From c7650a6b7ee2895f7f8a925b8954c2d8225daa55 Mon Sep 17 00:00:00 2001
From: Erik Sundell <erik@sundellopensource.se>
Date: Tue, 17 Sep 2024 00:11:28 +0200
Subject: [PATCH] refactor: specify param names for Connection.search
 consistently

---
 ldapauthenticator/ldapauthenticator.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/ldapauthenticator/ldapauthenticator.py b/ldapauthenticator/ldapauthenticator.py
index 761ff72..932316b 100644
--- a/ldapauthenticator/ldapauthenticator.py
+++ b/ldapauthenticator/ldapauthenticator.py
@@ -397,7 +397,10 @@ def get_user_attributes(self, conn, userdn):
         attrs = {}
         if self.auth_state_attributes:
             found = conn.search(
-                userdn, "(objectClass=*)", attributes=self.auth_state_attributes
+                search_base=userdn,
+                search_scope=ldap3.SUBTREE,
+                search_filter="(objectClass=*)",
+                attributes=self.auth_state_attributes,
             )
             if found:
                 attrs = conn.entries[0].entry_attributes_as_dict
@@ -506,7 +509,7 @@ async def authenticate(self, handler, data):
             found = False
             for group in self.allowed_groups:
                 found = conn.search(
-                    group,
+                    search_base=group,
                     search_scope=ldap3.BASE,
                     search_filter=self.group_search_filter.format(
                         userdn=escape_filter_chars(userdn),