tessl/pypi-ldap3
tessl install tessl/pypi-ldap3@1.4.0A strictly RFC 4510 conforming LDAP V3 pure Python client library
Agent Success
Agent success rate when using this tile
81%
Improvement
Agent success rate improvement when using this tile compared to baseline
1.08x
Baseline
Agent success rate without this tile
75%
task.mdevals/scenario-6/
Secure LDAP TLS Client
A module that establishes a mutually authenticated TLS connection to an LDAP directory and exposes a minimal surface for authenticated queries.
Capabilities
Establishes TLS session with mutual authentication
- With valid host, port, CA certificate, client certificate, and client key, establishing a session succeeds and reports that TLS is active @test
- When the CA certificate cannot validate the server, establishing a session raises a certificate validation error @test
Performs certificate-based bind
- After establishing TLS, performs a certificate-based bind that reports the authenticated identity without requiring a password @test
- When the client key is missing or unreadable, certificate-based bind fails with a clear error @test
Executes search after secure bind
- After a successful certificate-based bind, running a subtree search under a given base DN returns entries containing only requested attributes @test
Implementation
@generates
API
from typing import Any, Dict, List, Optional, Protocol
class TLSConfig(Protocol):
host: str
port: int
use_ssl: bool
ca_cert_file: str
client_cert_file: str
client_key_file: str
require_hostname_check: bool
def establish_session(config: TLSConfig, timeout: Optional[float] = None) -> Any:
"""
Opens a TLS-secured LDAP session using the provided CA/client materials and returns a session handle
that exposes whether TLS is active.
Raises on TLS verification issues or bind failures.
"""
def certificate_bind(session: Any, authz_id: Optional[str] = None) -> str:
"""
Performs a certificate-based bind on the existing TLS session without using a password.
Optionally allows specifying an authorization identity to assert.
Returns the bound identity string and raises if TLS is missing or client credentials are unusable.
"""
def search_entries(session: Any, base_dn: str, filter_expression: str, attributes: List[str]) -> List[Dict[str, Any]]:
"""
Executes a subtree search using the authenticated session and returns entries with only requested attributes,
formatted as dictionaries keyed by DN and attribute names.
Raises if the search fails or when called on an unbound session.
"""Dependencies { .dependencies }
ldap3 { .dependency }
Provides LDAP client capabilities with TLS support and certificate-based authentication.
'%3e%3cpath%20d='M3.389%209.069c0-.009.043-.033.029-.044L.029%207.77l3.287-1.197L6.574%207.77l.106.083.005%204-3.297%201.185V9.068ZM13.582%209.32V2.74l3.405%201.238v4.104L13.583%209.32ZM10.253%2014.66l-3.476%201.268v-4.027l3.476-1.313v4.072ZM10.253%2010.558l-3.476%201.239V7.784l3.476-1.268v4.042ZM10.253%2014.719v3.968L6.777%2020v-3.998l3.476-1.283ZM17%208.139v4.042l-3.418%201.239V9.378L17%208.138ZM3.3%2017.168%200%2015.943v-4.027l3.3%201.224v4.028ZM6.69%2011.916v4.027l-3.302%201.225v-4.072l3.301-1.18ZM6.69%203.743v4.012l-3.33-1.21V2.564l3.33%201.18Z'/%3e%3cpath%20d='M3.3%2013.066%200%2011.842V7.844l3.3%201.224v3.998ZM13.524%209.334l-.175.088.175-.014v4.027l-3.152%201.183-.06-.032v-3.983l1.986-.767-.111.006-1.876.657V6.531l3.213-1.224v4.027Zm-.263.133c-.065.008-.198.023-.233.088.065-.008.198-.023.233-.088Zm-.321.118c-.065.008-.198.023-.233.088.065-.009.198-.023.233-.088Zm-.321.118c-.066.008-.199.023-.234.088.065-.008.199-.023.234-.088ZM13.524%201.266v3.968l-3.213%201.195V2.46l3.213-1.194ZM10.253%202.475v3.968L6.777%207.726V3.743l3.476-1.268ZM8.2%204.458c-.304.064-.627.5-.708.79-.27.963.636%201.081%201.091.364.277-.437.354-1.308-.383-1.154ZM13.524%2013.51v3.983l-3.17%201.177c-.011%200-.043-.067-.043-.07v-3.895l3.213-1.195Zm-.884%201.63c-.495.085-1.068%201.015-.676%201.435.483.517%201.502-.636%201.147-1.246-.098-.169-.286-.221-.47-.19ZM10.165%202.387l-.037.065-3.395%201.249-3.345-1.212L6.88%201.21l3.285%201.178ZM13.437%201.177l-.088.073-3.057%201.127-3.034-1.082-.277-.133L10.151%200l3.286%201.177Z'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='a'%3e%3cpath%20fill='%23fff'%20d='M0%200h17v20H0z'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}