Python LDAPSearchResultDone Examples, ldaptor.protocols.pureldap.LDAPSearchResultDone Python Examples

Example #1

0

Show file

File: test_proxybase.py Project: slayer/duoauthproxy-freebsd

 def test_search(self):
     """
     When performing an LDAP search against the server; the search results and
     a single "search done" response is written to the transport.
     """
     server = self.createServer(
         [pureldap.LDAPBindResponse(resultCode=0)],
         [
             pureldap.LDAPSearchResultEntry('cn=foo,dc=example,dc=com',
                                            [('a', ['b'])]),
             pureldap.LDAPSearchResultEntry('cn=bar,dc=example,dc=com',
                                            [('b', ['c'])]),
             pureldap.LDAPSearchResultDone(ldaperrors.Success.resultCode)
         ],
     )
     server.dataReceived(
         pureldap.LDAPMessage(pureldap.LDAPBindRequest(), id=2).toWire())
     server.dataReceived(
         pureldap.LDAPMessage(pureldap.LDAPSearchRequest(), id=3).toWire())
     server.reactor.advance(1)
     self.assertEqual(
         server.transport.value(),
         pureldap.LDAPMessage(pureldap.LDAPBindResponse(resultCode=0),
                              id=2).toWire() +
         pureldap.LDAPMessage(pureldap.LDAPSearchResultEntry(
             'cn=foo,dc=example,dc=com', [('a', ['b'])]),
                              id=3).toWire() +
         pureldap.LDAPMessage(pureldap.LDAPSearchResultEntry(
             'cn=bar,dc=example,dc=com', [('b', ['c'])]),
                              id=3).toWire() +
         pureldap.LDAPMessage(pureldap.LDAPSearchResultDone(
             ldaperrors.Success.resultCode),
                              id=3).toWire())

Example #2

0

Show file

File: test_proxy.py Project: shivram2609/ldaptor

 def test_search(self):
     server = self.createServer(
         [
             pureldap.LDAPBindResponse(resultCode=0),
         ],
         [
             pureldap.LDAPSearchResultEntry("cn=foo,dc=example,dc=com",
                                            [("a", ["b"])]),
             pureldap.LDAPSearchResultEntry("cn=bar,dc=example,dc=com",
                                            [("b", ["c"])]),
             pureldap.LDAPSearchResultDone(ldaperrors.Success.resultCode),
         ],
     )
     server.dataReceived(
         pureldap.LDAPMessage(pureldap.LDAPBindRequest(), id=2).toWire())
     server.dataReceived(
         pureldap.LDAPMessage(pureldap.LDAPSearchRequest(), id=3).toWire())
     reactor.iterate()  # TODO
     self.assertEqual(
         server.transport.value(),
         pureldap.LDAPMessage(pureldap.LDAPBindResponse(resultCode=0),
                              id=2).toWire() +
         pureldap.LDAPMessage(
             pureldap.LDAPSearchResultEntry("cn=foo,dc=example,dc=com",
                                            [("a", ["b"])]),
             id=3,
         ).toWire() + pureldap.LDAPMessage(
             pureldap.LDAPSearchResultEntry("cn=bar,dc=example,dc=com",
                                            [("b", ["c"])]),
             id=3,
         ).toWire() + pureldap.LDAPMessage(pureldap.LDAPSearchResultDone(
             ldaperrors.Success.resultCode),
                                           id=3).toWire(),
     )

Example #3

0

Show file

File: test_proxybase.py Project: slayer/duoauthproxy-freebsd

 def test_intercepted_search_response(self):
     """
     When performing an LDAP search against the server; the search results are
     intercepted and modified by the proxy.
     """
     server = self.createServer([pureldap.LDAPBindResponse(resultCode=0)], [
         pureldap.LDAPSearchResultEntry('cn=foo,dc=example,dc=com',
                                        [('a', ['b'])]),
         pureldap.LDAPSearchResultEntry('cn=bar,dc=example,dc=com',
                                        [('b', ['c'])]),
         pureldap.LDAPSearchResultDone(ldaperrors.Success.resultCode)
     ],
                                protocol=ResponseInterceptingProxy)
     server.dataReceived(
         pureldap.LDAPMessage(pureldap.LDAPBindRequest(), id=2).toWire())
     server.dataReceived(
         pureldap.LDAPMessage(pureldap.LDAPSearchRequest(), id=3).toWire())
     server.reactor.advance(1)
     server.reactor.advance(5)
     self.assertEqual(
         server.transport.value(),
         pureldap.LDAPMessage(pureldap.LDAPBindResponse(resultCode=0),
                              id=2).toWire() +
         pureldap.LDAPMessage(pureldap.LDAPSearchResultEntry(
             'cn=foo,dc=example,dc=com', [('a', ['b']),
                                          ('frotz', ['xyzzy'])]),
                              id=3).toWire() +
         pureldap.LDAPMessage(pureldap.LDAPSearchResultEntry(
             'cn=bar,dc=example,dc=com', [('b', ['c']),
                                          ('frotz', ['xyzzy'])]),
                              id=3).toWire() +
         pureldap.LDAPMessage(pureldap.LDAPSearchResultDone(
             ldaperrors.Success.resultCode),
                              id=3).toWire())

