Safe Haskell	Safe-Inferred
Language	Haskell2010

Ldap.Asn1.Type

Synopsis

Documentation

data LdapMessage op Source

Message envelope. (Section 4.1.1.)

Constructors

LdapMessage
Fields ldapMessageId :: !Id ldapMessageOp :: !op ldapMessageControls :: !(Maybe Controls)

Instances

Eq op => Eq (LdapMessage op)
Show op => Show (LdapMessage op)
ToAsn1 op => ToAsn1 (LdapMessage op)	LDAPMessage ::= SEQUENCE { messageID MessageID, protocolOp CHOICE { bindRequest BindRequest, bindResponse BindResponse, unbindRequest UnbindRequest, searchRequest SearchRequest, searchResEntry SearchResultEntry, searchResDone SearchResultDone, searchResRef SearchResultReference, addRequest AddRequest, addResponse AddResponse, ... }, controls [0] Controls OPTIONAL }
FromAsn1 op => FromAsn1 (LdapMessage op)	LDAPMessage ::= SEQUENCE { messageID MessageID, protocolOp CHOICE { bindRequest BindRequest, bindResponse BindResponse, unbindRequest UnbindRequest, searchRequest SearchRequest, searchResEntry SearchResultEntry, searchResDone SearchResultDone, searchResRef SearchResultReference, addRequest AddRequest, addResponse AddResponse, ... }, controls [0] Controls OPTIONAL }

newtype Id Source

Every message being processed has a unique non-zero integer ID. (Section 4.1.1.1.)

Constructors

Id
Fields unId :: Int32

Instances

Eq Id
Ord Id
Show Id
ToAsn1 Id	MessageID ::= INTEGER (0 .. maxInt)
FromAsn1 Id	MessageID ::= INTEGER (0 .. maxInt)

data ProtocolClientOp Source

Client requests. The RFC doesn't make a difference between ProtocolClientOp and ProtocolServerOp but it's useful to distinguish between them in Haskell.

Instances

Eq ProtocolClientOp

Show ProtocolClientOp

ToAsn1 ProtocolClientOp

BindRequest ::= [APPLICATION 0] SEQUENCE {
     version                 INTEGER (1 ..  127),
     name                    LDAPDN,
     authentication          AuthenticationChoice }

UnbindRequest ::= [APPLICATION 2] NULL

SearchRequest ::= [APPLICATION 3] SEQUENCE {
     baseObject      LDAPDN,
     scope           ENUMERATED {
          baseObject              (0),
          singleLevel             (1),
          wholeSubtree            (2),
          ...  },
     derefAliases    ENUMERATED {
          neverDerefAliases       (0),
          derefInSearching        (1),
          derefFindingBaseObj     (2),
          derefAlways             (3) },
     sizeLimit       INTEGER (0 ..  maxInt),
     timeLimit       INTEGER (0 ..  maxInt),
     typesOnly       BOOLEAN,
     filter          Filter,
     attributes      AttributeSelection }

ModifyRequest ::= [APPLICATION 6] SEQUENCE {
     object          LDAPDN,
     changes         SEQUENCE OF change SEQUENCE {
          operation       ENUMERATED {
               add     (0),
               delete  (1),
               replace (2),
               ...  },
          modification    PartialAttribute } }

AddRequest ::= [APPLICATION 8] SEQUENCE {
     entry           LDAPDN,
     attributes      AttributeList }

DelRequest ::= [APPLICATION 10] LDAPDN

ModifyDNRequest ::= [APPLICATION 12] SEQUENCE {
     entry           LDAPDN,
     newrdn          RelativeLDAPDN,
     deleteoldrdn    BOOLEAN,
     newSuperior     [0] LDAPDN OPTIONAL }

CompareRequest ::= [APPLICATION 14] SEQUENCE {
     entry           LDAPDN,
     ava             AttributeValueAssertion }

ExtendedRequest ::= [APPLICATION 23] SEQUENCE {
     requestName      [0] LDAPOID,
     requestValue     [1] OCTET STRING OPTIONAL }

data ProtocolServerOp Source

Server responses. The RFC doesn't make a difference between ProtocolClientOp and ProtocolServerOp but it's useful to distinguish between them in Haskell.

