Better default for auto_bind argument to ldap3.Connection object

A Python False is not an acceptable value for the auto_bind argument to
the ldap3.Connection object. This commit sets the default value to a module
defined constant that makes the most sense when trying to preserve
the REUSABLE strategy as the default (for now), and allows full
configuration by defining a mapping between configuration string values
and the ldap3 module constants, as is done for the client_strategy.

Author: skoranda

src/satosa/micro_services/ldap_attribute_store.py

@@ -17,7 +17,6 @@
 
 from ldap3.core.exceptions import LDAPException
 
-
 logger = logging.getLogger(__name__)
 
 KEY_FOUND_LDAP_RECORD = 'ldap_attribute_store_found_record'
@@ -53,7 +52,7 @@ class LdapAttributeStore(ResponseMicroService):
         'user_id_from_attrs':            [],
         'read_only':                     True,
         'version':                       3,
-        'auto_bind':                     False,
+        'auto_bind':                     'AUTO_BIND_TLS_BEFORE_BIND',
         'client_strategy':               'REUSABLE',
         'pool_size':                     10,
         'pool_keepalive':                10,
@@ -287,7 +286,15 @@ def _ldap_connection_factory(self, config):
         msg = "Using bind DN {}".format(bind_dn)
         satosa_logging(logger, logging.DEBUG, msg, None)
 
-        auto_bind = config['auto_bind']
+        auto_bind_string = config['auto_bind']
+        auto_bind_map = {
+             'AUTO_BIND_NONE': ldap3.AUTO_BIND_NONE,
+             'AUTO_BIND_NO_TLS': ldap3.AUTO_BIND_NO_TLS,
+             'AUTO_BIND_TLS_AFTER_BIND': ldap3.AUTO_BIND_TLS_AFTER_BIND,
+             'AUTO_BIND_TLS_BEFORE_BIND': ldap3.AUTO_BIND_TLS_BEFORE_BIND
+             }
+        auto_bind = auto_bind_map[auto_bind_string]
+
         read_only = config['read_only']
         version = config['version']