Removed trailing spaces.

2017-12-22 14:20:43 +03:00 · 2017-12-22 14:20:43 +03:00 · 9df349f98e
parent b5de9a539c
commit 9df349f98e
4 changed files with 14 additions and 14 deletions
--- a/README.md
+++ b/README.md
@ -98,7 +98,7 @@ If the authentication server runs Active Directory rather than OpenLDAP, uncomme
 proxy_set_header X-Ldap-Template "(SAMAccountName=%(username)s)";
 ```

-In addition, the **X-Ldap-Template** header can be used to create complex LDAP searches. The code in ldap-auth-daemon creates a search filter that is based on this template header. By default, template is empty, and does not make any effect on LDAP search. However, you may decide for instance to authenticate only users from a specific user group (see LDAP documentation for more information regarding filters). 
+In addition, the **X-Ldap-Template** header can be used to create complex LDAP searches. The code in ldap-auth-daemon creates a search filter that is based on this template header. By default, template is empty, and does not make any effect on LDAP search. However, you may decide for instance to authenticate only users from a specific user group (see LDAP documentation for more information regarding filters).

 Suppose, your web resource should only be available for users from `group1` group.
 In such a case you can define `X-Ldap-Template` template as follows:
--- a/debian/control
+++ b/debian/control
@ -9,6 +9,6 @@ Package: nginx-ldap-auth
 Architecture: all
 Depends:  systemd, python(>=2.6), python-ldap, python-argparse
 Description: a reference implementation of an authentication helper for Nginx
- This is a reference implementation of an authentication helper for Nginx. 
+ This is a reference implementation of an authentication helper for Nginx.
 It listens for incoming requests and uses parameters from headers
 to bind to a remote LDAP directory and try authenticating a person.
--- a/debian/nginx-ldap-auth.init
+++ b/debian/nginx-ldap-auth.init
@ -41,8 +41,8 @@ case "$1" in

    SSDOPTS="--quiet --oknodo --background --no-close --make-pidfile --pidfile $PIDFILE --chuid $USER:$GROUP --exec $DAEMON"
    DAEMON_ARGS="$URL $BASE $BIND_DN $BIND_PASS $COOKIE $FILTER $REALM"
-    
-	if start-stop-daemon --start $SSDOPTS -- $DAEMON_ARGS &>$LOG 
+
+	if start-stop-daemon --start $SSDOPTS -- $DAEMON_ARGS &>$LOG
 	then
 		echo "$NAME."
 	else
--- a/nginx-ldap-auth-daemon.py
+++ b/nginx-ldap-auth-daemon.py
@ -182,12 +182,12 @@ class LDAPAuthHandler(AuthHandler):
        try:
            # check that uri and baseDn are set
            # either from cli or a request
-            if not ctx['url']: 
+            if not ctx['url']:
                self.log_message('LDAP URL is not set!')
                return
            if not ctx['basedn']:
                self.log_message('LDAP baseDN is not set!')
-                return 
+                return

            ctx['action'] = 'initializing LDAP connection'
            ldap_obj = ldap.initialize(ctx['url']);
@ -247,14 +247,14 @@ if __name__ == '__main__':
        description="""Simple Nginx LDAP authentication helper.""")
    # Group for listen options:
    group = parser.add_argument_group("Listen options")
-    group.add_argument('--host',  metavar="hostname", 
+    group.add_argument('--host',  metavar="hostname",
        default="localhost", help="host to bind (Default: localhost)")
-    group.add_argument('-p', '--port', metavar="port", type=int, 
+    group.add_argument('-p', '--port', metavar="port", type=int,
        default=8888, help="port to bind (Default: 8888)")
    # ldap options:
    group = parser.add_argument_group(title="LDAP options")
    group.add_argument('-u', '--url', metavar="URL",
-        default="ldap://localhost:389", 
+        default="ldap://localhost:389",
        help=("LDAP URI to query (Default: ldap://localhost:389)"))
    group.add_argument('-b', metavar="baseDn", dest="basedn", default='',
        help="LDAP base dn (Default: unset)")
@ -262,18 +262,18 @@ if __name__ == '__main__':
        help="LDAP bind DN (Default: anonymous)")
    group.add_argument('-w', metavar="passwd", dest="bindpw", default='',
        help="LDAP password for the bind DN (Default: unset)")
-    group.add_argument('-f', '--filter', metavar='filter', 
-        default='(cn=%(username)s)', 
+    group.add_argument('-f', '--filter', metavar='filter',
+        default='(cn=%(username)s)',
        help="LDAP filter (Default: cn=%%(username)s)")
    # http options:
    group = parser.add_argument_group(title="HTTP options")
-    group.add_argument('-R', '--realm', metavar='"Restricted Area"', 
+    group.add_argument('-R', '--realm', metavar='"Restricted Area"',
        default="Resticted", help='HTTP auth realm (Default: "Restricted")')
-    group.add_argument('-c', '--cookie', metavar="cookiename", 
+    group.add_argument('-c', '--cookie', metavar="cookiename",
        default="", help="HTTP cookie name to set in (Default: unset)")

    args = parser.parse_args()
-    global Listen 
+    global Listen
    Listen = (args.host, args.port)
    auth_params = {
             'realm': ('X-Ldap-Realm', args.realm),