user.auth.clients.ldap

Attributes

_P

_T

Classes

LDAPClient

Functions

auto_retry(→ Callable[Concatenate[LDAPClient, _P], _T])

Retries the decorated function if a LDAP connection error occurs, up

Module Contents

user.auth.clients.ldap._P[source]
user.auth.clients.ldap._T[source]
user.auth.clients.ldap.auto_retry(fn: Callable[Concatenate[LDAPClient, _P], _T], max_tries: int = 5, pause: float = 0.1) Callable[Concatenate[LDAPClient, _P], _T][source]

Retries the decorated function if a LDAP connection error occurs, up to a given set of retries, using linear backoff.

class user.auth.clients.ldap.LDAPClient[source]
url: str[source]
username: str[source]
password: str[source]
property base_dn: str[source]

Extracts the distinguished name from the username.

property connection: ldap3.Connection[source]

Returns the read-only connection to the LDAP server.

Calling this property is not enough to ensure that the connection is possible. You should use try_configuration() for that.

try_configuration() None[source]

Verifies the connection to the LDAP server.

search(query: str, attributes: Sequence[str] = ()) dict[str, dict[str, Any]][source]

Runs an LDAP query against the server and returns a dictionary with the distinguished name as key and the given attributes as values (also a dict).

compare(name: str, attribute: str, value: Any) bool[source]

Returns true if given user’s attribute has the expected value.

Parameters:

  • name – The distinguished name (DN) of the LDAP user.

  • attribute – The attribute to query.

  • value – The value to compare to.

The method returns True if the given value is found on the user.

This is most notably used for password checks. For example:

client.compare('cn=admin', 'userPassword', 'hunter2')