Skip to content
Snippets Groups Projects
Select Git revision
  • 8f46f1b1fd13649ff3a83dd2b5c3efb2220848c5
  • master default
  • registry-mirror
  • nginx-default-site
  • acmeserver2
  • clickhouse
  • improve-dns-toplevel-probes
  • tabacco-in-container
  • rsyslog-modern-json
  • improve-service-discovery
  • prometheus-external-healthchecks
  • env-vars-in-include-paths
  • dns-resolver
  • service-turndown
  • use_proxy_protocol
  • loki
  • docs_operating
  • net-overlay_firewall_containers
  • webdiff
19 results

testing.md

Blame
    • ldap.go 1.37 KiB 
    package policydproxy

import (
	"context"
	"errors"
	"strings"

	"git.autistici.org/ai3/go-common/ldap"
	"gopkg.in/ldap.v3"
)

const poolSize = 3

type ldapDirector struct {
	pool      *ldaputil.ConnectionPool
	baseDN    string
	filter    string
	attr      string
	resultFmt string
}

func NewLDAPDirector(uri, bindDN, bindPW, baseDN, filter, attr, resultFmt string) (Director, error) {
	if !strings.Contains(resultFmt, "%s") {
		return nil, errors.New("result_fmt does not contain the '%s' token")
	}
	if baseDN == "" {
		return nil, errors.New("LDAP base DN is unset")
	}
	if filter == "" {
		return nil, errors.New("LDAP filter is unset")
	}
	if attr == "" {
		return nil, errors.New("LDAP query attribute is unset")
	}

	pool, err := ldaputil.NewConnectionPool(uri, bindDN, bindPW, poolSize)
	if err != nil {
		return nil, err
	}
	return &ldapDirector{
		pool:      pool,
		baseDN:    baseDN,
		filter:    filter,
		attr:      attr,
		resultFmt: resultFmt,
	}, nil
}

func (d *ldapDirector) Lookup(ctx context.Context, email string) (string, error) {
	result, err := d.pool.Search(ctx, ldap.NewSearchRequest(
		d.baseDN,
		ldap.ScopeWholeSubtree,
		1, 0, 0, false,
		d.filter,
		[]string{d.attr},
		nil,
	))
	if err != nil {
		return "", err
	}
	if len(result.Entries) == 0 {
		return "", nil
	}

	return strings.Replace(d.resultFmt, "%s", result.Entries[0].GetAttributeValue(d.attr), -1), nil
}