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('certificate',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,857][6537][139756680177472][DEBUG][privacyidea.lib.tokens.certificatetoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,857][6537][139756680177472][DEBUG][privacyidea.lib.tokens.certificatetoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,858][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,858][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('tan',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,858][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tantoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,858][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tantoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,858][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,858][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('tan',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,858][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tantoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,858][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tantoken:198] Exiting get_class_info with result {'enrollment': {'tantoken_count': {'type': 'int', 'desc': 'The number of OTP values, which are printed on the paper.'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of TAN tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active TAN tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,858][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'tantoken_count': {'type': 'int', 'desc': 'The number of OTP values, which are printed on the paper.'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of TAN tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active TAN tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,858][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('tan',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,859][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tantoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,859][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tantoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,859][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,859][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('vasco',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,859][6537][139756680177472][DEBUG][privacyidea.lib.tokens.vascotoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,859][6537][139756680177472][DEBUG][privacyidea.lib.tokens.vascotoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,859][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,859][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('vasco',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,859][6537][139756680177472][DEBUG][privacyidea.lib.tokens.vascotoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,859][6537][139756680177472][DEBUG][privacyidea.lib.tokens.vascotoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of Vasco tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active Vasco tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,859][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of Vasco tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active Vasco tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,859][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('vasco',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,860][6537][139756680177472][DEBUG][privacyidea.lib.tokens.vascotoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,860][6537][139756680177472][DEBUG][privacyidea.lib.tokens.vascotoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,860][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,860][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('registration',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,860][6537][139756680177472][DEBUG][privacyidea.lib.tokens.registrationtoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,860][6537][139756680177472][DEBUG][privacyidea.lib.tokens.registrationtoken:198] Exiting get_class_info with result []
[2020-04-24 17:29:57,860][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result []
[2020-04-24 17:29:57,860][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('registration',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,860][6537][139756680177472][DEBUG][privacyidea.lib.tokens.registrationtoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,860][6537][139756680177472][DEBUG][privacyidea.lib.tokens.registrationtoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of registration tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active registration tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,860][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of registration tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active registration tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,861][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('registration',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,861][6537][139756680177472][DEBUG][privacyidea.lib.tokens.registrationtoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,861][6537][139756680177472][DEBUG][privacyidea.lib.tokens.registrationtoken:198] Exiting get_class_info with result None
[2020-04-24 17:29:57,861][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result None
[2020-04-24 17:29:57,861][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('yubikey',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,861][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubikeytoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,861][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubikeytoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,861][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,861][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('yubikey',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,861][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubikeytoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,861][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubikeytoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of Yubikey tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active Yubikey tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,861][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of Yubikey tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active Yubikey tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,862][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('yubikey',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,862][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubikeytoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,862][6537][139756680177472][DEBUG][privacyidea.lib.tokens.yubikeytoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,862][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,862][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('radius',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,862][6537][139756680177472][DEBUG][privacyidea.lib.tokens.radiustoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,862][6537][139756680177472][DEBUG][privacyidea.lib.tokens.radiustoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,862][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,862][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('radius',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,862][6537][139756680177472][DEBUG][privacyidea.lib.tokens.radiustoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,862][6537][139756680177472][DEBUG][privacyidea.lib.tokens.radiustoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of RADIUS tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active RADIUS tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,863][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of RADIUS tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active RADIUS tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,863][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('radius',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,863][6537][139756680177472][DEBUG][privacyidea.lib.tokens.radiustoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,863][6537][139756680177472][DEBUG][privacyidea.lib.tokens.radiustoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,863][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,863][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('tiqr',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,863][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tiqrtoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,863][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tiqrtoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,863][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,863][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('tiqr',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,863][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tiqrtoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,863][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tiqrtoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of TiQR tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active TiQR tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,864][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of TiQR tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active TiQR tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,864][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('tiqr',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,864][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tiqrtoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,864][6537][139756680177472][DEBUG][privacyidea.lib.tokens.tiqrtoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,864][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,864][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('hotp',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,864][6537][139756680177472][DEBUG][privacyidea.lib.tokens.hotptoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,864][6537][139756680177472][DEBUG][privacyidea.lib.tokens.hotptoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,864][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,864][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('hotp',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,865][6537][139756680177472][DEBUG][privacyidea.lib.tokens.hotptoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,865][6537][139756680177472][DEBUG][privacyidea.lib.tokens.hotptoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of HOTP tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active HOTP tokens assigned.', 'group': 'token'}, 'yubikey_access_code': {'type': 'str', 'desc': 'The Yubikey access code used to initialize Yubikeys.'