Add support for additional configuration options #270
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Adds support for additional configuration options. LDAP_AUTH_TLS_CA_CERTS_FILE LDAP_AUTH_TLS_VALIDATE_CERT LDAP_AUTH_TLS_CIPHERS LDAP_AUTH_ATTRIBUTES It may be wise to set the default of LDAP_AUTH_TLS_VALIDATE_CERT to ssl.CERT_REQUIRED in the future, however this would be a breaking change.
Fix typo
Attributes listed in LDAP_AUTH_SYNC_ATTRIBUTES without values are returned as empty lists. Prevent IndexError
Add documentation for LDAP_AUTH_TLS_CA_CERTS_FILE
Do set validate=None when LDAP_AUTH_TLS_VALIDATE_CERT is not set. Removed log message, as this may not be right place for configuration checks.
Remove incorrect test.
etianen
approved these changes
Jan 15, 2024
|
Thanks for this! But even then, the unittests are failing. I'd suggest merging my branch into yours, then fixing the tests. 🙇 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adds support for additional options
LDAP_AUTH_TLS_VALIDATE_CERT - Can allow ldap3 connections to be better secured with certificate validation required.
LDAP_AUTH_TLS_CIPHERS - Supports customisation of allowable SSL ciphers.
LDAP_AUTH_TLS_CA_CERTS_FILE - Allows the use of internal CA issued certificates.
LDAP_AUTH_ATTRIBUTES - Can be used to reduce the data returned from a remote LDAP server to improve performance.
All values, when set, are pass unmodified through to ldap3 where they are implemented. Defaults follow ldap3 behaviours.