sources/ldap: set connect/receive timeout (default to 15s)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
8003d67844
commit
4a773b2b4f
|
@ -7,7 +7,7 @@ from structlog.stdlib import get_logger
|
||||||
|
|
||||||
from authentik.core.auth import InbuiltBackend
|
from authentik.core.auth import InbuiltBackend
|
||||||
from authentik.core.models import User
|
from authentik.core.models import User
|
||||||
from authentik.sources.ldap.models import LDAPSource
|
from authentik.sources.ldap.models import LDAP_TIMEOUT, LDAPSource
|
||||||
|
|
||||||
LOGGER = get_logger()
|
LOGGER = get_logger()
|
||||||
LDAP_DISTINGUISHED_NAME = "distinguishedName"
|
LDAP_DISTINGUISHED_NAME = "distinguishedName"
|
||||||
|
@ -62,6 +62,7 @@ class LDAPBackend(InbuiltBackend):
|
||||||
user=user.attributes.get(LDAP_DISTINGUISHED_NAME),
|
user=user.attributes.get(LDAP_DISTINGUISHED_NAME),
|
||||||
password=password,
|
password=password,
|
||||||
raise_exceptions=True,
|
raise_exceptions=True,
|
||||||
|
receive_timeout=LDAP_TIMEOUT,
|
||||||
)
|
)
|
||||||
temp_connection.bind()
|
temp_connection.bind()
|
||||||
return user
|
return user
|
||||||
|
|
|
@ -9,6 +9,8 @@ from rest_framework.serializers import Serializer
|
||||||
from authentik.core.models import Group, PropertyMapping, Source
|
from authentik.core.models import Group, PropertyMapping, Source
|
||||||
from authentik.lib.models import DomainlessURLValidator
|
from authentik.lib.models import DomainlessURLValidator
|
||||||
|
|
||||||
|
LDAP_TIMEOUT = 15
|
||||||
|
|
||||||
|
|
||||||
class LDAPSource(Source):
|
class LDAPSource(Source):
|
||||||
"""Federate LDAP Directory with authentik, or create new accounts in LDAP."""
|
"""Federate LDAP Directory with authentik, or create new accounts in LDAP."""
|
||||||
|
@ -86,12 +88,13 @@ class LDAPSource(Source):
|
||||||
def connection(self) -> Connection:
|
def connection(self) -> Connection:
|
||||||
"""Get a fully connected and bound LDAP Connection"""
|
"""Get a fully connected and bound LDAP Connection"""
|
||||||
if not self._connection:
|
if not self._connection:
|
||||||
server = Server(self.server_uri, get_info=ALL)
|
server = Server(self.server_uri, get_info=ALL, connect_timeout=LDAP_TIMEOUT)
|
||||||
self._connection = Connection(
|
self._connection = Connection(
|
||||||
server,
|
server,
|
||||||
raise_exceptions=True,
|
raise_exceptions=True,
|
||||||
user=self.bind_cn,
|
user=self.bind_cn,
|
||||||
password=self.bind_password,
|
password=self.bind_password,
|
||||||
|
receive_timeout=LDAP_TIMEOUT,
|
||||||
)
|
)
|
||||||
|
|
||||||
self._connection.bind()
|
self._connection.bind()
|
||||||
|
|
Reference in a new issue