}, 'hotp_2step_clientsize': {'type': 'int', 'desc': 'The size of the OTP seed part contributed by the client (in bytes)'}, 'hotp_2step_serversize': {'type': 'int', 'desc': 'The size of the OTP seed part contributed by the server (in bytes)'}, 'hotp_2step_difficulty': {'type': 'int', 'desc': 'The difficulty factor used for the OTP seed generation (should be at least 10000)'}, 'hotp_force_app_pin': {'type': 'bool', 'desc': 'Enforce setting an app pin for the privacyIDEA Authenticator App'}}, 'user': {'hotp_hashlib': {'type': 'str', 'value': ['sha1', 'sha256', 'sha512'], 'desc': 'Specify the hashlib to be used. Can be sha1 (1) or sha2-256 (2).'}, 'hotp_otplen': {'type': 'int', 'value': [6, 8], 'desc': 'Specify the otplen to be used. Can be 6 or 8 digits.'}, 'hotp_force_server_generate': {'type': 'bool', 'desc': 'Force the key to be generated on the server.'}, 'hotp_2step': {'type': 'str', 'value': ['allow', 'force'], 'desc': 'Specify whether users are allowed or forced to use two-step enrollment.'}}, 'admin': {'hotp_hashlib': {'type': 'str', 'value': ['sha1', 'sha256', 'sha512'], 'desc': 'Specify the hashlib to be used. Can be sha1 (1) or sha2-256 (2).'}, 'hotp_otplen': {'type': 'int', 'value': [6, 8], 'desc': 'Specify the otplen to be used. Can be 6 or 8 digits.'}, 'hotp_2step': {'type': 'str', 'value': ['allow', 'force'], 'desc': 'Specify whether admins are allowed or forced to use two-step enrollment.'}}}
[2020-04-24 17:29:57,865][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of HOTP tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active HOTP tokens assigned.', 'group': 'token'}, 'yubikey_access_code': {'type': 'str', 'desc': 'The Yubikey access code used to initialize Yubikeys.'}, 'hotp_2step_clientsize': {'type': 'int', 'desc': 'The size of the OTP seed part contributed by the client (in bytes)'}, 'hotp_2step_serversize': {'type': 'int', 'desc': 'The size of the OTP seed part contributed by the server (in bytes)'}, 'hotp_2step_difficulty': {'type': 'int', 'desc': 'The difficulty factor used for the OTP seed generation (should be at least 10000)'}, 'hotp_force_app_pin': {'type': 'bool', 'desc': 'Enforce setting an app pin for the privacyIDEA Authenticator App'}}, 'user': {'hotp_hashlib': {'type': 'str', 'value': ['sha1', 'sha256', 'sha512'], 'desc': 'Specify the hashlib to be used. Can be sha1 (1) or sha2-256 (2).'}, 'hotp_otplen': {'type': 'int', 'value': [6, 8], 'desc': 'Specify the otplen to be used. Can be 6 or 8 digits.'}, 'hotp_force_server_generate': {'type': 'bool', 'desc': 'Force the key to be generated on the server.'}, 'hotp_2step': {'type': 'str', 'value': ['allow', 'force'], 'desc': 'Specify whether users are allowed or forced to use two-step enrollment.'}}, 'admin': {'hotp_hashlib': {'type': 'str', 'value': ['sha1', 'sha256', 'sha512'], 'desc': 'Specify the hashlib to be used. Can be sha1 (1) or sha2-256 (2).'}, 'hotp_otplen': {'type': 'int', 'value': [6, 8], 'desc': 'Specify the otplen to be used. Can be 6 or 8 digits.'}, 'hotp_2step': {'type': 'str', 'value': ['allow', 'force'], 'desc': 'Specify whether admins are allowed or forced to use two-step enrollment.'}}}
[2020-04-24 17:29:57,866][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('hotp',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,866][6537][139756680177472][DEBUG][privacyidea.lib.tokens.hotptoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,866][6537][139756680177472][DEBUG][privacyidea.lib.tokens.hotptoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,866][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,866][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('webauthn',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,866][6537][139756680177472][DEBUG][privacyidea.lib.tokens.webauthntoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,866][6537][139756680177472][DEBUG][privacyidea.lib.tokens.webauthntoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,866][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,866][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('webauthn',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,866][6537][139756680177472][DEBUG][privacyidea.lib.tokens.webauthntoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,867][6537][139756680177472][DEBUG][privacyidea.lib.tokens.webauthntoken:198] Exiting get_class_info with result {'authentication': {'webauthn_allowed_transports': {'type': 'str', 'desc': 'A list of transports to prefer to communicate with WebAuthn tokens. Default: usb ble nfc internal lightning (All standard transports)'}, 'webauthn_timeout': {'type': 'int', 'desc': 'The time in seconds the user has to confirm authorization on his WebAuthn token. Note: You will want to increase the ChallengeValidityTime along with this. Default: 60'}, 'webauthn_user_verification_requirement': {'type': 'str', 'desc': "Whether the user's identity should be verified when authenticating with a WebAuthn token. Default: preferred (verify the user if supported by the token)", 'value': ['required', 'preferred', 'discouraged']}, 'challenge_text': {'type': 'str', 'desc': 'Use an alternative challenge text for telling the user to confirm with his WebAuthn token.'}}, 'authorization': {'webauthn_authenticator_selection_list': {'type': 'str', 'desc': 'A list of WebAuthn authenticators acceptable for authorization, given as a space-separated list of AAGUIDs. Per default all authenticators are acceptable.'}, 'webauthn_req': {'type': 'str', 'desc': 'Only the specified WebAuthn-tokens are authorized.'}}, 'enrollment': {'webauthn_relying_party_name': {'type': 'str', 'desc': 'A human readable name for the organization rolling out WebAuthn tokens.', 'group': 'WebAuthn'}, 'webauthn_relying_party_id': {'type': 'str', 'desc': 'A domain name that is a subset of the respective FQDNs for all the webservices the users should be able to sign in to using WebAuthn tokens.', 'group': 'WebAuthn'}, 'webauthn_timeout': {'type': 'int', 'desc': 'The time in seconds the user has to confirm enrollment on his WebAuthn token. Note: You will want to increase the ChallengeValidityTime along with this. Default: 60', 'group': 'WebAuthn'}, 'webauthn_authenticator_attachment': {'type': 'str', 'desc': 'Whether to limit roll out of WebAuthn tokens to either only platform authenticators, or only cross-platform authenticators. Default: either', 'group': 'WebAuthn', 'value': ['platform', 'cross-platform', 'either']}, 'webauthn_authenticator_selection_list': {'type': 'str', 'desc': 'A list of WebAuthn authenticators acceptable for enrollment, given as a space-separated list of AAGUIDs. Per default all authenticators are acceptable.', 'group': 'WebAuthn'}, 'webauthn_user_verification_requirement': {'type': 'str', 'desc': "Whether the user's identity should be verified when rolling out a new WebAuthn token. Default: preferred (verify the user if supported by the token)", 'group': 'WebAuthn', 'value': ['required', 'preferred', 'discouraged']}, 'webauthn_public_key_credential_algorithm_preference': {'type': 'str', 'desc': 'Which algorithm to use for creating public key credentials for WebAuthn tokens. Default: ecdsa_preferred', 'group': 'WebAuthn', 'value': ['ecdsa_preferred', 'ecdsa_only', 'rsassa-pss_preferred', 'rsassa-pss_only']}, 'webauthn_authenticator_attestation_form': {'type': 'str', 'desc': 'Whether to request attestation data when enrolling a new WebAuthn token. Note: for u2f_req to work with WebAuthn, this cannot be set to none. Default: direct (ask for non-anonymized attestation data)', 'group': 'WebAuthn', 'value': ['none', 'indirect', 'direct']}, 'webauthn_authenticator_attestation_level': {'type': 'str', 'desc': 'Whether and how strictly to check authenticator attestation data. Note: If the attestation form is none, the attestation level needs to also be none. Default: untrusted (attestation is required, but can be unknown or self-signed)', 'group': 'WebAuthn', 'value': ['none', 'untrusted', 'trusted']}, 'webauthn_req': {'type': 'str', 'desc': 'Only the specified WebAuthn-tokens are allowed to be registered.', 'group': 'WebAuthn'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this number of WebAuthn tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this number of active WebAuthn tokens assigned.', 'group': 'token'}, 'challenge_text': {'type': 'str', 'desc': 'Use an alternate challenge text for telling the user to confirm with his WebAuthn device.', 'group': 'WebAuthn'}}}
[2020-04-24 17:29:57,868][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'authentication': {'webauthn_allowed_transports': {'type': 'str', 'desc': 'A list of transports to prefer to communicate with WebAuthn tokens. Default: usb ble nfc internal lightning (All standard transports)'}, 'webauthn_timeout': {'type': 'int', 'desc': 'The time in seconds the user has to confirm authorization on his WebAuthn token. Note: You will want to increase the ChallengeValidityTime along with this. Default: 60'}, 'webauthn_user_verification_requirement': {'type': 'str', 'desc': "Whether the user's identity should be verified when authenticating with a WebAuthn token. Default: preferred (verify the user if supported by the token)", 'value': ['required', 'preferred', 'discouraged']}, 'challenge_text': {'type': 'str', 'desc': 'Use an alternative challenge text for telling the user to confirm with his WebAuthn token.'}}, 'authorization': {'webauthn_authenticator_selection_list': {'type': 'str', 'desc': 'A list of WebAuthn authenticators acceptable for authorization, given as a space-separated list of AAGUIDs. Per default all authenticators are acceptable.'}, 'webauthn_req': {'type': 'str', 'desc': 'Only the specified WebAuthn-tokens are authorized.'}}, 'enrollment': {'webauthn_relying_party_name': {'type': 'str', 'desc': 'A human readable name for the organization rolling out WebAuthn tokens.', 'group': 'WebAuthn'}, 'webauthn_relying_party_id': {'type': 'str', 'desc': 'A domain name that is a subset of the respective FQDNs for all the webservices the users should be able to sign in to using WebAuthn tokens.', 'group': 'WebAuthn'}, 'webauthn_timeout': {'type': 'int', 'desc': 'The time in seconds the user has to confirm enrollment on his WebAuthn token. Note: You will want to increase the ChallengeValidityTime along with this. Default: 60', 'group': 'WebAuthn'}, 'webauthn_authenticator_attachment': {'type': 'str', 'desc': 'Whether to limit roll out of WebAuthn tokens to either only platform authenticators, or only cross-platform authenticators. Default: either', 'group': 'WebAuthn', 'value': ['platform', 'cross-platform', 'either']}, 'webauthn_authenticator_selection_list': {'type': 'str', 'desc': 'A list of WebAuthn authenticators acceptable for enrollment, given as a space-separated list of AAGUIDs. Per default all authenticators are acceptable.', 'group': 'WebAuthn'}, 'webauthn_user_verification_requirement': {'type': 'str', 'desc': "Whether the user's identity should be verified when rolling out a new WebAuthn token. Default: preferred (verify the user if supported by the token)", 'group': 'WebAuthn', 'value': ['required', 'preferred', 'discouraged']}, 'webauthn_public_key_credential_algorithm_preference': {'type': 'str', 'desc': 'Which algorithm to use for creating public key credentials for WebAuthn tokens. Default: ecdsa_preferred', 'group': 'WebAuthn', 'value': ['ecdsa_preferred', 'ecdsa_only', 'rsassa-pss_preferred', 'rsassa-pss_only']}, 'webauthn_authenticator_attestation_form': {'type': 'str', 'desc': 'Whether to request attestation data when enrolling a new WebAuthn token. Note: for u2f_req to work with WebAuthn, this cannot be set to none. Default: direct (ask for non-anonymized attestation data)', 'group': 'WebAuthn', 'value': ['none', 'indirect', 'direct']}, 'webauthn_authenticator_attestation_level': {'type': 'str', 'desc': 'Whether and how strictly to check authenticator attestation data. Note: If the attestation form is none, the attestation level needs to also be none. Default: untrusted (attestation is required, but can be unknown or self-signed)', 'group': 'WebAuthn', 'value': ['none', 'untrusted', 'trusted']}, 'webauthn_req': {'type': 'str', 'desc': 'Only the specified WebAuthn-tokens are allowed to be registered.', 'group': 'WebAuthn'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this number of WebAuthn tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this number of active WebAuthn tokens assigned.', 'group': 'token'}, 'challenge_text': {'type': 'str', 'desc': 'Use an alternate challenge text for telling the user to confirm with his WebAuthn device.', 'group': 'WebAuthn'}}}
[2020-04-24 17:29:57,869][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('webauthn',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,869][6537][139756680177472][DEBUG][privacyidea.lib.tokens.webauthntoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,869][6537][139756680177472][DEBUG][privacyidea.lib.tokens.webauthntoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,869][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,869][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('email',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,869][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,869][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('email',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,869][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'authentication': {'emailtext': {'type': 'str', 'desc': 'The text that will be sent via EMail for an EMail token. Use <otp> and <serial> as parameters. You may also specify a filename as email template starting with "file:".'}, 'emailsubject': {'type': 'str', 'desc': 'The subject of the EMail for an EMail token. Use <otp> and <serial> as parameters.'}, 'emailautosend': {'type': 'bool', 'desc': 'If set, a new EMail OTP will be sent after successful authentication with one EMail OTP.'}, 'challenge_text': {'type': 'str', 'desc': 'Use an alternate challenge text for telling the user to enter the code from the eMail.'}}, 'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of email tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active email tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,870][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('email',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,870][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,870][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('remote',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,870][6537][139756680177472][DEBUG][privacyidea.lib.tokens.remotetoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,870][6537][139756680177472][DEBUG][privacyidea.lib.tokens.remotetoken:198] Exiting get_class_info with result []
[2020-04-24 17:29:57,870][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result []
[2020-04-24 17:29:57,870][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('remote',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,870][6537][139756680177472][DEBUG][privacyidea.lib.tokens.remotetoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,870][6537][139756680177472][DEBUG][privacyidea.lib.tokens.remotetoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of remote tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active remote tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,870][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of remote tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active remote tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,871][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('remote',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,871][6537][139756680177472][DEBUG][privacyidea.lib.tokens.remotetoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,871][6537][139756680177472][DEBUG][privacyidea.lib.tokens.remotetoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,871][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,871][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('push',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,872][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,872][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('push',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,873][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'push_firebase_configuration': {'type': 'str', 'desc': 'The configuration of your Firebase application.', 'group': 'PUSH', 'value': []}, 'push_ssl_verify': {'type': 'str', 'desc': 'The smartphone needs to verify SSL during the enrollment. (default 1)', 'group': 'PUSH', 'value': ['0', '1']}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of Push tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active Push tokens assigned.', 'group': 'token'}}, 'authentication': {'push_text_on_mobile': {'type': 'str', 'desc': 'The question the user sees on his mobile phone.', 'group': 'PUSH'}, 'push_title_on_mobile': {'type': 'str', 'desc': 'The title of the notification, the user sees on his mobile phone.', 'group': 'PUSH'}, 'push_ssl_verify': {'type': 'str', 'desc': 'The smartphone needs to verify SSL during authentication. (default 1)', 'group': 'PUSH', 'value': ['0', '1']}, 'push_wait': {'type': 'int', 'desc': 'Wait for number of seconds for the user to confirm the challenge in the first request.', 'group': 'PUSH'}}}
[2020-04-24 17:29:57,873][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('push',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,874][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,874][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('indexedsecret',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,874][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,874][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('indexedsecret',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,874][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'authentication': {'challenge_text': {'type': 'str', 'desc': 'Use an alternate challenge text for telling the user which positions of the secret he should enter.', 'group': 'Indexed Secret Token'}, 'count': {'type': 'int', 'desc': 'Number of necessary positions to be answered by the user.', 'group': 'Indexed Secret Token'}}, 'webui': {'preset_attribute': {'type': 'str', 'desc': 'Preset the enrollment with the value of the given attribute.', 'group': 'token'}}, 'user': {'force_attribute': {'type': 'str', 'desc': 'The attribute whose value should be force set during enrollment.', 'group': 'enrollment'}}, 'admin': {'force_attribute': {'type': 'str', 'desc': 'The attribute whose value should be force set during enrollment.', 'group': 'enrollment'}}, 'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of indexed secret tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active indexed secret tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,875][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('indexedsecret',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,875][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,875][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('4eyes',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,875][6537][139756680177472][DEBUG][privacyidea.lib.tokens.foureyestoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,875][6537][139756680177472][DEBUG][privacyidea.lib.tokens.foureyestoken:198] Exiting get_class_info with result []
