linotp.useridresolver.UserIdResolver module

This module implements the communication interface for resolvin user info to the user base:

UserIdResolver Interface class.

Defines the rough interface for a UserId Resolver

== a UserId Resolver is required to resolve the

Login Name to an unique User Identifier

  • for /etc/passwd this will be the uid

  • for ldap this might be the DN

  • for SQL the unique index ( what’s the right name here (tm))

exception linotp.useridresolver.UserIdResolver.ResolverLoadConfigError

Bases: Exception

exception linotp.useridresolver.UserIdResolver.ResolverNotAvailable

Bases: Exception

class linotp.useridresolver.UserIdResolver.UserIdResolver

Bases: object

checkPass(uid, password)

This function checks the password for a given uid. - returns true in case of success - false if password does not match

close()

Hook to close down the resolver after one request

critical_parameters: List[str] = []
crypted_parameters: List[str] = []
fields = {'description': 0, 'email': 0, 'gender': 0, 'givenname': 0, 'mobile': 0, 'phone': 0, 'surname': 0, 'userid': 1, 'username': 1}
classmethod filter_config(config, conf='')

build a dict with the parameters of the resolver

the config could either be a linotp config object or a local dictionary which is used to check if all required parameters are correctly set

  • we have to support as well linotp global config entries, which are indicated by startting with a ‘linotp.’ prefix. Example is the linotp.use_system_certs, which is used in the ldap resolver

to support the variations of key, an list of search keys is build. for each of these keys a lookup in the config is made.

Parameters:
  • config – the config which is provided during runtime of the resolver loading and while testconnection

  • conf – the resolver name and configuration identifier

Returns:

tuple with the dictionary with the filtered entries and the list of missing parameters

classmethod getResolverClassDescriptor()

return the descriptor of the resolver, which is - the class name and - the config description

Returns:

resolver description dict

Return type:

dict

classmethod getResolverClassType()

provide the resolver type for registration

getResolverDescriptor()

return the descriptor of the resolver, which is - the class name and - the config description

Returns:

resolver description dict

Return type:

dict

getResolverId()

get resolver specific information :return: the resolver identifier string - empty string if not exist

getResolverType()

getResolverType - return the type of the resolver

Returns:

returns the string ‘ldapresolver’

Return type:

string

getUserId(LoginName)
  • returns the identifier string

  • empty string if not exist

getUserInfo(userid)

This function returns all user information for a given user object identified by UserID.

Returns:

dictionary, if no object is found, the dictionary is empty

getUserList(serachDict)

This function finds the user objects, that have the term ‘value’ in the user object field ‘key’

Parameters:

searchDict – dict with key values of user attributes - the key may be something like ‘loginname’ or ‘email’ the value is a regular expression.

Returns:

list of dictionaries (each dictionary contains a user object) or an empty string if no object is found.

getUsername(LoginId)
  • returns the loginname string

  • empty string if not exist

id = ''
classmethod is_change_critical(new_params, previous_params)

check if the parameter update are ‘critical’ and require a re-authentication

Parameters:
  • new_params – the set of new parameters

  • previous_params – the set of previous parameters

Returns:

boolean

loadConfig(config, conf)
classmethod merge_crypted_parameters(new_params, previous_params)
classmethod missing_crypted_parameters(new_params)

detect, which crypted parameters are missing

Parameters:
  • new_params – the set of new parameters

  • previous_params – the set of previous parameters

Returns:

list of missing parameters

name = ''
classmethod primary_key_changed(new_params, previous_params)

check if the parameter update are ‘critical’ and require a re-authentication

Parameters:
  • new_params – the set of new parameters

  • previous_params – the set of previous parameters

Returns:

boolean

resolver_parameters: Dict[str, Tuple[bool, Optional[Union[str, bool, int]], Callable[[Any], Any]]] = {'readonly': (False, False, <function boolean>)}
linotp.useridresolver.UserIdResolver.getResolverClass(packageName, className)

helper method to load the UserIdResolver class from a given package in literal. Checks, if the getUserId method exists, if not an error is thrown

example:

getResolverClass(“PasswdIdResolver”, “IdResolver”)()

Parameters:
  • packageName – the name package + module

  • className – the name of the class, which should be loaded

Returns:

the class object