ldap

package module
v0.0.0-...-b85fb58 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 23, 2021 License: BSD-2-Clause Imports: 4 Imported by: 1

README

go-ldap-client

Simple ldap client to authenticate, retrieve basic information and groups for a user.

Usage

Go Doc

The only external dependency is gopkg.in/ldap.v2.

package main

import (
	"log"

	"github.com/jtblin/go-ldap-client"
)

func main() {
	client := &ldap.LDAPClient{
		Base:         "dc=example,dc=com",
		Host:         "ldap.example.com",
		Port:         389,
		UseSSL:       false,
		BindDN:       "uid=readonlysuer,ou=People,dc=example,dc=com",
		BindPassword: "readonlypassword",
		UserFilter:   "(uid=%s)",
		UserUID:      "uid",
		GroupFilter:  "(memberUid=%s)",
		GroupGID:     "cn",
	}
	// It is the responsibility of the caller to close the connection
	defer client.Close()

	ok, groups, err := client.Authenticate("username", "password")
	if err != nil {
		log.Fatalf("Error authenticating user %s: %+v", "username", err)
	}
	if !ok {
		log.Fatalf("Authenticating failed for user %s", "username")
	}
	log.Printf("Groups: %+v", groups)
}

SSL (ldaps)

If you use SSL, you will need to pass the server name for certificate verification or skip domain name verification e.g.client.ServerName = "ldap.example.com".

Why?

There are already tons of ldap libraries for golang but most of them are just forks of another one, most of them are too low level or too limited (e.g. do not return errors which make it hard to troubleshoot issues).

Documentation

Overview

Package ldap provides a simple ldap client to authenticate, retrieve basic information and groups for a user.

Index

Examples

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type LDAPClient 

type LDAPClient struct {
	Base               string
	BindDN             string
	BindPassword       string
	GroupFilter        string // e.g. "(memberUid=%s)"
	Host               string
	ServerName         string
	UserFilter         string // e.g. "(uid=%s)"
	Conn               *ldap.Conn
	Port               int
	InsecureSkipVerify bool
	UseSSL             bool
	SkipTLS            bool
	UserUID            string
	GroupGID           string
	ClientCertificates []tls.Certificate // Adding client certificates
}

func (*LDAPClient) Authenticate 

func (lc *LDAPClient) Authenticate(username, password string) (bool, []string, error)

Authenticate authenticates the user against the ldap backend.

Example

ExampleLDAPClient_Authenticate shows how a typical application can verify a login attempt 

client := &ldap.LDAPClient{
	Base:         "dc=example,dc=com",
	Host:         "ldap.example.com",
	Port:         389,
	UseSSL:       false,
	BindDN:       "uid=readonlysuer,ou=People,dc=example,dc=com",
	BindPassword: "readonlypassword",
	UserFilter:   "(uid=%s)",
	GroupFilter:  "(memberUid=%s)",
	Attributes:   []string{"givenName", "sn", "mail", "uid"},
}
defer client.Close()

ok, user, err := client.Authenticate("username", "password")
if err != nil {
	log.Fatalf("Error authenticating user %s: %+v", "username", err)
}
if !ok {
	log.Fatalf("Authenticating failed for user %s", "username")
}
log.Printf("User: %+v", user)

Output:

func (*LDAPClient) Close 

func (lc *LDAPClient) Close()

Close closes the ldap backend connection.

func (*LDAPClient) Connect 

func (lc *LDAPClient) Connect() error

Connect connects to the ldap backend.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.