Example #4

0

Show file

    def test_bind_noMatchingServicesFound_fallback_success(self):
        server = self.createServer(
            services=['svc1',
                      'svc2',
                      'svc3',
                      ],
            fallback=True,
            responses=[
            [ pureldap.LDAPSearchResultDone(ldaperrors.Success.resultCode) ],
            [ pureldap.LDAPSearchResultDone(ldaperrors.Success.resultCode) ],
            [ pureldap.LDAPSearchResultDone(ldaperrors.Success.resultCode) ],
            [ pureldap.LDAPBindResponse(resultCode=ldaperrors.Success.resultCode) ],
            ])
        server.dataReceived(str(pureldap.LDAPMessage(pureldap.LDAPBindRequest(dn='cn=jack,dc=example,dc=com', auth='s3krit'), id=4)))
        reactor.iterate() #TODO
        client = server.client

        client.assertSent(
            pureldap.LDAPSearchRequest(baseObject='dc=example,dc=com',
                                       derefAliases=0,
                                       sizeLimit=0,
                                       timeLimit=0,
                                       typesOnly=0,
                                       filter=ldapfilter.parseFilter('(&'
                                                                     +'(objectClass=serviceSecurityObject)'
                                                                     +'(owner=cn=jack,dc=example,dc=com)'
                                                                     +'(cn=svc1)'
                                                                     +('(|(!(validFrom=*))(validFrom<=%s))' % server.now)
                                                                     +('(|(!(validUntil=*))(validUntil>=%s))' % server.now)
                                                                     +')'),
                                       attributes=('1.1',)),
            pureldap.LDAPSearchRequest(baseObject='dc=example,dc=com',
                                       derefAliases=0,
                                       sizeLimit=0,
                                       timeLimit=0,
                                       typesOnly=0,
                                       filter=ldapfilter.parseFilter('(&'
                                                                     +'(objectClass=serviceSecurityObject)'
                                                                     +'(owner=cn=jack,dc=example,dc=com)'
                                                                     +'(cn=svc2)'
                                                                     +('(|(!(validFrom=*))(validFrom<=%s))' % server.now)
                                                                     +('(|(!(validUntil=*))(validUntil>=%s))' % server.now)
                                                                     +')'),
                                       attributes=('1.1',)),
            pureldap.LDAPSearchRequest(baseObject='dc=example,dc=com',
                                       derefAliases=0,
                                       sizeLimit=0,
                                       timeLimit=0,
                                       typesOnly=0,
                                       filter=ldapfilter.parseFilter('(&'
                                                                     +'(objectClass=serviceSecurityObject)'
                                                                     +'(owner=cn=jack,dc=example,dc=com)'
                                                                     +'(cn=svc3)'
                                                                     +('(|(!(validFrom=*))(validFrom<=%s))' % server.now)
                                                                     +('(|(!(validUntil=*))(validUntil>=%s))' % server.now)
                                                                     +')'),
                                       attributes=('1.1',)),
            pureldap.LDAPBindRequest(dn='cn=jack,dc=example,dc=com', auth='s3krit'))
        self.assertEquals(server.transport.value(),
                          str(pureldap.LDAPMessage(pureldap.LDAPBindResponse(resultCode=ldaperrors.Success.resultCode), id=4)))

Example #5

0

Show file

File: test_fetchschema.py Project: slayer/duoauthproxy-freebsd

    def testSimple(self):
        client = LDAPClientTestDriver(
            [
                pureldap.LDAPSearchResultEntry(
                    objectName='',
                    attributes=(
                        ('subschemaSubentry', ['cn=Subschema']),
                        ('bar', ['b', 'c']),
                    ),
                ),
                pureldap.LDAPSearchResultDone(
                    resultCode=0, matchedDN='', errorMessage='')
            ],
            [
                pureldap.LDAPSearchResultEntry(
                    objectName='cn=Subschema',
                    attributes=(
                        ('attributeTypes', [self.cn]),
                        ('objectClasses', [self.dcObject]),
                    ),
                ),
                pureldap.LDAPSearchResultDone(
                    resultCode=0, matchedDN='', errorMessage='')
            ],
        )

        d = fetchschema.fetch(client, 'dc=example,dc=com')
        d.addCallback(self._cb_testSimple, client)
        return d

Example #6

0

Show file

 def test_search(self):
     server = self.createServer(
         [
             pureldap.LDAPBindResponse(resultCode=0),
         ],
         [
             pureldap.LDAPSearchResultEntry('cn=foo,dc=example,dc=com',
                                            [('a', ['b'])]),
             pureldap.LDAPSearchResultEntry('cn=bar,dc=example,dc=com',
                                            [('b', ['c'])]),
             pureldap.LDAPSearchResultDone(ldaperrors.Success.resultCode),
         ],
     )
     server.dataReceived(
         str(pureldap.LDAPMessage(pureldap.LDAPBindRequest(), id=2)))
     server.dataReceived(
         str(pureldap.LDAPMessage(pureldap.LDAPSearchRequest(), id=3)))
     reactor.iterate()  #TODO
     self.assertEquals(
         server.transport.value(),
         str(
             pureldap.LDAPMessage(
                 pureldap.LDAPBindResponse(resultCode=0), id=2)) + str(
                     pureldap.LDAPMessage(pureldap.LDAPSearchResultEntry(
                         'cn=foo,dc=example,dc=com', [('a', ['b'])]),
                                          id=3)) +
         str(
             pureldap.LDAPMessage(pureldap.LDAPSearchResultEntry(
                 'cn=bar,dc=example,dc=com', [('b', ['c'])]),
                                  id=3)) +
         str(
             pureldap.LDAPMessage(pureldap.LDAPSearchResultDone(
                 ldaperrors.Success.resultCode),
                                  id=3)))

Example #7

0

Show file

File: test_proxybase.py Project: s0undt3ch/ldaptor

 def test_intercepted_search_request(self):
     """
     When performing an LDAP search against the server; the requests are
     intercepted and custom responses are written to the transport.
     """
     server = self.createServer([pureldap.LDAPBindResponse(resultCode=0)], [
         pureldap.LDAPSearchResultEntry('cn=foo,dc=example,dc=com',
                                        [('a', ['b'])]),
         pureldap.LDAPSearchResultEntry('cn=bar,dc=example,dc=com',
                                        [('b', ['c'])]),
         pureldap.LDAPSearchResultDone(ldaperrors.Success.resultCode),
     ],
                                protocol=RequestInterceptingProxy)
     server.responses = [
         pureldap.LDAPSearchResultEntry('cn=xyzzy,dc=example,dc=com',
                                        [('frobnitz', ['zork'])]),
         pureldap.LDAPSearchResultDone(ldaperrors.Success.resultCode)
     ]
     server.dataReceived(
         str(pureldap.LDAPMessage(pureldap.LDAPSearchRequest(), id=1)))
     server.reactor.advance(1)
     self.assertEqual(len(server.clientTestDriver.sent), 0)
     self.assertEqual(
         server.transport.value(),
         str(
             pureldap.LDAPMessage(pureldap.LDAPSearchResultEntry(
                 'cn=xyzzy,dc=example,dc=com', [('frobnitz', ['zork'])]),
                                  id=1)) +
         str(
             pureldap.LDAPMessage(pureldap.LDAPSearchResultDone(
                 ldaperrors.Success.resultCode),
                                  id=1)))

Example #8

0

Show file

    def testSimple(self):
        client = LDAPClientTestDriver(
            [
                pureldap.LDAPSearchResultEntry(
                    objectName="",
                    attributes=(
                        ("subschemaSubentry", ["cn=Subschema"]),
                        ("bar", ["b", "c"]),
                    ),
                ),
                pureldap.LDAPSearchResultDone(
                    resultCode=0, matchedDN="", errorMessage=""),
            ],
            [
                pureldap.LDAPSearchResultEntry(
                    objectName="cn=Subschema",
                    attributes=(
                        ("attributeTypes", [self.cn]),
                        ("objectClasses", [self.dcObject]),
                    ),
                ),
                pureldap.LDAPSearchResultDone(
                    resultCode=0, matchedDN="", errorMessage=""),
            ],
        )

        d = fetchschema.fetch(client, "dc=example,dc=com")
        d.addCallback(self._cb_testSimple, client)
        return d

