trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
authentik/internal/outpost/ldap/search.go

88 lines
2.3 KiB
Go
Raw Normal View History

outposts: initial ldap outpost implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 22:30:27 +00:00
package ldap
import (
"net"
outposts: make metrics compliant with Prometheus best-practices (#6398) web/outpost: make metrics compliant with Prometheus best-practices Today, all NewHistogramVec store values in nanoseconds without changing the default histogram bucket, which are made for seconds, making them a bit useless. In addition, some metrics names are not self-explanatoryand and do not comply with Prometheus best practices. This commit tries to fix all of this "issues". NOTE: I kept old metrics in order to avoid breaking changes with existing dashboards and metrics. Signed-off-by: Alexandre NICOLAIE <xunleii@users.noreply.github.com>
2023-07-27 16:51:08 +00:00
"time"
outposts: initial ldap outpost implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 22:30:27 +00:00
providers/ldap: add StartTLS support (#5861) * providers/ldap: add StartTLS support Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add starttls test Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update form and docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-add tls server name Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update release notes Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-06 19:40:19 +00:00
"beryju.io/ldap"
outposts/ldap: add tracing for LDAP bind and search Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-22 17:17:34 +00:00
"github.com/getsentry/sentry-go"
core: metrics v2 (#1370) * outposts: add ldap metrics, move ping to 9100 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outpost: add flow_executor metrics Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * use port 9300 for metrics, add core metrics port Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts/controllers/k8s: add service monitor creation support Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 13:52:24 +00:00
"github.com/prometheus/client_golang/prometheus"
outposts/ldap: improve logging, add request ID Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-19 11:41:29 +00:00
log "github.com/sirupsen/logrus"
providers/ldap: rework Schema and DSE (#5838) * rework Root DSE Signed-off-by: Jens Langhammer <jens@goauthentik.io> * always parse filter objectClass Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start adding LDAP Schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add more schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update schema more Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix cn for schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only include main DN in namingContexts Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use schema from gh Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add description Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add response filtering Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix response filtering Signed-off-by: Jens Langhammer <jens@goauthentik.io> * don't return rootDSE entry when searching for singleLevel Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove currentTime Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix attribute filtering Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * set SINGLE-VALUE Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix numbers Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-08 13:16:40 +00:00
"goauthentik.io/internal/outpost/ldap/constants"
core: metrics v2 (#1370) * outposts: add ldap metrics, move ping to 9100 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outpost: add flow_executor metrics Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * use port 9300 for metrics, add core metrics port Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts/controllers/k8s: add service monitor creation support Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 13:52:24 +00:00
"goauthentik.io/internal/outpost/ldap/metrics"
providers/ldap: memory Query (#1681) * outposts/ldap: modularise ldap outpost, to allow different searchers and binders Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts/ldap: add basic in-memory searcher Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/ldap: add search mode field Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outpost: add search mode field Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 09:37:30 +00:00
"goauthentik.io/internal/outpost/ldap/search"
outposts: initial ldap outpost implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 22:30:27 +00:00
)
outposts/ldap: fix user info caching, fix mixed case DN Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #864
2021-05-12 16:49:15 +00:00
func (ls *LDAPServer) Search(bindDN string, searchReq ldap.SearchRequest, conn net.Conn) (ldap.ServerSearchResult, error) {
providers/ldap: memory Query (#1681) * outposts/ldap: modularise ldap outpost, to allow different searchers and binders Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts/ldap: add basic in-memory searcher Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/ldap: add search mode field Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outpost: add search mode field Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 09:37:30 +00:00
req, span := search.NewRequest(bindDN, searchReq, conn)
lifecycle: cleanup prometheus (#2972) * remove high cardinality labels Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * retry worker number for prometheus multiprocess id Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * revert to pid, use subdirectories Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * cleanup more Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * use worker id based off of https://github.com/benoitc/gunicorn/issues/1352 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix missing app label Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests/e2e: remove static names Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-29 19:45:25 +00:00
selectedApp := ""
outposts/ldap: add support for member query Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-23 18:00:23 +00:00
defer func() {
span.Finish()
core: metrics v2 (#1370) * outposts: add ldap metrics, move ping to 9100 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outpost: add flow_executor metrics Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * use port 9300 for metrics, add core metrics port Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts/controllers/k8s: add service monitor creation support Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 13:52:24 +00:00
metrics.Requests.With(prometheus.Labels{
outposts: add outpost_name label to metrics Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 08:03:31 +00:00
"outpost_name": ls.ac.Outpost.Name,
"type": "search",
