1515from ldap3 .core .exceptions import LDAPException
1616
1717from satosa .exception import SATOSAError
18- from satosa .logging_util import satosa_logging
1918from satosa .micro_services .base import ResponseMicroService
2019from satosa .response import Redirect
2120
22-
21+ import satosa . logging_util as lu
2322logger = logging .getLogger (__name__ )
2423
2524KEY_FOUND_LDAP_RECORD = "ldap_attribute_store_found_record"
@@ -66,15 +65,15 @@ def __init__(self, config, *args, **kwargs):
6665
6766 if "default" in config and "" in config :
6867 msg = """Use either 'default' or "" in config but not both"""
69- satosa_logging ( logger , logging . ERROR , msg , None )
68+ logger . error ( msg )
7069 raise LdapAttributeStoreError (msg )
7170
7271 if "" in config :
7372 config ["default" ] = config .pop ("" )
7473
7574 if "default" not in config :
7675 msg = "No default configuration is present"
77- satosa_logging ( logger , logging . ERROR , msg , None )
76+ logger . error ( msg )
7877 raise LdapAttributeStoreError (msg )
7978
8079 self .config = {}
@@ -88,7 +87,7 @@ def __init__(self, config, *args, **kwargs):
8887 for sp in sp_list :
8988 if not isinstance (config [sp ], dict ):
9089 msg = "Configuration value for {} must be a dictionary"
91- satosa_logging ( logger , logging . ERROR , msg , None )
90+ logger . error ( msg )
9291 raise LdapAttributeStoreError (msg )
9392
9493 # Initialize configuration using module defaults then update
@@ -111,28 +110,28 @@ def __init__(self, config, *args, **kwargs):
111110 if connection_params in connections :
112111 sp_config ["connection" ] = connections [connection_params ]
113112 msg = "Reusing LDAP connection for SP {}" .format (sp )
114- satosa_logging ( logger , logging . DEBUG , msg , None )
113+ logger . debug ( msg )
115114 else :
116115 try :
117116 connection = self ._ldap_connection_factory (sp_config )
118117 connections [connection_params ] = connection
119118 sp_config ["connection" ] = connection
120119 msg = "Created new LDAP connection for SP {}" .format (sp )
121- satosa_logging ( logger , logging . DEBUG , msg , None )
120+ logger . debug ( msg )
122121 except LdapAttributeStoreError :
123122 # It is acceptable to not have a default LDAP connection
124123 # but all SP overrides must have a connection, either
125124 # inherited from the default or directly configured.
126125 if sp != "default" :
127126 msg = "No LDAP connection can be initialized for SP {}"
128127 msg = msg .format (sp )
129- satosa_logging ( logger , logging . ERROR , msg , None )
128+ logger . error ( msg )
130129 raise LdapAttributeStoreError (msg )
131130
132131 self .config [sp ] = sp_config
133132
134133 msg = "LDAP Attribute Store microservice initialized"
135- satosa_logging ( logger , logging . INFO , msg , None )
134+ logger . info ( msg )
136135
137136 def _construct_filter_value (
138137 self , candidate , name_id_value , name_id_format , issuer , attributes
@@ -176,7 +175,7 @@ def _construct_filter_value(
176175 for attr_value in [attributes .get (identifier_name )]
177176 ]
178177 msg = "Found candidate values {}" .format (values )
179- satosa_logging ( logger , logging . DEBUG , msg , None )
178+ logger . debug ( msg )
180179
181180 # If one of the configured identifier names is name_id then if there is
182181 # also a configured name_id_format add the value for the NameID of that
@@ -190,7 +189,7 @@ def _construct_filter_value(
190189 and candidate_name_id_format == name_id_format
191190 ):
192191 msg = "IdP asserted NameID {}" .format (name_id_value )
193- satosa_logging ( logger , logging . DEBUG , msg , None )
192+ logger . debug ( msg )
194193 candidate_nameid_value = name_id_value
195194
196195 # Only add the NameID value asserted by the IdP if it is not
@@ -201,18 +200,18 @@ def _construct_filter_value(
201200 if candidate_nameid_value not in values :
202201 msg = "Added NameID {} to candidate values"
203202 msg = msg .format (candidate_nameid_value )
204- satosa_logging ( logger , logging . DEBUG , msg , None )
203+ logger . debug ( msg )
205204 values .append (candidate_nameid_value )
206205 else :
207206 msg = "NameID {} value also asserted as attribute value"
208207 msg = msg .format (candidate_nameid_value )
209- satosa_logging ( logger , logging . WARN , msg , None )
208+ logger . warning ( msg )
210209
211210 # If no value was asserted by the IdP for one of the configured list of
212211 # identifier names for this candidate then go onto the next candidate.
213212 if None in values :
214213 msg = "Candidate is missing value so skipping"
215- satosa_logging ( logger , logging . DEBUG , msg , None )
214+ logger . debug ( msg )
216215 return None
217216
218217 # All values for the configured list of attribute names are present
@@ -225,14 +224,14 @@ def _construct_filter_value(
225224 else candidate ["add_scope" ]
226225 )
227226 msg = "Added scope {} to values" .format (scope )
228- satosa_logging ( logger , logging . DEBUG , msg , None )
227+ logger . debug ( msg )
229228 values .append (scope )
230229
231230 # Concatenate all values to create the filter value.