Example #9

0

Show file

    def test_send_multiResponse_with_handler(self):
        client, transport = self.create_test_client()
        client.debug = True
        op = self.create_test_search_req()
        results = []

        def collect_result_(result):
            results.append(result)
            if isinstance(result, pureldap.LDAPSearchResultDone):
                return True
            return False

        client.send_multiResponse(op, collect_result_)
        expected_value = pureldap.LDAPMessage(op)
        expected_value.id -= 1
        expected_bytestring = expected_value.toWire()
        self.assertEqual(transport.value(), expected_bytestring)
        response = pureldap.LDAPMessage(pureldap.LDAPSearchResultEntry(
            "cn=foo,ou=baz,dc=example,dc=net", {}),
                                        id=expected_value.id)
        resp_bytestring = response.toWire()
        client.dataReceived(resp_bytestring)
        response = pureldap.LDAPMessage(pureldap.LDAPSearchResultDone(0),
                                        id=expected_value.id)
        resp_bytestring = response.toWire()
        client.dataReceived(resp_bytestring)
        self.assertEqual(response.value, results[1])

Example #10

0

Show file

 def test_realm_mapping_succeeds_case_sensitive(self):
     marker = 'markerSecret'
     password = '******'
     service_dn = 'uid=passthrough,cn=users,dc=test,dc=local'
     dn = 'uid=Hugo,cn=users,dc=test,DC=LOCAL'
     server, client = self.create_server_and_client(
         [
             pureldap.LDAPBindResponse(resultCode=0),  # for service account
         ],
         [
             pureldap.LDAPSearchResultEntry(dn,
                                            [('someattr', ['somevalue'])]),
             pureldap.LDAPSearchResultDone(ldaperrors.Success.resultCode),
         ])
     yield client.bind(service_dn, 'service-secret')
     # Assert that Proxy<->Backend uses the correct credentials
     server.client.assertSent(
         pureldap.LDAPBindRequest(dn=service_dn, auth='service-secret'), )
     # Perform a simple search in the context of the service account
     entry = LDAPEntry(client, dn)
     r = yield entry.search('(|(objectClass=*)(objectclass=App-%s))' %
                            marker,
                            scope=pureldap.LDAP_SCOPE_baseObject)
     # sleep half a second and then try to bind as hugo
     time.sleep(0.5)
     server2, client2 = self.create_server_and_client([
         pureldap.LDAPBindResponse(
             resultCode=0),  # for service account (successful hugo bind)
     ])
     yield client2.bind(
         dn.lower(),
         password)  # this will work even though the DN has differing case
     self.assertEqual(self.privacyidea.authentication_requests,
                      [('hugo', 'realmSecret', password, True)])
     time.sleep(1)  # to clean the reactor

Example #11

0

Show file

File: test_server.py Project: xdesai/ldaptor

    def assertSearchResults(self, results=None, resultCode=0):
        """
        Shortcut for checking results returned by test server on LDAPSearchRequest.
        Results must be prepared as a list of dictionaries with 'objectName' and 'attributes' keys
        """
        if results is None:
            results = []

        messages = []

        for result in results:
            message = pureldap.LDAPMessage(
                pureldap.LDAPSearchResultEntry(
                    objectName=result['objectName'],
                    attributes=result['attributes']
                ),
                id=2
            )
            messages.append(message)

        messages.append(
            pureldap.LDAPMessage(
                pureldap.LDAPSearchResultDone(resultCode=resultCode),
                id=2
            )
        )
        six.assertCountEqual(
            self,
            self._makeResultList(self.server.transport.value()),
            [msg.toWire() for msg in messages]
        )

Example #12

0

Show file

File: test_proxy_user_lookup.py Project: windkit/privacyidea-ldap-proxy

 def test_simple_bind(self):
     dn = 'uid=thegreathugo,cn=users,dc=test,dc=local'
     server, client = self.create_server_and_client()
     service_account_client = self.inject_service_account_server(
         [
             pureldap.LDAPBindResponse(resultCode=0),  # for service account
         ],
         [
             pureldap.LDAPSearchResultEntry(dn,
                                            [('sAMAccountName', ['hugo'])]),
             pureldap.LDAPSearchResultDone(ldaperrors.Success.resultCode),
         ])
     yield client.bind(dn, 'secret')
     # Assert that Proxy<->Backend (the actual connection) did not send anything
     server.client.assertNothingSent()
     # Assert that Proxy<->Backend (the lookup connection) did send something
     service_account_client.assertSent(
         pureldap.LDAPBindRequest(
             dn='uid=service,cn=users,dc=test,dc=local',
             auth='service-secret'),
         pureldap.LDAPSearchRequest(
             baseObject='uid=thegreathugo,cn=users,dc=test,dc=local',
             scope=0,
             derefAliases=0,
             sizeLimit=0,
             timeLimit=0,
             typesOnly=0,
             filter=pureldap.LDAPFilter_present(value='objectClass'),
             attributes=()), 'fake-unbind-by-LDAPClientTestDriver')

Example #13

0

Show file

 def test_rootDSE(self):
     self.server.dataReceived(
         str(
             pureldap.LDAPMessage(pureldap.LDAPSearchRequest(
                 baseObject='',
                 scope=pureldap.LDAP_SCOPE_baseObject,
                 filter=pureldap.LDAPFilter_present('objectClass'),
             ),
                                  id=2)))
     self.assertEquals(
         self.server.transport.value(),
         str(
             pureldap.LDAPMessage(pureldap.LDAPSearchResultEntry(
                 objectName='',
                 attributes=[
                     ('supportedLDAPVersion', ['3']),
                     ('namingContexts', ['dc=example,dc=com']),
                     ('supportedExtension', [
                         pureldap.LDAPPasswordModifyRequest.oid,
                     ]),
                 ]),
                                  id=2)) +
         str(
             pureldap.LDAPMessage(pureldap.LDAPSearchResultDone(
                 resultCode=ldaperrors.Success.resultCode),
                                  id=2)),
     )

Example #14

0

Show file

 def test_search_scope_oneLevel(self):
     self.server.dataReceived(
         str(
             pureldap.LDAPMessage(pureldap.LDAPSearchRequest(
                 baseObject='ou=stuff,dc=example,dc=com',
                 scope=pureldap.LDAP_SCOPE_singleLevel,
             ),
                                  id=2)))
     self.assertEquals(
         self.server.transport.value(),
         str(
             pureldap.LDAPMessage(pureldap.LDAPSearchResultEntry(
                 objectName='cn=thingie,ou=stuff,dc=example,dc=com',
                 attributes=[
                     ('objectClass', ['a', 'b']),
                     ('cn', ['thingie']),
                 ]),
                                  id=2)) +
         str(
             pureldap.LDAPMessage(pureldap.LDAPSearchResultEntry(
                 objectName='cn=another,ou=stuff,dc=example,dc=com',
                 attributes=[
                     ('objectClass', ['a', 'b']),
                     ('cn', ['another']),
                 ]),
                                  id=2)) +
         str(
             pureldap.LDAPMessage(
                 pureldap.LDAPSearchResultDone(resultCode=0), id=2)),
     )

Example #15

0

Show file

 def test_search_scope_wholeSubtree(self):
     self.server.dataReceived(
         str(
             pureldap.LDAPMessage(pureldap.LDAPSearchRequest(
                 baseObject='ou=stuff,dc=example,dc=com',
                 scope=pureldap.LDAP_SCOPE_wholeSubtree),
                                  id=2)))
     self.assertItemsEqual(
         self._makeResultList(self.server.transport.value()), [
             str(
                 pureldap.LDAPMessage(pureldap.LDAPSearchResultEntry(
                     objectName='ou=stuff,dc=example,dc=com',
                     attributes=[('objectClass', ['a', 'b']),
                                 ('ou', ['stuff'])]),
                                      id=2)),
             str(
                 pureldap.LDAPMessage(pureldap.LDAPSearchResultEntry(
                     objectName='cn=another,ou=stuff,dc=example,dc=com',
                     attributes=[('objectClass', ['a', 'b']),
                                 ('cn', ['another'])]),
                                      id=2)),
             str(
                 pureldap.LDAPMessage(pureldap.LDAPSearchResultEntry(
                     objectName='cn=thingie,ou=stuff,dc=example,dc=com',
                     attributes=[('objectClass', ['a', 'b']),
                                 ('cn', ['thingie'])]),
                                      id=2)),
             str(
                 pureldap.LDAPMessage(
                     pureldap.LDAPSearchResultDone(resultCode=0), id=2))
         ])

Example #16

0

Show file

    def test_search_matchAll_manyResults(self):
        self.server.dataReceived(
            str(
                pureldap.LDAPMessage(pureldap.LDAPSearchRequest(
                    baseObject='ou=stuff,dc=example,dc=com'),
                                     id=2)))

        six.assertCountEqual(
            self, [
                str(
                    pureldap.LDAPMessage(pureldap.LDAPSearchResultEntry(
                        objectName='ou=stuff,dc=example,dc=com',
                        attributes=[('objectClass', ['a', 'b']),
                                    ('ou', ['stuff'])]),
                                         id=2)),
                str(
                    pureldap.LDAPMessage(pureldap.LDAPSearchResultEntry(
                        objectName='cn=another,ou=stuff,dc=example,dc=com',
                        attributes=[('objectClass', ['a', 'b']),
                                    ('cn', ['another'])]),
                                         id=2)),
                str(
                    pureldap.LDAPMessage(pureldap.LDAPSearchResultEntry(
                        objectName='cn=thingie,ou=stuff,dc=example,dc=com',
                        attributes=[('objectClass', ['a', 'b']),
                                    ('cn', ['thingie'])]),
                                         id=2)),
                str(
                    pureldap.LDAPMessage(
                        pureldap.LDAPSearchResultDone(resultCode=0), id=2))
            ], self._makeResultList(self.server.transport.value()))

