Merge pull request #395 from shaardie/ldap_pool_lifetime

Add option pool_lifetime option to ldap

Author: c00kiemon5ter

example/plugins/microservices/ldap_attribute_store.yaml.example

@@ -27,6 +27,9 @@ config:
       # pool_keepalive: seconds to wait between calls to server to keep the
       # connection alive; default: 10
       pool_keepalive: 10
+      # pool_lifetime: number of seconds before recreating a new connection
+      # in a pooled connection strategy.
+      pool_lifetime: None
 
       # Attributes to return from LDAP query.
       query_return_attributes:

src/satosa/micro_services/ldap_attribute_store.py

@@ -61,6 +61,7 @@ class LdapAttributeStore(ResponseMicroService):
         "client_strategy": "REUSABLE",
         "pool_size": 10,
         "pool_keepalive": 10,
+        "pool_lifetime": None,
     }
 
     def __init__(self, config, *args, **kwargs):
@@ -307,13 +308,17 @@ def _ldap_connection_factory(self, config):
 
         pool_size = config["pool_size"]
         pool_keepalive = config["pool_keepalive"]
+        pool_lifetime = config["pool_lifetime"]
         pool_name = ''.join(random.sample(string.ascii_lowercase, 6))
 
         if client_strategy == ldap3.REUSABLE:
             msg = "Using pool size {}".format(pool_size)
             logger.debug(msg)
             msg = "Using pool keep alive {}".format(pool_keepalive)
             logger.debug(msg)
+            if pool_lifetime:
+                msg = "Using pool lifetime {}".format(pool_lifetime)
+                logger.debug(msg)
 
         try:
             connection = ldap3.Connection(
@@ -327,6 +332,7 @@ def _ldap_connection_factory(self, config):
                 pool_name=pool_name,
                 pool_size=pool_size,
                 pool_keepalive=pool_keepalive,
+                pool_lifetime=pool_lifetime,
             )
             msg = "Successfully connected to LDAP server"
             logger.debug(msg)

tests/satosa/micro_services/test_ldap_attribute_store.py

@@ -2,6 +2,8 @@
 
 from copy import deepcopy
 
+from ldap3 import AUTO_BIND_NO_TLS, MOCK_SYNC
+
 from satosa.internal import AuthenticationInformation
 from satosa.internal import InternalData
 from satosa.micro_services.ldap_attribute_store import LdapAttributeStore
@@ -107,3 +109,60 @@ def test_attributes_general(self, ldap_attribute_store):
                     internal_attr = ldap_to_internal_map[ldap_attr]
                     response_attr = response.attributes[internal_attr]
                     assert(ldap_value in response_attr)
+
+    @pytest.mark.parametrize(
+        'config,connection_attributes',
+        [
+            (
+                {
+                    'auto_bind': 'AUTO_BIND_NO_TLS',
+                    'client_strategy': 'MOCK_SYNC',
+                    'ldap_url': 'ldap://satosa.example.com',
+                    'bind_dn': 'uid=readonly_user,ou=system,dc=example,dc=com',
+                    'bind_password': 'password',
+                },
+                {
+                    'user': 'uid=readonly_user,ou=system,dc=example,dc=com',
+                    'password': 'password',
+                    'auto_bind': AUTO_BIND_NO_TLS,
+                    'strategy_type': MOCK_SYNC,
+                    'read_only': True,
+                    'version': 3,
+                    'pool_size': 10,
+                    'pool_keepalive': 10,
+                    'pool_lifetime': None,
+                },
+            ),
+            (
+                {
+                    'auto_bind': 'AUTO_BIND_NO_TLS',
+                    'client_strategy': 'MOCK_SYNC',
+                    'ldap_url': 'ldap://satosa.example.com',
+                    'bind_dn': 'uid=readonly_user,ou=system,dc=example,dc=com',
+                    'bind_password': 'password',
+                    'pool_size': 40,
+                    'pool_keepalive': 41,
+                    'pool_lifetime': 42,
+                },
+                {
+                    'user': 'uid=readonly_user,ou=system,dc=example,dc=com',
+                    'password': 'password',
+                    'auto_bind': AUTO_BIND_NO_TLS,
+                    'strategy_type': MOCK_SYNC,
+                    'read_only': True,
+                    'version': 3,
+                    'pool_size': 40,
+                    'pool_keepalive': 41,
+                    'pool_lifetime': 42,
+                },
+            ),
+        ]
+    )
+    def test_connection_config(self, config, connection_attributes):
+        ldapAttributeStore = LdapAttributeStore({'default': config},
+                                                name="test_ldap_attribute_store",
+                                                base_url="https://satosa.example.com")
+        connection = ldapAttributeStore.config['default']['connection']
+
+        for k, v in connection_attributes.items():
+            assert getattr(connection, k) == v