linotp.useridresolver.UserIdResolver module

This module implements the communication interface for resolvin user info to the user base:

UserIdResolver Interface class.

Defines the rough interface for a UserId Resolver

== a UserId Resolver is required to resolve the
Login Name to an unique User Identifier
  • for /etc/passwd this will be the uid
  • for ldap this might be the DN
  • for SQL the unique index ( what’s the right name here (tm))
exception linotp.useridresolver.UserIdResolver.ResolverLoadConfigError[source]

Bases: exceptions.Exception

class linotp.useridresolver.UserIdResolver.UserIdResolver[source]

Bases: object

checkPass(uid, password)[source]

This function checks the password for a given uid. - returns true in case of success - false if password does not match

close()[source]

Hook to close down the resolver after one request

critical_parameters = []
crypted_parameters = []
fields = {'username': 1, 'phone': 0, 'surname': 0, 'description': 0, 'mobile': 0, 'gender': 0, 'givenname': 0, 'userid': 1, 'email': 0}
classmethod filter_config(config, conf='')[source]

build a dict with the parameters of the resolver

the config could either be a linotp config object or a local dictionary which is used to check if all required parameters are correctly set

  • we have to support as well linotp global config entries, which are indicated by startting with a ‘linotp.’ prefix. Example is the linotp.use_system_certs, which is used in the ldap resolver

to support the variations of key, an list of search keys is build. for each of these keys a lookup in the config is made.

Parameters:
  • config – the config which is provided during runtime of the resolver loading and while testconnection
  • conf – the resolver name and configuration identifier
Returns:

tuple with the dictionary with the filtered entries and the list of missing parameters

classmethod getResolverClassDescriptor()[source]

return the descriptor of the resolver, which is - the class name and - the config description

Returns:resolver description dict
Return type:dict
classmethod getResolverClassType()[source]

provide the resolver type for registration

getResolverDescriptor()[source]

return the descriptor of the resolver, which is - the class name and - the config description

Returns:resolver description dict
Return type:dict
getResolverId()[source]

get resolver specific information :return: the resolver identifier string - empty string if not exist

getResolverType()[source]

getResolverType - return the type of the resolver

Returns:returns the string ‘ldapresolver’
Return type:string
getUserId(LoginName)[source]
  • returns the identifier string
  • empty string if not exist
getUserInfo(userid)[source]

This function returns all user information for a given user object identified by UserID.

Returns:dictionary, if no object is found, the dictionary is empty
getUserList(serachDict)[source]

This function finds the user objects, that have the term ‘value’ in the user object field ‘key’

Parameters:searchDict – dict with key values of user attributes - the key may be something like ‘loginname’ or ‘email’ the value is a regular expression.
Returns:list of dictionaries (each dictionary contains a user object) or an empty string if no object is found.
getUsername(LoginId)[source]
  • returns the loginname string
  • empty string if not exist
id = ''
classmethod is_change_critical(new_params, previous_params)[source]

check if the parameter update are ‘critical’ and require a re-authentication

Parameters:
  • new_params – the set of new parameters
  • previous_params – the set of previous parameters
Returns:

boolean

loadConfig(config, conf)[source]
classmethod merge_crypted_parameters(new_params, previous_params)[source]
classmethod missing_crypted_parameters(new_params)[source]

detect, which crypted parameters are missing

Parameters:
  • new_params – the set of new parameters
  • previous_params – the set of previous parameters
Returns:

list of missing parameters

name = ''
classmethod primary_key_changed(new_params, previous_params)[source]

check if the parameter update are ‘critical’ and require a re-authentication

Parameters:
  • new_params – the set of new parameters
  • previous_params – the set of previous parameters
Returns:

boolean

resolver_parameters = {'readonly': (False, False, <function boolean at 0x7f55c832e488>)}
linotp.useridresolver.UserIdResolver.getResolverClass(packageName, className)[source]

helper method to load the UserIdResolver class from a given package in literal. Checks, if the getUserId method exists, if not an error is thrown

example:

getResolverClass(“PasswdIdResolver”, “IdResolver”)()
Parameters:
  • packageName – the name package + module
  • className – the name of the class, which should be loaded
Returns:

the class object