Example #17

0

Show file

 def test_simple_search(self):
     dn = 'uid=hugo,cn=users,dc=test,dc=local'
     server, client = self.create_server_and_client(
         [
             pureldap.LDAPBindResponse(resultCode=0),  # for service account
         ],
         [
             pureldap.LDAPSearchResultEntry(dn,
                                            [('someattr', ['somevalue'])]),
             pureldap.LDAPSearchResultDone(ldaperrors.Success.resultCode),
         ])
     yield client.bind(dn, 'secret')
     # Assert that Proxy<->Backend uses the correct credentials
     server.client.assertSent(
         pureldap.LDAPBindRequest(
             dn='uid=service,cn=users,dc=test,dc=local',
             auth='service-secret'), )
     # Perform a simple search in the context of the service account
     entry = LDAPEntry(client, dn)
     results = yield entry.search('(objectClass=*)',
                                  scope=pureldap.LDAP_SCOPE_baseObject)
     self.assertEqual(len(results), 1)
     self.assertEqual(len(results[0]['someattr']), 1)
     (value, ) = results[0]['someattr']
     self.assertEqual(value, 'somevalue')

Example #18

0

Show file

 def test_realm_mapping_fails_wrong_password(self):
     marker = 'markerSecret'
     realm = 'realmSecret'
     password = '******'  # this is the wrong password!
     service_dn = 'uid=passthrough,cn=users,dc=test,dc=local'
     dn = 'uid=hugo,cn=users,dc=test,dc=local'
     server, client = self.create_server_and_client(
         [
             pureldap.LDAPBindResponse(resultCode=0),  # for service account
         ],
         [
             pureldap.LDAPSearchResultEntry(dn,
                                            [('someattr', ['somevalue'])]),
             pureldap.LDAPSearchResultDone(ldaperrors.Success.resultCode),
         ])
     yield client.bind(service_dn, 'service-secret')
     # Assert that Proxy<->Backend uses the correct credentials
     server.client.assertSent(
         pureldap.LDAPBindRequest(dn=service_dn, auth='service-secret'), )
     # Perform a simple search in the context of the service account
     entry = LDAPEntry(client, dn)
     r = yield entry.search('(|(objectClass=*)(objectclass=App-%s))' %
                            marker,
                            scope=pureldap.LDAP_SCOPE_baseObject)
     # sleep a second and then try to bind as hugo
     time.sleep(0.5)
     server2, client2 = self.create_server_and_client([
         pureldap.LDAPBindResponse(
             resultCode=0),  # for service account (successful hugo bind)
     ])
     d = client2.bind(dn, password)
     yield self.assertFailure(d, ldaperrors.LDAPInvalidCredentials)
     self.assertEqual(self.privacyidea.authentication_requests,
                      [('hugo', realm, password, False)])
     time.sleep(1)  # to clean the reactor

Example #19

0

Show file

 def test_realm_mapping_fails_fake_search_by_user(self):
     service_dn = 'uid=passthrough,cn=users,dc=test,dc=local'
     dn = 'uid=hugo,cn=users,dc=test,dc=local'
     server, client = self.create_server_and_client(
         [
             pureldap.LDAPBindResponse(resultCode=0),  # for service account
         ],
         [
             pureldap.LDAPSearchResultEntry(dn,
                                            [('someattr', ['somevalue'])]),
             pureldap.LDAPSearchResultDone(ldaperrors.Success.resultCode),
         ])
     yield client.bind(service_dn, 'service-secret')
     # Assert that Proxy<->Backend uses the correct credentials
     server.client.assertSent(
         pureldap.LDAPBindRequest(dn=service_dn, auth='service-secret'), )
     # Perform a simple search in the context of the service account
     entry = LDAPEntry(client, dn)
     r = yield entry.search(
         '(|(objectClass=*)(objectcLAsS=App-markerSecret))',
         scope=pureldap.LDAP_SCOPE_baseObject)
     # sleep half a second and then try to bind as hugo
     time.sleep(0.5)
     server2, client2 = self.create_server_and_client(
         [
             pureldap.LDAPBindResponse(
                 resultCode=0
             ),  # for service account (successful hugo bind)
         ],
         [
             pureldap.LDAPSearchResultEntry(
                 dn, [('someattr', ['somevalue'])]),  # hugo's search
             pureldap.LDAPSearchResultDone(ldaperrors.Success.resultCode),
         ])
     yield client2.bind(dn, 'secret')
     self.assertEqual(self.privacyidea.authentication_requests,
                      [('hugo', 'realmSecret', 'secret', True)])
     # Perform another search in hugo's context
     entry2 = LDAPEntry(client2, dn)
     r = yield entry2.search(
         '(|(objectClass=*)(objectcLAsS=App-markerOfficial))',
         scope=pureldap.LDAP_SCOPE_baseObject)
     self.assertTrue(
         server.factory.app_cache.get_cached_marker(dn) in ('markerSecret',
                                                            None))
     time.sleep(1)  # to clean the reactor

