ldapbodge/.venv/lib/python3.9/site-packages/ldap/controls/ppolicy.py

# -*- coding: utf-8 -*-
"""
ldap.controls.ppolicy - classes for Password Policy controls
(see https://tools.ietf.org/html/draft-behera-ldap-password-policy)

See https://www.python-ldap.org/ for project details.
"""

__all__ = [
  'PasswordPolicyControl'
]

# Imports from python-ldap 2.4+
from ldap.controls import (
  ResponseControl, ValueLessRequestControl, KNOWN_RESPONSE_CONTROLS
)

# Imports from pyasn1
from pyasn1.type import tag,namedtype,namedval,univ,constraint
from pyasn1.codec.der import decoder


class PasswordPolicyWarning(univ.Choice):
  componentType = namedtype.NamedTypes(
    namedtype.NamedType('timeBeforeExpiration',univ.Integer().subtype(
      implicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatSimple,0)
    )),
    namedtype.NamedType('graceAuthNsRemaining',univ.Integer().subtype(
      implicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatSimple,1)
    )),
  )


class PasswordPolicyError(univ.Enumerated):
  namedValues = namedval.NamedValues(
    ('passwordExpired',0),
    ('accountLocked',1),
    ('changeAfterReset',2),
    ('passwordModNotAllowed',3),
    ('mustSupplyOldPassword',4),
    ('insufficientPasswordQuality',5),
    ('passwordTooShort',6),
    ('passwordTooYoung',7),
    ('passwordInHistory',8)
  )
  subtypeSpec = univ.Enumerated.subtypeSpec + constraint.SingleValueConstraint(0,1,2,3,4,5,6,7,8)


class PasswordPolicyResponseValue(univ.Sequence):
  componentType = namedtype.NamedTypes(
    namedtype.OptionalNamedType(
      'warning',
      PasswordPolicyWarning().subtype(
        implicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatSimple,0)
      ),
    ),
    namedtype.OptionalNamedType(
      'error',PasswordPolicyError().subtype(
        implicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatSimple,1)
      )
    ),
  )


class PasswordPolicyControl(ValueLessRequestControl,ResponseControl):
  controlType = '1.3.6.1.4.1.42.2.27.8.5.1'

  def __init__(self,criticality=False):
    self.criticality = criticality

  def decodeControlValue(self,encodedControlValue):
    ppolicyValue,_ = decoder.decode(encodedControlValue,asn1Spec=PasswordPolicyResponseValue())
    self.timeBeforeExpiration = None
    self.graceAuthNsRemaining = None
    self.error = None

    warning = ppolicyValue.getComponentByName('warning')
    if warning.hasValue():
      if 'timeBeforeExpiration' in warning:
        self.timeBeforeExpiration = int(
          warning.getComponentByName('timeBeforeExpiration'))
      if 'graceAuthNsRemaining' in warning:
        self.graceAuthNsRemaining = int(
          warning.getComponentByName('graceAuthNsRemaining'))

    error = ppolicyValue.getComponentByName('error')
    if error.hasValue():
      self.error = int(error)


KNOWN_RESPONSE_CONTROLS[PasswordPolicyControl.controlType] = PasswordPolicyControl
added stuff 2021-09-29 23:13:17 +02:00			`# -- coding: utf-8 --`
			`"""`
			`ldap.controls.ppolicy - classes for Password Policy controls`
			`(see https://tools.ietf.org/html/draft-behera-ldap-password-policy)`

			`See https://www.python-ldap.org/ for project details.`
			`"""`

			`__all__ = [`
			`'PasswordPolicyControl'`
			`]`

			`# Imports from python-ldap 2.4+`
			`from ldap.controls import (`
			`ResponseControl, ValueLessRequestControl, KNOWN_RESPONSE_CONTROLS`
			`)`

			`# Imports from pyasn1`
			`from pyasn1.type import tag,namedtype,namedval,univ,constraint`
			`from pyasn1.codec.der import decoder`


			`class PasswordPolicyWarning(univ.Choice):`
			`componentType = namedtype.NamedTypes(`
			`namedtype.NamedType('timeBeforeExpiration',univ.Integer().subtype(`
			`implicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatSimple,0)`
			`)),`
			`namedtype.NamedType('graceAuthNsRemaining',univ.Integer().subtype(`
			`implicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatSimple,1)`
			`)),`
			`)`


			`class PasswordPolicyError(univ.Enumerated):`
			`namedValues = namedval.NamedValues(`
			`('passwordExpired',0),`
			`('accountLocked',1),`
			`('changeAfterReset',2),`
			`('passwordModNotAllowed',3),`
			`('mustSupplyOldPassword',4),`
			`('insufficientPasswordQuality',5),`
			`('passwordTooShort',6),`
			`('passwordTooYoung',7),`
			`('passwordInHistory',8)`
			`)`
			`subtypeSpec = univ.Enumerated.subtypeSpec + constraint.SingleValueConstraint(0,1,2,3,4,5,6,7,8)`


			`class PasswordPolicyResponseValue(univ.Sequence):`
			`componentType = namedtype.NamedTypes(`
			`namedtype.OptionalNamedType(`
			`'warning',`
			`PasswordPolicyWarning().subtype(`
			`implicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatSimple,0)`
			`),`
			`),`
			`namedtype.OptionalNamedType(`
			`'error',PasswordPolicyError().subtype(`
			`implicitTag=tag.Tag(tag.tagClassContext,tag.tagFormatSimple,1)`
			`)`
			`),`
			`)`


			`class PasswordPolicyControl(ValueLessRequestControl,ResponseControl):`
			`controlType = '1.3.6.1.4.1.42.2.27.8.5.1'`

			`def __init__(self,criticality=False):`
			`self.criticality = criticality`

			`def decodeControlValue(self,encodedControlValue):`
			`ppolicyValue,_ = decoder.decode(encodedControlValue,asn1Spec=PasswordPolicyResponseValue())`
			`self.timeBeforeExpiration = None`
			`self.graceAuthNsRemaining = None`
			`self.error = None`

			`warning = ppolicyValue.getComponentByName('warning')`
			`if warning.hasValue():`
			`if 'timeBeforeExpiration' in warning:`
			`self.timeBeforeExpiration = int(`
			`warning.getComponentByName('timeBeforeExpiration'))`
			`if 'graceAuthNsRemaining' in warning:`
			`self.graceAuthNsRemaining = int(`
			`warning.getComponentByName('graceAuthNsRemaining'))`

			`error = ppolicyValue.getComponentByName('error')`
			`if error.hasValue():`
			`self.error = int(error)`


			`KNOWN_RESPONSE_CONTROLS[PasswordPolicyControl.controlType] = PasswordPolicyControl`