unit/phi
12
1
Fork 0
Code Issues 5 Pull Requests 1 Releases Activity

fixup! Throw away previous async model implementation

Browse Source
This commit is contained in:
sfigato 2022-01-26 16:17:45 +01:00
parent 2932957afb
commit c0d835d8d1
Signed by: blallo
GPG Key ID: 0CBE577C9B72DC3F
6 changed files with 0 additions and 183 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
src/phi/ldap/__init__.py
View File

59
src/phi/ldap/client.py
View File

@ -1,59 +0,0 @@
from threading import Lock
from ldap3.utils.log import set_library_log_detail_level, PROTOCOL
from phi.logging import get_logger
from phi.ldap.connection import make_connection
from phi.ldap.connection import open_connection, close_connection
log = get_logger(__name__)
set_library_log_detail_level(PROTOCOL)
class Client:
def __init__(self,
host=None, port=389,
encryption=None, ciphers=None, validate=False, ca_certs=None,
username=None, password=None,
base_dn=None,
attribute_id='uid', attribute_mail='mail'):
log.info("Initializing LDAP Client.")
self.host = host
self.port = port
self.encryption = encryption
self.ciphers = ciphers
self.validate = validate
self.ca_certs = ca_certs
self.username = username
self.password = password
self.base_dn = base_dn
self.attribute_id = attribute_id
self.attribute_mail = attribute_mail
self.connection_lock = Lock()
self.connection = make_connection(host=self.host, port=self.port,
encryption=self.encryption,
ciphers=self.ciphers,
validate=self.validate,
ca_certs=self.ca_certs,
username=self.username,
password=self.password)
def open(self):
self.connection_lock.acquire()
if self.connection.closed is True:
open_connection(self.connection)
self.connection_lock.release()
else:
self.connection_lock.release()
raise Exception("Trying to open a connection, "
"but it is already open.")
def close(self):
self.connection_lock.acquire()
close_connection(self.connection)
self.connection_lock.release()

59
src/phi/ldap/connection.py
View File

@ -1,59 +0,0 @@
from ssl import CERT_REQUIRED, PROTOCOL_TLSv1_2
from ldap3 import Tls, Server, Connection, ASYNC
from phi.logging import get_logger
log = get_logger(__name__)
def make_connection(host=None, port=389,
encryption=None, ciphers=None, validate=False,
ca_certs=None, username=None, password=None):
# TLSv1.2 is supported since Python 3.4
if encryption is None:
log.warning("The connection to the LDAP server will not be encrypted.")
tls = None
elif encryption == "TLSv1.2":
log.info("The connection to the LDAP server will use TLSv1.2.")
tls = Tls(version=PROTOCOL_TLSv1_2)
else:
raise NotImplementedError("Sorry, use TLSv1.2.")
if encryption is not None and ciphers is not None:
log.info("The connection to the LDAP server will use the "
"following ciphers: {}".format(ciphers))
tls.ciphers = ciphers
if encryption is not None and validate is True:
log.info("The certificate hostname will be checked to match the "
"remote hostname.")
tls.validate = CERT_REQUIRED
if encryption is not None and validate is True and ca_certs is not None:
log.info("Using the following CA certificates: {}"
.format(ca_certs))
tls.ca_certs_file = ca_certs
server = Server(host=host, port=port, tls=tls)
connection = Connection(server, user=username, password=password,
client_strategy=ASYNC)
return connection
def open_connection(connection):
log.info("Opening connection to LDAP server.")
connection.open()
if connection.server.tls is not None and connection.server.ssl is False:
log.info("Issuing StartTLS command.")
connection.start_tls()
log.info("Issuing BIND command.")
connection.bind()
def close_connection(connection):
log.info("Closing connection to LDAP server.")
log.info("Issuing UNBIND command.")
connection.unbind()

36
src/phi/ldap/entry.py
View File

@ -1,36 +0,0 @@
from ldap3 import ALL_ATTRIBUTES, ALL_OPERATIONAL_ATTRIBUTES
from phi.logging import get_logger
log = get_logger(__name__)
def get_entry_by_uid(client, uid):
log.info("Searching entry with identifier: {}".format(uid))
filter_ = "({}={})".format(client.attribute_id, uid)
log.debug("Search filter: {}".format(filter_))
response_id = client.connection.search(
client.base_dn, filter_,
search_scope='SUBTREE',
attributes=[ALL_ATTRIBUTES, ALL_OPERATIONAL_ATTRIBUTES]
)
response, result, request = client.connection.get_response(
response_id, get_request=True
)
log.debug("Request: {}".format(request))
log.debug("Response: {}".format(response))
log.debug("Result: {}".format(result))
if not response:
return None
if response[1:]:
log.error("Looking for exactly one result but server gave {}. "
"Taking the first and ignoring the rest."
.format(len(response)))
return response[0]

26
src/phi/ldap/user.py
View File

@ -1,26 +0,0 @@
from phi.ldap.entry import get_entry_by_uid
from phi.ldap.utils import flatten_attributes
def user_attributes_mapping(client):
return {
client.attribute_id: "uid",
client.attribute_mail: "mail",
"createTimestamp": "created_at",
"modifyTimestamp": "modified_at",
}
def get_user_by_uid(client, uid):
entry = get_entry_by_uid(client, uid)
if not entry:
return None
mapping = user_attributes_mapping(client)
user = {
mapping[k]: v for k, v in entry["attributes"].items() if k in mapping.keys()
}
return flatten_attributes(user)

3
src/phi/ldap/utils.py
View File

@ -1,3 +0,0 @@
def flatten_attributes(d):
return {k: (v[0] if isinstance(v, list) else v)
for k, v in d.items()}