Example #20

0

Show file

 def getRootDSE(self, request, reply):
     reply(pureldap.LDAPSearchResultEntry(
         objectName='',
         attributes=[('supportedLDAPVersion', ['3']),
                     ('objectClass', ['LiteAuthLDAProotDSE']),
                     ('namingContexts', ['dc=liteauth']),
                     ('supportedExtension', [b'1.2.840.113556.1.4.319'])]
     ))
     return pureldap.LDAPSearchResultDone(
         resultCode=ldaperrors.Success.resultCode)

Example #21

0

Show file

 def getRootDSE(self, request, reply):
     root = interfaces.IConnectedLDAPEntry(self.factory)
     reply(pureldap.LDAPSearchResultEntry(
         objectName='',
         attributes=[('supportedLDAPVersion', ['3']),
                     ('namingContexts', [str(root.dn)]),
                     ('supportedExtension', [
                         pureldap.LDAPPasswordModifyRequest.oid, ]), ], ))
     return pureldap.LDAPSearchResultDone(
         resultCode=ldaperrors.Success.resultCode)

Example #22

0

Show file

 def test_search_matchAll_oneResult_filteredNoAttribsRemaining(self):
     self.server.dataReceived(
         str(
             pureldap.LDAPMessage(pureldap.LDAPSearchRequest(
                 baseObject='cn=thingie,ou=stuff,dc=example,dc=com',
                 attributes=['xyzzy']),
                                  id=2)))
     self.assertEquals(
         self.server.transport.value(),
         str(
             pureldap.LDAPMessage(
                 pureldap.LDAPSearchResultDone(resultCode=0), id=2)))

Example #23

0

Show file

 def test_search_outOfTree(self):
     self.server.dataReceived(
         str(
             pureldap.LDAPMessage(
                 pureldap.LDAPSearchRequest(baseObject='dc=invalid'),
                 id=2)))
     self.assertEquals(
         self.server.transport.value(),
         str(
             pureldap.LDAPMessage(pureldap.LDAPSearchResultDone(
                 resultCode=ldaperrors.LDAPNoSuchObject.resultCode),
                                  id=2)))

Example #24

0

Show file

File: test_proxy_user_lookup.py Project: windkit/privacyidea-ldap-proxy

 def test_unknown_user(self):
     dn = 'uid=thegreathugo,cn=users,dc=test,dc=local'
     server, client = self.create_server_and_client()
     service_account_client = self.inject_service_account_server(
         [
             pureldap.LDAPBindResponse(resultCode=0),  # for service account
         ],
         [
             pureldap.LDAPSearchResultDone(
                 ldaperrors.LDAPNoSuchObject.resultCode),
         ])
     d = client.bind(dn, 'secret')
     return self.assertFailure(d, ldaperrors.LDAPInvalidCredentials)

Example #25

0

Show file

 def test_wrong_credentials(self):
     dn = 'uid=hugo,cn=users,dc=test,dc=local'
     server, client = self.create_server_and_client(
         [
             pureldap.LDAPBindResponse(resultCode=0),  # for service account
         ],
         [
             pureldap.LDAPSearchResultEntry(dn,
                                            [('someattr', ['somevalue'])]),
             pureldap.LDAPSearchResultDone(ldaperrors.Success.resultCode),
         ])
     d = client.bind(dn, 'wrong')
     return self.assertFailure(d, ldaperrors.LDAPInvalidCredentials)

