Commit 01a58c48 authored by ale's avatar ale
Browse files

Support passing the LDAP bind password in the config file

parent 613f57f8
Pipeline #782 failed with stages
in 9 seconds
......@@ -161,6 +161,7 @@ func decodeAppSpecificPassword(enc string) (*AppSpecificPassword, error) {
type LDAPConfig struct {
URI string `yaml:"uri"`
BindDN string `yaml:"bind_dn"`
BindPw string `yaml:"bind_pw"`
BindPwFile string `yaml:"bind_pw_file"`
}
......@@ -172,8 +173,8 @@ func (c *LDAPConfig) Valid() error {
if c.BindDN == "" {
return errors.New("empty bind_dn")
}
if c.BindPwFile == "" {
return errors.New("empty bind_pw_file")
if (c.BindPwFile == "" && c.BindPw == "") || (c.BindPwFile != "" && c.BindPw != "") {
return errors.New("only one of bind_pw_file or bind_pw must be set")
}
return nil
}
......@@ -204,9 +205,12 @@ func newLDAPBackend(config *Config) (*ldapBackend, error) {
}
// Read the bind password.
bindPw, err := ioutil.ReadFile(config.LDAPConfig.BindPwFile)
if err != nil {
return nil, err
bindPw := config.LDAPConfig.BindPw
if bindPw == "" {
bindPw, err = ioutil.ReadFile(config.LDAPConfig.BindPwFile)
if err != nil {
return nil, err
}
}
// Initialize the connection pool.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment