outposts/ldap: increase compatibility with different types in user and group attributes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
96a30af0eb
commit
b864de7721
|
@ -1,6 +1,8 @@
|
|||
package ldap
|
||||
|
||||
import (
|
||||
"strconv"
|
||||
|
||||
"github.com/nmcclain/ldap"
|
||||
"goauthentik.io/api/v3"
|
||||
"goauthentik.io/internal/outpost/ldap/constants"
|
||||
|
@ -19,8 +21,8 @@ func (pi *ProviderInstance) UserEntry(u api.User) *ldap.Entry {
|
|||
}
|
||||
attrs = utils.EnsureAttributes(attrs, map[string][]string{
|
||||
"memberOf": pi.GroupsForUser(u),
|
||||
"goauthentik.io/ldap/active": {utils.BoolToString(*u.IsActive)},
|
||||
"goauthentik.io/ldap/superuser": {utils.BoolToString(u.IsSuperuser)},
|
||||
"goauthentik.io/ldap/active": {strconv.FormatBool(*u.IsActive)},
|
||||
"goauthentik.io/ldap/superuser": {strconv.FormatBool(u.IsSuperuser)},
|
||||
"cn": {u.Username},
|
||||
"sAMAccountName": {u.Username},
|
||||
"uid": {u.Uid},
|
||||
|
|
|
@ -1,6 +1,8 @@
|
|||
package group
|
||||
|
||||
import (
|
||||
"strconv"
|
||||
|
||||
"github.com/nmcclain/ldap"
|
||||
"goauthentik.io/api/v3"
|
||||
"goauthentik.io/internal/outpost/ldap/constants"
|
||||
|
@ -30,7 +32,7 @@ func (lg *LDAPGroup) Entry() *ldap.Entry {
|
|||
attrs = utils.EnsureAttributes(attrs, map[string][]string{
|
||||
"objectClass": objectClass,
|
||||
"member": lg.Member,
|
||||
"goauthentik.io/ldap/superuser": {utils.BoolToString(lg.IsSuperuser)},
|
||||
"goauthentik.io/ldap/superuser": {strconv.FormatBool(lg.IsSuperuser)},
|
||||
"cn": {lg.CN},
|
||||
"uid": {lg.Uid},
|
||||
"sAMAccountName": {lg.CN},
|
||||
|
|
|
@ -1,21 +1,14 @@
|
|||
package utils
|
||||
|
||||
import (
|
||||
"reflect"
|
||||
"fmt"
|
||||
"strconv"
|
||||
"strings"
|
||||
|
||||
"github.com/nmcclain/ldap"
|
||||
log "github.com/sirupsen/logrus"
|
||||
ldapConstants "goauthentik.io/internal/outpost/ldap/constants"
|
||||
)
|
||||
|
||||
func BoolToString(in bool) string {
|
||||
if in {
|
||||
return "true"
|
||||
}
|
||||
return "false"
|
||||
}
|
||||
|
||||
func ldapResolveTypeSingle(in interface{}) *string {
|
||||
switch t := in.(type) {
|
||||
case string:
|
||||
|
@ -23,14 +16,21 @@ func ldapResolveTypeSingle(in interface{}) *string {
|
|||
case *string:
|
||||
return t
|
||||
case bool:
|
||||
s := BoolToString(t)
|
||||
s := strconv.FormatBool(t)
|
||||
return &s
|
||||
case *bool:
|
||||
s := BoolToString(*t)
|
||||
case float32:
|
||||
s := strconv.FormatFloat(float64(t), 'f', -1, 64)
|
||||
return &s
|
||||
case float64:
|
||||
s := strconv.FormatFloat(t, 'f', -1, 64)
|
||||
return &s
|
||||
case int:
|
||||
s := strconv.FormatInt(int64(t), 10)
|
||||
return &s
|
||||
default:
|
||||
if in != nil {
|
||||
log.WithField("type", reflect.TypeOf(in).String()).Warning("Type can't be mapped to LDAP yet")
|
||||
s := fmt.Sprintf("%s", in)
|
||||
return &s
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
|
|
@ -58,8 +58,7 @@ func TestAKAttrsToLDAP_Dict(t *testing.T) {
|
|||
}
|
||||
assert.Equal(t, 1, len(AKAttrsToLDAP(d)))
|
||||
assert.Equal(t, "foo", AKAttrsToLDAP(d)[0].Name)
|
||||
// Dicts are currently unsupported, but make sure we don't crash
|
||||
assert.Equal(t, []string([]string(nil)), AKAttrsToLDAP(d)[0].Values)
|
||||
assert.Equal(t, []string{"map[foo:bar]"}, AKAttrsToLDAP(d)[0].Values)
|
||||
}
|
||||
|
||||
func TestAKAttrsToLDAP_Mixed(t *testing.T) {
|
||||
|
@ -72,6 +71,5 @@ func TestAKAttrsToLDAP_Mixed(t *testing.T) {
|
|||
}
|
||||
assert.Equal(t, 1, len(AKAttrsToLDAP(d)))
|
||||
assert.Equal(t, "foo", AKAttrsToLDAP(d)[0].Name)
|
||||
// Dicts are currently unsupported, but make sure we don't crash
|
||||
assert.Equal(t, []string{"foo", ""}, AKAttrsToLDAP(d)[0].Values)
|
||||
assert.Equal(t, []string{"foo", "6"}, AKAttrsToLDAP(d)[0].Values)
|
||||
}
|
||||
|
|
Reference in a new issue