Instances

Eq ProtocolServerOp

Show ProtocolServerOp

FromAsn1 ProtocolServerOp

BindResponse ::= [APPLICATION 1] SEQUENCE {
     COMPONENTS OF LDAPResult,
     serverSaslCreds    [7] OCTET STRING OPTIONAL }

SearchResultEntry ::= [APPLICATION 4] SEQUENCE {
     objectName      LDAPDN,
     attributes      PartialAttributeList }

SearchResultReference ::= [APPLICATION 19] SEQUENCE
                          SIZE (1..MAX) OF uri URI

SearchResultDone ::= [APPLICATION 5] LDAPResult

ModifyResponse ::= [APPLICATION 7] LDAPResult

AddResponse ::= [APPLICATION 9] LDAPResult

DelResponse ::= [APPLICATION 11] LDAPResult

ModifyDNResponse ::= [APPLICATION 13] LDAPResult

CompareResponse ::= [APPLICATION 15] LDAPResult

ExtendedResponse ::= [APPLICATION 24] SEQUENCE {
     COMPONENTS OF LDAPResult,
     responseName     [10] LDAPOID OPTIONAL,
     responseValue    [11] OCTET STRING OPTIONAL }

IntermediateResponse ::= [APPLICATION 25] SEQUENCE {
     responseName     [0] LDAPOID OPTIONAL,
     responseValue    [1] OCTET STRING OPTIONAL }

newtype AuthenticationChoice Source

Not really a choice until SASL is supported.

Constructors

Simple ByteString

Instances

Eq AuthenticationChoice
Show AuthenticationChoice
ToAsn1 AuthenticationChoice	AuthenticationChoice ::= CHOICE { simple [0] OCTET STRING, ... }

data Scope Source

Scope of the search to be performed.

Constructors

BaseObject	Constrained to the entry named by baseObject.
SingleLevel	Constrained to the immediate subordinates of the entry named by baseObject.
WholeSubtree	Constrained to the entry named by baseObject and to all its subordinates.

Instances

Eq Scope
Show Scope

data DerefAliases Source

An indicator as to whether or not alias entries (as defined in [RFC4512]) are to be dereferenced during stages of the Search operation.

Constructors

NeverDerefAliases	Do not dereference aliases in searching or in locating the base object of the Search.
DerefInSearching	While searching subordinates of the base object, dereference any alias within the search scope.
DerefFindingBaseObject	Dereference aliases in locating the base object of the Search.
DerefAlways	Dereference aliases both in searching and in locating the base object of the Search.

Instances

Eq DerefAliases
Show DerefAliases

data Filter Source

Conditions that must be fulfilled in order for the Search to match a given entry.

Constructors

And !(NonEmpty Filter)	All filters evaluate to `TRUE`
Or !(NonEmpty Filter)	Any filter evaluates to `TRUE`
Not Filter	Filter evaluates to `FALSE`
EqualityMatch AttributeValueAssertion	`EQUALITY` rule returns `TRUE`
Substrings SubstringFilter	`SUBSTR` rule returns `TRUE`
GreaterOrEqual AttributeValueAssertion	`ORDERING` rule returns `FALSE`
LessOrEqual AttributeValueAssertion	`ORDERING` or `EQUALITY` rule returns `TRUE`
Present AttributeDescription	Attribute is present in the entry
ApproxMatch AttributeValueAssertion	Same as `EqualityMatch` for most servers
ExtensibleMatch MatchingRuleAssertion