[2020-04-24 17:29:57,875][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result []
[2020-04-24 17:29:57,875][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('4eyes',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,875][6537][139756680177472][DEBUG][privacyidea.lib.tokens.foureyestoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,876][6537][139756680177472][DEBUG][privacyidea.lib.tokens.foureyestoken:198] Exiting get_class_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of 4eyes tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active 4eyes tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,876][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'enrollment': {'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of 4eyes tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active 4eyes tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,876][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('4eyes',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,876][6537][139756680177472][DEBUG][privacyidea.lib.tokens.foureyestoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,876][6537][139756680177472][DEBUG][privacyidea.lib.tokens.foureyestoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,876][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,876][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('u2f',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,876][6537][139756680177472][DEBUG][privacyidea.lib.tokens.u2ftoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,876][6537][139756680177472][DEBUG][privacyidea.lib.tokens.u2ftoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,876][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,876][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('u2f',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,877][6537][139756680177472][DEBUG][privacyidea.lib.tokens.u2ftoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,877][6537][139756680177472][DEBUG][privacyidea.lib.tokens.u2ftoken:198] Exiting get_class_info with result {'authentication': {'u2f_facets': {'type': 'str', 'desc': 'This is a list of FQDN hostnames trusting the registered U2F tokens.'}, 'challenge_text': {'type': 'str', 'desc': 'Use an alternate challenge text for telling the user to confirm with his U2F device.'}}, 'authorization': {'u2f_req': {'type': 'str', 'desc': 'Only specified U2F tokens are authorized.'}}, 'enrollment': {'u2f_req': {'type': 'str', 'desc': 'Only specified U2F tokens are allowed to be registered.', 'group': 'token'}, 'u2f_no_verify_certificate': {'type': 'bool', 'desc': 'Do not verify the U2F attestation certificate.', 'group': 'token'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of U2F tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active U2F tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,877][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'authentication': {'u2f_facets': {'type': 'str', 'desc': 'This is a list of FQDN hostnames trusting the registered U2F tokens.'}, 'challenge_text': {'type': 'str', 'desc': 'Use an alternate challenge text for telling the user to confirm with his U2F device.'}}, 'authorization': {'u2f_req': {'type': 'str', 'desc': 'Only specified U2F tokens are authorized.'}}, 'enrollment': {'u2f_req': {'type': 'str', 'desc': 'Only specified U2F tokens are allowed to be registered.', 'group': 'token'}, 'u2f_no_verify_certificate': {'type': 'bool', 'desc': 'Do not verify the U2F attestation certificate.', 'group': 'token'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of U2F tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active U2F tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,877][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('u2f',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,877][6537][139756680177472][DEBUG][privacyidea.lib.tokens.u2ftoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,877][6537][139756680177472][DEBUG][privacyidea.lib.tokens.u2ftoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,877][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,878][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('totp',) and keywords {'section': 'user'}
[2020-04-24 17:29:57,878][6537][139756680177472][DEBUG][privacyidea.lib.tokens.totptoken:186] Entering get_class_info with arguments ('user',) and keywords {}
[2020-04-24 17:29:57,878][6537][139756680177472][DEBUG][privacyidea.lib.tokens.totptoken:198] Exiting get_class_info with result ['enroll']
[2020-04-24 17:29:57,878][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result ['enroll']
[2020-04-24 17:29:57,878][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('totp',) and keywords {'section': 'policy'}
[2020-04-24 17:29:57,878][6537][139756680177472][DEBUG][privacyidea.lib.tokens.totptoken:186] Entering get_class_info with arguments ('policy',) and keywords {}
[2020-04-24 17:29:57,878][6537][139756680177472][DEBUG][privacyidea.lib.tokens.totptoken:198] Exiting get_class_info with result {'user': {'totp_timestep': {'type': 'int', 'value': [30, 60], 'desc': 'Specify the time step of the timebased OTP token.'}, 'totp_hashlib': {'type': 'str', 'value': ['sha1', 'sha256', 'sha512'], 'desc': 'Specify the hashlib to be used. Can be SHA1, SHA256 or SHA512.'}, 'totp_otplen': {'type': 'int', 'value': [6, 8], 'desc': 'Specify the OTP length to be used.'}, 'totp_force_server_generate': {'type': 'bool', 'desc': 'Force the key to be generated on the server.'}, '2step': {'type': 'str', 'value': ['allow', 'force'], 'desc': 'Specify whether users are allowed or forced to use two-step enrollment.'}}, 'admin': {'totp_timestep': {'type': 'int', 'value': [30, 60], 'desc': 'Specify the time step of the timebased OTP token.'}, 'totp_hashlib': {'type': 'str', 'value': ['sha1', 'sha256', 'sha512'], 'desc': 'Specify the hashlib to be used. Can be SHA1, SHA256 or SHA512.'}, 'totp_otplen': {'type': 'int', 'value': [6, 8], 'desc': 'Specify the OTP length to be used.'}, '2step': {'type': 'str', 'value': ['allow', 'force'], 'desc': 'Specify whether admins are allowed or forced to use two-step enrollment.'}}, 'enrollment': {'2step_clientsize': {'type': 'int', 'desc': 'The size of the OTP seed part contributed by the client (in bytes)'}, '2step_serversize': {'type': 'int', 'desc': 'The size of the OTP seed part contributed by the server (in bytes)'}, '2step_difficulty': {'type': 'int', 'desc': 'The difficulty factor used for the OTP seed generation (should be at least 10000)'}, 'totp_force_app_pin': {'type': 'bool', 'desc': 'Enforce setting an app pin for the privacyIDEA Authenticator App'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of remote tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active remote tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,879][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {'user': {'totp_timestep': {'type': 'int', 'value': [30, 60], 'desc': 'Specify the time step of the timebased OTP token.'}, 'totp_hashlib': {'type': 'str', 'value': ['sha1', 'sha256', 'sha512'], 'desc': 'Specify the hashlib to be used. Can be SHA1, SHA256 or SHA512.'}, 'totp_otplen': {'type': 'int', 'value': [6, 8], 'desc': 'Specify the OTP length to be used.'}, 'totp_force_server_generate': {'type': 'bool', 'desc': 'Force the key to be generated on the server.'}, '2step': {'type': 'str', 'value': ['allow', 'force'], 'desc': 'Specify whether users are allowed or forced to use two-step enrollment.'}}, 'admin': {'totp_timestep': {'type': 'int', 'value': [30, 60], 'desc': 'Specify the time step of the timebased OTP token.'}, 'totp_hashlib': {'type': 'str', 'value': ['sha1', 'sha256', 'sha512'], 'desc': 'Specify the hashlib to be used. Can be SHA1, SHA256 or SHA512.'}, 'totp_otplen': {'type': 'int', 'value': [6, 8], 'desc': 'Specify the OTP length to be used.'}, '2step': {'type': 'str', 'value': ['allow', 'force'], 'desc': 'Specify whether admins are allowed or forced to use two-step enrollment.'}}, 'enrollment': {'2step_clientsize': {'type': 'int', 'desc': 'The size of the OTP seed part contributed by the client (in bytes)'}, '2step_serversize': {'type': 'int', 'desc': 'The size of the OTP seed part contributed by the server (in bytes)'}, '2step_difficulty': {'type': 'int', 'desc': 'The difficulty factor used for the OTP seed generation (should be at least 10000)'}, 'totp_force_app_pin': {'type': 'bool', 'desc': 'Enforce setting an app pin for the privacyIDEA Authenticator App'}, 'max_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of remote tokens assigned.', 'group': 'token'}, 'max_active_token_per_user': {'type': 'int', 'desc': 'The user may only have this maximum number of active remote tokens assigned.', 'group': 'token'}}}
[2020-04-24 17:29:57,879][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokenclass_info with arguments ('totp',) and keywords {'section': 'pin_scopes'}
[2020-04-24 17:29:57,879][6537][139756680177472][DEBUG][privacyidea.lib.tokens.totptoken:186] Entering get_class_info with arguments ('pin_scopes',) and keywords {}
[2020-04-24 17:29:57,879][6537][139756680177472][DEBUG][privacyidea.lib.tokens.totptoken:198] Exiting get_class_info with result {}
[2020-04-24 17:29:57,879][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokenclass_info with result {}
[2020-04-24 17:29:57,880][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting ui_get_main_menus with result ['audit', 'components', 'machines', 'config', 'users', 'tokens']
[2020-04-24 17:29:57,889][6537][139756680177472][INFO][privacyidea.lib.utils:1213] We are not able to determine the privacyidea version number.
[2020-04-24 17:29:57,898][6537][139756680177472][INFO][privacyidea.lib.utils:1213] We are not able to determine the privacyidea version number.
[2020-04-24 17:29:57,899][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>,) and keywords {'name': None, 'scope': 'authorization', 'realm': None, 'active': True, 'resolver': None, 'user': None, 'client': '127.0.0.1', 'action': 'serial', 'adminrealm': None, 'adminuser': None, 'sort_by_priority': True}
[2020-04-24 17:29:57,899][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [{'name': 'webauthn', 'active': True, 'scope': 'enrollment', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'webauthn_relying_party_id': 'privacyidea.local', 'webauthn_relying_party_name': 'privacyIDEA'}}, {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,899][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: []
[2020-04-24 17:29:57,899][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching action: []
[2020-04-24 17:29:57,899][6537][139756680177472][DEBUG][privacyidea.lib.policy:617] Policies after matching client: []
[2020-04-24 17:29:57,899][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result []
[2020-04-24 17:29:57,899][6537][139756680177472][DEBUG][privacyidea.lib.policy:683] Policies after matching time: []
[2020-04-24 17:29:57,899][6537][139756680177472][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions
[2020-04-24 17:29:57,900][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>,) and keywords {'name': None, 'scope': 'authorization', 'realm': '', 'active': True, 'resolver': '', 'user': '', 'client': '127.0.0.1', 'action': 'tokentype', 'adminrealm': None, 'adminuser': None, 'sort_by_priority': True}
[2020-04-24 17:29:57,900][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [{'name': 'webauthn', 'active': True, 'scope': 'enrollment', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'webauthn_relying_party_id': 'privacyidea.local', 'webauthn_relying_party_name': 'privacyIDEA'}}, {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,900][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: []
[2020-04-24 17:29:57,900][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching action: []
[2020-04-24 17:29:57,900][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching user: []
[2020-04-24 17:29:57,900][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching realm: []
[2020-04-24 17:29:57,900][6537][139756680177472][DEBUG][privacyidea.lib.policy:586] Policies after matching resolver: []
[2020-04-24 17:29:57,900][6537][139756680177472][DEBUG][privacyidea.lib.policy:617] Policies after matching client: []
[2020-04-24 17:29:57,900][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result []
[2020-04-24 17:29:57,900][6537][139756680177472][DEBUG][privacyidea.lib.policy:683] Policies after matching time: []
[2020-04-24 17:29:57,900][6537][139756680177472][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions
[2020-04-24 17:29:57,901][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>,) and keywords {'name': None, 'scope': 'authorization', 'realm': None, 'active': True, 'resolver': None, 'user': None, 'client': '127.0.0.1', 'action': 'add_user_in_response', 'adminrealm': None, 'adminuser': None, 'sort_by_priority': True}
[2020-04-24 17:29:57,901][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [{'name': 'webauthn', 'active': True, 'scope': 'enrollment', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'webauthn_relying_party_id': 'privacyidea.local', 'webauthn_relying_party_name': 'privacyIDEA'}}, {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,901][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: []
[2020-04-24 17:29:57,901][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching action: []
[2020-04-24 17:29:57,901][6537][139756680177472][DEBUG][privacyidea.lib.policy:617] Policies after matching client: []
[2020-04-24 17:29:57,901][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result []
[2020-04-24 17:29:57,901][6537][139756680177472][DEBUG][privacyidea.lib.policy:683] Policies after matching time: []
[2020-04-24 17:29:57,901][6537][139756680177472][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions
[2020-04-24 17:29:57,901][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>,) and keywords {'name': None, 'scope': 'authorization', 'realm': None, 'active': True, 'resolver': None, 'user': None, 'client': '127.0.0.1', 'action': 'add_resolver_in_response', 'adminrealm': None, 'adminuser': None, 'sort_by_priority': True}
[2020-04-24 17:29:57,901][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [{'name': 'webauthn', 'active': True, 'scope': 'enrollment', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'webauthn_relying_party_id': 'privacyidea.local', 'webauthn_relying_party_name': 'privacyIDEA'}}, {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,902][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: []
[2020-04-24 17:29:57,902][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching action: []
[2020-04-24 17:29:57,902][6537][139756680177472][DEBUG][privacyidea.lib.policy:617] Policies after matching client: []
[2020-04-24 17:29:57,902][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result []
[2020-04-24 17:29:57,902][6537][139756680177472][DEBUG][privacyidea.lib.policy:683] Policies after matching time: []
[2020-04-24 17:29:57,902][6537][139756680177472][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions
[2020-04-24 17:29:57,902][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>,) and keywords {'name': None, 'scope': 'authorization', 'realm': None, 'active': True, 'resolver': None, 'user': None, 'client': '127.0.0.1', 'action': 'no_detail_on_success', 'adminrealm': None, 'adminuser': None, 'sort_by_priority': True}
[2020-04-24 17:29:57,902][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [{'name': 'webauthn', 'active': True, 'scope': 'enrollment', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'webauthn_relying_party_id': 'privacyidea.local', 'webauthn_relying_party_name': 'privacyIDEA'}}, {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,903][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: []
[2020-04-24 17:29:57,903][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching action: []
[2020-04-24 17:29:57,903][6537][139756680177472][DEBUG][privacyidea.lib.policy:617] Policies after matching client: []
[2020-04-24 17:29:57,903][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result []
[2020-04-24 17:29:57,903][6537][139756680177472][DEBUG][privacyidea.lib.policy:683] Policies after matching time: []
[2020-04-24 17:29:57,903][6537][139756680177472][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions
[2020-04-24 17:29:57,903][6537][139756680177472][DEBUG][privacyidea.lib.realm:186] Entering get_default_realm with arguments () and keywords {}
[2020-04-24 17:29:57,903][6537][139756680177472][DEBUG][privacyidea.lib.realm:198] Exiting get_default_realm with result defrealm
[2020-04-24 17:29:57,903][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>,) and keywords {'name': None, 'scope': 'webui', 'realm': 'defrealm', 'active': True, 'resolver': None, 'user': 'admin', 'client': '127.0.0.1', 'action': 'logout_time', 'adminrealm': None, 'adminuser': None, 'sort_by_priority': True}
[2020-04-24 17:29:57,903][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [{'name': 'webauthn', 'active': True, 'scope': 'enrollment', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'webauthn_relying_party_id': 'privacyidea.local', 'webauthn_relying_party_name': 'privacyIDEA'}}, {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,903][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: [{'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,904][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching action: []
[2020-04-24 17:29:57,904][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching user: []
[2020-04-24 17:29:57,904][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching realm: []
[2020-04-24 17:29:57,904][6537][139756680177472][DEBUG][privacyidea.lib.policy:617] Policies after matching client: []
[2020-04-24 17:29:57,904][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result []
[2020-04-24 17:29:57,904][6537][139756680177472][DEBUG][privacyidea.lib.policy:683] Policies after matching time: []
[2020-04-24 17:29:57,904][6537][139756680177472][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions
[2020-04-24 17:29:57,904][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>,) and keywords {'name': None, 'scope': 'webui', 'realm': 'defrealm', 'active': True, 'resolver': None, 'user': 'admin', 'client': '127.0.0.1', 'action': 'timeout_action', 'adminrealm': None, 'adminuser': None, 'sort_by_priority': True}
[2020-04-24 17:29:57,904][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [{'name': 'webauthn', 'active': True, 'scope': 'enrollment', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'webauthn_relying_party_id': 'privacyidea.local', 'webauthn_relying_party_name': 'privacyIDEA'}}, {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,904][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: [{'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,905][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching action: []
[2020-04-24 17:29:57,905][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching user: []
[2020-04-24 17:29:57,905][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching realm: []
[2020-04-24 17:29:57,905][6537][139756680177472][DEBUG][privacyidea.lib.policy:617] Policies after matching client: []
[2020-04-24 17:29:57,905][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result []
[2020-04-24 17:29:57,905][6537][139756680177472][DEBUG][privacyidea.lib.policy:683] Policies after matching time: []
[2020-04-24 17:29:57,905][6537][139756680177472][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions
[2020-04-24 17:29:57,905][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>,) and keywords {'name': None, 'scope': 'webui', 'realm': 'defrealm', 'active': True, 'resolver': None, 'user': 'admin', 'client': '127.0.0.1', 'action': 'token_page_size', 'adminrealm': None, 'adminuser': None, 'sort_by_priority': True}
[2020-04-24 17:29:57,905][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [{'name': 'webauthn', 'active': True, 'scope': 'enrollment', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'webauthn_relying_party_id': 'privacyidea.local', 'webauthn_relying_party_name': 'privacyIDEA'}}, {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,905][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: [{'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,906][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching action: []
[2020-04-24 17:29:57,906][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching user: []
[2020-04-24 17:29:57,906][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching realm: []
[2020-04-24 17:29:57,906][6537][139756680177472][DEBUG][privacyidea.lib.policy:617] Policies after matching client: []
[2020-04-24 17:29:57,906][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result []
[2020-04-24 17:29:57,906][6537][139756680177472][DEBUG][privacyidea.lib.policy:683] Policies after matching time: []
[2020-04-24 17:29:57,906][6537][139756680177472][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions
[2020-04-24 17:29:57,906][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>,) and keywords {'name': None, 'scope': 'webui', 'realm': 'defrealm', 'active': True, 'resolver': None, 'user': 'admin', 'client': '127.0.0.1', 'action': 'user_page_size', 'adminrealm': None, 'adminuser': None, 'sort_by_priority': True}
[2020-04-24 17:29:57,906][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [{'name': 'webauthn', 'active': True, 'scope': 'enrollment', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'webauthn_relying_party_id': 'privacyidea.local', 'webauthn_relying_party_name': 'privacyIDEA'}}, {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,906][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: [{'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,907][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching action: []
[2020-04-24 17:29:57,907][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching user: []
[2020-04-24 17:29:57,907][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching realm: []
[2020-04-24 17:29:57,907][6537][139756680177472][DEBUG][privacyidea.lib.policy:617] Policies after matching client: []
[2020-04-24 17:29:57,907][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result []
[2020-04-24 17:29:57,907][6537][139756680177472][DEBUG][privacyidea.lib.policy:683] Policies after matching time: []
[2020-04-24 17:29:57,907][6537][139756680177472][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions
[2020-04-24 17:29:57,907][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>,) and keywords {'name': None, 'scope': 'webui', 'realm': 'defrealm', 'active': True, 'resolver': None, 'user': 'admin', 'client': '127.0.0.1', 'action': 'user_details', 'adminrealm': None, 'adminuser': None, 'sort_by_priority': True}
[2020-04-24 17:29:57,907][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [{'name': 'webauthn', 'active': True, 'scope': 'enrollment', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'webauthn_relying_party_id': 'privacyidea.local', 'webauthn_relying_party_name': 'privacyIDEA'}}, {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,907][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: [{'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,907][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching action: []
[2020-04-24 17:29:57,907][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching user: []
[2020-04-24 17:29:57,908][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching realm: []
[2020-04-24 17:29:57,908][6537][139756680177472][DEBUG][privacyidea.lib.policy:617] Policies after matching client: []
[2020-04-24 17:29:57,908][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result []
[2020-04-24 17:29:57,908][6537][139756680177472][DEBUG][privacyidea.lib.policy:683] Policies after matching time: []
[2020-04-24 17:29:57,908][6537][139756680177472][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions
[2020-04-24 17:29:57,908][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>,) and keywords {'name': None, 'scope': 'webui', 'realm': 'defrealm', 'active': True, 'resolver': None, 'user': 'admin', 'client': '127.0.0.1', 'action': 'search_on_enter', 'adminrealm': None, 'adminuser': None, 'sort_by_priority': True}
[2020-04-24 17:29:57,908][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [{'name': 'webauthn', 'active': True, 'scope': 'enrollment', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'webauthn_relying_party_id': 'privacyidea.local', 'webauthn_relying_party_name': 'privacyIDEA'}}, {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,908][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: [{'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,908][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching action: []
[2020-04-24 17:29:57,908][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching user: []
[2020-04-24 17:29:57,908][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching realm: []
[2020-04-24 17:29:57,909][6537][139756680177472][DEBUG][privacyidea.lib.policy:617] Policies after matching client: []
[2020-04-24 17:29:57,909][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result []
[2020-04-24 17:29:57,909][6537][139756680177472][DEBUG][privacyidea.lib.policy:683] Policies after matching time: []
[2020-04-24 17:29:57,909][6537][139756680177472][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions
[2020-04-24 17:29:57,909][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>,) and keywords {'name': None, 'scope': 'webui', 'realm': 'defrealm', 'active': True, 'resolver': None, 'user': 'admin', 'client': '127.0.0.1', 'action': 'hide_welcome_info', 'adminrealm': None, 'adminuser': None, 'sort_by_priority': True}
[2020-04-24 17:29:57,909][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [{'name': 'webauthn', 'active': True, 'scope': 'enrollment', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'webauthn_relying_party_id': 'privacyidea.local', 'webauthn_relying_party_name': 'privacyIDEA'}}, {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,909][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: [{'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,909][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching action: [{'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,909][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching user: [{'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,910][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching realm: [{'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,910][6537][139756680177472][DEBUG][privacyidea.lib.policy:603] checking client ip in policy {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}.
