Remove LDAP authentication (#15546)

Remove LDAP authentication from AWX

awx/main/management/commands/dump_auth_config.py

@@ -1,7 +1,6 @@
 import json
 import os
 import sys
-import re
 from typing import Any
 
 from django.core.management.base import BaseCommand
@@ -11,7 +10,7 @@ from awx.conf import settings_registry
 
 
 class Command(BaseCommand):
-    help = 'Dump the current auth configuration in django_ansible_base.authenticator format, currently supports LDAP and SAML'
+    help = 'Dump the current auth configuration in django_ansible_base.authenticator format, currently supports SAML'
 
     DAB_SAML_AUTHENTICATOR_KEYS = {
         "SP_ENTITY_ID": True,
@@ -27,20 +26,6 @@ class Command(BaseCommand):
         "CALLBACK_URL": False,
     }
 
-    DAB_LDAP_AUTHENTICATOR_KEYS = {
-        "SERVER_URI": True,
-        "BIND_DN": False,
-        "BIND_PASSWORD": False,
-        "CONNECTION_OPTIONS": False,
-        "GROUP_TYPE": True,
-        "GROUP_TYPE_PARAMS": True,
-        "GROUP_SEARCH": False,
-        "START_TLS": False,
-        "USER_DN_TEMPLATE": True,
-        "USER_ATTR_MAP": True,
-        "USER_SEARCH": False,
-    }
-
     def is_enabled(self, settings, keys):
         missing_fields = []
         for key, required in keys.items():
@@ -50,41 +35,6 @@ class Command(BaseCommand):
             return False, missing_fields
         return True, None
 
-    def get_awx_ldap_settings(self) -> dict[str, dict[str, Any]]:
-        awx_ldap_settings = {}
-
-        for awx_ldap_setting in settings_registry.get_registered_settings(category_slug='ldap'):
-            key = awx_ldap_setting.removeprefix("AUTH_LDAP_")
-            value = getattr(settings, awx_ldap_setting, None)
-            awx_ldap_settings[key] = value
-
-        grouped_settings = {}
-
-        for key, value in awx_ldap_settings.items():
-            match = re.search(r'(\d+)', key)
-            index = int(match.group()) if match else 0
-            new_key = re.sub(r'\d+_', '', key)
-
-            if index not in grouped_settings:
-                grouped_settings[index] = {}
-
-            grouped_settings[index][new_key] = value
-            if new_key == "GROUP_TYPE" and value:
-                grouped_settings[index][new_key] = type(value).__name__
-
-            if new_key == "SERVER_URI" and value:
-                value = value.split(", ")
-                grouped_settings[index][new_key] = value
-
-            if type(value).__name__ == "LDAPSearch":
-                data = []
-                data.append(value.base_dn)
-                data.append("SCOPE_SUBTREE")
-                data.append(value.filterstr)
-                grouped_settings[index][new_key] = data
-
-        return grouped_settings
-
     def get_awx_saml_settings(self) -> dict[str, Any]:
         awx_saml_settings = {}
         for awx_saml_setting in settings_registry.get_registered_settings(category_slug='saml'):
@@ -157,23 +107,6 @@ class Command(BaseCommand):
             else:
                 data.append({"SAML_missing_fields": saml_missing_fields})
 
-            # dump LDAP settings
-            awx_ldap_group_settings = self.get_awx_ldap_settings()
-            for awx_ldap_name, awx_ldap_settings in awx_ldap_group_settings.items():
-                awx_ldap_enabled, ldap_missing_fields = self.is_enabled(awx_ldap_settings, self.DAB_LDAP_AUTHENTICATOR_KEYS)
-                if awx_ldap_enabled:
-                    data.append(
-                        self.format_config_data(
-                            awx_ldap_enabled,
-                            awx_ldap_settings,
-                            "ldap",
-                            self.DAB_LDAP_AUTHENTICATOR_KEYS,
-                            f"LDAP_{awx_ldap_name}",
-                        )
-                    )
-                else:
-                    data.append({f"LDAP_{awx_ldap_name}_missing_fields": ldap_missing_fields})
-
             # write to file if requested
             if options["output_file"]:
                 # Define the path for the output JSON file