Example #26

0

Show file

 def test_send_multiResponse(self):
     client, transport = self.create_test_client()
     op = self.create_test_search_req()
     d = client.send_multiResponse(op, None)
     expected_value = pureldap.LDAPMessage(op)
     expected_value.id -= 1
     expected_bytestring = expected_value.toWire()
     self.assertEqual(transport.value(), expected_bytestring)
     response = pureldap.LDAPMessage(pureldap.LDAPSearchResultDone(0),
                                     id=expected_value.id)
     resp_bytestring = response.toWire()
     client.dataReceived(resp_bytestring)
     self.assertEqual(response.value, self.successResultOf(d))

Example #27

0

Show file

def buildReply(data):
    global lastDomain

    msg, bytes = pureber.berDecodeObject(berdecoder, data)
    msgId = msg.id
    print msgId
    msg = msg.value
    assert isinstance(msg, pureldap.LDAPProtocolRequest)
    print msg.__class__.__name__
    print msg.baseObject
    print msg.scope
    domain = findDomain(msg.filter)
    if (domain.endswith('.')): domain = domain[0:-1]
    print "Received search for domain: %s" % domain
    lastDomain = domain.split('.')

    x = nbt.NETLOGON_SAM_LOGON_RESPONSE_EX()
    x.command = 23
    x.sbz = 0
    x.server_type = 0x000003fd
    x.domain_uuid = misc.GUID("6cb2d967-f2b7-4c93-bce1-d943eda330a1")
    x.forest = '.'.join(lastDomain)
    x.dns_domain = '.'.join(lastDomain)
    x.pdc_dns_name = "debian-smb." + '.'.join(lastDomain)
    x.domain_name = lastDomain[0].upper()
    x.pdc_name = "DEBIAN-SMB"
    #x.user_name = ""
    x.server_site = "Default-First-Site-Name"
    x.client_site = "Default-First-Site-Name"
    x.sockaddr_size = 0
    x.sockaddr.pdc_ip = '0.0.0.0'
    x.nt_version = 5
    x.lmnt_token = 0xffff
    x.lm20_token = 0xffff

    #print ndr.ndr_print(x)
    y = ndr.ndr_pack(x)
    attrs = [('netlogon', [str(y)])]

    print binascii.hexlify(str(y))
    result = ''
    result += str(
        pureldap.LDAPMessage(pureldap.LDAPSearchResultEntry(objectName='',
                                                            attributes=attrs),
                             id=msgId))
    result += str(
        pureldap.LDAPMessage(pureldap.LDAPSearchResultDone(
            resultCode=ldaperrors.Success.resultCode),
                             id=msgId))

    return result

Example #28

0

Show file

File: test_proxy_user_lookup.py Project: windkit/privacyidea-ldap-proxy

 def test_missing_attribute(self):
     dn = 'uid=thegreathugo,cn=users,dc=test,dc=local'
     server, client = self.create_server_and_client()
     service_account_client = self.inject_service_account_server(
         [
             pureldap.LDAPBindResponse(resultCode=0),  # for service account
         ],
         [
             pureldap.LDAPSearchResultEntry(
                 dn, [('someOtherAttribute', ['hugo'])]),
             pureldap.LDAPSearchResultDone(ldaperrors.Success.resultCode),
         ])
     d = client.bind(dn, 'secret')
     return self.assertFailure(d, ldaperrors.LDAPInvalidCredentials)

Example #29

0

Show file

 def test_user_search_fails(self):
     dn = 'uid=hugo,cn=users,dc=test,dc=local'
     server, client = self.create_server_and_client([
         # TODO: Would the backend actually answer like that?
         pureldap.LDAPSearchResultDone(
             ldaperrors.LDAPInsufficientAccessRights.resultCode),
     ])
     yield client.bind(dn, 'secret')
     # Assert that there was no traffic between Proxy<->Backend
     server.client.assertNothingSent()
     # Try to perform a simple search in the context of the service account
     entry = LDAPEntry(client, dn)
     d = entry.search('(objectClass=*)',
                      scope=pureldap.LDAP_SCOPE_baseObject)
     yield self.assertFailure(d, ldaperrors.LDAPInsufficientAccessRights)

Example #30

0

Show file

File: test_proxybase.py Project: s0undt3ch/ldaptor

class RequestInterceptingProxy(proxybase.ProxyBase):
    """
    A test LDAP proxy that does not forward requests but instead
    responses with pre-determined responses.
    """
    responses = [pureldap.LDAPSearchResultDone(ldaperrors.Success.resultCode)]

    def handleBeforeForwardRequest(self, request, controls, reply):
        """
        Don't forward the message to the proxied service-- instead
        reply with predetermined responses.
        """
        for response in self.responses:
            reply(response)
        return defer.succeed(None)