LDAP authentication python 3 compatibility

[stephane-martin]

Hello,

first step to python 3 compatibility : LDAP.

Currently Realms uses the python-ldap package. python-ldap is not Python 3 compatible, and it's a binary package that links to libldap headers (somewhat painful to install).

Realms also uses flask-ldap-login. That package has a few problems, and the author doesn't react to my (simple) PR so far :-/

So the proposed change is to:

• use package ldap3. It's pure-python (no compilation !), mature, nicely-written, and python 3 compatible.
• get rid of the flask-ldap-login dependency.

I kept the configuration style of flask-ldap-login so that it's easy to migrate.

Not finished: TLS and START_TLS LDAP connections. For that the flask-ldap-login configuration style is not really great, and i'd like to think a bit more about it to find an easier way.

Thank you, Stephane

[scragg0x]

I will test this out when I get a chance. Would this possibly break anyone currently using LDAP with realms?

[stephane-martin]

possibly

• if there's a bug (so needs testing)
• if they use LDAPS or LDAP/STARTLS (implementation to be completed)

[stephane-martin]

The TLS part has been completed. I did some tests with a few LDAP servers configurations.

To do now: more comments and code documentation.

[stephane-martin]

(and more testing obviously)

[scragg0x]

@stephane-martin is this ok to merge?

[stephane-martin]

Sorry for delay, busy times. I think it's OK to merge. But I've not been able to test every configuration possible related to LDAP/TLS.