lifecycle: cleanup prometheus (#2972) * remove high cardinality labels Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * retry worker number for prometheus multiprocess id Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * revert to pid, use subdirectories Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * cleanup more Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * use worker id based off of https://github.com/benoitc/gunicorn/issues/1352 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix missing app label Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests/e2e: remove static names Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-29 19:45:25 +00:00
"app": selectedApp,
outposts: make metrics compliant with Prometheus best-practices (#6398) web/outpost: make metrics compliant with Prometheus best-practices Today, all NewHistogramVec store values in nanoseconds without changing the default histogram bucket, which are made for seconds, making them a bit useless. In addition, some metrics names are not self-explanatoryand and do not comply with Prometheus best practices. This commit tries to fix all of this "issues". NOTE: I kept old metrics in order to avoid breaking changes with existing dashboards and metrics. Signed-off-by: Alexandre NICOLAIE <xunleii@users.noreply.github.com>
2023-07-27 16:51:08 +00:00
}).Observe(float64(span.EndTime.Sub(span.StartTime)) / float64(time.Second))
metrics.RequestsLegacy.With(prometheus.Labels{
"outpost_name": ls.ac.Outpost.Name,
"type": "search",
"app": selectedApp,
core: metrics v2 (#1370) * outposts: add ldap metrics, move ping to 9100 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outpost: add flow_executor metrics Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * use port 9300 for metrics, add core metrics port Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts/controllers/k8s: add service monitor creation support Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 13:52:24 +00:00
}).Observe(float64(span.EndTime.Sub(span.StartTime)))
outposts/ldap: add more tests (#6188) * outposts/ldap: add tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix missing posixAccount Signed-off-by: Jens Langhammer <jens@goauthentik.io> * attempt to expand attributes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix routing without base DN Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more logging Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove our custom attribute filtering since this is done by the ldap library Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add test for schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-08 18:51:05 +00:00
req.Log().WithField("attributes", searchReq.Attributes).WithField("took-ms", span.EndTime.Sub(span.StartTime).Milliseconds()).Info("Search request")
outposts/ldap: add support for member query Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-23 18:00:23 +00:00
}()
outposts/ldap: improve logging, add request ID Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-19 11:41:29 +00:00
outposts/ldap: add tracing for LDAP bind and search Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-22 17:17:34 +00:00
defer func() {
err := recover()
if err == nil {
return
}
outposts: fix typo Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-22 11:14:28 +00:00
log.WithError(err.(error)).Error("recover in search request")
outposts/ldap: add tracing for LDAP bind and search Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-22 17:17:34 +00:00
sentry.CaptureException(err.(error))
}()
providers/ldap: rework Schema and DSE (#5838) * rework Root DSE Signed-off-by: Jens Langhammer <jens@goauthentik.io> * always parse filter objectClass Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start adding LDAP Schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add more schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update schema more Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix cn for schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only include main DN in namingContexts Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use schema from gh Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add description Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add response filtering Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix response filtering Signed-off-by: Jens Langhammer <jens@goauthentik.io> * don't return rootDSE entry when searching for singleLevel Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove currentTime Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix attribute filtering Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * set SINGLE-VALUE Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix numbers Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-08 13:16:40 +00:00
selectedProvider := ls.providerForRequest(req)
if selectedProvider == nil {
return ls.fallbackRootDSE(req)
outposts/ldap: improve logging,return success for empty DN Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 21:25:31 +00:00
}
providers/ldap: rework Schema and DSE (#5838) * rework Root DSE Signed-off-by: Jens Langhammer <jens@goauthentik.io> * always parse filter objectClass Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start adding LDAP Schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add more schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update schema more Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix cn for schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only include main DN in namingContexts Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use schema from gh Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add description Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add response filtering Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix response filtering Signed-off-by: Jens Langhammer <jens@goauthentik.io> * don't return rootDSE entry when searching for singleLevel Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove currentTime Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix attribute filtering Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * set SINGLE-VALUE Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix numbers Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-08 13:16:40 +00:00
selectedApp = selectedProvider.GetAppSlug()
result, err := ls.searchRoute(req, selectedProvider)
outposts/ldap: add more tests (#6188) * outposts/ldap: add tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix missing posixAccount Signed-off-by: Jens Langhammer <jens@goauthentik.io> * attempt to expand attributes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix routing without base DN Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more logging Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove our custom attribute filtering since this is done by the ldap library Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add test for schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-08 18:51:05 +00:00
return result, err
