Only bind if the connection is not already bound

The connection is created as a ReconnectLDAPObject, which will auto
re-connect when the next synchronous method is called if the connection
fails, but won't re-bind.

So, we maintain the bind state, and re-set it if the query fails.

openldap_opencensus_stats/ldap_server.py

@@ -34,6 +34,7 @@ def __init__(self,
             database = server_uri
 
         self.connection = None
+        self.bound = False
         self.database = database
         self.user_dn = user_dn
         self.user_password = user_password
@@ -82,16 +83,19 @@ def query(self, dn=None, scope=ldap.SCOPE_SUBTREE, attr_list=None):
             raise ValueError('Must specify a DN to query')
 
         try:
-            if self.sasl_mech:
-                if self.sasl_mech == 'EXTERNAL':
-                    self.connection.sasl_external_bind_s()
+            if not self.bound:
+                if self.sasl_mech:
+                    if self.sasl_mech == 'EXTERNAL':
+                        self.connection.sasl_external_bind_s()
+                    else:
+                        logging.error(f"INTERNAL ERROR: Unsupported SASL mechanism {self.sasl_mech}")
+                        raise ValueError(f"Unsupported SASL mechanism {self.sasl_mech}")
                 else:
-                    logging.error(f"INTERNAL ERROR: Unsupported SASL mechanism {self.sasl_mech}")
-                    raise ValueError(f"Unsupported SASL mechanism {self.sasl_mech}")
-            else:
-                self.connection.simple_bind_s(self.user_dn, self.user_password)
+                    self.connection.simple_bind_s(self.user_dn, self.user_password)
+                self.bound = True
             return self.connection.search_s(dn, scope=scope, attrlist=attr_list)
         except (ldap.SERVER_DOWN, ldap.NO_SUCH_OBJECT, ldap.TIMEOUT) as error:
+            self.bound = False
             logging.error('Could not query LDAP:')
             logging.exception(error)
             return []