Safe Haskell	Safe
Language	Haskell2010

Ldap.Asn1.Type

Synopsis

Documentation

data LdapMessage op Source

Message envelope. (Section 4.1.1.)

Constructors

LdapMessage
Fields ldapMessageId :: !Id ldapMessageOp :: !op ldapMessageControls :: !(Maybe Controls)

Instances

Eq op => Eq (LdapMessage op) Source
Show op => Show (LdapMessage op) Source
ToAsn1 op => ToAsn1 (LdapMessage op) Source	LDAPMessage ::= SEQUENCE { messageID MessageID, protocolOp CHOICE { bindRequest BindRequest, bindResponse BindResponse, unbindRequest UnbindRequest, searchRequest SearchRequest, searchResEntry SearchResultEntry, searchResDone SearchResultDone, searchResRef SearchResultReference, addRequest AddRequest, addResponse AddResponse, ... }, controls [0] Controls OPTIONAL }
FromAsn1 op => FromAsn1 (LdapMessage op) Source	LDAPMessage ::= SEQUENCE { messageID MessageID, protocolOp CHOICE { bindRequest BindRequest, bindResponse BindResponse, unbindRequest UnbindRequest, searchRequest SearchRequest, searchResEntry SearchResultEntry, searchResDone SearchResultDone, searchResRef SearchResultReference, addRequest AddRequest, addResponse AddResponse, ... }, controls [0] Controls OPTIONAL }

newtype Id Source

Every message being processed has a unique non-zero integer ID. (Section 4.1.1.1.)

Constructors

Id
Fields unId :: Int32

Instances

Eq Id Source
Ord Id Source
Show Id Source
ToAsn1 Id Source	MessageID ::= INTEGER (0 .. maxInt)
FromAsn1 Id Source	MessageID ::= INTEGER (0 .. maxInt)

data ProtocolClientOp Source

Client requests. The RFC doesn't make a difference between ProtocolClientOp and ProtocolServerOp but it's useful to distinguish between them in Haskell.

Instances

Eq ProtocolClientOp Source

Show ProtocolClientOp Source

ToAsn1 ProtocolClientOp Source

BindRequest ::= [APPLICATION 0] SEQUENCE {
     version                 INTEGER (1 ..  127),
     name                    LDAPDN,
     authentication          AuthenticationChoice }

UnbindRequest ::= [APPLICATION 2] NULL

SearchRequest ::= [APPLICATION 3] SEQUENCE {
     baseObject      LDAPDN,
     scope           ENUMERATED {
          baseObject              (0),
          singleLevel             (1),
          wholeSubtree            (2),
          ...  },
     derefAliases    ENUMERATED {
          neverDerefAliases       (0),
          derefInSearching        (1),
          derefFindingBaseObj     (2),
          derefAlways             (3) },
     sizeLimit       INTEGER (0 ..  maxInt),
     timeLimit       INTEGER (0 ..  maxInt),
     typesOnly       BOOLEAN,
     filter          Filter,
     attributes      AttributeSelection }

ModifyRequest ::= [APPLICATION 6] SEQUENCE {
     object          LDAPDN,
     changes         SEQUENCE OF change SEQUENCE {
          operation       ENUMERATED {
               add     (0),
               delete  (1),
               replace (2),
               ...  },
          modification    PartialAttribute } }

AddRequest ::= [APPLICATION 8] SEQUENCE {
     entry           LDAPDN,
     attributes      AttributeList }

DelRequest ::= [APPLICATION 10] LDAPDN

ModifyDNRequest ::= [APPLICATION 12] SEQUENCE {
     entry           LDAPDN,
     newrdn          RelativeLDAPDN,
     deleteoldrdn    BOOLEAN,
     newSuperior     [0] LDAPDN OPTIONAL }

CompareRequest ::= [APPLICATION 14] SEQUENCE {
     entry           LDAPDN,
     ava             AttributeValueAssertion }

ExtendedRequest ::= [APPLICATION 23] SEQUENCE {
     requestName      [0] LDAPOID,
     requestValue     [1] OCTET STRING OPTIONAL }

data ProtocolServerOp Source

Server responses. The RFC doesn't make a difference between ProtocolClientOp and ProtocolServerOp but it's useful to distinguish between them in Haskell.

