ldap-client-0.1.0: Pure Haskell LDAP Client Library

Safe HaskellSafe-Inferred
LanguageHaskell2010

Ldap.Asn1.Type

Synopsis

Documentation

data LdapMessage op Source

Message envelope. (Section 4.1.1.)

Instances

Eq op => Eq (LdapMessage op) 
Show op => Show (LdapMessage op) 
ToAsn1 op => ToAsn1 (LdapMessage op)
LDAPMessage ::= SEQUENCE {
     messageID       MessageID,
     protocolOp      CHOICE {
          bindRequest           BindRequest,
          bindResponse          BindResponse,
          unbindRequest         UnbindRequest,
          searchRequest         SearchRequest,
          searchResEntry        SearchResultEntry,
          searchResDone         SearchResultDone,
          searchResRef          SearchResultReference,
          addRequest            AddRequest,
          addResponse           AddResponse,
          ... },
     controls       [0] Controls OPTIONAL }
FromAsn1 op => FromAsn1 (LdapMessage op)
LDAPMessage ::= SEQUENCE {
     messageID       MessageID,
     protocolOp      CHOICE {
          bindRequest           BindRequest,
          bindResponse          BindResponse,
          unbindRequest         UnbindRequest,
          searchRequest         SearchRequest,
          searchResEntry        SearchResultEntry,
          searchResDone         SearchResultDone,
          searchResRef          SearchResultReference,
          addRequest            AddRequest,
          addResponse           AddResponse,
          ... },
     controls       [0] Controls OPTIONAL }

newtype Id Source

Every message being processed has a unique non-zero integer ID. (Section 4.1.1.1.)

Constructors

Id 

Fields

unId :: Int32
 

Instances

Eq Id 
Ord Id 
Show Id 
ToAsn1 Id
MessageID ::= INTEGER (0 ..  maxInt)
FromAsn1 Id
MessageID ::= INTEGER (0 ..  maxInt)

data ProtocolClientOp Source

Client requests. The RFC doesn't make a difference between ProtocolClientOp and ProtocolServerOp but it's useful to distinguish between them in Haskell.

Instances

Eq ProtocolClientOp 
Show ProtocolClientOp 
ToAsn1 ProtocolClientOp
BindRequest ::= [APPLICATION 0] SEQUENCE {
     version                 INTEGER (1 ..  127),
     name                    LDAPDN,
     authentication          AuthenticationChoice }
UnbindRequest ::= [APPLICATION 2] NULL
SearchRequest ::= [APPLICATION 3] SEQUENCE {
     baseObject      LDAPDN,
     scope           ENUMERATED {
          baseObject              (0),
          singleLevel             (1),
          wholeSubtree            (2),
          ...  },
     derefAliases    ENUMERATED {
          neverDerefAliases       (0),
          derefInSearching        (1),
          derefFindingBaseObj     (2),
          derefAlways             (3) },
     sizeLimit       INTEGER (0 ..  maxInt),
     timeLimit       INTEGER (0 ..  maxInt),
     typesOnly       BOOLEAN,
     filter          Filter,
     attributes      AttributeSelection }
ModifyRequest ::= [APPLICATION 6] SEQUENCE {
     object          LDAPDN,
     changes         SEQUENCE OF change SEQUENCE {
          operation       ENUMERATED {
               add     (0),
               delete  (1),
               replace (2),
               ...  },
          modification    PartialAttribute } }
AddRequest ::= [APPLICATION 8] SEQUENCE {
     entry           LDAPDN,
     attributes      AttributeList }
DelRequest ::= [APPLICATION 10] LDAPDN
ModifyDNRequest ::= [APPLICATION 12] SEQUENCE {
     entry           LDAPDN,
     newrdn          RelativeLDAPDN,
     deleteoldrdn    BOOLEAN,
     newSuperior     [0] LDAPDN OPTIONAL }
CompareRequest ::= [APPLICATION 14] SEQUENCE {
     entry           LDAPDN,
     ava             AttributeValueAssertion }
ExtendedRequest ::= [APPLICATION 23] SEQUENCE {
     requestName      [0] LDAPOID,
     requestValue     [1] OCTET STRING OPTIONAL }

data ProtocolServerOp Source

Server responses. The RFC doesn't make a difference between ProtocolClientOp and ProtocolServerOp but it's useful to distinguish between them in Haskell.

Instances

Eq ProtocolServerOp 
Show ProtocolServerOp 
FromAsn1 ProtocolServerOp
BindResponse ::= [APPLICATION 1] SEQUENCE {
     COMPONENTS OF LDAPResult,
     serverSaslCreds    [7] OCTET STRING OPTIONAL }
SearchResultEntry ::= [APPLICATION 4] SEQUENCE {
     objectName      LDAPDN,
     attributes      PartialAttributeList }
SearchResultReference ::= [APPLICATION 19] SEQUENCE
                          SIZE (1..MAX) OF uri URI
SearchResultDone ::= [APPLICATION 5] LDAPResult
ModifyResponse ::= [APPLICATION 7] LDAPResult
AddResponse ::= [APPLICATION 9] LDAPResult
DelResponse ::= [APPLICATION 11] LDAPResult
ModifyDNResponse ::= [APPLICATION 13] LDAPResult
CompareResponse ::= [APPLICATION 15] LDAPResult
ExtendedResponse ::= [APPLICATION 24] SEQUENCE {
     COMPONENTS OF LDAPResult,
     responseName     [10] LDAPOID OPTIONAL,
     responseValue    [11] OCTET STRING OPTIONAL }
IntermediateResponse ::= [APPLICATION 25] SEQUENCE {
     responseName     [0] LDAPOID OPTIONAL,
     responseValue    [1] OCTET STRING OPTIONAL }

newtype AuthenticationChoice Source

Not really a choice until SASL is supported.

Constructors

Simple ByteString 

Instances

Eq AuthenticationChoice 
Show AuthenticationChoice 
ToAsn1 AuthenticationChoice
AuthenticationChoice ::= CHOICE {
     simple                  [0] OCTET STRING,
     ...  }

data Scope Source

Scope of the search to be performed.

Constructors

BaseObject

Constrained to the entry named by baseObject.

SingleLevel

Constrained to the immediate subordinates of the entry named by baseObject.

WholeSubtree

Constrained to the entry named by baseObject and to all its subordinates.

Instances

data DerefAliases Source

An indicator as to whether or not alias entries (as defined in [RFC4512]) are to be dereferenced during stages of the Search operation.

Constructors

NeverDerefAliases

Do not dereference aliases in searching or in locating the base object of the Search.

DerefInSearching

While searching subordinates of the base object, dereference any alias within the search scope.

DerefFindingBaseObject

Dereference aliases in locating the base object of the Search.

DerefAlways

Dereference aliases both in searching and in locating the base object of the Search.

data Filter Source

Conditions that must be fulfilled in order for the Search to match a given entry.

Constructors

And !(NonEmpty Filter)

All filters evaluate to TRUE

Or !(NonEmpty Filter)

Any filter evaluates to TRUE

Not Filter

Filter evaluates to FALSE

EqualityMatch AttributeValueAssertion

EQUALITY rule returns TRUE

Substrings SubstringFilter

SUBSTR rule returns TRUE

GreaterOrEqual AttributeValueAssertion

ORDERING rule returns FALSE

LessOrEqual AttributeValueAssertion

ORDERING or EQUALITY rule returns TRUE

Present AttributeDescription

Attribute is present in the entry

ApproxMatch AttributeValueAssertion

Same as EqualityMatch for most servers

ExtensibleMatch MatchingRuleAssertion 

Instances

Eq Filter 
Show Filter 
ToAsn1 Filter
Filter ::= CHOICE {
     and             [0] SET SIZE (1..MAX) OF filter Filter,
     or              [1] SET SIZE (1..MAX) OF filter Filter,
     not             [2] Filter,
     equalityMatch   [3] AttributeValueAssertion,
     substrings      [4] SubstringFilter,
     greaterOrEqual  [5] AttributeValueAssertion,
     lessOrEqual     [6] AttributeValueAssertion,
     present         [7] AttributeDescription,
     approxMatch     [8] AttributeValueAssertion,
     extensibleMatch [9] MatchingRuleAssertion,
     ...  }

data SubstringFilter Source

Instances

Eq SubstringFilter 
Show SubstringFilter 
ToAsn1 SubstringFilter
SubstringFilter ::= SEQUENCE {
     type           AttributeDescription,
     substrings     SEQUENCE SIZE (1..MAX) OF substring CHOICE {
          initial [0] AssertionValue,  -- can occur at most once
          any     [1] AssertionValue,
          final   [2] AssertionValue } -- can occur at most once
     }

data MatchingRuleAssertion Source

Instances

Eq MatchingRuleAssertion 
Show MatchingRuleAssertion 
ToAsn1 MatchingRuleAssertion
MatchingRuleAssertion ::= SEQUENCE {
     matchingRule    [1] MatchingRuleId OPTIONAL,
     type            [2] AttributeDescription OPTIONAL,
     matchValue      [3] AssertionValue,
     dnAttributes    [4] BOOLEAN DEFAULT FALSE }

newtype MatchingRuleId Source

Matching rules are defined in Section 4.1.3 of [RFC4512]. A matching rule is identified in the protocol by the printable representation of either its numericoid or one of its short name descriptors [RFC4512], e.g., caseIgnoreMatch or '2.5.13.2'. (Section 4.1.8.)

Instances

Eq MatchingRuleId 
Show MatchingRuleId 
ToAsn1 MatchingRuleId
MatchingRuleId ::= LDAPString

newtype AttributeSelection Source

Instances

Eq AttributeSelection 
Show AttributeSelection 
ToAsn1 AttributeSelection
AttributeSelection ::= SEQUENCE OF selector LDAPString

newtype AttributeList Source

Constructors

AttributeList [Attribute] 

Instances

Eq AttributeList 
Show AttributeList 
ToAsn1 AttributeList
AttributeList ::= SEQUENCE OF attribute Attribute

newtype PartialAttributeList Source

Instances

Eq PartialAttributeList 
Show PartialAttributeList 
FromAsn1 PartialAttributeList
PartialAttributeList ::= SEQUENCE OF partialAttribute PartialAttribute

newtype Controls Source

Constructors

Controls [Control] 

Instances

Eq Controls 
Show Controls 
ToAsn1 Controls
Controls ::= SEQUENCE OF control Control

data Control Source

Constructors

Control !LdapOid !Bool !(Maybe ByteString) 

Instances

Eq Control 
Show Control 
ToAsn1 Control
Control ::= SEQUENCE {
     controlType             LDAPOID,
     criticality             BOOLEAN DEFAULT FALSE,
     controlValue            OCTET STRING OPTIONAL }

data LdapResult Source

Instances

Eq LdapResult 
Show LdapResult 
FromAsn1 LdapResult
LDAPResult ::= SEQUENCE {
     resultCode         ENUMERATED {
          success                      (0),
          operationsError              (1),
          protocolError                (2),
          timeLimitExceeded            (3),
          sizeLimitExceeded            (4),
          compareFalse                 (5),
          compareTrue                  (6),
          authMethodNotSupported       (7),
          strongerAuthRequired         (8),
          -- 9 reserved --
          referral                     (10),
          adminLimitExceeded           (11),
          unavailableCriticalExtension (12),
          confidentialityRequired      (13),
          saslBindInProgress           (14),
          noSuchAttribute              (16),
          undefinedAttributeType       (17),
          inappropriateMatching        (18),
          constraintViolation          (19),
          attributeOrValueExists       (20),
          invalidAttributeSyntax       (21),
          -- 22-31 unused --
          noSuchObject                 (32),
          aliasProblem                 (33),
          invalidDNSyntax              (34),
          -- 35 reserved for undefined isLeaf --
          aliasDereferencingProblem    (36),
          -- 37-47 unused --
          inappropriateAuthentication  (48),
          invalidCredentials           (49),
          insufficientAccessRights     (50),
          busy                         (51),
          unavailable                  (52),
          unwillingToPerform           (53),
          loopDetect                   (54),
          -- 55-63 unused --
          namingViolation              (64),
          objectClassViolation         (65),
          notAllowedOnNonLeaf          (66),
          notAllowedOnRDN              (67),
          entryAlreadyExists           (68),
          objectClassModsProhibited    (69),
          -- 70 reserved for CLDAP --
          affectsMultipleDSAs          (71),
          -- 72-79 unused --
          other                        (80),
          ...  },
     matchedDN          LDAPDN,
     diagnosticMessage  LDAPString,
     referral           [3] Referral OPTIONAL }

