outposts/ldap: more cleanup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-14 20:37:27 +02:00 · 2021-07-14 20:37:27 +02:00 · 30aa24ce6e
parent a426a1a0b6
commit 30aa24ce6e
5 changed files with 37 additions and 56 deletions
--- a/outpost/pkg/ldap/api.go
+++ b/outpost/pkg/ldap/api.go
@ -39,8 +39,8 @@ func (ls *LDAPServer) Refresh() error {
 			s:                   ls,
 			log:                 log.WithField("logger", "authentik.outpost.ldap").WithField("provider", provider.Name),
 			tlsServerName:       provider.TlsServerName,
-			uidStartNumber:		 *provider.UidStartNumber,
-			gidStartNumber:		 *provider.GidStartNumber,
+			uidStartNumber:      *provider.UidStartNumber,
+			gidStartNumber:      *provider.GidStartNumber,
 		}
 		if provider.Certificate.Get() != nil {
 			logger.WithField("provider", provider.Name).Debug("Enabling TLS")
@ -122,21 +122,3 @@ func (ls *LDAPServer) Start() error {
 	wg.Wait()
 	return nil
 }
-
-type transport struct {
-	headers map[string]string
-	inner   http.RoundTripper
-}
-
-func (t *transport) RoundTrip(req *http.Request) (*http.Response, error) {
-	for key, value := range t.headers {
-		req.Header.Add(key, value)
-	}
-	return t.inner.RoundTrip(req)
-}
-func newTransport(inner http.RoundTripper, headers map[string]string) *transport {
-	return &transport{
-		inner:   inner,
-		headers: headers,
-	}
-}
--- a/outpost/pkg/ldap/instance_bind.go
+++ b/outpost/pkg/ldap/instance_bind.go
@ -56,11 +56,10 @@ func (pi *ProviderInstance) Bind(username string, bindDN, bindPW string, conn ne
 	config.Scheme = pi.s.ac.Client.GetConfig().Scheme
 	config.UserAgent = pkg.UserAgent()
 	config.HTTPClient = &http.Client{
-		Jar: jar,
-		Transport: newTransport(ak.GetTLSTransport(), map[string]string{
-			"X-authentik-remote-ip": host,
-		}),
+		Jar:       jar,
+		Transport: ak.GetTLSTransport(),
 	}
+	config.AddDefaultHeader("X-authentik-remote-ip", host)
 	// create the API client, with the transport
 	apiClient := api.NewAPIClient(config)

--- a/outpost/pkg/ldap/instance_search.go
+++ b/outpost/pkg/ldap/instance_search.go
@ -108,11 +108,11 @@ func (pi *ProviderInstance) UserEntry(u api.User) *ldap.Entry {
 		},
 		{
 			Name:   "uidNumber",
-			Values: []string{ pi.GetUidNumber(u) },
+			Values: []string{pi.GetUidNumber(u)},
 		},
 		{
 			Name:   "gidNumber",
-			Values: []string{ pi.GetUidNumber(u) },
+			Values: []string{pi.GetUidNumber(u)},
 		},
 	}

@ -144,18 +144,18 @@ func (pi *ProviderInstance) GroupEntry(g LDAPGroup) *ldap.Entry {
 		},
 		{
 			Name:   "gidNumber",
-			Values: []string{ g.gidNumber },
+			Values: []string{g.gidNumber},
 		},
 	}

-	if (g.isVirtualGroup) {
+	if g.isVirtualGroup {
 		attrs = append(attrs, &ldap.EntryAttribute{
-			Name: "objectClass",
+			Name:   "objectClass",
 			Values: []string{GroupObjectClass, "goauthentik.io/ldap/group", "goauthentik.io/ldap/virtual-group"},
 		})
 	} else {
 		attrs = append(attrs, &ldap.EntryAttribute{
-			Name: "objectClass",
+			Name:   "objectClass",
 			Values: []string{GroupObjectClass, "goauthentik.io/ldap/group"},
 		})
 	}
@ -163,7 +163,7 @@ func (pi *ProviderInstance) GroupEntry(g LDAPGroup) *ldap.Entry {
 	attrs = append(attrs, &ldap.EntryAttribute{Name: "member", Values: g.member})
 	attrs = append(attrs, &ldap.EntryAttribute{Name: "goauthentik.io/ldap/superuser", Values: []string{BoolToString(g.isSuperuser)}})

