319 |
319 |
# First get our configuration into a standard format
|
320 |
320 |
for block in blocks:
|
321 |
321 |
cls.update_default(block)
|
|
322 |
# python-ldap needs UTF-8 encoded strings
|
|
323 |
if isinstance(block.get('base_dn'), unicode):
|
|
324 |
block['base_dn'] = block['base_dn'].encode('utf-8')
|
322 |
325 |
log.debug('got config %r', blocks)
|
323 |
326 |
return blocks
|
324 |
327 |
|
... | ... | |
349 |
352 |
utf8_username = smart_bytes(username)
|
350 |
353 |
utf8_password = smart_bytes(password)
|
351 |
354 |
|
|
355 |
# python-ldap needs UTF-8 encoded strings
|
|
356 |
for dn_subelement in ('basedn', 'user_basedn', 'user_dn_template'):
|
|
357 |
if isinstance(block.get(dn_subelement), unicode):
|
|
358 |
block[dn_sublement] = block[dn_subelement].encode('utf-8')
|
|
359 |
|
352 |
360 |
for conn in self.get_connections(block):
|
353 |
361 |
authz_ids = []
|
354 |
362 |
user_basedn = block.get('user_basedn') or block['basedn']
|
... | ... | |
522 |
530 |
'''Retrieve group DNs from the LDAP by attributes (memberOf) or by
|
523 |
531 |
filter.
|
524 |
532 |
'''
|
|
533 |
# python-ldap needs UTF-8 encoded strings
|
|
534 |
if isinstance(block.get('group_base_dn'), unicode):
|
|
535 |
block['group_base_dn'] = block['group_base_dn'].encode('utf-8')
|
525 |
536 |
group_base_dn = block.get('group_basedn', block['basedn'])
|
526 |
537 |
member_of_attribute = block['member_of_attribute']
|
527 |
538 |
group_filter = block['group_filter']
|
... | ... | |
840 |
851 |
if conn is None:
|
841 |
852 |
logger.warning(u'unable to synchronize with LDAP servers %r', block['url'])
|
842 |
853 |
continue
|
|
854 |
# python-ldap needs UTF-8 encoded strings.
|
|
855 |
if isinstance(block.get('user_basedn'), unicode):
|
|
856 |
block['user_basedn'] = block['user_basedn'].encode('utf-8')
|
843 |
857 |
user_basedn = block.get('user_basedn') or block['basedn']
|
844 |
858 |
user_filter = block['sync_ldap_users_filter'] or block['user_filter']
|
845 |
859 |
user_filter = user_filter.replace('%s', '*')
|
... | ... | |
950 |
964 |
auth = handler_class(*sasl_params)
|
951 |
965 |
conn.sasl_interactive_bind_s(who, auth)
|
952 |
966 |
elif block['binddn'] and block['bindpw']:
|
|
967 |
# python-ldap needs UTF-8 encoded strings
|
|
968 |
if isinstance(block.get('binddn'), unicode):
|
|
969 |
block['binddn'] = block['binddn'].encode('utf-8')
|
953 |
970 |
conn.bind_s(block['binddn'], block['bindpw'])
|
954 |
971 |
yield conn
|
955 |
972 |
except ldap.INVALID_CREDENTIALS:
|
... | ... | |
1072 |
1089 |
results = conn.search_s(dn, ldap.SCOPE_BASE)
|
1073 |
1090 |
else:
|
1074 |
1091 |
ldap_filter = self.external_id_to_filter(external_id, external_id_tuple)
|
|
1092 |
# python-ldap needs UTF-8 encoded strings
|
|
1093 |
if isinstance(block.get('basedn'), unicode):
|
|
1094 |
block['basedn'] = block['basedn'].encode('utf-8')
|
1075 |
1095 |
results = conn.search_s(block['basedn'],
|
1076 |
1096 |
ldap.SCOPE_SUBTREE, ldap_filter)
|
1077 |
1097 |
if not results:
|