232231 value = "" .join (values )
233232
234233 msg = "Constructed filter value {}" .format (value )
235- satosa_logging ( logger , logging . DEBUG , msg , None )
234+ logger . debug ( msg )
236235
237236 return value
238237
@@ -283,13 +282,13 @@ def _ldap_connection_factory(self, config):
283282 server = ldap3 .Server (** args )
284283
285284 msg = "Creating a new LDAP connection"
286- satosa_logging ( logger , logging . DEBUG , msg , None )
285+ logger . debug ( msg )
287286
288287 msg = "Using LDAP URL {}" .format (ldap_url )
289- satosa_logging ( logger , logging . DEBUG , msg , None )
288+ logger . debug ( msg )
290289
291290 msg = "Using bind DN {}" .format (bind_dn )
292- satosa_logging ( logger , logging . DEBUG , msg , None )
291+ logger . debug ( msg )
293292
294293 auto_bind_string = config ["auto_bind" ]
295294 auto_bind_map = {
@@ -309,9 +308,9 @@ def _ldap_connection_factory(self, config):
309308
310309 if client_strategy == ldap3 .REUSABLE :
311310 msg = "Using pool size {}" .format (pool_size )
312- satosa_logging ( logger , logging . DEBUG , msg , None )
311+ logger . debug ( msg )
313312 msg = "Using pool keep alive {}" .format (pool_keepalive )
314- satosa_logging ( logger , logging . DEBUG , msg , None )
313+ logger . debug ( msg )
315314
316315 try :
317316 connection = ldap3 .Connection (
@@ -327,16 +326,16 @@ def _ldap_connection_factory(self, config):
327326 pool_keepalive = pool_keepalive ,
328327 )
329328 msg = "Successfully connected to LDAP server"
330- satosa_logging ( logger , logging . DEBUG , msg , None )
329+ logger . debug ( msg )
331330
332331 except LDAPException as e :
333332 msg = "Caught exception when connecting to LDAP server: {}"
334333 msg = msg .format (e )
335- satosa_logging ( logger , logging . ERROR , msg , None )
334+ logger . error ( msg )
336335 raise LdapAttributeStoreError (msg )
337336
338337 msg = "Successfully connected to LDAP server"
339- satosa_logging ( logger , logging . DEBUG , msg , None )
338+ logger . debug ( msg )
340339
341340 return connection
342341
@@ -348,7 +347,7 @@ def _populate_attributes(self, config, record):
348347 ldap_attributes = record .get ("attributes" , None )
349348 if not ldap_attributes :
350349 msg = "No attributes returned with LDAP record"
351- satosa_logging ( logger , logging . DEBUG , msg , None )
350+ logger . debug ( msg )
352351 return
353352
354353 ldap_to_internal_map = (
@@ -374,7 +373,7 @@ def _populate_attributes(self, config, record):
374373 )
375374 msg = "Recording internal attribute {} with values {}"
376375 msg = msg .format (internal_attr , attributes [internal_attr ])
377- satosa_logging ( logger , logging . DEBUG , msg , None )
376+ logger . debug ( msg )
378377
379378 return attributes
380379
@@ -408,12 +407,14 @@ def process(self, context, data):
408407 "issuer" : issuer ,
409408 "config" : self ._filter_config (config ),
410409 }
411- satosa_logging (logger , logging .DEBUG , msg , context .state )
410+ logline = lu .LOG_FMT .format (id = lu .get_session_id (context .state ), message = msg )
411+ logger .debug (logline )
412412
413413 # Ignore this SP entirely if so configured.
414414 if config ["ignore" ]:
415415 msg = "Ignoring SP {}" .format (requester )
416- satosa_logging (logger , logging .INFO , msg , context .state )
416+ logline = lu .LOG_FMT .format (id = lu .get_session_id (context .state ), message = msg )
417+ logger .info (logline )
417418 return super ().process (context , data )
418419
419420 # The list of values for the LDAP search filters that will be tried in
@@ -437,7 +438,8 @@ def process(self, context, data):
437438 if filter_value
438439 ]
439440 msg = {"message" : "Search filters" , "filter_values" : filter_values }
440- satosa_logging (logger , logging .DEBUG , msg , context .state )
441+ logline = lu .LOG_FMT .format (id = lu .get_session_id (context .state ), message = msg )
442+ logger .debug (logline )
441443
442444 # Initialize an empty LDAP record. The first LDAP record found using
443445 # the ordered # list of search filter values will be the record used.
