linotp.useridresolver.UserIdResolver module

This module implements the communication interface for resolving user info to the user base:

UserIdResolver Interface class.

Defines the rough interface for a UserId Resolver

== a UserId Resolver is required to resolve the

Login Name to an unique User Identifier

  • for /etc/passwd this will be the uid

  • for ldap this might be the DN

  • for SQL the unique index ( what’s the right name here (tm))

exception linotp.useridresolver.UserIdResolver.ResolverLoadConfigError

Bases: Exception

exception linotp.useridresolver.UserIdResolver.ResolverNotAvailable

Bases: Exception

class linotp.useridresolver.UserIdResolver.UserIdResolver

Bases: object

checkPass(uid, password)

This function checks the password for a given uid. - returns true in case of success - false if password does not match

close()

Hook to close down the resolver after one request

critical_parameters: List[str] = []
crypted_parameters: List[str] = []
fields = {'description': 0, 'email': 0, 'gender': 0, 'givenname': 0, 'mobile': 0, 'phone': 0, 'surname': 0, 'userid': 1, 'username': 1}
classmethod filter_config(config, conf='')

build a dict with the parameters of the resolver

the config could either be a linotp config object or a local dictionary which is used to check if all required parameters are correctly set

  • we have to support as well linotp global config entries, which are indicated by starting with a ‘linotp.’ prefix. Example is the linotp.use_system_certs, which is used in the ldap resolver

to support the variations of key, an list of search keys is build. for each of these keys a lookup in the config is made.

Parameters

  • config – the config which is provided during runtime of the resolver loading and while testconnection

  • conf – the resolver name and configuration identifier

Returns

tuple with the dictionary with the filtered entries and the list of missing parameters

classmethod getResolverClassDescriptor()

return the descriptor of the resolver, which is - the class name and - the config description

Returns

resolver description dict

Return type

dict

classmethod getResolverClassType()

provide the resolver type for registration

getResolverDescriptor()

return the descriptor of the resolver, which is - the class name and - the config description

Returns

resolver description dict

Return type

dict

getResolverId()

get resolver specific information :return: the resolver identifier string - empty string if not exist

getResolverType()

getResolverType - return the type of the resolver

Returns

returns the string ‘ldapresolver’

Return type

string

getUserId(LoginName)

  • returns the identifier string

  • empty string if not exist

getUserInfo(userid)

This function returns all user information for a given user object identified by UserID.

Returns

dictionary, if no object is found, the dictionary is empty

getUserList(search_dict)

This function finds the user objects, that have the term ‘value’ in the user object field ‘key’

Parameters

searchDict – dict with key values of user attributes - the key may be something like ‘loginname’ or ‘email’ the value is a regular expression.

Returns

list of dictionaries (each dictionary contains a user object) or an empty string if no object is found.

getUsername(LoginId)

  • returns the loginname string

  • empty string if not exist

id = ''
classmethod is_change_critical(new_params, previous_params)

check if the parameter update are ‘critical’ and require a re-authentication

Parameters

  • new_params – the set of new parameters

  • previous_params – the set of previous parameters

Returns

boolean

loadConfig(config, conf)
classmethod merge_crypted_parameters(new_params, previous_params)
classmethod missing_crypted_parameters(new_params)

detect, which encrypted parameters are missing

Parameters

  • new_params – the set of new parameters

  • previous_params – the set of previous parameters

Returns

list of missing parameters

name = ''
classmethod primary_key_changed(new_params, previous_params)

check if the parameter update are ‘critical’ and require a re-authentication

Parameters

  • new_params – the set of new parameters

  • previous_params – the set of previous parameters

Returns

boolean

resolver_parameters: Dict[str, Tuple[bool, Optional[Union[str, bool, int]], Callable[[Any], Any]]] = {'readonly': (False, False, <function boolean>)}
linotp.useridresolver.UserIdResolver.getResolverClass(packageName, className)

helper method to load the UserIdResolver class from a given package in literal. Checks, if the getUserId method exists, if not an error is thrown

example:

getResolverClass(“PasswdIdResolver”, “IdResolver”)()

Parameters

  • packageName – the name package + module

  • className – the name of the class, which should be loaded

Returns

the class object