When Cro is not a Web Framework: Implementing LDAP for Perl 6

When Cro is not a Web Framework: Implementing LDAP for
Perl 6 or “ My Cro stands for「Mi-cro」”

Plan • Cro::Core • LDAP protocol • Cro::LDAP::Types • Cro::LDAP
Internals • Cro::LDAP::Client API • Conclusions

Cro::Core A library for building distributed, reactive systems that uses
Perl 6 concurrency primitives to express data flow in a natural way (and just a tiny bit more)

Once more, with Feeling! The real world happens in real
time

Events The real world happens in real time It supplies
us with events:

us with events: network packets

us with events: network packets file changes, logs

us with events: network packets file changes, logs user input

us with events: network packets file changes, logs user input device events etc etc

Processing • Take logs and filter them • Take filtered
logs and mark some of them • Take marked, filtered logs and compress them • Take compressed files and send them to a backup server …Take Filter! Mark! Compress! Send…

Processing …Take Filter! Mark! Compress! Send… Transform Source Transform Transform
Sink

CRO PIPELINE Processing …Take Filter! Mark! Compress! Send… Cro::Transform Cro::Source
Cro::Transform Cro::Transform Cro::Sink

Cro::Core • Cro::Core is a library to build (micro)services that
can communicate with each other using different means.

can communicate with each other using different means. • It is packed with simple and smart primitives for inputs, transformers, outputs.

can communicate with each other using different means. • It is packed with simple and smart primitives for inputs, transformers, outputs. • Cro as a project is a set of libraries built upon this idea.

can communicate with each other using different means. • It is packed with simple and smart primitives for inputs, transformers, outputs. • Cro as a project is a set of libraries built upon this idea. • It allows the user to think about logic – and handles delivery.

LDAP • A binary, client-server network protocol to work with
Directory Service Providers.

Directory Service Providers. • The server managing the Directory keeps your data in a hierarchical database.

Directory Service Providers. • The server managing the Directory keeps your data in a hierarchical database. • You can add, modify, remove, query etc data using an LDAP client.

LDAP Client and server communicate by sending LDAP messages to
each other LDAP Message • ID 1 • Request • Controls LDAP Message • ID 2 • Request • Controls LDAP Message • ID 3 • Request • Controls … LDAP Message • ID 1 • Response • Controls LDAP Message • ID 2 • Response • Controls LDAP Message • ID 3 • Response • Controls …

LDAP • All messages have common pieces (id, controls). •
Every message carries either a request or a response. • Particular request/response types represent LDAP operations (bind, add, modify, search etc). • All data types used in LDAP are described using the ASN.1 specification language and the Basic Encoding Rules of ASN.1.

Cro::LDAP::Types • There are a lot of types there, and
we also need to encode and decode them into bytes to send over sockets. • How Perl 6 handles it…

Cro::LDAP::Types use Cro; use ASN::Types; use ASN::META <file docs/ldap.asn>; class
Cro::LDAP::Message is LDAPMessage does Cro::Message { method trace-output(--> Str) { "LDAP MSG [{self.message-id}] {self.protocol-op.choice-value.key.tc}" } } my $map := MY::.pairs .grep({ .key ~~ /^ <[a..zA..Z]>/ && .key ne <EXPORT GLOBALish>.any}) .Map; sub EXPORT() { $map; }

Cro::LDAP::Types Finally, we are done with all those necessary types!
Those were some hard 14 lines of code…

Cro::LDAP::Client Take user input (API)

Cro::LDAP::Client Take user input (API) Create a message (source)

Cro::LDAP::Client Take user input (API) Create a message (source) Encode
the message (transform)

the message (transform) Send… (sink)

the message (transform) Send… (sink) (maybe do a lot of other things)

the message (transform) Send… (sink) (maybe do a lot of other things) Get bytes (source)

the message (transform) Send… (sink) (maybe do a lot of other things) Get bytes (source) Parse (transform)

the message (transform) Send… (sink) (maybe do a lot of other things) Get bytes (source) Parse (transform) Return to the user (sink)

the message (transform) Send… (sink) (maybe do a lot of other things) Get bytes (source) Parse (transform) Return to the user (sink) Save the World

Cro::LDAP::Server (in progress) Take bytes (source) Parse (transform) Pass to
a real Directory Provider (sink) Having a response, emit it (source) Send bytes back (sink) Serialize (transform)

Cro::LDAP::Client API (1/3) my Cro::LDAP::Client $ldap = await Cro::LDAP::Client.connect("ldaps://test");

