techies/authelia
1
0
Fork 0
mirror of https://github.com/0rangebananaspy/authelia.git synced 2024-09-14 22:47:21 +07:00
Code Issues Projects Releases Wiki Activity

Support ldap:// protocol for ldap url to be backward compatible with v3.

Browse Source
This commit is contained in:
Clement Michaud 2019-10-29 21:16:38 +01:00 committed by Clément Michaud
parent 931887a0a7
commit 67613d9fbe
2 changed files with 25 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
configuration/validator/authentication.go
View File

@ -2,20 +2,42 @@ package validator
import ( import (
"errors" "errors"
"fmt"
"strings"
"github.com/clems4ever/authelia/configuration/schema" "github.com/clems4ever/authelia/configuration/schema"
) )
var ldapProtocolPrefix = "ldap://"
func validateFileAuthenticationBackend(configuration *schema.FileAuthenticationBackendConfiguration, validator *schema.StructValidator) { func validateFileAuthenticationBackend(configuration *schema.FileAuthenticationBackendConfiguration, validator *schema.StructValidator) {
if configuration.Path == "" { if configuration.Path == "" {
validator.Push(errors.New("Please provide a `path` for the users database in `authentication_backend`")) validator.Push(errors.New("Please provide a `path` for the users database in `authentication_backend`"))
} }
} }
func validateLdapURL(url string, validator *schema.StructValidator) string {
if strings.HasPrefix(url, ldapProtocolPrefix) {
url = url[len(ldapProtocolPrefix):]
}
portColons := strings.Index(url, ":")
// if no port is provided, we provide the default LDAP port
// TODO(c.michaud): support LDAP over TLS.
if portColons == -1 {
url = url + ":389"
}
return url
}
func validateLdapAuthenticationBackend(configuration *schema.LDAPAuthenticationBackendConfiguration, validator *schema.StructValidator) { func validateLdapAuthenticationBackend(configuration *schema.LDAPAuthenticationBackendConfiguration, validator *schema.StructValidator) {
if configuration.URL == "" { if configuration.URL == "" {
validator.Push(errors.New("Please provide a URL to the LDAP server")) validator.Push(errors.New("Please provide a URL to the LDAP server"))
} else {
configuration.URL = validateLdapURL(configuration.URL, validator)
} }
fmt.Println(configuration.URL)
if configuration.User == "" { if configuration.User == "" {
validator.Push(errors.New("Please provide a user name to connect to the LDAP server")) validator.Push(errors.New("Please provide a user name to connect to the LDAP server"))
@ -30,11 +52,11 @@ func validateLdapAuthenticationBackend(configuration *schema.LDAPAuthenticationB
} }
if configuration.UsersFilter == "" { if configuration.UsersFilter == "" {
configuration.UsersFilter = "cn={0}" configuration.UsersFilter = "(cn={0})"
} }
if configuration.GroupsFilter == "" { if configuration.GroupsFilter == "" {
configuration.GroupsFilter = "member={dn}" configuration.GroupsFilter = "(member={dn})"
} }
if configuration.GroupNameAttribute == "" { if configuration.GroupNameAttribute == "" {

2
test/suites/high-availability/config.yml
View File

@ -44,7 +44,7 @@ authentication_backend:
# production. # production.
ldap: ldap:
# The url of the ldap server # The url of the ldap server
url: 127.0.0.1:389 url: ldap://127.0.0.1
# The base dn for every entries # The base dn for every entries
base_dn: dc=example,dc=com base_dn: dc=example,dc=com