[Python-modules-commits] [flask-ldapconn] 01/15: import flask-ldapconn_0.6.13.orig.tar.gz
Dominik George
natureshadow-guest at moszumanska.debian.org
Sat Apr 29 14:13:14 UTC 2017
This is an automated email from the git hooks/post-receive script.
natureshadow-guest pushed a commit to branch master
in repository flask-ldapconn.
commit e629f044c6a9165c2ebb853bddf4db15ffb2b4da
Author: Dominik George <nik at naturalnet.de>
Date: Sat Apr 29 15:35:45 2017 +0200
import flask-ldapconn_0.6.13.orig.tar.gz
---
Flask_LDAPConn.egg-info/PKG-INFO | 226 +++++++++++++++++++++++++++
Flask_LDAPConn.egg-info/SOURCES.txt | 14 ++
Flask_LDAPConn.egg-info/dependency_links.txt | 1 +
Flask_LDAPConn.egg-info/not-zip-safe | 1 +
Flask_LDAPConn.egg-info/requires.txt | 3 +
Flask_LDAPConn.egg-info/top_level.txt | 1 +
LICENSE | 23 +++
MANIFEST.in | 1 +
PKG-INFO | 226 +++++++++++++++++++++++++++
README.rst | 205 ++++++++++++++++++++++++
flask_ldapconn/__init__.py | 192 +++++++++++++++++++++++
flask_ldapconn/attribute.py | 81 ++++++++++
flask_ldapconn/entry.py | 184 ++++++++++++++++++++++
flask_ldapconn/query.py | 75 +++++++++
setup.cfg | 5 +
setup.py | 47 ++++++
16 files changed, 1285 insertions(+)
diff --git a/Flask_LDAPConn.egg-info/PKG-INFO b/Flask_LDAPConn.egg-info/PKG-INFO
new file mode 100644
index 0000000..b71546c
--- /dev/null
+++ b/Flask_LDAPConn.egg-info/PKG-INFO
@@ -0,0 +1,226 @@
+Metadata-Version: 1.1
+Name: Flask-LDAPConn
+Version: 0.6.13
+Summary: Pure python, LDAP connection and ORM for Flask Applications
+Home-page: http://github.com/rroemhild/flask-ldapconn
+Author: Rafael Römhild
+Author-email: rafael at roemhild.de
+License: BSD
+Description: Flask-LDAPConn
+ ==============
+
+ .. image:: https://travis-ci.org/rroemhild/flask-ldapconn.svg?branch=master
+ :target: https://travis-ci.org/rroemhild/flask-ldapconn
+
+ .. image:: https://badge.fury.io/py/flask-ldapconn.svg
+ :target: https://pypi.python.org/pypi/flask-ldapconn
+
+ Flask-LDAPConn is a Flask extension providing `ldap3 <https://github.com/cannatag/ldap3>`_ (an LDAP V3 pure Python client) connection for accessing LDAP servers.
+
+ To abstract access to LDAP data this extension provides a simple ORM model.
