authentik.sources.ldap.tests.mock_slapd
ldap testing utils
1"""ldap testing utils""" 2 3from ldap3 import MOCK_SYNC, OFFLINE_SLAPD_2_4, Connection, Server 4 5# The mock modifies these in place, so we have to define them per string 6user_in_slapd_dn = "cn=user_in_slapd_cn,ou=users,dc=goauthentik,dc=io" 7user_in_slapd_cn = "user_in_slapd_cn" 8user_in_slapd_uid = "user_in_slapd_uid" 9user_in_slapd_object_class = "person" 10user_in_slapd = { 11 "dn": user_in_slapd_dn, 12 "attributes": { 13 "cn": user_in_slapd_cn, 14 "uid": user_in_slapd_uid, 15 "objectClass": user_in_slapd_object_class, 16 }, 17} 18group_in_slapd_dn = "cn=user_in_slapd_cn,ou=groups,dc=goauthentik,dc=io" 19group_in_slapd_cn = "group_in_slapd_cn" 20group_in_slapd_uid = "group_in_slapd_uid" 21group_in_slapd_object_class = "groupOfNames" 22group_in_slapd = { 23 "dn": group_in_slapd_dn, 24 "attributes": { 25 "cn": group_in_slapd_cn, 26 "uid": group_in_slapd_uid, 27 "objectClass": group_in_slapd_object_class, 28 "member": [user_in_slapd["dn"]], 29 }, 30} 31 32 33def mock_slapd_connection(password: str) -> Connection: 34 """Create mock SLAPD connection""" 35 server = Server("my_fake_server", get_info=OFFLINE_SLAPD_2_4) 36 _pass = "foo" # noqa # nosec 37 connection = Connection( 38 server, 39 user="cn=my_user,dc=goauthentik,dc=io", 40 password=_pass, 41 client_strategy=MOCK_SYNC, 42 ) 43 # Entry for password checking 44 connection.strategy.add_entry( 45 "cn=user,ou=users,dc=goauthentik,dc=io", 46 { 47 "name": "test-user", 48 "uid": "unique-test-group", 49 "objectClass": "person", 50 "displayName": "Erin M. Hagens", 51 }, 52 ) 53 connection.strategy.add_entry( 54 "cn=group1,ou=groups,dc=goauthentik,dc=io", 55 { 56 "cn": "group1", 57 "uid": "unique-test-group", 58 "objectClass": "groupOfNames", 59 "member": ["cn=user0,ou=users,dc=goauthentik,dc=io"], 60 }, 61 ) 62 # Group without SID 63 connection.strategy.add_entry( 64 "cn=group2,ou=groups,dc=goauthentik,dc=io", 65 { 66 "cn": "group2", 67 "objectClass": "groupOfNames", 68 }, 69 ) 70 connection.strategy.add_entry( 71 "cn=user0,ou=users,dc=goauthentik,dc=io", 72 { 73 "userPassword": password, 74 "name": "user0_sn", 75 "uid": "user0_sn", 76 "objectClass": "person", 77 }, 78 ) 79 # User without SID 80 connection.strategy.add_entry( 81 "cn=user1,ou=users,dc=goauthentik,dc=io", 82 { 83 "userPassword": "test1111", 84 "name": "user1_sn", 85 "objectClass": "person", 86 }, 87 ) 88 # Duplicate users 89 connection.strategy.add_entry( 90 "cn=user2,ou=users,dc=goauthentik,dc=io", 91 { 92 "userPassword": "test2222", 93 "name": "user2_sn", 94 "uid": "unique-test2222", 95 "objectClass": "person", 96 }, 97 ) 98 connection.strategy.add_entry( 99 "cn=user3,ou=users,dc=goauthentik,dc=io", 100 { 101 "userPassword": "test2222", 102 "name": "user2_sn", 103 "uid": "unique-test2222", 104 "objectClass": "person", 105 }, 106 ) 107 # Group with posixGroup and memberUid 108 connection.strategy.add_entry( 109 "cn=group-posix,ou=groups,dc=goauthentik,dc=io", 110 { 111 "cn": "group-posix", 112 "objectClass": "posixGroup", 113 "memberUid": ["user-posix"], 114 }, 115 ) 116 # User with posixAccount 117 connection.strategy.add_entry( 118 "cn=user-posix,ou=users,dc=goauthentik,dc=io", 119 { 120 "userPassword": password, 121 "uid": "user-posix", 122 "cn": "user-posix", 123 "objectClass": "posixAccount", 124 }, 125 ) 126 # Known user and group 127 connection.strategy.add_entry( 128 user_in_slapd["dn"], 129 user_in_slapd["attributes"], 130 ) 131 connection.strategy.add_entry( 132 group_in_slapd["dn"], 133 group_in_slapd["attributes"], 134 ) 135 connection.bind() 136 return connection
