Commit ea7fb6f7 authored by Recteur LP's avatar Recteur LP
Browse files

Update ldapauth.py: use https for gravatar

parent 7dd7449a
__all__ = ['ldapauth']
\ No newline at end of file
__all__ = ['ldapauth']
......@@ -7,7 +7,6 @@ import pyrmin
try:
import ldap
import ldif
import urllib
except ImportError:
from ldap3 import Server, Connection, AUTO_BIND_NO_TLS, SUBTREE, ALL_ATTRIBUTES
......@@ -16,11 +15,12 @@ except ImportError:
###################################
__name__ = "LDAP Authentification"
__description__ = "Module to authenticate user with Active Directory Server"
__version__ = "0.3.0"
__version__ = "0.3.1"
__pyrmin_version__ = "0.3.1"
__namespace__ = "ldapauth"
###################################
class auth():
"LDAP auth module"
def __init__(self, config):
......@@ -29,7 +29,7 @@ class auth():
pyrmin.returnerror("No ldap server in config")
elif 'port' not in self.config:
pyrmin.returnerror("No ldap port in config")
if sys.version_info >= (3,0):
if sys.version_info >= (3, 0):
self.connection = Connection(
Server(
self.config['server'],
......@@ -43,20 +43,20 @@ class auth():
password=self.config['password']
)
else:
self.ld = ldap.initialize('ldap://' + self.config['server'] + ':' + str(self.config['port']))
self.ld = ldap.initialize('ldap://' + self.config['server'] + ':' + str(self.config['port']))
self.ld.protocol_version = self.config['version']
self.ld.set_option(ldap.OPT_REFERRALS, 0)
self.ld.simple_bind_s(self.config['user'], self.config['password'])
def __del__(self):
if sys.version_info < (3,0):
if sys.version_info < (3, 0):
try:
self.ld.unbind_s()
except:
pass
def __getresults(self, filter):
if sys.version_info >= (3,0):
if sys.version_info >= (3, 0):
self.connection.search(
search_base=self.config['basedn'],
search_filter=filter,
......@@ -66,11 +66,11 @@ class auth():
)
results = self.connection.response
else:
results = self.ld.search_s(self.config['basedn'],ldap.SCOPE_SUBTREE,filter)
results = self.ld.search_s(self.config['basedn'], ldap.SCOPE_SUBTREE, filter)
return results
def __getgroup(self, group):
if sys.version_info >= (3,0):
if sys.version_info >= (3, 0):
self.connection.search(
search_base=self.config['basedn'],
search_filter=group,
......@@ -80,36 +80,43 @@ class auth():
)
return self.connection.response
else:
return self.ld.search_s(group,ldap.SCOPE_SUBTREE)
return self.ld.search_s(group, ldap.SCOPE_SUBTREE)
def getusersfromgroup(self, group):
users = []
if sys.version_info >= (3,0):
if sys.version_info >= (3, 0):
for entry in self.__getresults(group):
if "attributes" in entry:
attrs = entry['attributes']
users.append({ "name": attrs.get('sAMAccountName', [ 'Guest' ])[0], "uid": attrs.get('uidNumber', [ 'None' ])[0] })
users.append({
"name": attrs.get('sAMAccountName', ['Guest'])[0],
"uid": attrs.get('uidNumber', ['None'])[0]
})
else:
for dn, attrs in self.__getresults(group):
if dn and attrs:
pyrmin.log.debug(attrs.get('sAMAccountName', [ 'Guest' ])[0])
users.append({ "name": attrs.get('sAMAccountName', [ 'Guest' ])[0], "uid": attrs.get('uidNumber', [ 'None' ])[0] })
pyrmin.log.debug(attrs.get('sAMAccountName', ['Guest'])[0])
users.append({
"name": attrs.get('sAMAccountName', ['Guest'])[0],
"uid": attrs.get('uidNumber', ['None'])[0]
})
return users
def get(self, name):
pyrmin.log.debug("Trying to get: " + name)
if sys.version_info >= (3,0):
if sys.version_info >= (3, 0):
filter = "(&(" + self.config['user_id'] + "=" + name + "))"
for entry in self.__getresults(filter):
if "attributes" in entry:
attrs = entry['attributes']
name = attrs.get('sAMAccountName', [ 'Guest' ])[0]
name = attrs.get('sAMAccountName', ['Guest'])[0]
mail = str(attrs.get('mail')[0]).lower()
gravatar_url = "//www.gravatar.com/avatar/" + hashlib.md5(mail.encode('utf-8')).hexdigest() + "?"
gravatar_url += urllib.parse.urlencode({'d':"identicon", 's':str(50)})
division = attrs.get('division', [ 'Guest' ])[0]
displayname = attrs.get('displayName', [ 'Guest' ])[0]
company = attrs.get('company', [ '' ])[0]
gravatar_url = "https://www.gravatar.com/avatar/" + \
hashlib.md5(mail.encode('utf-8')).hexdigest() + "?"
gravatar_url += urllib.parse.urlencode({'d': "identicon", 's': str(50)})
division = attrs.get('division', ['Guest'])[0]
displayname = attrs.get('displayName', ['Guest'])[0]
company = attrs.get('company', [''])[0]
isadmin = False
admins = []
......@@ -127,7 +134,7 @@ class auth():
"admin": isadmin,
"division": division,
"displayname": displayname,
"mobile": attrs.get('otherMobile', [ '' ])[0],
"mobile": attrs.get('otherMobile', [''])[0],
"company": company,
"mail": mail,
"img": gravatar_url
......@@ -135,13 +142,13 @@ class auth():
else:
filter = "(&(" + self.config['user_id'] + "=" + name + ")(!(objectClass=computer)))"
for dn, attrs in self.__getresults(filter):
name = attrs.get('sAMAccountName', [ 'Guest' ])[0]
name = attrs.get('sAMAccountName', ['Guest'])[0]
mail = str(attrs.get('mail')[0]).decode('utf-8').lower()
gravatar_url = "//www.gravatar.com/avatar/" + hashlib.md5(mail).hexdigest() + "?"
gravatar_url += urllib.urlencode({'d':"identicon", 's':str(50)})
division = attrs.get('division', [ 'Guest' ])[0].decode("utf-8")
displayname = attrs.get('displayName', [ 'Guest' ])[0].decode("utf-8")
company = attrs.get('company', [ '' ])[0].decode("utf-8")
gravatar_url = "https://www.gravatar.com/avatar/" + hashlib.md5(mail).hexdigest() + "?"
gravatar_url += urllib.urlencode({'d': "identicon", 's': str(50)})
division = attrs.get('division', ['Guest'])[0].decode("utf-8")
displayname = attrs.get('displayName', ['Guest'])[0].decode("utf-8")
company = attrs.get('company', [''])[0].decode("utf-8")
isadmin = False
admins = []
......@@ -159,7 +166,7 @@ class auth():
"admin": isadmin,
"division": division,
"displayname": displayname,
"mobile": attrs.get('otherMobile', [ '' ])[0],
"mobile": attrs.get('otherMobile', [''])[0],
"company": company,
"mail": mail,
"img": gravatar_url
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment