Only define LDAP authn support if the library can be imported.

2015-12-08 11:19:12 +01:00 · 2015-12-08 11:19:12 +01:00 · 90fb449ce8
commit 90fb449ce8
parent 0b1da5ad7e
1 changed files with 32 additions and 28 deletions
--- a/src/saml2/authn.py
+++ b/src/saml2/authn.py
@ -1,7 +1,6 @@
 import logging
 import six
 import time
-import ldap
 from saml2 import SAMLError
 from saml2.aes import AESCipher
 from saml2.httputil import Response
@ -231,33 +230,38 @@ class AuthnMethodChooser(object):
        else:
            pass  # TODO

+try:
+    import ldap

-class LDAPAuthn(UsernamePasswordMako):
-    def __init__(self, srv, ldapsrv, return_to,
-                 dn_pattern, mako_template, template_lookup):
-        """
-        :param srv: The server instance
-        :param ldapsrv: Which LDAP server to us
-        :param return_to: Where to send the user after authentication
-        :return:
-        """
-        UsernamePasswordMako.__init__(self, srv, mako_template, template_lookup,
-                                      None, return_to)
+    class LDAPAuthn(UsernamePasswordMako):
+        def __init__(self, srv, ldapsrv, return_to,
+                     dn_pattern, mako_template, template_lookup):
+            """
+            :param srv: The server instance
+            :param ldapsrv: Which LDAP server to us
+            :param return_to: Where to send the user after authentication
+            :return:
+            """
+            UsernamePasswordMako.__init__(self, srv, mako_template, template_lookup,
+                                          None, return_to)

-        self.ldap = ldap.initialize(ldapsrv)
-        self.ldap.protocol_version = 3
-        self.ldap.set_option(ldap.OPT_REFERRALS, 0)
-        self.dn_pattern = dn_pattern
+            self.ldap = ldap.initialize(ldapsrv)
+            self.ldap.protocol_version = 3
+            self.ldap.set_option(ldap.OPT_REFERRALS, 0)
+            self.dn_pattern = dn_pattern

-    def _verify(self, pwd, user):
-        """
-        Verifies the username and password agains a LDAP server
-        :param pwd: The password
-        :param user: The username
-        :return: AssertionError if the LDAP verification failed.
-        """
-        _dn = self.dn_pattern % user
-        try:
-            self.ldap.simple_bind_s(_dn, pwd)
-        except Exception:
-            raise AssertionError()
+        def _verify(self, pwd, user):
+            """
+            Verifies the username and password agains a LDAP server
+            :param pwd: The password
+            :param user: The username
+            :return: AssertionError if the LDAP verification failed.
+            """
+            _dn = self.dn_pattern % user
+            try:
+                self.ldap.simple_bind_s(_dn, pwd)
+            except Exception:
+                raise AssertionError()
+except ImportError:
+    class LDAPAuthn(UserAuthnMethod):
+        pass