mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
cc6650dbcd
* [BUGFIX] Set username retrieved from authentication backend in session. In some setups, binding is case insensitive but Authelia is case sensitive and therefore need the actual username as stored in the authentication backend in order for Authelia to work correctly. Fixes #561. * Use uid attribute as unique user identifier in suites. * Fix the integration tests. * Update config.template.yml * Compute user filter based on username attribute and users_filter. The filter provided in users_filter is now combined with a filter based on the username attribute to perform the LDAP search query finding a user object from the username. * Fix LDAP based integration tests. * Update `users_filter` reference examples
66 lines
2.4 KiB
Go
66 lines
2.4 KiB
Go
package schema
|
|
|
|
// LDAPAuthenticationBackendConfiguration represents the configuration related to LDAP server.
|
|
type LDAPAuthenticationBackendConfiguration struct {
|
|
URL string `mapstructure:"url"`
|
|
SkipVerify bool `mapstructure:"skip_verify"`
|
|
BaseDN string `mapstructure:"base_dn"`
|
|
AdditionalUsersDN string `mapstructure:"additional_users_dn"`
|
|
UsersFilter string `mapstructure:"users_filter"`
|
|
AdditionalGroupsDN string `mapstructure:"additional_groups_dn"`
|
|
GroupsFilter string `mapstructure:"groups_filter"`
|
|
GroupNameAttribute string `mapstructure:"group_name_attribute"`
|
|
UsernameAttribute string `mapstructure:"username_attribute"`
|
|
MailAttribute string `mapstructure:"mail_attribute"`
|
|
User string `mapstructure:"user"`
|
|
Password string `mapstructure:"password"`
|
|
}
|
|
|
|
// FileAuthenticationBackendConfiguration represents the configuration related to file-based backend
|
|
type FileAuthenticationBackendConfiguration struct {
|
|
Path string `mapstructure:"path"`
|
|
PasswordHashing *PasswordHashingConfiguration `mapstructure:"password"`
|
|
}
|
|
|
|
type PasswordHashingConfiguration struct {
|
|
Iterations int `mapstructure:"iterations"`
|
|
KeyLength int `mapstructure:"key_length"`
|
|
SaltLength int `mapstructure:"salt_length"`
|
|
Algorithm string `mapstrucutre:"algorithm"`
|
|
Memory int `mapstructure:"memory"`
|
|
Parallelism int `mapstructure:"parallelism"`
|
|
}
|
|
|
|
// Default Argon2id Configuration
|
|
var DefaultPasswordOptionsConfiguration = PasswordHashingConfiguration{
|
|
Iterations: 1,
|
|
KeyLength: 32,
|
|
SaltLength: 16,
|
|
Algorithm: "argon2id",
|
|
Memory: 1024,
|
|
Parallelism: 8,
|
|
}
|
|
|
|
// Default Argon2id Configuration for CI testing when calling HashPassword()
|
|
var DefaultCIPasswordOptionsConfiguration = PasswordHashingConfiguration{
|
|
Iterations: 1,
|
|
KeyLength: 32,
|
|
SaltLength: 16,
|
|
Algorithm: "argon2id",
|
|
Memory: 128,
|
|
Parallelism: 8,
|
|
}
|
|
|
|
// Default SHA512 Cofniguration
|
|
var DefaultPasswordOptionsSHA512Configuration = PasswordHashingConfiguration{
|
|
Iterations: 50000,
|
|
SaltLength: 16,
|
|
Algorithm: "sha512",
|
|
}
|
|
|
|
// AuthenticationBackendConfiguration represents the configuration related to the authentication backend.
|
|
type AuthenticationBackendConfiguration struct {
|
|
Ldap *LDAPAuthenticationBackendConfiguration `mapstructure:"ldap"`
|
|
File *FileAuthenticationBackendConfiguration `mapstructure:"file"`
|
|
}
|