+
+
+ Installation
+ ------------
+
+ .. code-block:: shell
+
+ pip install flask-ldapconn
+
+
+ Configuration
+ -------------
+
+ Your configuration should be declared within your Flask config. Sample configuration:
+
+ .. code-block:: python
+
+ import ssl
+
+ LDAP_SERVER = 'localhost'
+ LDAP_PORT = 389
+ LDAP_BINDDN = 'cn=admin,dc=example,dc=com'
+ LDAP_SECRET = 'forty-two'
+ LDAP_TIMEOUT = 10
+ LDAP_USE_TLS = True # default
+ LDAP_REQUIRE_CERT = ssl.CERT_NONE # default: CERT_REQUIRED
+ LDAP_TLS_VERSION = ssl.PROTOCOL_TLSv1_2 # default: PROTOCOL_TLSv1
+ LDAP_CERT_PATH = '/etc/openldap/certs'
+
+ Create the ldap instance within your application:
+
+ .. code-block:: python
+
+ from flask import Flask
+ from flask_ldapconn import LDAPConn
+
+ app = Flask(__name__)
+ ldap = LDAPConn(app)
+
+
+ Client sample
+ -------------
+
+ .. code-block:: python
+
+ from flask import Flask
+ from flask_ldapconn import LDAPConn
+ from ldap3 import SUBTREE
+
+ app = Flask(__name__)
+ ldap = LDAPConn(app)
+
+ @app.route('/')
+ def index():
+ ldapc = ldap.connection
+ basedn = 'ou=people,dc=example,dc=com'
+ search_filter = '(objectClass=posixAccount)'
+ attributes = ['sn', 'givenName', 'uid', 'mail']
+ ldapc.search(basedn, search_filter, SUBTREE,
+ attributes=attributes)
+ response = ldapc.response
+
+
+ User model samples
+ ------------------
+
+ .. code-block:: python
+
+ from flask import Flask
+ from flask_ldapconn import LDAPConn
+
+ app = Flask(__name__)
+ ldap = LDAPConn(app)
+
+ class User(ldap.Entry):
+
+ base_dn = 'ou=people,dc=example,dc=com'
+ object_classes = ['inetOrgPerson']
+
+ name = ldap.Attribute('cn')
+ email = ldap.Attribute('mail')
+ userid = ldap.Attribute('uid')
+ surname = ldap.Attribute('sn')
+ givenname = ldap.Attribute('givenName')
+
+ with app.app_context():
+
+ # get a list of entries
+ entries = User.query.filter('email: *@example.com').all()
+ for entry in entries:
+ print u'Name: {}'.format(entry.name)
+
+ # get the first entry
+ user = User.query.filter('userid: user1').first()
+
+ # new entry
+ new_user = User(
+ name='User Three',
+ email='user3 at example.com',
+ userid='user3',
+ surname='Three',
+ givenname='User'
+ )
+ new_user.save()
+
+ # modify entry
+ mod_user = User.query.filter('userid: user1').first()
+ mod_user.name = 'User Number Three'
+ mod_user.email.append.('u.three at example.com')
+ mod_user.givenname.delete()
+ mod_user.save()
+
+ # remove entry
+ rm_user = User.query.filter('userid: user1').first()
+ rm_user.delete()
+
+ # authenticate user
+ auth_user = User.query.filter('userid: user1').first()
+ if auth_user:
+ if auth_user.authenticate('password1234'):
+ print('Authenticated')
+ else:
+ print('Wrong password')
+
+
+ Authenticate with Client
+ ------------------------
+
+ .. code-block:: python
+
+ from flask import Flask
+ from flask_ldapconn import LDAPConn
+
+ app = Flask(__name__)
+ ldap = LDAPConn(app)
+
+ username = 'user1'
+ password = 'userpass'
+ attribute = 'uid'
+ search_filter = ('(active=1)')
+
+ with app.app_context():
+ retval = ldap.authenticate(username, password, attribute,
+ basedn, search_filter')
+ if not retval:
+ return 'Invalid credentials.'
+ return 'Welcome %s.' % username
+
+
+ Bind as user
+ ------------
+
+ To bind as user for the current request save a new connection to ``flask.g.ldap_conn``:
+
+ .. code-block:: python
+
+ g.ldap_conn = ldap.connect(userdn, password)
+ user = User.query.get(userdn)
+
+ Unit Test
+ ---------
+
+ I use a simple Docker image to run the tests on localhost. The test file ``test_flask_ldapconn.py`` tries to handle ``start`` and ``stop`` of the docker container:
+
+ .. code-block:: shell
+
+ pip install docker-py
+ docker pull rroemhild/test-openldap
+ python test_flask_ldapconn.py
+
+ Run the docker container manual:
+
+ .. code-block:: shell
+
+ docker run --privileged -d -p 389:389 --name flask_ldapconn rroemhild/test-openldap
+ DOCKER_RUN=False python test_flask_ldapconn.py
+
+ Unit test with your own settings from a file:
+
+ .. code-block:: shell
+
+ LDAP_SETTINGS=my_settings.py python test_flask_ldapconn.py
+
+
+ Contribute
+ ----------
+
+ #. Check for open issues or open a fresh issue to start a discussion around a feature idea or a bug.
+ #. Fork `the repository`_ on Github to start making your changes.
+ #. Write a test which shows that the bug was fixed or that the feature works as expected.
