authelia/internal/authentication/ldap_connection_factory.go

package authentication

import (
	"github.com/go-ldap/ldap/v3"
)

// LDAPConnectionFactory an interface of factory of ldap connections.
type LDAPConnectionFactory interface {
	DialURL(addr string, opts ...ldap.DialOpt) (LDAPConnection, error)
}

// LDAPConnectionFactoryImpl the production implementation of an ldap connection factory.
type LDAPConnectionFactoryImpl struct{}

// NewLDAPConnectionFactoryImpl create a concrete ldap connection factory.
func NewLDAPConnectionFactoryImpl() *LDAPConnectionFactoryImpl {
	return &LDAPConnectionFactoryImpl{}
}

// DialURL creates a connection from an LDAP URL when successful.
func (lcf *LDAPConnectionFactoryImpl) DialURL(addr string, opts ...ldap.DialOpt) (LDAPConnection, error) {
	conn, err := ldap.DialURL(addr, opts...)
	if err != nil {
		return nil, err
	}

	return conn, nil
}
Add support for LDAP over TLS. 2019-12-06 15:15:54 +07:00			`package authentication`

			`import (`
[DEPS] Fix gopkg.in/ldap.v3 import for dependabot (#726) 2020-03-19 11:22:46 +07:00			`"github.com/go-ldap/ldap/v3"`
Add support for LDAP over TLS. 2019-12-06 15:15:54 +07:00			`)`

[MISC] Implement golint recommendations (#885) Co-authored-by: Clément Michaud <clement.michaud34@gmail.com> 2020-04-21 04:03:38 +07:00			`// LDAPConnectionFactory an interface of factory of ldap connections.`
Add support for LDAP over TLS. 2019-12-06 15:15:54 +07:00			`type LDAPConnectionFactory interface {`
feat(authentication): allow customizable ldap connection timeout (#2240) This implements both a connection timeout for LDAP connections, and makes it configurable by administrators. The default is 5s. The reason for this commit is currently if a connection to an LDAP server cannot be established it does not timeout in a reasonable period. 2021-08-05 11:30:00 +07:00			`DialURL(addr string, opts ...ldap.DialOpt) (LDAPConnection, error)`
Add support for LDAP over TLS. 2019-12-06 15:15:54 +07:00			`}`

			`// LDAPConnectionFactoryImpl the production implementation of an ldap connection factory.`
			`type LDAPConnectionFactoryImpl struct{}`

[MISC] Implement golint recommendations (#885) Co-authored-by: Clément Michaud <clement.michaud34@gmail.com> 2020-04-21 04:03:38 +07:00			`// NewLDAPConnectionFactoryImpl create a concrete ldap connection factory.`
Add support for LDAP over TLS. 2019-12-06 15:15:54 +07:00			`func NewLDAPConnectionFactoryImpl() *LDAPConnectionFactoryImpl {`
			`return &LDAPConnectionFactoryImpl{}`
			`}`

[FEATURE] Enhance LDAP/SMTP TLS Configuration and Unify Them (#1557) * add new directive in the global scope `certificates_directory` which is used to bulk load certs and trust them in Authelia * this is in ADDITION to system certs and are trusted by both LDAP and SMTP * added a shared TLSConfig struct to be used by both SMTP and LDAP, and anything else in the future that requires tuning the TLS * remove usage of deprecated LDAP funcs Dial and DialTLS in favor of DialURL which is also easier to use * use the server name from LDAP URL or SMTP host when validating the certificate unless otherwise defined in the TLS section * added temporary translations from the old names to the new ones for all deprecated options * added docs * updated example configuration * final deprecations to be done in 4.28.0 * doc updates * fix misc linting issues * uniform deprecation notices for ease of final removal * added additional tests covering previously uncovered areas and the new configuration options * add non-fatal to certificate loading when system certs could not be loaded * adjust timeout of Suite ShortTimeouts * add warnings pusher for the StructValidator * make the schema suites uninform * utilize the warnings in the StructValidator * fix test suite usage for skip_verify * extract LDAP filter parsing into it's own function to make it possible to test * test LDAP filter parsing * update ErrorContainer interface * add tests to the StructValidator * add NewTLSConfig test * move baseDN for users/groups into parsed values * add tests to cover many of the outstanding areas in LDAP * add explicit deferred LDAP conn close to UpdatePassword * add some basic testing to SMTP notifier * suggestions from code review 2021-01-04 17:28:55 +07:00			`// DialURL creates a connection from an LDAP URL when successful.`
feat(authentication): allow customizable ldap connection timeout (#2240) This implements both a connection timeout for LDAP connections, and makes it configurable by administrators. The default is 5s. The reason for this commit is currently if a connection to an LDAP server cannot be established it does not timeout in a reasonable period. 2021-08-05 11:30:00 +07:00			`func (lcf *LDAPConnectionFactoryImpl) DialURL(addr string, opts ...ldap.DialOpt) (LDAPConnection, error) {`
			`conn, err := ldap.DialURL(addr, opts...)`
Add support for LDAP over TLS. 2019-12-06 15:15:54 +07:00			`if err != nil {`
			`return nil, err`
			`}`
[CI] Add wsl linter (#980) * [CI] Add wsl linter * Implement wsl recommendations Co-authored-by: Clément Michaud <clement.michaud34@gmail.com> 2020-05-06 02:35:32 +07:00
refactor(authentication): simplify ldap connection interface (#3026) This simplifies the interface to just expose the methods from the underlying connection that we need. The addition of gen.go makes creating the generated mocks easy go generate. 2022-03-17 11:02:54 +07:00			`return conn, nil`
Add support for LDAP over TLS. 2019-12-06 15:15:54 +07:00			`}`