[2020-04-24 17:29:57,910][6537][139756680177472][DEBUG][privacyidea.lib.policy:617] Policies after matching client: [{'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,910][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result [{'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,910][6537][139756680177472][DEBUG][privacyidea.lib.policy:683] Policies after matching time: [{'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,910][6537][139756680177472][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions
[2020-04-24 17:29:57,910][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>,) and keywords {'name': None, 'scope': 'webui', 'realm': 'defrealm', 'active': True, 'resolver': None, 'user': 'admin', 'client': '127.0.0.1', 'action': 'hide_buttons', 'adminrealm': None, 'adminuser': None, 'sort_by_priority': True}
[2020-04-24 17:29:57,910][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [{'name': 'webauthn', 'active': True, 'scope': 'enrollment', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'webauthn_relying_party_id': 'privacyidea.local', 'webauthn_relying_party_name': 'privacyIDEA'}}, {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,911][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: [{'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,911][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching action: []
[2020-04-24 17:29:57,911][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching user: []
[2020-04-24 17:29:57,911][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching realm: []
[2020-04-24 17:29:57,911][6537][139756680177472][DEBUG][privacyidea.lib.policy:617] Policies after matching client: []
[2020-04-24 17:29:57,911][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result []
[2020-04-24 17:29:57,911][6537][139756680177472][DEBUG][privacyidea.lib.policy:683] Policies after matching time: []
[2020-04-24 17:29:57,911][6537][139756680177472][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions
[2020-04-24 17:29:57,911][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>,) and keywords {'name': None, 'scope': 'webui', 'realm': 'defrealm', 'active': True, 'resolver': None, 'user': 'admin', 'client': '127.0.0.1', 'action': 'default_tokentype', 'adminrealm': None, 'adminuser': None, 'sort_by_priority': True}
[2020-04-24 17:29:57,911][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [{'name': 'webauthn', 'active': True, 'scope': 'enrollment', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'webauthn_relying_party_id': 'privacyidea.local', 'webauthn_relying_party_name': 'privacyIDEA'}}, {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,911][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: [{'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,912][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching action: []
[2020-04-24 17:29:57,912][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching user: []
[2020-04-24 17:29:57,912][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching realm: []
[2020-04-24 17:29:57,912][6537][139756680177472][DEBUG][privacyidea.lib.policy:617] Policies after matching client: []
[2020-04-24 17:29:57,912][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result []
[2020-04-24 17:29:57,912][6537][139756680177472][DEBUG][privacyidea.lib.policy:683] Policies after matching time: []
[2020-04-24 17:29:57,912][6537][139756680177472][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions
[2020-04-24 17:29:57,912][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>,) and keywords {'name': None, 'scope': 'webui', 'realm': 'defrealm', 'active': True, 'resolver': None, 'user': 'admin', 'client': '127.0.0.1', 'action': 'show_seed', 'adminrealm': None, 'adminuser': None, 'sort_by_priority': True}
[2020-04-24 17:29:57,912][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [{'name': 'webauthn', 'active': True, 'scope': 'enrollment', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'webauthn_relying_party_id': 'privacyidea.local', 'webauthn_relying_party_name': 'privacyIDEA'}}, {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,912][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: [{'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,912][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching action: []
[2020-04-24 17:29:57,913][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching user: []
[2020-04-24 17:29:57,913][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching realm: []
[2020-04-24 17:29:57,913][6537][139756680177472][DEBUG][privacyidea.lib.policy:617] Policies after matching client: []
[2020-04-24 17:29:57,913][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result []
[2020-04-24 17:29:57,913][6537][139756680177472][DEBUG][privacyidea.lib.policy:683] Policies after matching time: []
[2020-04-24 17:29:57,913][6537][139756680177472][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions
[2020-04-24 17:29:57,913][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>,) and keywords {'name': None, 'scope': 'webui', 'realm': 'defrealm', 'active': True, 'resolver': None, 'user': 'admin', 'client': '127.0.0.1', 'action': 'show_ios_privacyidea_authenticator', 'adminrealm': None, 'adminuser': None, 'sort_by_priority': True}
[2020-04-24 17:29:57,913][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [{'name': 'webauthn', 'active': True, 'scope': 'enrollment', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'webauthn_relying_party_id': 'privacyidea.local', 'webauthn_relying_party_name': 'privacyIDEA'}}, {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,913][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: [{'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,913][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching action: []
[2020-04-24 17:29:57,913][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching user: []
[2020-04-24 17:29:57,914][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching realm: []
[2020-04-24 17:29:57,914][6537][139756680177472][DEBUG][privacyidea.lib.policy:617] Policies after matching client: []
[2020-04-24 17:29:57,914][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result []
[2020-04-24 17:29:57,914][6537][139756680177472][DEBUG][privacyidea.lib.policy:683] Policies after matching time: []
[2020-04-24 17:29:57,914][6537][139756680177472][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions
[2020-04-24 17:29:57,914][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>,) and keywords {'name': None, 'scope': 'webui', 'realm': 'defrealm', 'active': True, 'resolver': None, 'user': 'admin', 'client': '127.0.0.1', 'action': 'show_android_privacyidea_authenticator', 'adminrealm': None, 'adminuser': None, 'sort_by_priority': True}
[2020-04-24 17:29:57,914][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [{'name': 'webauthn', 'active': True, 'scope': 'enrollment', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'webauthn_relying_party_id': 'privacyidea.local', 'webauthn_relying_party_name': 'privacyIDEA'}}, {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,914][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: [{'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,914][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching action: []
[2020-04-24 17:29:57,914][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching user: []
[2020-04-24 17:29:57,914][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching realm: []
[2020-04-24 17:29:57,914][6537][139756680177472][DEBUG][privacyidea.lib.policy:617] Policies after matching client: []
[2020-04-24 17:29:57,915][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result []
[2020-04-24 17:29:57,915][6537][139756680177472][DEBUG][privacyidea.lib.policy:683] Policies after matching time: []
[2020-04-24 17:29:57,915][6537][139756680177472][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions
[2020-04-24 17:29:57,915][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>,) and keywords {'name': None, 'scope': 'webui', 'realm': 'defrealm', 'active': True, 'resolver': None, 'user': 'admin', 'client': '127.0.0.1', 'action': 'show_custom_authenticator', 'adminrealm': None, 'adminuser': None, 'sort_by_priority': True}
[2020-04-24 17:29:57,915][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [{'name': 'webauthn', 'active': True, 'scope': 'enrollment', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'webauthn_relying_party_id': 'privacyidea.local', 'webauthn_relying_party_name': 'privacyIDEA'}}, {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,915][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: [{'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,915][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching action: []
[2020-04-24 17:29:57,915][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching user: []
[2020-04-24 17:29:57,915][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching realm: []
[2020-04-24 17:29:57,915][6537][139756680177472][DEBUG][privacyidea.lib.policy:617] Policies after matching client: []
[2020-04-24 17:29:57,915][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result []
[2020-04-24 17:29:57,916][6537][139756680177472][DEBUG][privacyidea.lib.policy:683] Policies after matching time: []
[2020-04-24 17:29:57,916][6537][139756680177472][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions
[2020-04-24 17:29:57,916][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>,) and keywords {'name': None, 'scope': 'webui', 'realm': None, 'active': True, 'resolver': None, 'user': None, 'client': '127.0.0.1', 'action': 'policy_template_url', 'adminrealm': None, 'adminuser': None, 'sort_by_priority': True}
[2020-04-24 17:29:57,916][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [{'name': 'webauthn', 'active': True, 'scope': 'enrollment', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'webauthn_relying_party_id': 'privacyidea.local', 'webauthn_relying_party_name': 'privacyIDEA'}}, {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,916][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: [{'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,916][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching action: []
[2020-04-24 17:29:57,916][6537][139756680177472][DEBUG][privacyidea.lib.policy:617] Policies after matching client: []
[2020-04-24 17:29:57,916][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result []
[2020-04-24 17:29:57,916][6537][139756680177472][DEBUG][privacyidea.lib.policy:683] Policies after matching time: []
[2020-04-24 17:29:57,916][6537][139756680177472][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions
[2020-04-24 17:29:57,916][6537][139756680177472][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f1b92906908>,) and keywords {'name': None, 'scope': 'webui', 'realm': 'defrealm', 'active': True, 'resolver': None, 'user': None, 'client': '127.0.0.1', 'action': 'indexedsecret_preset_attribute', 'adminrealm': None, 'adminuser': None, 'sort_by_priority': True}
[2020-04-24 17:29:57,917][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [{'name': 'webauthn', 'active': True, 'scope': 'enrollment', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'webauthn_relying_party_id': 'privacyidea.local', 'webauthn_relying_party_name': 'privacyIDEA'}}, {'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,917][6537][139756680177472][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: [{'name': 'hide_welcome', 'active': True, 'scope': 'webui', 'realm': [], 'adminrealm': [], 'adminuser': [], 'resolver': [], 'check_all_resolvers': False, 'user': [], 'client': [], 'time': '', 'conditions': [], 'priority': 1, 'action': {'hide_welcome_info': True}}]
[2020-04-24 17:29:57,917][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching action: []
[2020-04-24 17:29:57,917][6537][139756680177472][DEBUG][privacyidea.lib.policy:551] Policies after matching realm: []
[2020-04-24 17:29:57,917][6537][139756680177472][DEBUG][privacyidea.lib.policy:617] Policies after matching client: []
[2020-04-24 17:29:57,917][6537][139756680177472][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result []
[2020-04-24 17:29:57,917][6537][139756680177472][DEBUG][privacyidea.lib.policy:683] Policies after matching time: []
[2020-04-24 17:29:57,917][6537][139756680177472][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions
[2020-04-24 17:29:57,917][6537][139756680177472][DEBUG][privacyidea.lib.token:186] Entering get_tokens with arguments () and keywords {'assigned': True, 'active': True, 'count': True}
[2020-04-24 17:29:57,920][6537][139756680177472][DEBUG][privacyidea.lib.token:198] Exiting get_tokens with result 11
[2020-04-24 17:29:57,920][6537][139756680177472][INFO][privacyidea.lib.auditmodules.loggeraudit:85] {"action": "POST /auth", "action_detail": "", "administrator": "admin", "client": "127.0.0.1", "client_user_agent": null, "info": "internal admin", "policies": "hide_welcome", "privacyidea_server": "localhost:5000", "realm": "defrealm", "success": true, "timestamp": "2020-04-24T15:29:57.920669", "user": ""}
[2020-04-24 17:29:57,921][6537][139756680177472][DEBUG][privacyidea.api.lib.utils:254] Can not get param: Expecting value: line 1 column 1 (char 0)
[2020-04-24 17:29:57,922][6537][139756680177472][DEBUG][privacyidea.api.before_after:90] End handling of request '/auth?'
[2020-04-24 17:29:57,925][6537][139756680177472][DEBUG][privacyidea.api.before_after:84] Begin handling of request '/token/?'
[2020-04-24 17:29:57,926][6537][139756680177472][ERROR][privacyidea.app:1891] Exception on /token/ [GET]
Traceback (most recent call last):
File "/path/to/privacyidea/venv3/lib/python3.6/site-packages/jwt/api_jws.py", line 180, in _load
signing_input, crypto_segment = jwt.rsplit(b'.', 1)
ValueError: not enough values to unpack (expected 2, got 1)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/path/to/privacyidea/venv3/lib/python3.6/site-packages/flask/app.py", line 2446, in wsgi_app
response = self.full_dispatch_request()
File "/path/to/privacyidea/venv3/lib/python3.6/site-packages/flask/app.py", line 1951, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/path/to/privacyidea/venv3/lib/python3.6/site-packages/flask/app.py", line 1820, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "/path/to/privacyidea/venv3/lib/python3.6/site-packages/flask/_compat.py", line 39, in reraise
raise value
File "/path/to/privacyidea/venv3/lib/python3.6/site-packages/flask/app.py", line 1947, in full_dispatch_request
rv = self.preprocess_request()
File "/path/to/privacyidea/venv3/lib/python3.6/site-packages/flask/app.py", line 2241, in preprocess_request
rv = func()
File "/path/to/privacyidea/privacyidea/api/auth.py", line 379, in decorated_function
check_auth_token(required_role=["user", "admin"])
File "/path/to/privacyidea/privacyidea/api/auth.py", line 399, in check_auth_token
r = verify_auth_token(auth_token, required_role)
File "/path/to/privacyidea/privacyidea/api/lib/utils.py", line 292, in verify_auth_token
headers = jwt.get_unverified_header(auth_token)
File "/path/to/privacyidea/venv3/lib/python3.6/site-packages/jwt/api_jws.py", line 166, in get_unverified_header
headers = self._load(jwt)[2]
File "/path/to/privacyidea/venv3/lib/python3.6/site-packages/jwt/api_jws.py", line 183, in _load
raise DecodeError('Not enough segments')
jwt.exceptions.DecodeError: Not enough segments
[2020-04-24 17:29:57,936][6537][139756680177472][INFO][privacyidea.lib.utils:1213] We are not able to determine the privacyidea version number.
[2020-04-24 17:29:57,936][6537][139756680177472][DEBUG][privacyidea.api.lib.utils:254] Can not get param: Expecting value: line 1 column 1 (char 0)
[2020-04-24 17:29:57,938][6537][139756680177472][DEBUG][privacyidea.api.lib.utils:254] Can not get param: Expecting value: line 1 column 1 (char 0)
[2020-04-24 17:29:57,939][6537][139756680177472][DEBUG][privacyidea.api.before_after:90] End handling of request '/token/?'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment