move ldap

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

authentik/common/ldap/constants.py

@@ -0,0 +1 @@
+LDAP_DISTINGUISHED_NAME = "distinguishedName"

authentik/providers/saml/processors/assertion.py

@@ -10,6 +10,7 @@ from lxml import etree  # nosec
 from lxml.etree import Element, SubElement  # nosec
 from structlog.stdlib import get_logger
 
+from authentik.common.ldap.constants import LDAP_DISTINGUISHED_NAME
 from authentik.common.saml.constants import (
     DIGEST_ALGORITHM_TRANSLATION_MAP,
     NS_MAP,
@@ -36,7 +37,6 @@ from authentik.events.signals import get_login_event
 from authentik.lib.utils.time import timedelta_from_string
 from authentik.providers.saml.models import SAMLPropertyMapping, SAMLProvider
 from authentik.providers.saml.processors.authn_request_parser import AuthNRequest
-from authentik.sources.ldap.auth import LDAP_DISTINGUISHED_NAME
 from authentik.stages.password.stage import PLAN_CONTEXT_METHOD, PLAN_CONTEXT_METHOD_ARGS
 
 LOGGER = get_logger()

authentik/sources/ldap/auth.py

@@ -4,9 +4,10 @@ from django.http import HttpRequest
 from ldap3.core.exceptions import LDAPException, LDAPInvalidCredentialsResult
 from structlog.stdlib import get_logger
 
+from authentik.common.ldap.constants import LDAP_DISTINGUISHED_NAME
 from authentik.core.auth import InbuiltBackend
 from authentik.core.models import User
-from authentik.sources.ldap.models import LDAP_DISTINGUISHED_NAME, LDAPSource
+from authentik.sources.ldap.models import LDAPSource
 
 LOGGER = get_logger()
 

authentik/sources/ldap/models.py

@@ -15,6 +15,7 @@ from ldap3 import ALL, NONE, RANDOM, Connection, Server, ServerPool, Tls
 from ldap3.core.exceptions import LDAPException, LDAPInsufficientAccessRightsResult, LDAPSchemaError
 from rest_framework.serializers import Serializer
 
+from authentik.common.ldap.constants import LDAP_DISTINGUISHED_NAME
 from authentik.core.models import (
     Group,
     GroupSourceConnection,
@@ -24,11 +25,10 @@ from authentik.core.models import (
 )
 from authentik.crypto.models import CertificateKeyPair
 from authentik.lib.config import CONFIG
-from authentik.lib.models import DomainlessURLValidator
+from authentik.lib.models import DomainlessURLValidator, internal_model
 
 LDAP_TIMEOUT = 15
 LDAP_UNIQUENESS = "ldap_uniq"
-LDAP_DISTINGUISHED_NAME = "distinguishedName"
 
 
 def flatten(value: Any) -> Any:
@@ -320,6 +320,7 @@ class LDAPSourcePropertyMapping(PropertyMapping):
         verbose_name_plural = _("LDAP Source Property Mappings")
 
 
+@internal_model
 class UserLDAPSourceConnection(UserSourceConnection):
     @property
     def serializer(self) -> type[Serializer]:
@@ -334,6 +335,7 @@ class UserLDAPSourceConnection(UserSourceConnection):
         verbose_name_plural = _("User LDAP Source Connections")
 
 
+@internal_model
 class GroupLDAPSourceConnection(GroupSourceConnection):
     @property
     def serializer(self) -> type[Serializer]:

authentik/sources/ldap/password.py

@@ -11,8 +11,8 @@ from ldap3.core.exceptions import (
 )
 from structlog.stdlib import get_logger
 
+from authentik.common.ldap.constants import LDAP_DISTINGUISHED_NAME
 from authentik.core.models import User
-from authentik.sources.ldap.auth import LDAP_DISTINGUISHED_NAME
 from authentik.sources.ldap.models import LDAPSource
 
 LOGGER = get_logger()

authentik/sources/ldap/sync/membership.py

@@ -6,8 +6,9 @@ from typing import Any
 from django.db.models import Q
 from ldap3 import SUBTREE
 
+from authentik.common.ldap.constants import LDAP_DISTINGUISHED_NAME
 from authentik.core.models import Group, User
-from authentik.sources.ldap.models import LDAP_DISTINGUISHED_NAME, LDAP_UNIQUENESS, LDAPSource
+from authentik.sources.ldap.models import LDAP_UNIQUENESS, LDAPSource
 from authentik.sources.ldap.sync.base import BaseLDAPSynchronizer