user_in_slapd_dn =
'cn=user_in_slapd_cn,ou=users,dc=goauthentik,dc=io'
user_in_slapd_cn =
'user_in_slapd_cn'
user_in_slapd_uid =
'user_in_slapd_uid'
user_in_slapd_object_class =
'person'
user_in_slapd =
{'dn': 'cn=user_in_slapd_cn,ou=users,dc=goauthentik,dc=io', 'attributes': {'cn': 'user_in_slapd_cn', 'uid': 'user_in_slapd_uid', 'objectClass': 'person'}}
group_in_slapd_dn =
'cn=user_in_slapd_cn,ou=groups,dc=goauthentik,dc=io'
group_in_slapd_cn =
'group_in_slapd_cn'
group_in_slapd_uid =
'group_in_slapd_uid'
group_in_slapd_object_class =
'groupOfNames'
group_in_slapd =
{'dn': 'cn=user_in_slapd_cn,ou=groups,dc=goauthentik,dc=io', 'attributes': {'cn': 'group_in_slapd_cn', 'uid': 'group_in_slapd_uid', 'objectClass': 'groupOfNames', 'member': ['cn=user_in_slapd_cn,ou=users,dc=goauthentik,dc=io']}}
def
mock_slapd_connection(password: str) -> ldap3.core.connection.Connection:
34def mock_slapd_connection(password: str) -> Connection: 35 """Create mock SLAPD connection""" 36 server = Server("my_fake_server", get_info=OFFLINE_SLAPD_2_4) 37 _pass = "foo" # noqa # nosec 38 connection = Connection( 39 server, 40 user="cn=my_user,dc=goauthentik,dc=io", 41 password=_pass, 42 client_strategy=MOCK_SYNC, 43 ) 44 # Entry for password checking 45 connection.strategy.add_entry( 46 "cn=user,ou=users,dc=goauthentik,dc=io", 47 { 48 "name": "test-user", 49 "uid": "unique-test-group", 50 "objectClass": "person", 51 "displayName": "Erin M. Hagens", 52 }, 53 ) 54 connection.strategy.add_entry( 55 "cn=group1,ou=groups,dc=goauthentik,dc=io", 56 { 57 "cn": "group1", 58 "uid": "unique-test-group", 59 "objectClass": "groupOfNames", 60 "member": ["cn=user0,ou=users,dc=goauthentik,dc=io"], 61 }, 62 ) 63 # Group without SID 64 connection.strategy.add_entry( 65 "cn=group2,ou=groups,dc=goauthentik,dc=io", 66 { 67 "cn": "group2", 68 "objectClass": "groupOfNames", 69 }, 70 ) 71 connection.strategy.add_entry( 72 "cn=user0,ou=users,dc=goauthentik,dc=io", 73 { 74 "userPassword": password, 75 "name": "user0_sn", 76 "uid": "user0_sn", 77 "objectClass": "person", 78 }, 79 ) 80 # User without SID 81 connection.strategy.add_entry( 82 "cn=user1,ou=users,dc=goauthentik,dc=io", 83 { 84 "userPassword": "test1111", 85 "name": "user1_sn", 86 "objectClass": "person", 87 }, 88 ) 89 # Duplicate users 90 connection.strategy.add_entry( 91 "cn=user2,ou=users,dc=goauthentik,dc=io", 92 { 93 "userPassword": "test2222", 94 "name": "user2_sn", 95 "uid": "unique-test2222", 96 "objectClass": "person", 97 }, 98 ) 99 connection.strategy.add_entry( 100 "cn=user3,ou=users,dc=goauthentik,dc=io", 101 { 102 "userPassword": "test2222", 103 "name": "user2_sn", 104 "uid": "unique-test2222", 105 "objectClass": "person", 106 }, 107 ) 108 # Group with posixGroup and memberUid 109 connection.strategy.add_entry( 110 "cn=group-posix,ou=groups,dc=goauthentik,dc=io", 111 { 112 "cn": "group-posix", 113 "objectClass": "posixGroup", 114 "memberUid": ["user-posix"], 115 }, 116 ) 117 # User with posixAccount 118 connection.strategy.add_entry( 119 "cn=user-posix,ou=users,dc=goauthentik,dc=io", 120 { 121 "userPassword": password, 122 "uid": "user-posix", 123 "cn": "user-posix", 124 "objectClass": "posixAccount", 125 }, 126 ) 127 # Known user and group 128 connection.strategy.add_entry( 129 user_in_slapd["dn"], 130 user_in_slapd["attributes"], 131 ) 132 connection.strategy.add_entry( 133 group_in_slapd["dn"], 134 group_in_slapd["attributes"], 135 ) 136 connection.bind() 137 return connection
Create mock SLAPD connection