Ldap Injection in Fastapi with Jwt Tokens

LDAP injection is an application-layer injection risk that occurs when an attacker can control part of an LDAP query without proper sanitization. In FastAPI applications that integrate LDAP for authentication or group membership checks, injection can arise if user-supplied input is concatenated into filter strings. Even when JWT tokens are used for session or identity representation, the token payload may include attributes (such as username, email, or group membership) that are later used in LDAP queries. If the application builds LDAP filters by string interpolation rather than parameterized filters or strict allow-lists, an attacker can supply crafted values inside a valid JWT to manipulate the LDAP query.

Consider a scenario where a FastAPI endpoint validates a JWT and extracts a username to search Active Directory for group membership. A developer might construct the filter as (&(objectClass=user)(sAMAccountName={username})) using Python string formatting. An attacker who controls the username claim (e.g., via token substitution or a weakly validated issuer) can inject LDAP metacharacters such as *, (, ), or &. For example, the value admin)(|(objectClass=person)) alters the filter logic, potentially bypassing intended access rules or extracting unintended entries. Because JWTs are often treated as trusted identity tokens, the application may skip additional validation of individual claims, allowing malicious input to flow directly into LDAP operations.

Another common pattern is binding to LDAP with credentials derived from JWT claims. If the username or password used for the LDAP bind is taken from the token without normalization or validation, special characters can interfere with the LDAP protocol parsing on the server side. While JWT signatures protect integrity, they do not enforce content constraints; an attacker who can influence the payload (through token issuers, public keys confusion, or client-side manipulation) can create injection conditions. The risk is compounded when combined with overly permissive CORS or misconfigured token introspection endpoints that allow untrusted claims to be accepted.

In FastAPI, middleware or dependencies that decode and verify JWTs should be paired with strict schema validation (e.g., Pydantic models) to ensure claims conform to expected formats. Even after successful verification, claims used in LDAP filters must be treated as untrusted. Developers should avoid building filters via concatenation and instead use LDAP libraries that support parameterized filters or strict escaping routines. Rate limiting and monitoring around authentication endpoints further reduce the impact of probing. The key takeaway is that JWTs provide identity assurance but do not automatically prevent injection; secure handling of claims when interacting with LDAP is essential to prevent authentication bypass or information disclosure.

Remediation focuses on validating JWT claims and ensuring that any data used in LDAP queries is sanitized or parameterized. Below are concrete code examples for a FastAPI application that uses PyJWT for token validation and python-ldap for directory queries.

First, define strict Pydantic models for the expected token payload. This ensures that claims conform to expected types and formats before they are used.

from pydantic import BaseModel, EmailStr, condecstr
import re

class TokenClaims(BaseModel):
    sub: str
    email: EmailStr
    groups: list[condecstr(regex=r'^[a-zA-Z0-9_\-]+$')]  # allow-list group names

    @classmethod
    def validate_claims(cls, payload: dict):
        # Reject unexpected claims to minimize injection surface
        allowed = {"sub", "email", "groups"}
        if not set(payload.keys()).issubsetallowed):
            raise ValueError("Unexpected token claims")
        return cls(**payload)

When decoding the JWT, verify the signature and then validate against the model. Do not directly pass decoded values into LDAP filters.

import jwt
from fastapi import Depends, HTTPException
from ldap3 import Server, Connection, ALL, SUBTREE

def get_claims(authorization: str = Depends(HTTPBearer())):
    token = authorization.credentials
    try:
        decoded = jwt.decode(token, options={"verify_signature": True})
        claims = TokenClaims.validate_claims(decoded)
        return claims
    except jwt.InvalidTokenError:
        raise HTTPException(status_code=401, detail="Invalid token")

For LDAP queries, use parameterized approaches or strict escaping. The python-ldap library supports filter formatting with tuples to avoid injection.

from ldap3 import filter_to_json_path

def find_user_ldap(claims: TokenClaims):
    s = Server("ldap.example.com")
    with Connection(s, user="binduser", password="bindpass") as conn:
        # Safe parameterized filter using tuple formatting
        conn.search(
            search_base="dc=example,dc=com",
            search_filter=("(&(objectClass=user)(sAMAccountName=%s))", [claims.sub]),
            search_scope=SUBTREE,
            attributes=["cn", "memberOf"]
        )
        return conn.entries

Additionally, apply allow-lists for group names and reject any characters outside the expected pattern. If you must construct filters dynamically, use library-provided escaping functions rather than manual string replacement.

Finally, enforce strict CORS and token validation settings in FastAPI to reduce the likelihood of accepting tampered claims. The combination of strong signature validation, claim schema enforcement, and parameterized LDAP queries mitigates LDAP injection risks while preserving the utility of JWTs for identity.