providers/ldap: rework Schema and DSE (#5838) * rework Root DSE Signed-off-by: Jens Langhammer <jens@goauthentik.io> * always parse filter objectClass Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start adding LDAP Schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add more schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update schema more Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix cn for schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only include main DN in namingContexts Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use schema from gh Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add description Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add response filtering Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix response filtering Signed-off-by: Jens Langhammer <jens@goauthentik.io> * don't return rootDSE entry when searching for singleLevel Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove currentTime Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix attribute filtering Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * set SINGLE-VALUE Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix numbers Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-08 13:16:40 +00:00
}
func (ls *LDAPServer) fallbackRootDSE(req *search.Request) (ldap.ServerSearchResult, error) {
req.Log().Trace("returning fallback Root DSE")
providers/ldap: add StartTLS support (#5861) * providers/ldap: add StartTLS support Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add starttls test Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update form and docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-add tls server name Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update release notes Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-06 19:40:19 +00:00
return ldap.ServerSearchResult{
providers/ldap: making ldap compatible with synology (#4694) * internal/outpost/ldap: making ldap compatible with synology * fix duplicate attributes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add docs about homedirectory Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix duplicate attributes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add substitution to values Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-02-22 14:26:41 +00:00
Entries: []*ldap.Entry{
{
DN: "",
Attributes: []*ldap.EntryAttribute{
{
Name: "objectClass",
providers/ldap: rework Schema and DSE (#5838) * rework Root DSE Signed-off-by: Jens Langhammer <jens@goauthentik.io> * always parse filter objectClass Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start adding LDAP Schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add more schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update schema more Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix cn for schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only include main DN in namingContexts Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use schema from gh Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add description Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add response filtering Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix response filtering Signed-off-by: Jens Langhammer <jens@goauthentik.io> * don't return rootDSE entry when searching for singleLevel Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove currentTime Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix attribute filtering Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * set SINGLE-VALUE Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix numbers Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-08 13:16:40 +00:00
Values: []string{constants.OCTop},
},
{
Name: "entryDN",
Values: []string{""},
providers/ldap: making ldap compatible with synology (#4694) * internal/outpost/ldap: making ldap compatible with synology * fix duplicate attributes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add docs about homedirectory Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix duplicate attributes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add substitution to values Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-02-22 14:26:41 +00:00
},
{
Name: "subschemaSubentry",
Values: []string{"cn=subschema"},
},
providers/ldap: rework Schema and DSE (#5838) * rework Root DSE Signed-off-by: Jens Langhammer <jens@goauthentik.io> * always parse filter objectClass Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start adding LDAP Schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add more schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update schema more Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix cn for schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only include main DN in namingContexts Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use schema from gh Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add description Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add response filtering Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix response filtering Signed-off-by: Jens Langhammer <jens@goauthentik.io> * don't return rootDSE entry when searching for singleLevel Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove currentTime Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix attribute filtering Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * set SINGLE-VALUE Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix numbers Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-08 13:16:40 +00:00
{
Name: "namingContexts",
Values: []string{},
},
{
Name: "description",
Values: []string{
"This LDAP server requires an authenticated session.",
},
},
providers/ldap: making ldap compatible with synology (#4694) * internal/outpost/ldap: making ldap compatible with synology * fix duplicate attributes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add docs about homedirectory Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix duplicate attributes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add substitution to values Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-02-22 14:26:41 +00:00
},
},
},
Referrals: []string{}, Controls: []ldap.Control{}, ResultCode: ldap.LDAPResultSuccess,
}, nil
providers/ldap: rework Schema and DSE (#5838) * rework Root DSE Signed-off-by: Jens Langhammer <jens@goauthentik.io> * always parse filter objectClass Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start adding LDAP Schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add more schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update schema more Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix cn for schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only include main DN in namingContexts Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use schema from gh Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add description Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add response filtering Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix response filtering Signed-off-by: Jens Langhammer <jens@goauthentik.io> * don't return rootDSE entry when searching for singleLevel Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove currentTime Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix attribute filtering Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * set SINGLE-VALUE Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix numbers Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-08 13:16:40 +00:00
outposts: initial ldap outpost implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 22:30:27 +00:00
}