providers/ldap: fix session cache being lost on provider refresh

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

internal/outpost/ldap/bind/memory/memory.go

@@ -23,15 +23,21 @@ type SessionBinder struct {
 	sessions *ttlcache.Cache[Credentials, ldap.LDAPResultCode]
 }
 
-func NewSessionBinder(si server.LDAPServerInstance) *SessionBinder {
+func NewSessionBinder(si server.LDAPServerInstance, oldBinder bind.Binder) *SessionBinder {
 	sb := &SessionBinder{
-		DirectBinder: *direct.NewDirectBinder(si),
-		si:           si,
-		log:          log.WithField("logger", "authentik.outpost.ldap.binder.session"),
-		sessions:     ttlcache.New(ttlcache.WithDisableTouchOnHit[Credentials, ldap.LDAPResultCode]()),
+		si:  si,
+		log: log.WithField("logger", "authentik.outpost.ldap.binder.session"),
+	}
+	if oldSb, ok := oldBinder.(*SessionBinder); ok {
+		sb.DirectBinder = oldSb.DirectBinder
+		sb.sessions = oldSb.sessions
+		sb.log.Info("re-initialised session binder")
+	} else {
+		sb.sessions = ttlcache.New(ttlcache.WithDisableTouchOnHit[Credentials, ldap.LDAPResultCode]())
+		sb.DirectBinder = *direct.NewDirectBinder(si)
+		go sb.sessions.Start()
+		sb.log.Info("initialised session binder")
 	}
-	go sb.sessions.Start()
-	sb.log.Info("initialised session binder")
 	return sb
 }
 

internal/outpost/ldap/refresh.go

@@ -83,7 +83,7 @@ func (ls *LDAPServer) Refresh() error {
 			providers[idx].searcher = directsearch.NewDirectSearcher(providers[idx])
 		}
 		if *provider.BindMode.Ptr() == api.LDAPAPIACCESSMODE_CACHED {
-			providers[idx].binder = memorybind.NewSessionBinder(providers[idx])
+			providers[idx].binder = memorybind.NewSessionBinder(providers[idx], providers[idx].binder)
 		} else if *provider.BindMode.Ptr() == api.LDAPAPIACCESSMODE_DIRECT {
 			providers[idx].binder = directbind.NewDirectBinder(providers[idx])
 		}