user.auth.clients.ldap ====================== .. py:module:: user.auth.clients.ldap Attributes ---------- .. autoapisummary:: user.auth.clients.ldap._P user.auth.clients.ldap._T Classes ------- .. autoapisummary:: user.auth.clients.ldap.LDAPClient Functions --------- .. autoapisummary:: user.auth.clients.ldap.auto_retry Module Contents --------------- .. py:data:: _P .. py:data:: _T .. py:function:: auto_retry(fn: collections.abc.Callable[Concatenate[LDAPClient, _P], _T], max_tries: int = 5, pause: float = 0.1) -> collections.abc.Callable[Concatenate[LDAPClient, _P], _T] Retries the decorated function if a LDAP connection error occurs, up to a given set of retries, using linear backoff. .. py:class:: LDAPClient .. py:attribute:: url :type: str .. py:attribute:: username :type: str .. py:attribute:: password :type: str .. py:property:: base_dn :type: str Extracts the distinguished name from the username. .. py:property:: connection :type: ldap3.Connection Returns the read-only connection to the LDAP server. Calling this property is not enough to ensure that the connection is possible. You should use :meth:`try_configuration` for that. .. py:method:: try_configuration() -> None Verifies the connection to the LDAP server. .. py:method:: search(query: str, attributes: collections.abc.Sequence[str] = ()) -> dict[str, dict[str, Any]] Runs an LDAP query against the server and returns a dictionary with the distinguished name as key and the given attributes as values (also a dict). .. py:method:: compare(name: str, attribute: str, value: Any) -> bool Returns true if given user's attribute has the expected value. :param name: The distinguished name (DN) of the LDAP user. :param attribute: The attribute to query. :param value: The value to compare to. The method returns True if the given value is found on the user. This is most notably used for password checks. For example:: client.compare('cn=admin', 'userPassword', 'hunter2')