Instances

Eq Filter

Show Filter

ToAsn1 Filter

Filter ::= CHOICE {
     and             [0] SET SIZE (1..MAX) OF filter Filter,
     or              [1] SET SIZE (1..MAX) OF filter Filter,
     not             [2] Filter,
     equalityMatch   [3] AttributeValueAssertion,
     substrings      [4] SubstringFilter,
     greaterOrEqual  [5] AttributeValueAssertion,
     lessOrEqual     [6] AttributeValueAssertion,
     present         [7] AttributeDescription,
     approxMatch     [8] AttributeValueAssertion,
     extensibleMatch [9] MatchingRuleAssertion,
     ...  }

data SubstringFilter Source

Constructors

SubstringFilter !AttributeDescription !(NonEmpty Substring)

Instances

Eq SubstringFilter

Show SubstringFilter

ToAsn1 SubstringFilter

SubstringFilter ::= SEQUENCE {
     type           AttributeDescription,
     substrings     SEQUENCE SIZE (1..MAX) OF substring CHOICE {
          initial [0] AssertionValue,  -- can occur at most once
          any     [1] AssertionValue,
          final   [2] AssertionValue } -- can occur at most once
     }

data Substring Source

Constructors

Initial !AssertionValue
Any !AssertionValue
Final !AssertionValue

Instances

Eq Substring
Show Substring

data MatchingRuleAssertion Source

Constructors

MatchingRuleAssertion !(Maybe MatchingRuleId) !(Maybe AttributeDescription) !AssertionValue !Bool

Instances

Eq MatchingRuleAssertion
Show MatchingRuleAssertion
ToAsn1 MatchingRuleAssertion	MatchingRuleAssertion ::= SEQUENCE { matchingRule [1] MatchingRuleId OPTIONAL, type [2] AttributeDescription OPTIONAL, matchValue [3] AssertionValue, dnAttributes [4] BOOLEAN DEFAULT FALSE }

newtype MatchingRuleId Source

Matching rules are defined in Section 4.1.3 of [RFC4512]. A matching rule is identified in the protocol by the printable representation of either its numericoid or one of its short name descriptors [RFC4512], e.g., caseIgnoreMatch or '2.5.13.2'. (Section 4.1.8.)

Constructors

MatchingRuleId LdapString

Instances

Eq MatchingRuleId
Show MatchingRuleId
ToAsn1 MatchingRuleId	MatchingRuleId ::= LDAPString

newtype AttributeSelection Source

Constructors

AttributeSelection [LdapString]

Instances

Eq AttributeSelection
Show AttributeSelection
ToAsn1 AttributeSelection	AttributeSelection ::= SEQUENCE OF selector LDAPString

newtype AttributeList Source

Constructors

AttributeList [Attribute]

Instances

Eq AttributeList
Show AttributeList
ToAsn1 AttributeList	AttributeList ::= SEQUENCE OF attribute Attribute

newtype PartialAttributeList Source

Constructors

PartialAttributeList [PartialAttribute]

Instances

Eq PartialAttributeList
Show PartialAttributeList
FromAsn1 PartialAttributeList	PartialAttributeList ::= SEQUENCE OF partialAttribute PartialAttribute

newtype Controls Source

Constructors

Controls [Control]

Instances

Eq Controls
Show Controls
ToAsn1 Controls	Controls ::= SEQUENCE OF control Control

data Control Source

Constructors

Control !LdapOid !Bool !(Maybe ByteString)

Instances

Eq Control
Show Control
ToAsn1 Control	Control ::= SEQUENCE { controlType LDAPOID, criticality BOOLEAN DEFAULT FALSE, controlValue OCTET STRING OPTIONAL }

data LdapResult Source

Constructors

LdapResult !ResultCode !LdapDn !LdapString !(Maybe ReferralUris)

Instances

Eq LdapResult

Show LdapResult

FromAsn1 LdapResult

LDAPResult ::= SEQUENCE {
     resultCode         ENUMERATED {
          success                      (0),
          operationsError              (1),
          protocolError                (2),
          timeLimitExceeded            (3),
          sizeLimitExceeded            (4),
          compareFalse                 (5),
          compareTrue                  (6),
          authMethodNotSupported       (7),
          strongerAuthRequired         (8),
          -- 9 reserved --
          referral                     (10),
          adminLimitExceeded           (11),
          unavailableCriticalExtension (12),
          confidentialityRequired      (13),
          saslBindInProgress           (14),
          noSuchAttribute              (16),
          undefinedAttributeType       (17),
          inappropriateMatching        (18),
          constraintViolation          (19),
          attributeOrValueExists       (20),
          invalidAttributeSyntax       (21),
          -- 22-31 unused --
          noSuchObject                 (32),
          aliasProblem                 (33),
          invalidDNSyntax              (34),
          -- 35 reserved for undefined isLeaf --
          aliasDereferencingProblem    (36),
          -- 37-47 unused --
          inappropriateAuthentication  (48),
          invalidCredentials           (49),
          insufficientAccessRights     (50),
          busy                         (51),
          unavailable                  (52),
          unwillingToPerform           (53),
          loopDetect                   (54),
          -- 55-63 unused --
          namingViolation              (64),
          objectClassViolation         (65),
          notAllowedOnNonLeaf          (66),
          notAllowedOnRDN              (67),
          entryAlreadyExists           (68),
          objectClassModsProhibited    (69),
          -- 70 reserved for CLDAP --
          affectsMultipleDSAs          (71),
          -- 72-79 unused --
          other                        (80),
          ...  },
     matchedDN          LDAPDN,
     diagnosticMessage  LDAPString,
     referral           [3] Referral OPTIONAL }

newtype AttributeDescription Source

Constructors

AttributeDescription LdapString

Instances

Eq AttributeDescription
Show AttributeDescription
ToAsn1 AttributeDescription	AttributeDescription ::= LDAPString
FromAsn1 AttributeDescription	AttributeDescription ::= LDAPString

newtype AttributeValue Source

Constructors

AttributeValue ByteString

Instances

Eq AttributeValue
Show AttributeValue
ToAsn1 AttributeValue	AttributeValue ::= OCTET STRING
FromAsn1 AttributeValue	AttributeValue ::= OCTET STRING

data AttributeValueAssertion Source

Constructors

AttributeValueAssertion !AttributeDescription !AssertionValue

Instances

Eq AttributeValueAssertion
Show AttributeValueAssertion
ToAsn1 AttributeValueAssertion	AttributeValueAssertion ::= SEQUENCE { attributeDesc AttributeDescription, assertionValue AssertionValue }

newtype AssertionValue Source

Constructors

AssertionValue ByteString

Instances

Eq AssertionValue
Show AssertionValue
ToAsn1 AssertionValue	AssertionValue ::= OCTET STRING

data Attribute Source

Constructors

Attribute !AttributeDescription !(NonEmpty AttributeValue)

Instances

Eq Attribute
Show Attribute
ToAsn1 Attribute	Attribute ::= PartialAttribute(WITH COMPONENTS { ..., vals (SIZE(1..MAX))})

data PartialAttribute Source

Constructors

PartialAttribute !AttributeDescription ![AttributeValue]

Instances

Eq PartialAttribute
Show PartialAttribute
ToAsn1 PartialAttribute	PartialAttribute ::= SEQUENCE { type AttributeDescription, vals SET OF value AttributeValue }
FromAsn1 PartialAttribute	PartialAttribute ::= SEQUENCE { type AttributeDescription, vals SET OF value AttributeValue }

newtype LdapDn Source

An LDAPDN is defined to be the representation of a Distinguished Name (DN) after encoding according to the specification in [RFC4514].

Constructors

LdapDn LdapString

Instances

Eq LdapDn
Show LdapDn
ToAsn1 LdapDn	LDAPDN ::= LDAPString -- Constrained to <distinguishedName>
FromAsn1 LdapDn	LDAPDN ::= LDAPString

newtype RelativeLdapDn Source

A RelativeLDAPDN is defined to be the representation of a Relative Distinguished Name (RDN) after encoding according to the specification in [RFC4514].

