36 from ldap.ldapobject import ReconnectLDAPObject |
36 from ldap.ldapobject import ReconnectLDAPObject |
37 from ldap.filter import filter_format |
37 from ldap.filter import filter_format |
38 from ldapurl import LDAPUrl |
38 from ldapurl import LDAPUrl |
39 |
39 |
40 from cubicweb import ValidationError, AuthenticationError, Binary |
40 from cubicweb import ValidationError, AuthenticationError, Binary |
|
41 from cubicweb.server import utils |
41 from cubicweb.server.sources import ConnectionWrapper |
42 from cubicweb.server.sources import ConnectionWrapper |
42 |
43 |
43 _ = unicode |
44 _ = unicode |
44 |
45 |
45 # search scopes |
46 # search scopes |
332 def _process_ldap_item(self, dn, iterator): |
333 def _process_ldap_item(self, dn, iterator): |
333 """Turn an ldap received item into a proper dict.""" |
334 """Turn an ldap received item into a proper dict.""" |
334 itemdict = {'dn': dn} |
335 itemdict = {'dn': dn} |
335 for key, value in iterator: |
336 for key, value in iterator: |
336 if self.user_attrs.get(key) == 'upassword': # XXx better password detection |
337 if self.user_attrs.get(key) == 'upassword': # XXx better password detection |
337 itemdict[key] = Binary(value[0].encode('utf-8')) |
338 value = value[0].encode('utf-8') |
|
339 # we only support ldap_salted_sha1 for ldap sources, see: server/utils.py |
|
340 if not value.startswith('{SSHA}'): |
|
341 value = utils.crypt_password(value) |
|
342 itemdict[key] = Binary(value) |
338 else: |
343 else: |
339 for i, val in enumerate(value): |
344 for i, val in enumerate(value): |
340 value[i] = unicode(val, 'utf-8', 'replace') |
345 value[i] = unicode(val, 'utf-8', 'replace') |
341 if isinstance(value, list) and len(value) == 1: |
346 if isinstance(value, list) and len(value) == 1: |
342 itemdict[key] = value = value[0] |
347 itemdict[key] = value = value[0] |