Open Yakuza-UA opened 4 years ago
I had to go through LDAP3 documentation thoroughly to understand what's going on. So... the biggest limitation of this module is that it's built around RAW response object, rather than ENTRIES. For example, here's a slightly modified code that does not suffer from the same problem
data = None
if len(connection.entries) > 0:
data = connection.entries[0].entry_attributes_to_dict
Even better if it was just returning an entry object as it's so much more powerful. Few examples:
entry.entry_dn
entry.entry_attributes_as_dict
entry.entry_to_json()
Anyway, by playing with LDAP3 I figured out that this plugin is TOO heavy for my needs. Therefore I will move away to use pure LDAP3 instead. Leaving this issue open for future potential improvements. Consider using connection.entries
in future code releases, even if you're going to preserve public interface, at least use this internally 😄
I think this is most likely a real bug; I've added it to the 1.0 milestone.
This issue only happens whenever I want to user
get_user_info_for_username()
and search applies to Base DN only (i.e. User DN is None). The way our AD is structured is there are following elements at its rootUnfortunately, if I use
get_user_info_for_username(username)
it throws the following error:I had to modify source code of
get_object()
as per below to get some debug data:It returned the following
So, even though user does not exist under DC=domain,DC=com, LDAP plugin searches through parallel structures and returns a list as seen above. Because
get_object()
only checks forlen(connection.response) > 0
, this results into condition as if user was found. Last line in the code then raisesKeyError
exception because first item (in fact all those in the response) has no 'attributes' key in its list.Would you be so kind to advise if I have to apply an alternative approach? At the moment I ended up capturing this exception in my code, but it doesn't seem CLEAN. This exception is due to Flask-LDAP3-Login not processing the data properly, imho.