Skip to content
Snippets Groups Projects
Commit 17d1900f authored by ale's avatar ale
Browse files

log errors; fix app-specific pass decoding

parent af8a777c
No related branches found
No related tags found
No related merge requests found
import contextlib
import ldap
import logging
from ldap.dn import escape_dn_chars
from ldap.filter import escape_filter_chars
from ldap.ldapobject import LDAPObject
......@@ -40,6 +41,7 @@ class UserDb(model.UserDb):
while isinstance(ldap_params, basestring):
ldap_params = self.service_map.get(ldap_params)
if not ldap_params:
logging.error('unknown service "%s"', service)
return None
with self._conn() as c:
......@@ -61,6 +63,7 @@ class UserDb(model.UserDb):
base = ldap_params['base'].replace('%s', escape_dn_chars(username))
filt = ldap_params['filter'].replace('%s', escape_filter_chars(username))
scope = ldap.SCOPE_SUBTREE
logging.debug('ldap search: base=%s, scope=%s, filt=%s', base, scope, filt)
result = c.search_s(base, scope, filt, self.ldap_attrs)
if not result:
......@@ -72,8 +75,9 @@ class UserDb(model.UserDb):
def get_user(self, username, service):
try:
return User(username)
except (Error, ldap.LDAPError):
return self._query_user(username, service)
except (Error, ldap.LDAPError), e:
logging.error('userdb error: %s', e)
return None
......@@ -93,7 +97,7 @@ class User(model.User):
self._otp_enabled = True
self._totp_secret = values[0]
elif key == 'appSpecificPassword':
self._asps = [v.split(':', 2) for v in values]
self._asps = [v.split(':', 1) for v in values]
def otp_enabled(self):
return self._otp_enabled
......@@ -108,7 +112,7 @@ class User(model.User):
return self._totp_secret
def get_app_specific_passwords(self, service):
return [x[2] for x in self._asps if x[0] == service]
return [x[1] for x in self._asps if x[0] == service]
def get_password(self):
return self._password
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment