sources/ldap: include UnwillingToPerformError as possible exception (#6031)

feat: include UnwillingToPerformError as possible exception
This commit is contained in:
Samir Musali 2023-06-21 19:45:20 +03:00 committed by GitHub
parent eaedcafd58
commit b1de0b767e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 4 additions and 3 deletions

1
.gitignore vendored
View File

@ -166,6 +166,7 @@ dmypy.json
# SageMath parsed files # SageMath parsed files
# Environments # Environments
**/.DS_Store
# Spyder project settings # Spyder project settings

View File

@ -4,7 +4,7 @@ from re import split
from typing import Optional from typing import Optional
from ldap3 import BASE from ldap3 import BASE
from ldap3.core.exceptions import LDAPAttributeError from ldap3.core.exceptions import LDAPAttributeError, LDAPUnwillingToPerformResult
from structlog.stdlib import get_logger from structlog.stdlib import get_logger
from authentik.core.models import User from authentik.core.models import User
@ -69,7 +69,7 @@ class LDAPPasswordChanger:
attributes=["pwdProperties"], attributes=["pwdProperties"],
) )
root_attrs = list(root_attrs)[0] root_attrs = list(root_attrs)[0]
except (LDAPAttributeError, KeyError, IndexError): except (LDAPAttributeError, LDAPUnwillingToPerformResult, KeyError, IndexError):
return False return False
raw_pwd_properties = root_attrs.get("attributes", {}).get("pwdProperties", None) raw_pwd_properties = root_attrs.get("attributes", {}).get("pwdProperties", None)
if not raw_pwd_properties: if not raw_pwd_properties:
@ -92,7 +92,7 @@ class LDAPPasswordChanger:
return return
try: try:
self._connection.extend.microsoft.modify_password(user_dn, password) self._connection.extend.microsoft.modify_password(user_dn, password)
except LDAPAttributeError: except (LDAPAttributeError, LDAPUnwillingToPerformResult):
self._connection.extend.standard.modify_password(user_dn, new_password=password) self._connection.extend.standard.modify_password(user_dn, new_password=password)
def _ad_check_password_existing(self, password: str, user_dn: str) -> bool: def _ad_check_password_existing(self, password: str, user_dn: str) -> bool: