Added missing directory
This commit is contained in:
parent
764b15ca97
commit
c704b2a074
|
@ -0,0 +1,55 @@
|
|||
# Interface to external user info resources
|
||||
|
||||
import copy
|
||||
|
||||
|
||||
class UserInfo(object):
|
||||
""" Read only interface to a user info store """
|
||||
|
||||
def __init__(self):
|
||||
pass
|
||||
|
||||
def __call__(self, **kwargs):
|
||||
pass
|
||||
|
||||
|
||||
class UserInfoDB(UserInfo):
|
||||
""" Read only interface to a user info store """
|
||||
|
||||
def __init__(self, db=None):
|
||||
self.db = db
|
||||
|
||||
@staticmethod
|
||||
def filter(userinfo, user_info_claims=None):
|
||||
"""
|
||||
Return only those claims that are asked for.
|
||||
It's a best effort task; if essential claims are not present
|
||||
no error is flagged.
|
||||
|
||||
:param userinfo: A dictionary containing the available user info.
|
||||
:param user_info_claims: A dictionary specifying the asked for claims
|
||||
:return: A dictionary of filtered claims.
|
||||
"""
|
||||
|
||||
if user_info_claims is None:
|
||||
return copy.copy(userinfo)
|
||||
else:
|
||||
result = {}
|
||||
missing = []
|
||||
optional = []
|
||||
for key, restr in user_info_claims.items():
|
||||
try:
|
||||
result[key] = userinfo[key]
|
||||
except KeyError:
|
||||
if restr == {"essential": True}:
|
||||
missing.append(key)
|
||||
else:
|
||||
optional.append(key)
|
||||
return result
|
||||
|
||||
def __call__(self, userid, user_info_claims=None, **kwargs):
|
||||
try:
|
||||
return self.filter(self.db[userid], user_info_claims)
|
||||
except KeyError:
|
||||
return {}
|
||||
|
|
@ -0,0 +1,37 @@
|
|||
import ldap
|
||||
from ldap import SCOPE_SUBTREE
|
||||
from saml2.userinfo import UserInfo
|
||||
|
||||
|
||||
class UserInfoLDAP(UserInfo):
|
||||
def __init__(self, uri, base, filter_pattern, scope=SCOPE_SUBTREE,
|
||||
tls=False, user="", passwd="", attr=None, attrsonly=False):
|
||||
UserInfo.__init__(self)
|
||||
self.ldapuri = uri
|
||||
self.base = base
|
||||
self.filter_pattern = filter_pattern
|
||||
self.scope = scope
|
||||
self.tls = tls
|
||||
self.attr = attr
|
||||
self.attrsonly = attrsonly
|
||||
self.ld = ldap.initialize(uri)
|
||||
self.ld.protocol_version = ldap.VERSION3
|
||||
self.ld.simple_bind_s(user, passwd)
|
||||
|
||||
def __call__(self, userid, base="", filter_pattern="", scope=SCOPE_SUBTREE,
|
||||
tls=False, attr=None, attrsonly=False, **kwargs):
|
||||
|
||||
if filter_pattern:
|
||||
_filter = filter_pattern % userid
|
||||
else:
|
||||
_filter = self.filter_pattern % userid
|
||||
|
||||
_base = base or self.base
|
||||
_scope = scope or self.scope
|
||||
_attr = attr or self.attr
|
||||
_attrsonly = attrsonly or self.attrsonly
|
||||
arg = [_base, _scope, _filter, _attr, _attrsonly]
|
||||
res = self.ld.search_s(*arg)
|
||||
# should only be one entry and the information per entry is
|
||||
# the tuple (dn, ava)
|
||||
return res[0][1]
|
Loading…
Reference in New Issue