Merge pull request #294 from rebeckag/conditional_ldap

Roland Hedberg · Roland Hedberg · commit b28774d9737b · 2015-12-12T21:25:14.000+01:00
Only define LDAP authn support if the library can be imported.
diff --git a/src/saml2/authn.py b/src/saml2/authn.py
@@ -1,7 +1,6 @@
 import logging
 import six
 import time
-import ldap
 from saml2 import SAMLError
 from saml2.aes import AESCipher
 from saml2.httputil import Response
@@ -231,33 +230,38 @@ def __call__(self, **kwargs):
         else:
             pass  # TODO
 
-
-class LDAPAuthn(UsernamePasswordMako):
-    def __init__(self, srv, ldapsrv, return_to,
-                 dn_pattern, mako_template, template_lookup):
-        """
-        :param srv: The server instance
-        :param ldapsrv: Which LDAP server to us
-        :param return_to: Where to send the user after authentication
-        :return:
-        """
-        UsernamePasswordMako.__init__(self, srv, mako_template, template_lookup,
-                                      None, return_to)
-
-        self.ldap = ldap.initialize(ldapsrv)
-        self.ldap.protocol_version = 3
-        self.ldap.set_option(ldap.OPT_REFERRALS, 0)
-        self.dn_pattern = dn_pattern
-
-    def _verify(self, pwd, user):
-        """
-        Verifies the username and password agains a LDAP server
-        :param pwd: The password
-        :param user: The username
-        :return: AssertionError if the LDAP verification failed.
-        """
-        _dn = self.dn_pattern % user
-        try:
-            self.ldap.simple_bind_s(_dn, pwd)
-        except Exception:
-            raise AssertionError()
+try:
+    import ldap
+
+    class LDAPAuthn(UsernamePasswordMako):
+        def __init__(self, srv, ldapsrv, return_to,
+                     dn_pattern, mako_template, template_lookup):
+            """
+            :param srv: The server instance
+            :param ldapsrv: Which LDAP server to us
+            :param return_to: Where to send the user after authentication
+            :return:
+            """
+            UsernamePasswordMako.__init__(self, srv, mako_template, template_lookup,
+                                          None, return_to)
+
+            self.ldap = ldap.initialize(ldapsrv)
+            self.ldap.protocol_version = 3
+            self.ldap.set_option(ldap.OPT_REFERRALS, 0)
+            self.dn_pattern = dn_pattern
+
+        def _verify(self, pwd, user):
+            """
+            Verifies the username and password agains a LDAP server
+            :param pwd: The password
+            :param user: The username
+            :return: AssertionError if the LDAP verification failed.
+            """
+            _dn = self.dn_pattern % user
+            try:
+                self.ldap.simple_bind_s(_dn, pwd)
+            except Exception:
+                raise AssertionError()
+except ImportError:
+    class LDAPAuthn(UserAuthnMethod):
+        pass