Instances

Eq ProtocolServerOp Source

Show ProtocolServerOp Source

FromAsn1 ProtocolServerOp Source

BindResponse ::= [APPLICATION 1] SEQUENCE {
     COMPONENTS OF LDAPResult,
     serverSaslCreds    [7] OCTET STRING OPTIONAL }

SearchResultEntry ::= [APPLICATION 4] SEQUENCE {
     objectName      LDAPDN,
     attributes      PartialAttributeList }

SearchResultReference ::= [APPLICATION 19] SEQUENCE
                          SIZE (1..MAX) OF uri URI

SearchResultDone ::= [APPLICATION 5] LDAPResult

ModifyResponse ::= [APPLICATION 7] LDAPResult

AddResponse ::= [APPLICATION 9] LDAPResult

DelResponse ::= [APPLICATION 11] LDAPResult

ModifyDNResponse ::= [APPLICATION 13] LDAPResult

CompareResponse ::= [APPLICATION 15] LDAPResult

ExtendedResponse ::= [APPLICATION 24] SEQUENCE {
     COMPONENTS OF LDAPResult,
     responseName     [10] LDAPOID OPTIONAL,
     responseValue    [11] OCTET STRING OPTIONAL }

IntermediateResponse ::= [APPLICATION 25] SEQUENCE {
     responseName     [0] LDAPOID OPTIONAL,
     responseValue    [1] OCTET STRING OPTIONAL }

newtype AuthenticationChoice Source

Not really a choice until SASL is supported.

Constructors

Simple ByteString

Instances

Eq AuthenticationChoice Source
Show AuthenticationChoice Source
ToAsn1 AuthenticationChoice Source	AuthenticationChoice ::= CHOICE { simple [0] OCTET STRING, ... }

data Scope Source

Scope of the search to be performed.

Constructors

BaseObject	Constrained to the entry named by baseObject.
SingleLevel	Constrained to the immediate subordinates of the entry named by baseObject.
WholeSubtree	Constrained to the entry named by baseObject and to all its subordinates.

Instances

Eq Scope Source
Show Scope Source

data DerefAliases Source

An indicator as to whether or not alias entries (as defined in [RFC4512]) are to be dereferenced during stages of the Search operation.

Constructors

NeverDerefAliases	Do not dereference aliases in searching or in locating the base object of the Search.
DerefInSearching	While searching subordinates of the base object, dereference any alias within the search scope.
DerefFindingBaseObject	Dereference aliases in locating the base object of the Search.
DerefAlways	Dereference aliases both in searching and in locating the base object of the Search.

Instances

Eq DerefAliases Source
Show DerefAliases Source

data Filter Source

Conditions that must be fulfilled in order for the Search to match a given entry.

Constructors

And !(NonEmpty Filter)	All filters evaluate to `TRUE`
Or !(NonEmpty Filter)	Any filter evaluates to `TRUE`
Not Filter	Filter evaluates to `FALSE`
EqualityMatch AttributeValueAssertion	`EQUALITY` rule returns `TRUE`
Substrings SubstringFilter	`SUBSTR` rule returns `TRUE`
GreaterOrEqual AttributeValueAssertion	`ORDERING` rule returns `FALSE`
LessOrEqual AttributeValueAssertion	`ORDERING` or `EQUALITY` rule returns `TRUE`
Present AttributeDescription	Attribute is present in the entry
ApproxMatch AttributeValueAssertion	Same as `EqualityMatch` for most servers
ExtensibleMatch MatchingRuleAssertion

Instances

Eq Filter Source

Show Filter Source

ToAsn1 Filter Source

Filter ::= CHOICE {
     and             [0] SET SIZE (1..MAX) OF filter Filter,
     or              [1] SET SIZE (1..MAX) OF filter Filter,
     not             [2] Filter,
     equalityMatch   [3] AttributeValueAssertion,
     substrings      [4] SubstringFilter,
     greaterOrEqual  [5] AttributeValueAssertion,
     lessOrEqual     [6] AttributeValueAssertion,
     present         [7] AttributeDescription,
     approxMatch     [8] AttributeValueAssertion,
     extensibleMatch [9] MatchingRuleAssertion,
     ...  }

data SubstringFilter Source

Constructors

SubstringFilter !AttributeDescription !(NonEmpty Substring)