+ #. Send a pull request and bug the maintainer until it gets merged and published.
+
+ .. _`the repository`: http://github.com/rroemhild/flask-ldapconn
+
+Keywords: flask ldap ldap3 orm
+Platform: any
+Classifier: Development Status :: 4 - Beta
+Classifier: Environment :: Web Environment
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: BSD License
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python :: 2.7
+Classifier: Programming Language :: Python :: 3.4
+Classifier: Framework :: Flask
+Classifier: Topic :: Internet :: WWW/HTTP :: Dynamic Content
+Classifier: Topic :: Software Development :: Libraries :: Python Modules
diff --git a/Flask_LDAPConn.egg-info/SOURCES.txt b/Flask_LDAPConn.egg-info/SOURCES.txt
new file mode 100644
index 0000000..879ddc9
--- /dev/null
+++ b/Flask_LDAPConn.egg-info/SOURCES.txt
@@ -0,0 +1,14 @@
+LICENSE
+MANIFEST.in
+README.rst
+setup.py
+Flask_LDAPConn.egg-info/PKG-INFO
+Flask_LDAPConn.egg-info/SOURCES.txt
+Flask_LDAPConn.egg-info/dependency_links.txt
+Flask_LDAPConn.egg-info/not-zip-safe
+Flask_LDAPConn.egg-info/requires.txt
+Flask_LDAPConn.egg-info/top_level.txt
+flask_ldapconn/__init__.py
+flask_ldapconn/attribute.py
+flask_ldapconn/entry.py
+flask_ldapconn/query.py
\ No newline at end of file
diff --git a/Flask_LDAPConn.egg-info/dependency_links.txt b/Flask_LDAPConn.egg-info/dependency_links.txt
new file mode 100644
index 0000000..8b13789
--- /dev/null
+++ b/Flask_LDAPConn.egg-info/dependency_links.txt
@@ -0,0 +1 @@
+
diff --git a/Flask_LDAPConn.egg-info/not-zip-safe b/Flask_LDAPConn.egg-info/not-zip-safe
new file mode 100644
index 0000000..8b13789
--- /dev/null
+++ b/Flask_LDAPConn.egg-info/not-zip-safe
@@ -0,0 +1 @@
+
diff --git a/Flask_LDAPConn.egg-info/requires.txt b/Flask_LDAPConn.egg-info/requires.txt
new file mode 100644
index 0000000..ef8260d
--- /dev/null
+++ b/Flask_LDAPConn.egg-info/requires.txt
@@ -0,0 +1,3 @@
+Flask==0.10.1
+ldap3==1.3.1
+six==1.10.0
\ No newline at end of file
diff --git a/Flask_LDAPConn.egg-info/top_level.txt b/Flask_LDAPConn.egg-info/top_level.txt
new file mode 100644
index 0000000..37691f5
--- /dev/null
+++ b/Flask_LDAPConn.egg-info/top_level.txt
@@ -0,0 +1 @@
+flask_ldapconn
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..b4ced6e
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,23 @@
+Copyright (c) 2016, Rafael Römhild
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+* Redistributions of source code must retain the above copyright notice, this
+ list of conditions and the following disclaimer.
+
+* Redistributions in binary form must reproduce the above copyright notice,
+ this list of conditions and the following disclaimer in the documentation
+ and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/MANIFEST.in b/MANIFEST.in
new file mode 100644
index 0000000..198da1a
--- /dev/null
+++ b/MANIFEST.in
@@ -0,0 +1 @@
+include README.rst CHANGES LICENSE
diff --git a/PKG-INFO b/PKG-INFO
new file mode 100644
index 0000000..b71546c
--- /dev/null
+++ b/PKG-INFO
@@ -0,0 +1,226 @@
+Metadata-Version: 1.1
+Name: Flask-LDAPConn
+Version: 0.6.13
+Summary: Pure python, LDAP connection and ORM for Flask Applications
+Home-page: http://github.com/rroemhild/flask-ldapconn
+Author: Rafael Römhild
+Author-email: rafael at roemhild.de
+License: BSD
+Description: Flask-LDAPConn
+ ==============
+
+ .. image:: https://travis-ci.org/rroemhild/flask-ldapconn.svg?branch=master
+ :target: https://travis-ci.org/rroemhild/flask-ldapconn
+
+ .. image:: https://badge.fury.io/py/flask-ldapconn.svg
+ :target: https://pypi.python.org/pypi/flask-ldapconn
+
+ Flask-LDAPConn is a Flask extension providing `ldap3 <https://github.com/cannatag/ldap3>`_ (an LDAP V3 pure Python client) connection for accessing LDAP servers.
+
+ To abstract access to LDAP data this extension provides a simple ORM model.
+
+
+ Installation
+ ------------
+
+ .. code-block:: shell
+
+ pip install flask-ldapconn
+
+
+ Configuration
+ -------------
+
+ Your configuration should be declared within your Flask config. Sample configuration:
+
+ .. code-block:: python
+
+ import ssl
+
+ LDAP_SERVER = 'localhost'
+ LDAP_PORT = 389
+ LDAP_BINDDN = 'cn=admin,dc=example,dc=com'
+ LDAP_SECRET = 'forty-two'
+ LDAP_TIMEOUT = 10
+ LDAP_USE_TLS = True # default
+ LDAP_REQUIRE_CERT = ssl.CERT_NONE # default: CERT_REQUIRED
+ LDAP_TLS_VERSION = ssl.PROTOCOL_TLSv1_2 # default: PROTOCOL_TLSv1
+ LDAP_CERT_PATH = '/etc/openldap/certs'
+
+ Create the ldap instance within your application:
+
+ .. code-block:: python
+
+ from flask import Flask
+ from flask_ldapconn import LDAPConn
+
+ app = Flask(__name__)
+ ldap = LDAPConn(app)
+
+
+ Client sample
+ -------------
+
+ .. code-block:: python
+
+ from flask import Flask
+ from flask_ldapconn import LDAPConn
+ from ldap3 import SUBTREE
+
+ app = Flask(__name__)
+ ldap = LDAPConn(app)
+
+ @app.route('/')
+ def index():
+ ldapc = ldap.connection
+ basedn = 'ou=people,dc=example,dc=com'
+ search_filter = '(objectClass=posixAccount)'
+ attributes = ['sn', 'givenName', 'uid', 'mail']
+ ldapc.search(basedn, search_filter, SUBTREE,
+ attributes=attributes)
+ response = ldapc.response
+
+
+ User model samples
+ ------------------
+
+ .. code-block:: python
+
+ from flask import Flask
+ from flask_ldapconn import LDAPConn
+
+ app = Flask(__name__)
+ ldap = LDAPConn(app)
+
+ class User(ldap.Entry):
+
+ base_dn = 'ou=people,dc=example,dc=com'
+ object_classes = ['inetOrgPerson']
+
+ name = ldap.Attribute('cn')
+ email = ldap.Attribute('mail')
+ userid = ldap.Attribute('uid')
+ surname = ldap.Attribute('sn')
+ givenname = ldap.Attribute('givenName')
+
+ with app.app_context():
+
+ # get a list of entries
+ entries = User.query.filter('email: *@example.com').all()
+ for entry in entries:
+ print u'Name: {}'.format(entry.name)
+
+ # get the first entry
+ user = User.query.filter('userid: user1').first()
+
+ # new entry
+ new_user = User(
+ name='User Three',
+ email='user3 at example.com',
+ userid='user3',
+ surname='Three',
+ givenname='User'
+ )
+ new_user.save()
+
+ # modify entry
+ mod_user = User.query.filter('userid: user1').first()
+ mod_user.name = 'User Number Three'
+ mod_user.email.append.('u.three at example.com')
+ mod_user.givenname.delete()
+ mod_user.save()
+
+ # remove entry
+ rm_user = User.query.filter('userid: user1').first()
+ rm_user.delete()
+
+ # authenticate user
+ auth_user = User.query.filter('userid: user1').first()
+ if auth_user:
+ if auth_user.authenticate('password1234'):
+ print('Authenticated')
+ else:
+ print('Wrong password')
+
+
+ Authenticate with Client
+ ------------------------
+
+ .. code-block:: python
+
+ from flask import Flask
+ from flask_ldapconn import LDAPConn
+
+ app = Flask(__name__)
+ ldap = LDAPConn(app)
+
+ username = 'user1'
+ password = 'userpass'
+ attribute = 'uid'
+ search_filter = ('(active=1)')
+
+ with app.app_context():
+ retval = ldap.authenticate(username, password, attribute,
+ basedn, search_filter')
+ if not retval:
+ return 'Invalid credentials.'
