outposts/ldap: add correct group objectClass (#3023)

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2861
This commit is contained in:
Jens L 2022-06-02 18:48:07 +02:00 committed by GitHub
parent 7ebf793953
commit 8f0572d11e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 7 additions and 4 deletions

View File

@ -9,6 +9,7 @@ const (
const ( const (
OCGroup = "group" OCGroup = "group"
OCGroupOfUniqueNames = "groupOfUniqueNames" OCGroupOfUniqueNames = "groupOfUniqueNames"
OCGroupOfNames = "groupOfNames"
OCAKGroup = "goauthentik.io/ldap/group" OCAKGroup = "goauthentik.io/ldap/group"
OCAKVirtualGroup = "goauthentik.io/ldap/virtual-group" OCAKVirtualGroup = "goauthentik.io/ldap/virtual-group"
) )
@ -53,6 +54,7 @@ func GetGroupOCs() map[string]bool {
return map[string]bool{ return map[string]bool{
OCGroup: true, OCGroup: true,
OCGroupOfUniqueNames: true, OCGroupOfUniqueNames: true,
OCGroupOfNames: true,
OCAKGroup: true, OCAKGroup: true,
} }
} }
@ -61,6 +63,7 @@ func GetVirtualGroupOCs() map[string]bool {
return map[string]bool{ return map[string]bool{
OCGroup: true, OCGroup: true,
OCGroupOfUniqueNames: true, OCGroupOfUniqueNames: true,
OCGroupOfNames: true,
OCAKVirtualGroup: true, OCAKVirtualGroup: true,
} }
} }

View File

@ -22,7 +22,7 @@ type LDAPGroup struct {
func (lg *LDAPGroup) Entry() *ldap.Entry { func (lg *LDAPGroup) Entry() *ldap.Entry {
attrs := utils.AKAttrsToLDAP(lg.AKAttributes) attrs := utils.AKAttrsToLDAP(lg.AKAttributes)
objectClass := []string{constants.OCGroup, constants.OCGroupOfUniqueNames, constants.OCAKGroup} objectClass := []string{constants.OCGroup, constants.OCGroupOfUniqueNames, constants.OCGroupOfNames, constants.OCAKGroup}
if lg.IsVirtualGroup { if lg.IsVirtualGroup {
objectClass = append(objectClass, constants.OCAKVirtualGroup) objectClass = append(objectClass, constants.OCAKVirtualGroup)
} }

View File

@ -3,11 +3,9 @@ title: Release 2022.6
slug: "2022.6" slug: "2022.6"
--- ---
## Breaking changes
## New features ## New features
- Added well-known and JWKS URL in OAuth Source - Added OIDC well-known and JWKS URL in OAuth Source
These fields can be used to automatically configure OAuth Sources based on the [OpenID Connect Discovery Spec](https://openid.net/specs/openid-connect-discovery-1_0.html). Additionally, you can manually define a JWKS URL or raw JWKS data, and this can be used for Machine-to-machine authentication for OAuth2 Providers. These fields can be used to automatically configure OAuth Sources based on the [OpenID Connect Discovery Spec](https://openid.net/specs/openid-connect-discovery-1_0.html). Additionally, you can manually define a JWKS URL or raw JWKS data, and this can be used for Machine-to-machine authentication for OAuth2 Providers.
@ -23,6 +21,8 @@ slug: "2022.6"
SMS authenticator stages can now be configured to hash the phone number. This is useful if you want to require your users to configure and confirm their phone numbers, without saving them in a readable-format. SMS authenticator stages can now be configured to hash the phone number. This is useful if you want to require your users to configure and confirm their phone numbers, without saving them in a readable-format.
- The LDAP outpost would incorrectly return `groupOfUniqueNames` as a group class when the members where returned in a manner like `groupOfNames` requires. `groupOfNames` has been added as an objectClass for LDAP Groups, and `groupOfUniqueNames` will be removed in the next version.
## Minor changes/fixes ## Minor changes/fixes
## Upgrading ## Upgrading