Instances

Eq SubstringFilter Source

Show SubstringFilter Source

ToAsn1 SubstringFilter Source

SubstringFilter ::= SEQUENCE {
     type           AttributeDescription,
     substrings     SEQUENCE SIZE (1..MAX) OF substring CHOICE {
          initial [0] AssertionValue,  -- can occur at most once
          any     [1] AssertionValue,
          final   [2] AssertionValue } -- can occur at most once
     }

data Substring Source

Constructors

Initial !AssertionValue
Any !AssertionValue
Final !AssertionValue

Instances

Eq Substring Source
Show Substring Source

data MatchingRuleAssertion Source

Constructors

MatchingRuleAssertion !(Maybe MatchingRuleId) !(Maybe AttributeDescription) !AssertionValue !Bool

Instances

Eq MatchingRuleAssertion Source
Show MatchingRuleAssertion Source
ToAsn1 MatchingRuleAssertion Source	MatchingRuleAssertion ::= SEQUENCE { matchingRule [1] MatchingRuleId OPTIONAL, type [2] AttributeDescription OPTIONAL, matchValue [3] AssertionValue, dnAttributes [4] BOOLEAN DEFAULT FALSE }

newtype MatchingRuleId Source

Matching rules are defined in Section 4.1.3 of [RFC4512]. A matching rule is identified in the protocol by the printable representation of either its numericoid or one of its short name descriptors [RFC4512], e.g., caseIgnoreMatch or '2.5.13.2'. (Section 4.1.8.)

Constructors

MatchingRuleId LdapString

Instances

Eq MatchingRuleId Source
Show MatchingRuleId Source
ToAsn1 MatchingRuleId Source	MatchingRuleId ::= LDAPString

newtype AttributeSelection Source

Constructors

AttributeSelection [LdapString]

Instances

Eq AttributeSelection Source
Show AttributeSelection Source
ToAsn1 AttributeSelection Source	AttributeSelection ::= SEQUENCE OF selector LDAPString

newtype AttributeList Source

Constructors

AttributeList [Attribute]

Instances

Eq AttributeList Source
Show AttributeList Source
ToAsn1 AttributeList Source	AttributeList ::= SEQUENCE OF attribute Attribute

newtype PartialAttributeList Source

Constructors

PartialAttributeList [PartialAttribute]

Instances

Eq PartialAttributeList Source
Show PartialAttributeList Source
FromAsn1 PartialAttributeList Source	PartialAttributeList ::= SEQUENCE OF partialAttribute PartialAttribute

newtype Controls Source

Constructors

Controls [Control]

Instances

Eq Controls Source
Show Controls Source
ToAsn1 Controls Source	Controls ::= SEQUENCE OF control Control

data Control Source

Constructors

Control !LdapOid !Bool !(Maybe ByteString)

Instances

Eq Control Source
Show Control Source
ToAsn1 Control Source	Control ::= SEQUENCE { controlType LDAPOID, criticality BOOLEAN DEFAULT FALSE, controlValue OCTET STRING OPTIONAL }

data LdapResult Source

Constructors

LdapResult !ResultCode !LdapDn !LdapString !(Maybe ReferralUris)

