-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
f511b5e
commit 8975f44
Showing
14 changed files
with
126 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
__version__ = "0.0.1" | ||
__version_info__ = tuple(__version__.split(".")) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
from .apricot_server import ApricotServer | ||
from .__about__ import __version__, __version_info__ | ||
|
||
__all__ = [ | ||
"__version__", | ||
"__version_info__", | ||
"ApricotServer", | ||
] |
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
import sys | ||
from typing import cast | ||
|
||
from twisted.internet import reactor | ||
from twisted.internet.endpoints import serverFromString | ||
from twisted.internet.interfaces import IReactorCore, IStreamServerEndpoint | ||
from twisted.python import log | ||
|
||
from .ldap_lookup_tree import LDAPLookupTree | ||
from .ldap_server_factory import LDAPServerFactory | ||
|
||
class ApricotServer(): | ||
def __init__(self, port: int) -> None: | ||
# Log to stdout | ||
log.startLogging(sys.stdout) | ||
|
||
# Initialize the LDAP lookup tree | ||
tree = LDAPLookupTree() | ||
|
||
# Create an LDAPServerFactory | ||
factory = LDAPServerFactory(tree) | ||
|
||
# Attach a listening endpoint | ||
endpoint: IStreamServerEndpoint = serverFromString(reactor, f"tcp:{port}") | ||
endpoint.listen(factory) | ||
|
||
# Load the Twisted reactor | ||
self.reactor = cast(IReactorCore, reactor) | ||
|
||
def run(self) -> None: | ||
"""Start the Twisted reactor""" | ||
self.reactor.run() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
from ldaptor.interfaces import IConnectedLDAPEntry, ILDAPEntry | ||
from ldaptor.protocols.ldap.distinguishedname import DistinguishedName | ||
from twisted.internet import defer | ||
from twisted.python import log | ||
from zope.interface import implementer | ||
|
||
from apricot.proxied_ldap_entry import ProxiedLDAPEntry | ||
|
||
|
||
@implementer(IConnectedLDAPEntry) | ||
class LDAPLookupTree: | ||
def lookup(self, dn: DistinguishedName | str) -> defer.Deferred[ILDAPEntry]: | ||
""" | ||
Lookup the referred to by dn. | ||
@return: A Deferred returning an ILDAPEntry, or failing with e.g. | ||
LDAPNoSuchObject. | ||
""" | ||
|
||
def _lookup(dn: DistinguishedName) -> ProxiedLDAPEntry: | ||
return ProxiedLDAPEntry(dn, {}) | ||
|
||
if not isinstance(dn, DistinguishedName): | ||
dn = DistinguishedName(stringValue=dn) | ||
return defer.maybeDeferred(_lookup, dn) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
from ldaptor.interfaces import IConnectedLDAPEntry | ||
from ldaptor.protocols.ldap.ldapserver import LDAPServer | ||
from twisted.internet.interfaces import IAddress | ||
from twisted.internet.protocol import Protocol, ServerFactory | ||
|
||
|
||
class LDAPServerFactory(ServerFactory): | ||
protocol = LDAPServer | ||
|
||
def __init__(self, adaptor: IConnectedLDAPEntry): | ||
self.adaptor = adaptor | ||
|
||
def buildProtocol(self, addr: IAddress) -> Protocol: # noqa: N802 | ||
id(addr) # ignore unused arguments | ||
proto = self.protocol() | ||
proto.factory = self.adaptor | ||
return proto |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
from typing import Any | ||
|
||
from ldaptor.inmemory import ReadOnlyInMemoryLDAPEntry | ||
from ldaptor.protocols.ldap.ldaperrors import LDAPInvalidCredentials | ||
from twisted.internet import defer | ||
|
||
|
||
class ProxiedLDAPEntry(ReadOnlyInMemoryLDAPEntry): | ||
def __init__(self, *args: Any, **kwargs: Any) -> None: | ||
super().__init__(*args, **kwargs) | ||
|
||
def bind(self, password: bytes) -> defer.Deferred["ProxiedLDAPEntry"]: | ||
def _bind(password: bytes) -> "ProxiedLDAPEntry": | ||
if True: | ||
print(f"Accepting password {password.decode('utf-8')} for {self.dn.getText()}") # noqa: T201 | ||
return self | ||
raise LDAPInvalidCredentials() | ||
|
||
return defer.maybeDeferred(_bind, password) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
import argparse | ||
|
||
from apricot import ApricotServer | ||
|
||
if __name__ == "__main__": | ||
parser = argparse.ArgumentParser( | ||
prog="Apricot", | ||
description="Apricot is a proxy for delegating LDAP requests to an OpenID Connect backend.", | ||
) | ||
parser.add_argument("-p", "--port", type=int, default=8080) | ||
args = parser.parse_args() | ||
|
||
# Create the Apricot server | ||
reactor = ApricotServer(port=args.port) | ||
reactor.run() |