Constructors

RelativeLdapDn LdapString

Instances

Eq RelativeLdapDn
Show RelativeLdapDn
ToAsn1 RelativeLdapDn	RelativeLDAPDN ::= LDAPString -- Constrained to <name-component>

newtype ReferralUris Source

Constructors

ReferralUris (NonEmpty Uri)

Instances

Eq ReferralUris
Show ReferralUris
FromAsn1 ReferralUris	Referral ::= SEQUENCE SIZE (1..MAX) OF uri URI

newtype Uri Source

Constructors

Uri LdapString

Instances

Eq Uri
Show Uri
FromAsn1 Uri	URI ::= LDAPString

data Operation Source

Constructors

Add
Delete
Replace

Instances

Eq Operation
Show Operation

newtype LdapString Source

The LDAPString is a notational convenience to indicate that, although strings of LDAPString type encode as ASN.1 OCTET STRING types, the [ISO10646] character set (a superset of [Unicode]) is used, encoded following the UTF-8 [RFC3629] algorithm. (Section 4.1.2.)

Constructors

LdapString Text

Instances

Eq LdapString
Show LdapString
ToAsn1 LdapString	LDAPString ::= OCTET STRING -- UTF-8 encoded
FromAsn1 LdapString	LDAPString ::= OCTET STRING -- UTF-8 encoded,

newtype LdapOid Source

The LDAPOID is a notational convenience to indicate that the permitted value of this string is a (UTF-8 encoded) dotted-decimal representation of an OBJECT IDENTIFIER. Although an LDAPOID is encoded as an OCTET STRING, values are limited to the definition of <numericoid> given in Section 1.4 of [RFC4512].

Constructors

LdapOid Text

Instances

Eq LdapOid
Show LdapOid
ToAsn1 LdapOid	LDAPOID ::= OCTET STRING -- Constrained to <numericoid>
FromAsn1 LdapOid	LDAPOID ::= OCTET STRING -- Constrained to <numericoid>

BindRequest !Int8 !LdapDn !AuthenticationChoice
UnbindRequest
SearchRequest !LdapDn !Scope !DerefAliases !Int32 !Int32 !Bool !Filter !AttributeSelection
ModifyRequest !LdapDn ![(Operation, PartialAttribute)]
AddRequest !LdapDn !AttributeList
DeleteRequest !LdapDn
ModifyDnRequest !LdapDn !RelativeLdapDn !Bool !(Maybe LdapDn)
CompareRequest !LdapDn !AttributeValueAssertion
ExtendedRequest !LdapOid !(Maybe ByteString)

BindResponse !LdapResult !(Maybe ByteString)
SearchResultEntry !LdapDn !PartialAttributeList
SearchResultReference !(NonEmpty Uri)
SearchResultDone !LdapResult
ModifyResponse !LdapResult
AddResponse !LdapResult
DeleteResponse !LdapResult
ModifyDnResponse !LdapResult
CompareResponse !LdapResult
ExtendedResponse !LdapResult !(Maybe LdapOid) !(Maybe ByteString)
IntermediateResponse !(Maybe LdapOid) !(Maybe ByteString)

Success
OperationError
ProtocolError
TimeLimitExceeded
SizeLimitExceeded
CompareFalse
CompareTrue
AuthMethodNotSupported
StrongerAuthRequired
Referral
AdminLimitExceeded
UnavailableCriticalExtension
ConfidentialityRequired
SaslBindInProgress
NoSuchAttribute
UndefinedAttributeType
InappropriateMatching
ConstraintViolation
AttributeOrValueExists
InvalidAttributeSyntax
NoSuchObject
AliasProblem
InvalidDNSyntax
AliasDereferencingProblem
InappropriateAuthentication
InvalidCredentials
InsufficientAccessRights
Busy
Unavailable
UnwillingToPerform
LoopDetect
NamingViolation
ObjectClassViolation
NotAllowedOnNonLeaf
NotAllowedOnRDN
EntryAlreadyExists
ObjectClassModsProhibited
AffectsMultipleDSAs
Other