+ return 'Welcome %s.' % username
+
+
+ Bind as user
+ ------------
+
+ To bind as user for the current request save a new connection to ``flask.g.ldap_conn``:
+
+ .. code-block:: python
+
+ g.ldap_conn = ldap.connect(userdn, password)
+ user = User.query.get(userdn)
+
+ Unit Test
+ ---------
+
+ I use a simple Docker image to run the tests on localhost. The test file ``test_flask_ldapconn.py`` tries to handle ``start`` and ``stop`` of the docker container:
+
+ .. code-block:: shell
+
+ pip install docker-py
+ docker pull rroemhild/test-openldap
+ python test_flask_ldapconn.py
+
+ Run the docker container manual:
+
+ .. code-block:: shell
+
+ docker run --privileged -d -p 389:389 --name flask_ldapconn rroemhild/test-openldap
+ DOCKER_RUN=False python test_flask_ldapconn.py
+
+ Unit test with your own settings from a file:
+
+ .. code-block:: shell
+
+ LDAP_SETTINGS=my_settings.py python test_flask_ldapconn.py
+
+
+ Contribute
+ ----------
+
+ #. Check for open issues or open a fresh issue to start a discussion around a feature idea or a bug.
+ #. Fork `the repository`_ on Github to start making your changes.
+ #. Write a test which shows that the bug was fixed or that the feature works as expected.
+ #. Send a pull request and bug the maintainer until it gets merged and published.
+
+ .. _`the repository`: http://github.com/rroemhild/flask-ldapconn
+
+Keywords: flask ldap ldap3 orm
+Platform: any
+Classifier: Development Status :: 4 - Beta
+Classifier: Environment :: Web Environment
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: BSD License
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python :: 2.7
+Classifier: Programming Language :: Python :: 3.4
+Classifier: Framework :: Flask
+Classifier: Topic :: Internet :: WWW/HTTP :: Dynamic Content
+Classifier: Topic :: Software Development :: Libraries :: Python Modules
diff --git a/README.rst b/README.rst
new file mode 100644
index 0000000..1afe1db
--- /dev/null
+++ b/README.rst
@@ -0,0 +1,205 @@
+Flask-LDAPConn
+==============
+
+.. image:: https://travis-ci.org/rroemhild/flask-ldapconn.svg?branch=master
+ :target: https://travis-ci.org/rroemhild/flask-ldapconn
+
+.. image:: https://badge.fury.io/py/flask-ldapconn.svg
+ :target: https://pypi.python.org/pypi/flask-ldapconn
+
+Flask-LDAPConn is a Flask extension providing `ldap3 <https://github.com/cannatag/ldap3>`_ (an LDAP V3 pure Python client) connection for accessing LDAP servers.
+
+To abstract access to LDAP data this extension provides a simple ORM model.
