outposts/ldap: increase compatibility with different types in user and group attributes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-16 22:32:18 +02:00 · 2022-10-16 22:32:18 +02:00 · b864de7721
parent 96a30af0eb
commit b864de7721
4 changed files with 22 additions and 20 deletions
--- a/internal/outpost/ldap/entries.go
+++ b/internal/outpost/ldap/entries.go
@ -1,6 +1,8 @@
 package ldap

 import (
+	"strconv"
+
 	"github.com/nmcclain/ldap"
 	"goauthentik.io/api/v3"
 	"goauthentik.io/internal/outpost/ldap/constants"
@ -19,8 +21,8 @@ func (pi *ProviderInstance) UserEntry(u api.User) *ldap.Entry {
 	}
 	attrs = utils.EnsureAttributes(attrs, map[string][]string{
 		"memberOf":                      pi.GroupsForUser(u),
-		"goauthentik.io/ldap/active":    {utils.BoolToString(*u.IsActive)},
-		"goauthentik.io/ldap/superuser": {utils.BoolToString(u.IsSuperuser)},
+		"goauthentik.io/ldap/active":    {strconv.FormatBool(*u.IsActive)},
+		"goauthentik.io/ldap/superuser": {strconv.FormatBool(u.IsSuperuser)},
 		"cn":                            {u.Username},
 		"sAMAccountName":                {u.Username},
 		"uid":                           {u.Uid},
--- a/internal/outpost/ldap/group/group.go
+++ b/internal/outpost/ldap/group/group.go
@ -1,6 +1,8 @@
 package group

 import (
+	"strconv"
+
 	"github.com/nmcclain/ldap"
 	"goauthentik.io/api/v3"
 	"goauthentik.io/internal/outpost/ldap/constants"
@ -30,7 +32,7 @@ func (lg *LDAPGroup) Entry() *ldap.Entry {
 	attrs = utils.EnsureAttributes(attrs, map[string][]string{
 		"objectClass":                   objectClass,
 		"member":                        lg.Member,
-		"goauthentik.io/ldap/superuser": {utils.BoolToString(lg.IsSuperuser)},
+		"goauthentik.io/ldap/superuser": {strconv.FormatBool(lg.IsSuperuser)},
 		"cn":                            {lg.CN},
 		"uid":                           {lg.Uid},
 		"sAMAccountName":                {lg.CN},
--- a/internal/outpost/ldap/utils/utils.go
+++ b/internal/outpost/ldap/utils/utils.go
@ -1,21 +1,14 @@
 package utils

 import (
-	"reflect"
+	"fmt"
+	"strconv"
 	"strings"

 	"github.com/nmcclain/ldap"
-	log "github.com/sirupsen/logrus"
 	ldapConstants "goauthentik.io/internal/outpost/ldap/constants"
 )

-func BoolToString(in bool) string {
-	if in {
-		return "true"
-	}
-	return "false"
-}
-
 func ldapResolveTypeSingle(in interface{}) *string {
 	switch t := in.(type) {
 	case string:
@ -23,14 +16,21 @@ func ldapResolveTypeSingle(in interface{}) *string {
 	case *string:
 		return t
 	case bool:
-		s := BoolToString(t)
+		s := strconv.FormatBool(t)
 		return &s
-	case *bool:
-		s := BoolToString(*t)
+	case float32:
+		s := strconv.FormatFloat(float64(t), 'f', -1, 64)
+		return &s
+	case float64:
+		s := strconv.FormatFloat(t, 'f', -1, 64)
+		return &s
+	case int:
+		s := strconv.FormatInt(int64(t), 10)
 		return &s
 	default:
 		if in != nil {
-			log.WithField("type", reflect.TypeOf(in).String()).Warning("Type can't be mapped to LDAP yet")
+			s := fmt.Sprintf("%s", in)
+			return &s
 		}
 		return nil
 	}
--- a/internal/outpost/ldap/utils/utils_test.go
+++ b/internal/outpost/ldap/utils/utils_test.go
@ -58,8 +58,7 @@ func TestAKAttrsToLDAP_Dict(t *testing.T) {
 	}
 	assert.Equal(t, 1, len(AKAttrsToLDAP(d)))
 	assert.Equal(t, "foo", AKAttrsToLDAP(d)[0].Name)
-	// Dicts are currently unsupported, but make sure we don't crash
-	assert.Equal(t, []string([]string(nil)), AKAttrsToLDAP(d)[0].Values)
+	assert.Equal(t, []string{"map[foo:bar]"}, AKAttrsToLDAP(d)[0].Values)
 }

 func TestAKAttrsToLDAP_Mixed(t *testing.T) {
@ -72,6 +71,5 @@ func TestAKAttrsToLDAP_Mixed(t *testing.T) {
 	}
 	assert.Equal(t, 1, len(AKAttrsToLDAP(d)))
 	assert.Equal(t, "foo", AKAttrsToLDAP(d)[0].Name)
-	// Dicts are currently unsupported, but make sure we don't crash
-	assert.Equal(t, []string{"foo", ""}, AKAttrsToLDAP(d)[0].Values)
+	assert.Equal(t, []string{"foo", "6"}, AKAttrsToLDAP(d)[0].Values)
 }