newtype AttributeDescription Source

Instances

Eq AttributeDescription 
Show AttributeDescription 
ToAsn1 AttributeDescription
AttributeDescription ::= LDAPString
FromAsn1 AttributeDescription
AttributeDescription ::= LDAPString

newtype AttributeValue Source

Instances

Eq AttributeValue 
Show AttributeValue 
ToAsn1 AttributeValue
AttributeValue ::= OCTET STRING
FromAsn1 AttributeValue
AttributeValue ::= OCTET STRING

data AttributeValueAssertion Source

Instances

Eq AttributeValueAssertion 
Show AttributeValueAssertion 
ToAsn1 AttributeValueAssertion
AttributeValueAssertion ::= SEQUENCE {
     attributeDesc   AttributeDescription,
     assertionValue  AssertionValue }

newtype AssertionValue Source

Instances

Eq AssertionValue 
Show AssertionValue 
ToAsn1 AssertionValue
AssertionValue ::= OCTET STRING

data Attribute Source

Instances

Eq Attribute 
Show Attribute 
ToAsn1 Attribute
Attribute ::= PartialAttribute(WITH COMPONENTS {
     ...,
     vals (SIZE(1..MAX))})

data PartialAttribute Source

Instances

Eq PartialAttribute 
Show PartialAttribute 
ToAsn1 PartialAttribute
PartialAttribute ::= SEQUENCE {
     type       AttributeDescription,
     vals       SET OF value AttributeValue }
FromAsn1 PartialAttribute
PartialAttribute ::= SEQUENCE {
     type       AttributeDescription,
     vals       SET OF value AttributeValue }

newtype LdapDn Source

An LDAPDN is defined to be the representation of a Distinguished Name (DN) after encoding according to the specification in [RFC4514].

Constructors

LdapDn LdapString 

Instances

Eq LdapDn 
Show LdapDn 
ToAsn1 LdapDn
LDAPDN ::= LDAPString -- Constrained to <distinguishedName>
FromAsn1 LdapDn
LDAPDN ::= LDAPString

newtype RelativeLdapDn Source

A RelativeLDAPDN is defined to be the representation of a Relative Distinguished Name (RDN) after encoding according to the specification in [RFC4514].

Instances

Eq RelativeLdapDn 
Show RelativeLdapDn 
ToAsn1 RelativeLdapDn
RelativeLDAPDN ::= LDAPString -- Constrained to <name-component>

newtype ReferralUris Source

Constructors

ReferralUris (NonEmpty Uri) 

Instances

Eq ReferralUris 
Show ReferralUris 
FromAsn1 ReferralUris
Referral ::= SEQUENCE SIZE (1..MAX) OF uri URI

newtype Uri Source

Constructors

Uri LdapString 

Instances

Eq Uri 
Show Uri 
FromAsn1 Uri
URI ::= LDAPString

data Operation Source

Constructors

Add 
Delete 
Replace 

newtype LdapString Source

The LDAPString is a notational convenience to indicate that, although strings of LDAPString type encode as ASN.1 OCTET STRING types, the [ISO10646] character set (a superset of [Unicode]) is used, encoded following the UTF-8 [RFC3629] algorithm. (Section 4.1.2.)

Constructors

LdapString Text 

Instances

Eq LdapString 
Show LdapString 
ToAsn1 LdapString
LDAPString ::= OCTET STRING -- UTF-8 encoded
FromAsn1 LdapString
LDAPString ::= OCTET STRING -- UTF-8 encoded,

newtype LdapOid Source

The LDAPOID is a notational convenience to indicate that the permitted value of this string is a (UTF-8 encoded) dotted-decimal representation of an OBJECT IDENTIFIER. Although an LDAPOID is encoded as an OCTET STRING, values are limited to the definition of <numericoid> given in Section 1.4 of [RFC4512].

Constructors

LdapOid Text 

Instances

Eq LdapOid 
Show LdapOid 
ToAsn1 LdapOid
LDAPOID ::= OCTET STRING -- Constrained to <numericoid>
FromAsn1 LdapOid
LDAPOID ::= OCTET STRING -- Constrained to <numericoid>