@@ -459,7 +461,8 @@ def process(self, context, data):
459461 "message" : "LDAP query with constructed search filter" ,
460462 "search filter" : search_filter ,
461463 }
462- satosa_logging (logger , logging .DEBUG , msg , context .state )
464+ logline = lu .LOG_FMT .format (id = lu .get_session_id (context .state ), message = msg )
465+ logger .debug (logline )
463466
464467 attributes = (
465468 config ["query_return_attributes" ]
@@ -480,13 +483,15 @@ def process(self, context, data):
480483 exp_msg = "Caught unhandled exception: {}" .format (err )
481484
482485 if exp_msg :
483- satosa_logging (logger , logging .ERROR , exp_msg , context .state )
486+ logline = lu .LOG_FMT .format (id = lu .get_session_id (context .state ), message = exp_msg )
487+ logger .error (logline )
484488 return super ().process (context , data )
485489
486490 if not results :
487491 msg = "Querying LDAP server: No results for {}."
488492 msg = msg .format (filter_val )
489- satosa_logging (logger , logging .DEBUG , msg , context .state )
493+ logline = lu .LOG_FMT .format (id = lu .get_session_id (context .state ), message = msg )
494+ logger .debug (logline )
490495 continue
491496
492497 if isinstance (results , bool ):
@@ -495,17 +500,20 @@ def process(self, context, data):
495500 responses = connection .get_response (results )[0 ]
496501
497502 msg = "Done querying LDAP server"
498- satosa_logging (logger , logging .DEBUG , msg , context .state )
503+ logline = lu .LOG_FMT .format (id = lu .get_session_id (context .state ), message = msg )
504+ logger .debug (logline )
499505 msg = "LDAP server returned {} records" .format (len (responses ))
500- satosa_logging (logger , logging .INFO , msg , context .state )
506+ logline = lu .LOG_FMT .format (id = lu .get_session_id (context .state ), message = msg )
507+ logger .info (logline )
501508
502509 # For now consider only the first record found (if any).
503510 if len (responses ) > 0 :
504511 if len (responses ) > 1 :
505512 msg = "LDAP server returned {} records using search filter"
506513 msg = msg + " value {}"
507514 msg = msg .format (len (responses ), filter_val )
508- satosa_logging (logger , logging .WARN , msg , context .state )
515+ logline = lu .LOG_FMT .format (id = lu .get_session_id (context .state ), message = msg )
516+ logger .warning (logline )
509517 record = responses [0 ]
510518 break
511519
@@ -514,7 +522,8 @@ def process(self, context, data):
514522 if config ["clear_input_attributes" ]:
515523 msg = "Clearing values for these input attributes: {}"
516524 msg = msg .format (data .attributes )
517- satosa_logging (logger , logging .DEBUG , msg , context .state )
525+ logline = lu .LOG_FMT .format (id = lu .get_session_id (context .state ), message = msg )
526+ logger .debug (logline )
518527 data .attributes = {}
519528
520529 # This adapts records with different search and connection strategy
@@ -538,7 +547,8 @@ def process(self, context, data):
538547 "DN" : record ["dn" ],
539548 "attributes" : record ["attributes" ],
540549 }
541- satosa_logging (logger , logging .DEBUG , msg , context .state )
550+ logline = lu .LOG_FMT .format (id = lu .get_session_id (context .state ), message = msg )
551+ logger .debug (logline )
542552
543553 # Populate attributes as configured.
544554 new_attrs = self ._populate_attributes (config , record )
@@ -555,16 +565,18 @@ def process(self, context, data):
555565 if user_ids :
556566 data .subject_id = "" .join (user_ids )
557567 msg = "NameID value is {}" .format (data .subject_id )
558- satosa_logging ( logger , logging . DEBUG , msg , None )
568+ logger . debug ( msg )
559569
560570 # Add the record to the context so that later microservices
561571 # may use it if required.
562572 context .decorate (KEY_FOUND_LDAP_RECORD , record )
563573 msg = "Added record {} to context" .format (record )
564- satosa_logging (logger , logging .DEBUG , msg , context .state )
574+ logline = lu .LOG_FMT .format (id = lu .get_session_id (context .state ), message = msg )
575+ logger .debug (logline )
565576 else :
566577 msg = "No record found in LDAP so no attributes will be added"
567- satosa_logging (logger , logging .WARN , msg , context .state )
578+ logline = lu .LOG_FMT .format (id = lu .get_session_id (context .state ), message = msg )
579+ logger .warning (msg )
568580 on_ldap_search_result_empty = config ["on_ldap_search_result_empty" ]
569581 if on_ldap_search_result_empty :
570582 # Redirect to the configured URL with
@@ -578,9 +590,11 @@ def process(self, context, data):
578590 encoded_idp_entity_id ,
579591 )
580592 msg = "Redirecting to {}" .format (url )
581- satosa_logging (logger , logging .INFO , msg , context .state )
593+ logline = lu .LOG_FMT .format (id = lu .get_session_id (context .state ), message = msg )
594+ logger .info (msg )
582595 return Redirect (url )
583596
584597 msg = "Returning data.attributes {}" .format (data .attributes )
585- satosa_logging (logger , logging .DEBUG , msg , context .state )
598+ logline = lu .LOG_FMT .format (id = lu .get_session_id (context .state ), message = msg )
599+ logger .debug (msg )
586600 return super ().process (context , data )
0 commit comments