Instances

Eq LdapResult Source

Show LdapResult Source

FromAsn1 LdapResult Source

LDAPResult ::= SEQUENCE {
     resultCode         ENUMERATED {
          success                      (0),
          operationsError              (1),
          protocolError                (2),
          timeLimitExceeded            (3),
          sizeLimitExceeded            (4),
          compareFalse                 (5),
          compareTrue                  (6),
          authMethodNotSupported       (7),
          strongerAuthRequired         (8),
          -- 9 reserved --
          referral                     (10),
          adminLimitExceeded           (11),
          unavailableCriticalExtension (12),
          confidentialityRequired      (13),
          saslBindInProgress           (14),
          noSuchAttribute              (16),
          undefinedAttributeType       (17),
          inappropriateMatching        (18),
          constraintViolation          (19),
          attributeOrValueExists       (20),
          invalidAttributeSyntax       (21),
          -- 22-31 unused --
          noSuchObject                 (32),
          aliasProblem                 (33),
          invalidDNSyntax              (34),
          -- 35 reserved for undefined isLeaf --
          aliasDereferencingProblem    (36),
          -- 37-47 unused --
          inappropriateAuthentication  (48),
          invalidCredentials           (49),
          insufficientAccessRights     (50),
          busy                         (51),
          unavailable                  (52),
          unwillingToPerform           (53),
          loopDetect                   (54),
          -- 55-63 unused --
          namingViolation              (64),
          objectClassViolation         (65),
          notAllowedOnNonLeaf          (66),
          notAllowedOnRDN              (67),
          entryAlreadyExists           (68),
          objectClassModsProhibited    (69),
          -- 70 reserved for CLDAP --
          affectsMultipleDSAs          (71),
          -- 72-79 unused --
          other                        (80),
          ...  },
     matchedDN          LDAPDN,
     diagnosticMessage  LDAPString,
     referral           [3] Referral OPTIONAL }

data ResultCode Source

LDAP operation's result.

Instances

Eq ResultCode Source
Show ResultCode Source

newtype AttributeDescription Source

Constructors

AttributeDescription LdapString

Instances

Eq AttributeDescription Source
Show AttributeDescription Source
ToAsn1 AttributeDescription Source	AttributeDescription ::= LDAPString
FromAsn1 AttributeDescription Source	AttributeDescription ::= LDAPString

newtype AttributeValue Source

Constructors

AttributeValue ByteString

Instances

Eq AttributeValue Source
Show AttributeValue Source
ToAsn1 AttributeValue Source	AttributeValue ::= OCTET STRING
FromAsn1 AttributeValue Source	AttributeValue ::= OCTET STRING

data AttributeValueAssertion Source

Constructors

AttributeValueAssertion !AttributeDescription !AssertionValue

Instances

Eq AttributeValueAssertion Source
Show AttributeValueAssertion Source
ToAsn1 AttributeValueAssertion Source	AttributeValueAssertion ::= SEQUENCE { attributeDesc AttributeDescription, assertionValue AssertionValue }

newtype AssertionValue Source

Constructors

AssertionValue ByteString

Instances

Eq AssertionValue Source
Show AssertionValue Source
ToAsn1 AssertionValue Source	AssertionValue ::= OCTET STRING

data Attribute Source

Constructors

Attribute !AttributeDescription !(NonEmpty AttributeValue)

Instances

Eq Attribute Source
Show Attribute Source
ToAsn1 Attribute Source	Attribute ::= PartialAttribute(WITH COMPONENTS { ..., vals (SIZE(1..MAX))})

data PartialAttribute Source

Constructors

PartialAttribute !AttributeDescription ![AttributeValue]

Instances

Eq PartialAttribute Source
Show PartialAttribute Source
ToAsn1 PartialAttribute Source	PartialAttribute ::= SEQUENCE { type AttributeDescription, vals SET OF value AttributeValue }
FromAsn1 PartialAttribute Source	PartialAttribute ::= SEQUENCE { type AttributeDescription, vals SET OF value AttributeValue }

newtype LdapDn Source

An LDAPDN is defined to be the representation of a Distinguished Name (DN) after encoding according to the specification in [RFC4514].

Constructors

LdapDn LdapString

Instances

Eq LdapDn Source
Show LdapDn Source
ToAsn1 LdapDn Source	LDAPDN ::= LDAPString -- Constrained to <distinguishedName>
FromAsn1 LdapDn Source	LDAPDN ::= LDAPString

newtype RelativeLdapDn Source

A RelativeLDAPDN is defined to be the representation of a Relative Distinguished Name (RDN) after encoding according to the specification in [RFC4514].

