ADProvider

Bases: LDAPProvider

Active Directory Identity Provider.

Inherits from LDAPProvider with default settings for Active Directory.

Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. It is widely used in enterprise environments for managing user accounts, groups, and permissions. The ADProvider class is a specialized implementation of the LDAPProvider that is tailored for authenticating users against an Active Directory server.

Source code in src/alpha/providers/ldap_provider.py

class ADProvider(LDAPProvider):
    """Active Directory Identity Provider.

    Inherits from LDAPProvider with default settings for Active Directory.

    Active Directory (AD) is a directory service developed by Microsoft for
    Windows domain networks. It is widely used in enterprise environments for
    managing user accounts, groups, and permissions. The ADProvider class is a
    specialized implementation of the LDAPProvider that is tailored for
    authenticating users against an Active Directory server.
    """

    def __init__(
        self,
        connector: LDAPConnector,
        token_factory: TokenFactory | None = None,
        search_filter_key: str = "sAMAccountName",
        search_base: str = "CN=users,DC=example,DC=com",
        search_attributes: list[str] = AD_SEARCH_ATTRIBUTES,
        identity_mappings: dict[str, str] = DEFAULT_AD_MAPPINGS,
        populate_groups: bool = True,
        populate_permissions: bool = False,
        populate_claims: bool = True,
        auto_connect: bool = True,
        change_password_supported: bool = False,
    ) -> None:
        """Initialize ADProvider

        Parameters
        ----------
        connector
            Connector to use for LDAP operations.
        token_factory
            Factory used to create tokens, by default None.
        search_filter_key
            Key to use for Active Directory search filter, by default
            "sAMAccountName".
        search_base
            Base distinguished name (DN) for Active Directory searches, by default
            "CN=users,DC=example,DC=com".
        search_attributes
            Attributes to retrieve during Active Directory searches, by default
            AD_SEARCH_ATTRIBUTES.
        identity_mappings
            Mapping of Active Directory attributes to :class:`Identity` fields, by
            default DEFAULT_AD_MAPPINGS.
        populate_groups
            Whether to populate group memberships on the :class:`Identity`, by
            default True.
        populate_permissions
            Whether to populate permissions on the :class:`Identity`, by default
            False.
        populate_claims
            Whether to populate claims on the :class:`Identity`, by default
            True.
        auto_connect
            Whether to automatically open the LDAP connection on first use, by
            default True.
        change_password_supported
            Whether this provider supports changing passwords, by default
            False.
        """
        super().__init__(
            connector=connector,
            token_factory=token_factory,
            search_filter_key=search_filter_key,
            search_base=search_base,
            search_attributes=search_attributes,
            identity_mappings=identity_mappings,
            populate_groups=populate_groups,
            populate_permissions=populate_permissions,
            populate_claims=populate_claims,
            auto_connect=auto_connect,
            change_password_supported=change_password_supported,
        )

Methods:

init

__init__(connector, token_factory=None, search_filter_key='sAMAccountName', search_base='CN=users,DC=example,DC=com', search_attributes=AD_SEARCH_ATTRIBUTES, identity_mappings=DEFAULT_AD_MAPPINGS, populate_groups=True, populate_permissions=False, populate_claims=True, auto_connect=True, change_password_supported=False)

Initialize ADProvider

Parameters:

connector (LDAPConnector) –

Connector to use for LDAP operations.
token_factory (TokenFactory | None, default: None ) –

Factory used to create tokens, by default None.
search_filter_key (str, default: 'sAMAccountName' ) –

Key to use for Active Directory search filter, by default "sAMAccountName".
search_base (str, default: 'CN=users,DC=example,DC=com' ) –

Base distinguished name (DN) for Active Directory searches, by default "CN=users,DC=example,DC=com".
search_attributes (list[str], default: AD_SEARCH_ATTRIBUTES ) –

Attributes to retrieve during Active Directory searches, by default AD_SEARCH_ATTRIBUTES.
identity_mappings (dict[str, str], default: DEFAULT_AD_MAPPINGS ) –

Mapping of Active Directory attributes to :class:Identity fields, by default DEFAULT_AD_MAPPINGS.
populate_groups (bool, default: True ) –

Whether to populate group memberships on the :class:Identity, by default True.
populate_permissions (bool, default: False ) –

Whether to populate permissions on the :class:Identity, by default False.
populate_claims (bool, default: True ) –

Whether to populate claims on the :class:Identity, by default True.
auto_connect (bool, default: True ) –

Whether to automatically open the LDAP connection on first use, by default True.
change_password_supported (bool, default: False ) –

Whether this provider supports changing passwords, by default False.

Source code in src/alpha/providers/ldap_provider.py

def __init__(
    self,
    connector: LDAPConnector,
    token_factory: TokenFactory | None = None,
    search_filter_key: str = "sAMAccountName",
    search_base: str = "CN=users,DC=example,DC=com",
    search_attributes: list[str] = AD_SEARCH_ATTRIBUTES,
    identity_mappings: dict[str, str] = DEFAULT_AD_MAPPINGS,
    populate_groups: bool = True,
    populate_permissions: bool = False,
    populate_claims: bool = True,
    auto_connect: bool = True,
    change_password_supported: bool = False,
) -> None:
    """Initialize ADProvider

    Parameters
    ----------
    connector
        Connector to use for LDAP operations.
    token_factory
        Factory used to create tokens, by default None.
    search_filter_key
        Key to use for Active Directory search filter, by default
        "sAMAccountName".
    search_base
        Base distinguished name (DN) for Active Directory searches, by default
        "CN=users,DC=example,DC=com".
    search_attributes
        Attributes to retrieve during Active Directory searches, by default
        AD_SEARCH_ATTRIBUTES.
    identity_mappings
        Mapping of Active Directory attributes to :class:`Identity` fields, by
        default DEFAULT_AD_MAPPINGS.
    populate_groups
        Whether to populate group memberships on the :class:`Identity`, by
        default True.
    populate_permissions
        Whether to populate permissions on the :class:`Identity`, by default
        False.
    populate_claims
        Whether to populate claims on the :class:`Identity`, by default
        True.
    auto_connect
        Whether to automatically open the LDAP connection on first use, by
        default True.
    change_password_supported
        Whether this provider supports changing passwords, by default
        False.
    """
    super().__init__(
        connector=connector,
        token_factory=token_factory,
        search_filter_key=search_filter_key,
        search_base=search_base,
        search_attributes=search_attributes,
        identity_mappings=identity_mappings,
        populate_groups=populate_groups,
        populate_permissions=populate_permissions,
        populate_claims=populate_claims,
        auto_connect=auto_connect,
        change_password_supported=change_password_supported,
    )