commit 221518bebff712677d9cbfa896a50bbb0d1e9848 Author: agatha Date: Sun Jun 2 14:14:30 2024 -0400 initial commit diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..4145371 --- /dev/null +++ b/.gitignore @@ -0,0 +1,5 @@ +.idea/ +venv/ + +__pycache__ +*.py[cod] diff --git a/README.md b/README.md new file mode 100644 index 0000000..ae6e9d3 --- /dev/null +++ b/README.md @@ -0,0 +1,2 @@ +# pylldap +Creating a Python package to work with my [LLDAP](https://github.com/lldap/lldap) setup \ No newline at end of file diff --git a/config.json b/config.json new file mode 100644 index 0000000..38d7b9d --- /dev/null +++ b/config.json @@ -0,0 +1,7 @@ +{ + "ldap_server": "ldap://192.168.100.2:3890", + "bind_dn": "uid=ldap_ro,ou=people,dc=juggalol,dc=com", + "bind_password": "p@ssw0rd!", + "user_dn": "ou=people,dc=juggalol,dc=com", + "group_dn": "ou=groups,dc=juggalol,dc=com" +} \ No newline at end of file diff --git a/lldap/__init__.py b/lldap/__init__.py new file mode 100644 index 0000000..bacc3a5 --- /dev/null +++ b/lldap/__init__.py @@ -0,0 +1 @@ +from .lldap import LLDAP diff --git a/lldap/lldap.py b/lldap/lldap.py new file mode 100644 index 0000000..08de74b --- /dev/null +++ b/lldap/lldap.py @@ -0,0 +1,66 @@ +import logging +from ldap3 import Server, Connection, ALL +from ldap3.core.exceptions import LDAPException + + +class LLDAP: + def __init__( + self, + ldap_server: str, + bind_dn: str, + bind_password: str, + user_dn: str = "ou=people,dc=example,dc=com", + group_dn: str = "ou=people,dc=example,dc=com" + ): + self.bind_dn = bind_dn + self.bind_password = bind_password + + self.server = Server(ldap_server, get_info=ALL) + self.conn = None + + self.user_dn = user_dn + self.group_dn = group_dn + + def do_bind(self): + try: + if not self.conn: + self.conn = Connection( + self.server, + user=self.bind_dn, + password=self.bind_password, + auto_bind=True + ) + logging.info("Successfully bound to LDAP server.") + except LDAPException as e: + logging.error(f"Failed to bind to LDAP server: {e}") + raise + + def do_unbind(self): + if self.conn: + self.conn.unbind() + self.conn = None + logging.info("Successfully unbound from the LDAP server.") + + def list_groups(self): + try: + self.do_bind() + self.conn.search(self.group_dn, "(objectClass=*)", attributes=['cn']) + entries = self.conn.entries + return entries + except LDAPException as e: + logging.error(f"Error during LDAP search: {e}") + raise + finally: + self.do_unbind() + + def list_users(self): + try: + self.do_bind() + self.conn.search(self.user_dn, "(uid=*)", attributes=['dn']) + entries = self.conn.entries + return entries + except LDAPException as e: + logging.error(f"Error during LDAP search: {e}") + raise + finally: + self.do_unbind() diff --git a/lldap/requirements.txt b/lldap/requirements.txt new file mode 100644 index 0000000..0843875 --- /dev/null +++ b/lldap/requirements.txt @@ -0,0 +1 @@ +ldap3 \ No newline at end of file diff --git a/main.py b/main.py new file mode 100644 index 0000000..8136123 --- /dev/null +++ b/main.py @@ -0,0 +1,43 @@ +"""LDAP authentication and authorization testing""" +import json +import logging +import lldap +from ldap3.core.exceptions import LDAPException + +logging.basicConfig(level=logging.INFO) + + +def load_config(path: str) -> dict: + with open(path, "r", encoding="utf-8") as f: + return json.loads(f.read()) + + +def main(): + config = load_config("config.json") + ldap = lldap.LLDAP( + ldap_server=config['ldap_server'], + bind_dn=config['bind_dn'], + bind_password=config['bind_password'], + user_dn=config['user_dn'], + group_dn=config['group_dn'] + ) + + # List all groups + try: + entries = ldap.list_groups() + for entry in entries: + print(entry) + except LDAPException: + logging.error("Failed to list groups due to LDAP error.") + + # List all users + try: + entries = ldap.list_users() + for entry in entries: + print(entry) + except LDAPException: + logging.error("Failed to list users due to LDAP error") + + +if __name__ == '__main__': + main()