`user.auth.clients.ldap`¶

Module Contents¶

Classes¶

Functions¶

auto_retry(→ Callable[Concatenate[LDAPClient, _P], _T])

Retries the decorated function if a LDAP connection error occurs, up

Attributes¶

`_P`
`_T`

user.auth.clients.ldap._P[source]¶

user.auth.clients.ldap._T[source]¶

user.auth.clients.ldap.auto_retry(fn: Callable[Concatenate[LDAPClient, _P], _T], max_tries: int = 5, pause: float = 0.1) → Callable[Concatenate[LDAPClient, _P], _T][source]¶: Retries the decorated function if a LDAP connection error occurs, up to a given set of retries, using linear backoff.

class user.auth.clients.ldap.LDAPClient[source]¶

property base_dn: str[source]¶: Extracts the distinguished name from the username.

url: str[source]¶

username: str[source]¶

password: str[source]¶

connection() → ldap3.Connection[source]¶

Returns the read-only connection to the LDAP server.

Calling this property is not enough to ensure that the connection is possible. You should use try_configuration() for that.

try_configuration() → None[source]¶: Verifies the connection to the LDAP server.

search(query: str, attributes: Sequence[str] = ()) → dict[str, dict[str, Any]][source]¶: Runs an LDAP query against the server and returns a dictionary with the distinguished name as key and the given attributes as values (also a dict).

compare(name: str, attribute: str, value: Any) → bool[source]¶

Returns true if given user’s attribute has the expected value.

Parameters:

name – The distinguished name (DN) of the LDAP user.
attribute – The attribute to query.
value – The value to compare to.

The method returns True if the given value is found on the user.

This is most notably used for password checks. For example:

client.compare('cn=admin', 'userPassword', 'hunter2')