+
+
+Installation
+------------
+
+.. code-block:: shell
+
+ pip install flask-ldapconn
+
+
+Configuration
+-------------
+
+Your configuration should be declared within your Flask config. Sample configuration:
+
+.. code-block:: python
+
+ import ssl
+
+ LDAP_SERVER = 'localhost'
+ LDAP_PORT = 389
+ LDAP_BINDDN = 'cn=admin,dc=example,dc=com'
+ LDAP_SECRET = 'forty-two'
+ LDAP_TIMEOUT = 10
+ LDAP_USE_TLS = True # default
+ LDAP_REQUIRE_CERT = ssl.CERT_NONE # default: CERT_REQUIRED
+ LDAP_TLS_VERSION = ssl.PROTOCOL_TLSv1_2 # default: PROTOCOL_TLSv1
+ LDAP_CERT_PATH = '/etc/openldap/certs'
+
+Create the ldap instance within your application:
+
+.. code-block:: python
+
+ from flask import Flask
+ from flask_ldapconn import LDAPConn
+
+ app = Flask(__name__)
+ ldap = LDAPConn(app)
+
+
+Client sample
+-------------
+
+.. code-block:: python
+
+ from flask import Flask
+ from flask_ldapconn import LDAPConn
+ from ldap3 import SUBTREE
+
+ app = Flask(__name__)
+ ldap = LDAPConn(app)
+
+ @app.route('/')
+ def index():
+ ldapc = ldap.connection
+ basedn = 'ou=people,dc=example,dc=com'
+ search_filter = '(objectClass=posixAccount)'
+ attributes = ['sn', 'givenName', 'uid', 'mail']
+ ldapc.search(basedn, search_filter, SUBTREE,
+ attributes=attributes)
+ response = ldapc.response
+
+
+User model samples
+------------------
+
+.. code-block:: python
+
+ from flask import Flask
+ from flask_ldapconn import LDAPConn
+
+ app = Flask(__name__)
+ ldap = LDAPConn(app)
+
+ class User(ldap.Entry):
+
+ base_dn = 'ou=people,dc=example,dc=com'
+ object_classes = ['inetOrgPerson']
+
+ name = ldap.Attribute('cn')
+ email = ldap.Attribute('mail')
+ userid = ldap.Attribute('uid')
+ surname = ldap.Attribute('sn')
+ givenname = ldap.Attribute('givenName')
+
+ with app.app_context():
+
+ # get a list of entries
+ entries = User.query.filter('email: *@example.com').all()
+ for entry in entries:
+ print u'Name: {}'.format(entry.name)
+
+ # get the first entry
+ user = User.query.filter('userid: user1').first()
+
+ # new entry
+ new_user = User(
+ name='User Three',
+ email='user3 at example.com',
+ userid='user3',
+ surname='Three',
+ givenname='User'
+ )
+ new_user.save()
+
+ # modify entry
+ mod_user = User.query.filter('userid: user1').first()
+ mod_user.name = 'User Number Three'
+ mod_user.email.append.('u.three at example.com')
+ mod_user.givenname.delete()
+ mod_user.save()
+
+ # remove entry
+ rm_user = User.query.filter('userid: user1').first()
+ rm_user.delete()
+
+ # authenticate user
+ auth_user = User.query.filter('userid: user1').first()
+ if auth_user:
+ if auth_user.authenticate('password1234'):
+ print('Authenticated')
+ else:
+ print('Wrong password')
+
+
+Authenticate with Client
+------------------------
+
+.. code-block:: python
+
+ from flask import Flask
+ from flask_ldapconn import LDAPConn
+
+ app = Flask(__name__)
+ ldap = LDAPConn(app)
+
+ username = 'user1'
+ password = 'userpass'
+ attribute = 'uid'
+ search_filter = ('(active=1)')
+
+ with app.app_context():
+ retval = ldap.authenticate(username, password, attribute,
+ basedn, search_filter')
+ if not retval:
+ return 'Invalid credentials.'
+ return 'Welcome %s.' % username
+
+
+Bind as user
+------------
+
+To bind as user for the current request save a new connection to ``flask.g.ldap_conn``:
+
+.. code-block:: python
+
+ g.ldap_conn = ldap.connect(userdn, password)
+ user = User.query.get(userdn)
+
+Unit Test
+---------
+
+I use a simple Docker image to run the tests on localhost. The test file ``test_flask_ldapconn.py`` tries to handle ``start`` and ``stop`` of the docker container:
+
+.. code-block:: shell
+
+ pip install docker-py
+ docker pull rroemhild/test-openldap
+ python test_flask_ldapconn.py
+
+Run the docker container manual:
+
+.. code-block:: shell
+
+ docker run --privileged -d -p 389:389 --name flask_ldapconn rroemhild/test-openldap
+ DOCKER_RUN=False python test_flask_ldapconn.py
+
+Unit test with your own settings from a file:
+
+.. code-block:: shell
+
+ LDAP_SETTINGS=my_settings.py python test_flask_ldapconn.py
+
+
+Contribute
+----------
+
+#. Check for open issues or open a fresh issue to start a discussion around a feature idea or a bug.
+#. Fork `the repository`_ on Github to start making your changes.
+#. Write a test which shows that the bug was fixed or that the feature works as expected.
+#. Send a pull request and bug the maintainer until it gets merged and published.
+
+.. _`the repository`: http://github.com/rroemhild/flask-ldapconn
diff --git a/flask_ldapconn/__init__.py b/flask_ldapconn/__init__.py
new file mode 100644
index 0000000..b6be81b
--- /dev/null
+++ b/flask_ldapconn/__init__.py
@@ -0,0 +1,192 @@
+# -*- coding: utf-8 -*-
+import ssl
+
+from flask import current_app, g
+from flask import _app_ctx_stack as stack
+from ldap3 import Server, Connection, Tls
+from ldap3 import SYNC, GET_ALL_INFO, SUBTREE
+from ldap3 import AUTO_BIND_NO_TLS, AUTO_BIND_TLS_BEFORE_BIND
+from ldap3 import LDAPBindError, LDAPInvalidFilterError, LDAPInvalidDnError
+from ldap3.utils.dn import split_ava
+
+from .entry import LDAPEntry
+from .attribute import LDAPAttribute
+
+
+__all__ = ('LDAPConn',)
+
+
+class LDAPConn(object):
+
+ def __init__(self, app=None):
+
+ self.Entry = LDAPEntry
+ self.Attribute = LDAPAttribute
+ self.Model = self.Entry
+ self._app = app
+
+ if app is not None:
+ self.init_app(app)
+
+ def init_app(self, app):
+ ssl_defaults = ssl.get_default_verify_paths()
+
+ # Default config
+ app.config.setdefault('LDAP_SERVER', 'localhost')
+ app.config.setdefault('LDAP_PORT', 389)
+ app.config.setdefault('LDAP_BINDDN', None)
+ app.config.setdefault('LDAP_SECRET', None)
+ app.config.setdefault('LDAP_TIMEOUT', 10)
+ app.config.setdefault('LDAP_READ_ONLY', False)
+ app.config.setdefault('LDAP_VALID_NAMES', None)
+ app.config.setdefault('LDAP_PRIVATE_KEY_PASSWORD', None)
+
+ app.config.setdefault('LDAP_CONNECTION_STRATEGY', SYNC)
+
+ app.config.setdefault('LDAP_USE_SSL', False)
+ app.config.setdefault('LDAP_USE_TLS', True)
+ app.config.setdefault('LDAP_TLS_VERSION', ssl.PROTOCOL_TLSv1)
+ app.config.setdefault('LDAP_REQUIRE_CERT', ssl.CERT_REQUIRED)
+
+ app.config.setdefault('LDAP_CLIENT_PRIVATE_KEY', None)
+ app.config.setdefault('LDAP_CLIENT_CERT', None)
+
+ app.config.setdefault('LDAP_CA_CERTS_FILE', ssl_defaults.cafile)
+ app.config.setdefault('LDAP_CA_CERTS_PATH', ssl_defaults.capath)
+ app.config.setdefault('LDAP_CA_CERTS_DATA', None)
+
+ self.tls = Tls(
+ local_private_key_file=app.config['LDAP_CLIENT_PRIVATE_KEY'],
+ local_certificate_file=app.config['LDAP_CLIENT_CERT'],
+ validate=app.config['LDAP_REQUIRE_CERT'],
+ version=app.config['LDAP_TLS_VERSION'],
+ ca_certs_file=app.config['LDAP_CA_CERTS_FILE'],
+ valid_names=app.config['LDAP_VALID_NAMES'],
+ ca_certs_path=app.config['LDAP_CA_CERTS_PATH'],
+ ca_certs_data=app.config['LDAP_CA_CERTS_DATA'],
+ local_private_key_password=app.config['LDAP_PRIVATE_KEY_PASSWORD']
+ )
+
+ self.ldap_server = Server(
+ host=app.config['LDAP_SERVER'],
+ port=app.config['LDAP_PORT'],
+ use_ssl=app.config['LDAP_USE_SSL'],
+ tls=self.tls,
+ get_info=GET_ALL_INFO
+ )
+
+ # Store ldap_conn object to extensions
+ app.extensions['ldap_conn'] = self
+
+ # Teardown appcontext
+ app.teardown_appcontext(self.teardown)
+
+ def connect(self, user, password):
+ auto_bind_strategy = AUTO_BIND_TLS_BEFORE_BIND
+ if current_app.config['LDAP_USE_TLS'] is not True:
