outposts/ldap: increase compatibility with different types in user and group attributes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

internal/outpost/ldap/entries.go

@@ -1,6 +1,8 @@
 package ldap
 
 import (
+	"strconv"
+
 	"github.com/nmcclain/ldap"
 	"goauthentik.io/api/v3"
 	"goauthentik.io/internal/outpost/ldap/constants"
@@ -19,8 +21,8 @@ func (pi *ProviderInstance) UserEntry(u api.User) *ldap.Entry {
 	}
 	attrs = utils.EnsureAttributes(attrs, map[string][]string{
 		"memberOf":                      pi.GroupsForUser(u),
-		"goauthentik.io/ldap/active":    {utils.BoolToString(*u.IsActive)},
+		"goauthentik.io/ldap/active":    {strconv.FormatBool(*u.IsActive)},
-		"goauthentik.io/ldap/superuser": {utils.BoolToString(u.IsSuperuser)},
+		"goauthentik.io/ldap/superuser": {strconv.FormatBool(u.IsSuperuser)},
 		"cn":                            {u.Username},
 		"sAMAccountName":                {u.Username},
 		"uid":                           {u.Uid},

internal/outpost/ldap/group/group.go

@@ -1,6 +1,8 @@
 package group
 
 import (
+	"strconv"
+
 	"github.com/nmcclain/ldap"
 	"goauthentik.io/api/v3"
 	"goauthentik.io/internal/outpost/ldap/constants"
@@ -30,7 +32,7 @@ func (lg *LDAPGroup) Entry() *ldap.Entry {
 	attrs = utils.EnsureAttributes(attrs, map[string][]string{
 		"objectClass":                   objectClass,
 		"member":                        lg.Member,
-		"goauthentik.io/ldap/superuser": {utils.BoolToString(lg.IsSuperuser)},
+		"goauthentik.io/ldap/superuser": {strconv.FormatBool(lg.IsSuperuser)},
 		"cn":                            {lg.CN},
 		"uid":                           {lg.Uid},
 		"sAMAccountName":                {lg.CN},

internal/outpost/ldap/utils/utils.go

@@ -1,21 +1,14 @@
 package utils
 
 import (
-	"reflect"
+	"fmt"
+	"strconv"
 	"strings"
 
 	"github.com/nmcclain/ldap"
-	log "github.com/sirupsen/logrus"
 	ldapConstants "goauthentik.io/internal/outpost/ldap/constants"
 )
 
-func BoolToString(in bool) string {
-	if in {
-		return "true"
-	}
-	return "false"
-}
-
 func ldapResolveTypeSingle(in interface{}) *string {
 	switch t := in.(type) {
 	case string:
@@ -23,14 +16,21 @@ func ldapResolveTypeSingle(in interface{}) *string {
 	case *string:
 		return t
 	case bool:
-		s := BoolToString(t)
+		s := strconv.FormatBool(t)
 		return &s
-	case *bool:
+	case float32:
-		s := BoolToString(*t)
+		s := strconv.FormatFloat(float64(t), 'f', -1, 64)
+		return &s
+	case float64:
+		s := strconv.FormatFloat(t, 'f', -1, 64)
+		return &s
+	case int:
+		s := strconv.FormatInt(int64(t), 10)
 		return &s
 	default:
 		if in != nil {
-			log.WithField("type", reflect.TypeOf(in).String()).Warning("Type can't be mapped to LDAP yet")
+			s := fmt.Sprintf("%s", in)
+			return &s
 		}
 		return nil
 	}

internal/outpost/ldap/utils/utils_test.go

@@ -58,8 +58,7 @@ func TestAKAttrsToLDAP_Dict(t *testing.T) {
 	}
 	assert.Equal(t, 1, len(AKAttrsToLDAP(d)))
 	assert.Equal(t, "foo", AKAttrsToLDAP(d)[0].Name)
-	// Dicts are currently unsupported, but make sure we don't crash
+	assert.Equal(t, []string{"map[foo:bar]"}, AKAttrsToLDAP(d)[0].Values)
-	assert.Equal(t, []string([]string(nil)), AKAttrsToLDAP(d)[0].Values)
 }
 
 func TestAKAttrsToLDAP_Mixed(t *testing.T) {
@@ -72,6 +71,5 @@ func TestAKAttrsToLDAP_Mixed(t *testing.T) {
 	}
 	assert.Equal(t, 1, len(AKAttrsToLDAP(d)))
 	assert.Equal(t, "foo", AKAttrsToLDAP(d)[0].Name)
-	// Dicts are currently unsupported, but make sure we don't crash
+	assert.Equal(t, []string{"foo", "6"}, AKAttrsToLDAP(d)[0].Values)
-	assert.Equal(t, []string{"foo", ""}, AKAttrsToLDAP(d)[0].Values)
 }