sources/ldap: include UnwillingToPerformError as possible exception (#6031)
feat: include UnwillingToPerformError as possible exception
This commit is contained in:
parent
eaedcafd58
commit
b1de0b767e
|
@ -166,6 +166,7 @@ dmypy.json
|
||||||
# SageMath parsed files
|
# SageMath parsed files
|
||||||
|
|
||||||
# Environments
|
# Environments
|
||||||
|
**/.DS_Store
|
||||||
|
|
||||||
# Spyder project settings
|
# Spyder project settings
|
||||||
|
|
||||||
|
|
|
@ -4,7 +4,7 @@ from re import split
|
||||||
from typing import Optional
|
from typing import Optional
|
||||||
|
|
||||||
from ldap3 import BASE
|
from ldap3 import BASE
|
||||||
from ldap3.core.exceptions import LDAPAttributeError
|
from ldap3.core.exceptions import LDAPAttributeError, LDAPUnwillingToPerformResult
|
||||||
from structlog.stdlib import get_logger
|
from structlog.stdlib import get_logger
|
||||||
|
|
||||||
from authentik.core.models import User
|
from authentik.core.models import User
|
||||||
|
@ -69,7 +69,7 @@ class LDAPPasswordChanger:
|
||||||
attributes=["pwdProperties"],
|
attributes=["pwdProperties"],
|
||||||
)
|
)
|
||||||
root_attrs = list(root_attrs)[0]
|
root_attrs = list(root_attrs)[0]
|
||||||
except (LDAPAttributeError, KeyError, IndexError):
|
except (LDAPAttributeError, LDAPUnwillingToPerformResult, KeyError, IndexError):
|
||||||
return False
|
return False
|
||||||
raw_pwd_properties = root_attrs.get("attributes", {}).get("pwdProperties", None)
|
raw_pwd_properties = root_attrs.get("attributes", {}).get("pwdProperties", None)
|
||||||
if not raw_pwd_properties:
|
if not raw_pwd_properties:
|
||||||
|
@ -92,7 +92,7 @@ class LDAPPasswordChanger:
|
||||||
return
|
return
|
||||||
try:
|
try:
|
||||||
self._connection.extend.microsoft.modify_password(user_dn, password)
|
self._connection.extend.microsoft.modify_password(user_dn, password)
|
||||||
except LDAPAttributeError:
|
except (LDAPAttributeError, LDAPUnwillingToPerformResult):
|
||||||
self._connection.extend.standard.modify_password(user_dn, new_password=password)
|
self._connection.extend.standard.modify_password(user_dn, new_password=password)
|
||||||
|
|
||||||
def _ad_check_password_existing(self, password: str, user_dn: str) -> bool:
|
def _ad_check_password_existing(self, password: str, user_dn: str) -> bool:
|
||||||
|
|
Reference in New Issue