+ auto_bind_strategy = AUTO_BIND_NO_TLS
+
+ ldap_conn = Connection(
+ self.ldap_server,
+ auto_bind=auto_bind_strategy,
+ client_strategy=current_app.config['LDAP_CONNECTION_STRATEGY'],
+ user=user,
+ password=password,
+ check_names=True,
+ read_only=current_app.config['LDAP_READ_ONLY'],
+ )
+
+ return ldap_conn
+
+ def teardown(self, exception):
+ if hasattr(g, 'ldap_conn'):
+ g.ldap_conn.unbind()
+
+ ctx = stack.top
+ if hasattr(ctx, 'ldap_conn'):
+ ctx.ldap_conn.unbind()
+
+ @property
+ def connection(self):
+ if hasattr(g, 'ldap_conn'):
+ return g.ldap_conn
+
+ ctx = stack.top
+ if ctx is not None:
+ if not hasattr(ctx, 'ldap_conn'):
+ ctx.ldap_conn = self.connect(
+ current_app.config['LDAP_BINDDN'],
+ current_app.config['LDAP_SECRET']
+ )
+ return ctx.ldap_conn
+
+ def authenticate(self,
+ username,
+ password,
+ attribute=None,
+ base_dn=None,
+ search_filter=None,
+ search_scope=SUBTREE):
+ '''Attempts to bind a user to the LDAP server.
+
+ Args:
+ username (str): DN or the username to attempt to bind with.
+ password (str): The password of the username.
+ attribute (str): The LDAP attribute for the username.
+ base_dn (str): The LDAP basedn to search on.
+ search_filter (str): LDAP searchfilter to attempt the user
+ search with.
+
+ Returns:
+ bool: ``True`` if successful or ``False`` if the
+ credentials are invalid.
+ '''
+ # If the username is no valid DN we can bind with, we nee to find
+ # the user first.
+ if not split_ava(username)[0]:
+ user_filter = '({0}={1})'.format(attribute, username)
+ if search_filter is not None:
+ user_filter = '(&{0}{1})'.format(user_filter, search_filter)
+
+ try:
+ self.connection.search(base_dn, user_filter, search_scope,
+ attributes=[attribute])
+ response = self.connection.response
+ username = response[0]['dn']
+ except (LDAPInvalidDnError, LDAPInvalidFilterError, IndexError):
+ return False
+
+ try:
+ conn = self.connect(username, password)
+ conn.unbind()
+ return True
+ except LDAPBindError:
+ return False
+
+ def whoami(self):
+ '''Deprecated
+
+ Use LDAPConn.connection.extend.standard.who_am_i()
+ '''
+ return self.connection.extend.standard.who_am_i()
+
+ def result(self):
+ '''Deprecated
+
+ Use LDAPConn.connection.result
+ '''
+ return self.connection.result
+
+ def response(self):
+ '''Deprecated
+
+ Use LDAPConn.connection.response
+ '''
+ return self.connection.response
+
+ def search(self, *args, **kwargs):
+ '''Deprecated
+
+ Use LDAPConn.connection.search()
+ '''
+ return self.connection.search(*args, **kwargs)
diff --git a/flask_ldapconn/attribute.py b/flask_ldapconn/attribute.py
new file mode 100644
index 0000000..d80f358
--- /dev/null
+++ b/flask_ldapconn/attribute.py
@@ -0,0 +1,81 @@
+# -*- coding: utf-8 -*-
+from ldap3 import AttrDef, LDAPAttributeError
+from ldap3 import STRING_TYPES, MODIFY_ADD, MODIFY_DELETE, MODIFY_REPLACE
+
+
+class LDAPAttribute(object):
+
+ def __init__(self, name, validate=None, default=None, dereference_dn=None):
+ self.__dict__['name'] = name
... 407 lines suppressed ...
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/python-modules/packages/flask-ldapconn.git
More information about the Python-modules-commits
mailing list