-	if (g.akAttributes != nil) {
+	if g.akAttributes != nil {
 		attrs = append(attrs, AKAttrsToLDAP(g.akAttributes)...)
 	}

--- a/outpost/pkg/ldap/ldap.go
+++ b/outpost/pkg/ldap/ldap.go
@ -51,14 +51,14 @@ type LDAPServer struct {
 }

 type LDAPGroup struct {
-	dn string
-	cn string
-	uid string
-	gidNumber string
-	member []string
-	isSuperuser bool
+	dn             string
+	cn             string
+	uid            string
+	gidNumber      string
+	member         []string
+	isSuperuser    bool
 	isVirtualGroup bool
-	akAttributes interface{}
+	akAttributes   interface{}
 }

 func NewServer(ac *ak.APIController) *LDAPServer {
--- a/outpost/pkg/ldap/utils.go
+++ b/outpost/pkg/ldap/utils.go
@ -82,27 +82,27 @@ func (pi *ProviderInstance) UsersForGroup(group api.Group) []string {

 func (pi *ProviderInstance) APIGroupToLDAPGroup(g api.Group) LDAPGroup {
 	return LDAPGroup{
-		dn:				pi.GetGroupDN(g.Name),
-		cn:				g.Name,
-		uid:			string(g.Pk),
-		gidNumber:		pi.GetGidNumber(g),
-		member:			pi.UsersForGroup(g),
-		isVirtualGroup:	false,
-		isSuperuser:	*g.IsSuperuser,
-		akAttributes:	g.Attributes,
+		dn:             pi.GetGroupDN(g.Name),
+		cn:             g.Name,
+		uid:            string(g.Pk),
+		gidNumber:      pi.GetGidNumber(g),
+		member:         pi.UsersForGroup(g),
+		isVirtualGroup: false,
+		isSuperuser:    *g.IsSuperuser,
+		akAttributes:   g.Attributes,
 	}
 }

 func (pi *ProviderInstance) APIUserToLDAPGroup(u api.User) LDAPGroup {
 	return LDAPGroup{
-		dn:				pi.GetGroupDN(u.Username),
-		cn:				u.Username,
-		uid:			u.Uid,
-		gidNumber:		pi.GetUidNumber(u),
-		member:			[]string{pi.GetUserDN(u.Username)},
-		isVirtualGroup:	true,
-		isSuperuser:	false,
-		akAttributes:	nil,
+		dn:             pi.GetGroupDN(u.Username),
+		cn:             u.Username,
+		uid:            u.Uid,
+		gidNumber:      pi.GetUidNumber(u),
+		member:         []string{pi.GetUserDN(u.Username)},
+		isVirtualGroup: true,
+		isSuperuser:    false,
+		akAttributes:   nil,
 	}
 }

@ -115,11 +115,11 @@ func (pi *ProviderInstance) GetGroupDN(group string) string {
 }

 func (pi *ProviderInstance) GetUidNumber(user api.User) string {
-	return strconv.FormatInt(int64(pi.uidStartNumber + user.Pk), 10)
+	return strconv.FormatInt(int64(pi.uidStartNumber+user.Pk), 10)
 }

 func (pi *ProviderInstance) GetGidNumber(group api.Group) string {
-	return strconv.FormatInt(int64(pi.gidStartNumber + pi.GetRIDForGroup(group.Pk)), 10)
+	return strconv.FormatInt(int64(pi.gidStartNumber+pi.GetRIDForGroup(group.Pk)), 10)
 }

 func (pi *ProviderInstance) GetRIDForGroup(uid string) int32 {