Constructors

RelativeLdapDn LdapString

Instances

Eq RelativeLdapDn Source
Show RelativeLdapDn Source
ToAsn1 RelativeLdapDn Source	RelativeLDAPDN ::= LDAPString -- Constrained to <name-component>

newtype ReferralUris Source

Constructors

ReferralUris (NonEmpty Uri)

Instances

Eq ReferralUris Source
Show ReferralUris Source
FromAsn1 ReferralUris Source	Referral ::= SEQUENCE SIZE (1..MAX) OF uri URI

newtype Uri Source

Constructors

Uri LdapString

Instances

Eq Uri Source
Show Uri Source
FromAsn1 Uri Source	URI ::= LDAPString

data Operation Source

Constructors

Add
Delete
Replace

Instances

Eq Operation Source
Show Operation Source

newtype LdapString Source

The LDAPString is a notational convenience to indicate that, although strings of LDAPString type encode as ASN.1 OCTET STRING types, the [ISO10646] character set (a superset of [Unicode]) is used, encoded following the UTF-8 [RFC3629] algorithm. (Section 4.1.2.)

Constructors

LdapString Text

Instances

Eq LdapString Source
Show LdapString Source
ToAsn1 LdapString Source	LDAPString ::= OCTET STRING -- UTF-8 encoded
FromAsn1 LdapString Source	LDAPString ::= OCTET STRING -- UTF-8 encoded,

newtype LdapOid Source

The LDAPOID is a notational convenience to indicate that the permitted value of this string is a (UTF-8 encoded) dotted-decimal representation of an OBJECT IDENTIFIER. Although an LDAPOID is encoded as an OCTET STRING, values are limited to the definition of <numericoid> given in Section 1.4 of [RFC4512].

Constructors

LdapOid Text

Instances

Eq LdapOid Source
Show LdapOid Source
ToAsn1 LdapOid Source	LDAPOID ::= OCTET STRING -- Constrained to <numericoid>
FromAsn1 LdapOid Source	LDAPOID ::= OCTET STRING -- Constrained to <numericoid>

BindRequest !Int8 !LdapDn !AuthenticationChoice
UnbindRequest
SearchRequest !LdapDn !Scope !DerefAliases !Int32 !Int32 !Bool !Filter !AttributeSelection
ModifyRequest !LdapDn ![(Operation, PartialAttribute)]
AddRequest !LdapDn !AttributeList
DeleteRequest !LdapDn
ModifyDnRequest !LdapDn !RelativeLdapDn !Bool !(Maybe LdapDn)
CompareRequest !LdapDn !AttributeValueAssertion
ExtendedRequest !LdapOid !(Maybe ByteString)

BindResponse !LdapResult !(Maybe ByteString)
SearchResultEntry !LdapDn !PartialAttributeList
SearchResultReference !(NonEmpty Uri)
SearchResultDone !LdapResult
ModifyResponse !LdapResult
AddResponse !LdapResult
DeleteResponse !LdapResult
ModifyDnResponse !LdapResult
CompareResponse !LdapResult
ExtendedResponse !LdapResult !(Maybe LdapOid) !(Maybe ByteString)
IntermediateResponse !(Maybe LdapOid) !(Maybe ByteString)

Success
OperationError
ProtocolError
TimeLimitExceeded
SizeLimitExceeded
CompareFalse
CompareTrue
AuthMethodNotSupported
StrongerAuthRequired
Referral
AdminLimitExceeded
UnavailableCriticalExtension
ConfidentialityRequired
SaslBindInProgress
NoSuchAttribute
UndefinedAttributeType
InappropriateMatching
ConstraintViolation
AttributeOrValueExists
InvalidAttributeSyntax
NoSuchObject
AliasProblem
InvalidDNSyntax
AliasDereferencingProblem
InappropriateAuthentication
InvalidCredentials
InsufficientAccessRights
Busy
Unavailable
UnwillingToPerform
LoopDetect
NamingViolation
ObjectClassViolation
NotAllowedOnNonLeaf
NotAllowedOnRDN
EntryAlreadyExists
ObjectClassModsProhibited
AffectsMultipleDSAs
Other