Cro::LDAP::Client API (1/3) my Cro::LDAP::Client $ldap = await Cro::LDAP::Client.connect("ldap://test"); given
$ldap.bind(name => “foo=bar", password => “horse") -> $bind { process-error($bind) unless $bind.result-code ~~ success; }

$ldap.bind(name => “foo=bar", password => “horse") -> $bind { process-error($bind) unless $bind.result-code ~~ success; } my $search = $ldap.search(:dn<dn=cool>, :filter(‘lang=Perl 6’));

$ldap.bind(name => “foo=bar", password => “horse") -> $bind { process-error($bind) unless $bind.result-code ~~ success; } my $search = $ldap.search(:dn<dn=cool>, :filter(‘lang=Perl 6’)); react whenever $search { when Cro::LDAP::Entry { say $_.dn; for $_.attributes.kv -> $attr, $value { #`[ process values… ] } } when Cro::LDAP::Reference { #`[ process reference ] } }

Cro::LDAP::Client API (2/3) given await $ldap.add(“dn=new", attrs => [givenName =>
‘Tester’]]) -> $add { # process error here }

‘Tester’]]) -> $add { # process error here } given await $ldap.modifyDN(:dn<dn=new>, new-dn => “dn=newer") -> $moddn { # process error here }

‘Tester’]]) -> $add { # process error here } given await $ldap.modifyDN(:dn<dn=new>, new-dn => “dn=newer") -> $moddn { # process error here } my @changes = replace => [:givenName['Robot']]; given await $ldap.modify(“dn=newer", @changes) -> $modify { # always check your responses }

‘Tester’]]) -> $add { # process error here } given await $ldap.modifyDN(:dn<dn=new>, new-dn => “dn=newer") -> $moddn { # process error here } my @changes = replace => [:givenName['Robot']]; given await $ldap.modify(“dn=newer", @changes) -> $modify { # always check your responses } given await $ldap.compare(“dn=newer", “givenName", 'Tester') -> $compare { say $compare.result-code; # compareFalse… }

‘Tester’]]) -> $add { # process error here } given await $ldap.modifyDN(:dn<dn=new>, new-dn => “dn=newer") -> $moddn { # process error here } my @changes = replace => [:givenName['Robot']]; given await $ldap.modify(“dn=newer", @changes) -> $modify { # always check your responses } given await $ldap.compare(“dn=newer", “givenName", 'Tester') -> $compare { say $compare.result-code; # compareFalse… } given await $ldap.delete(“dn=newest”) -> $delete { say $delete.result-code; # hopefully, success say $delete.error-message; # hopefully, none, but always check your responses }

Cro::LDAP::Client API (3/3) # LDIF file sample version: 1 dn:
uid=test,ou=people,dc=test,dc=local objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount uid: test cn: test givenName: Test # base64 decoded value givenName;lang-ja:: 44OG44K544OI sn: Tester

Cro::LDAP::Client API (3/3) # LDIF changes file sample version: 1
# Add a new entry dn: dc=test changetype: add objectclass: top telephonenumber: +1 408 555 1212 jpegphoto:< file://t/testdata/test.jpg # Delete an existing entry dn: dc=test1 changetype: delete # Modify an entry’s relative distinguished name dn: dc=test3 changetype: modrdn newrdn: dc=test3backup deleteoldrdn: 1

Sync your stuff Want to add some entries to your
Directory?

Directory? Maybe even modify some entries today?

Directory? Maybe even modify some entries today? Fear no more, just sync your data!

Sync your stuff my @entries = Cro::LDAP::Entry.parse($ldif-text); my @resps =
await $client.sync(@entries); for @resps -> $response { # hereby I vow to always check my responses, # if they were successful or not, # and react upon this now and forever! }

TODO • LDAPS is done, StartTLS is a Work in
Progress • Complete the server middleware • Make Cro::LDAP::Client smarter • More proper error handling • Squash some bugs

TODO • LDAPS is done, StartTLS is a Work in
Progress • Complete the server middleware • Make Cro::LDAP::Client smarter • More proper error handling • Squash some bugs • Be helpful for Perl 6 coders! VERY IMPORTANT!

Conclusions • A lot of common things just work

Conclusions • A lot of common things just work •
Some not so common things are a work in progress

Some not so common things are a work in progress • Cro::LDAP welcomes any bug reports, suggestions, ideas

Some not so common things are a work in progress • Cro::LDAP welcomes any bug reports, suggestions, ideas • Perl 6 delivers!

QUESTIONS?

When Cro is not a Web Framework: Implementing LDAP for Perl 6

When Cro is not a Web Framework: Implementing LDAP for Perl 6

More Decks by Altai-man

Other Decks in Programming

Featured

Transcript