ldap

package
v1.3.11-0...-37b438a Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 11, 2021 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AuthServer

type AuthServer struct {
	Address          string   `json:"addr,omitempty"`
	URL              *url.URL `json:"-"`
	Port             string   `json:"-"`
	IgnoreCertErrors bool     `json:"ignore_cert_errors,omitempty"`
	Timeout          int      `json:"timeout,omitempty"`
}

AuthServer represents an instance of LDAP server.

type Authenticator

type Authenticator struct {
	// contains filtered or unexported fields
}

Authenticator represents database connector.

func NewAuthenticator

func NewAuthenticator() *Authenticator

NewAuthenticator returns an instance of Authenticator.

func (*Authenticator) AuthenticateUser

func (sa *Authenticator) AuthenticateUser(userInput, passwordInput string) (*jwtclaims.UserClaims, int, error)

AuthenticateUser checks the database for the presence of a username/email and password and returns user claims.

func (*Authenticator) ConfigureBindCredentials

func (sa *Authenticator) ConfigureBindCredentials(username, password string) error

ConfigureBindCredentials configures user credentials for LDAP binding.

func (*Authenticator) ConfigureRealm

func (sa *Authenticator) ConfigureRealm(realm string) error

ConfigureRealm configures a domain name (realm) associated with the instance of authenticator.

func (*Authenticator) ConfigureSearch

func (sa *Authenticator) ConfigureSearch(attr UserAttributes, searchBaseDN string, searchFilter string) error

ConfigureSearch configures base DN, search filter, attributes for LDAP queries.

func (*Authenticator) ConfigureServers

func (sa *Authenticator) ConfigureServers(servers []AuthServer) error

ConfigureServers configures the addresses of LDAP servers.

func (*Authenticator) ConfigureTrustedAuthorities

func (sa *Authenticator) ConfigureTrustedAuthorities(authorities []string) error

ConfigureTrustedAuthorities configured trusted certificate authorities, if any.

func (*Authenticator) ConfigureUserGroups

func (sa *Authenticator) ConfigureUserGroups(groups []UserGroup) error

ConfigureUserGroups configures user group bindings for LDAP searching.

type Backend

type Backend struct {
	Name               string                       `json:"name,omitempty"`
	Method             string                       `json:"method,omitempty"`
	Realm              string                       `json:"realm,omitempty"`
	Servers            []AuthServer                 `json:"servers,omitempty"`
	BindUsername       string                       `json:"username,omitempty"`
	BindPassword       string                       `json:"password,omitempty"`
	Attributes         UserAttributes               `json:"attributes,omitempty"`
	SearchBaseDN       string                       `json:"search_base_dn,omitempty"`
	SearchFilter       string                       `json:"search_filter,omitempty"`
	Groups             []UserGroup                  `json:"groups,omitempty"`
	TrustedAuthorities []string                     `json:"trusted_authorities,omitempty"`
	TokenProvider      *jwtconfig.CommonTokenConfig `json:"-"`
	Authenticator      *Authenticator               `json:"-"`
	// contains filtered or unexported fields
}

Backend represents authentication provider with LDAP backend.

func NewDatabaseBackend

func NewDatabaseBackend() *Backend

NewDatabaseBackend return an instance of authentication provider with LDAP backend.

func (*Backend) Authenticate

func (b *Backend) Authenticate(opts map[string]interface{}) (map[string]interface{}, error)

Authenticate performs authentication.

func (*Backend) ConfigureAuthenticator

func (b *Backend) ConfigureAuthenticator() error

ConfigureAuthenticator configures backend for .

func (*Backend) ConfigureLogger

func (b *Backend) ConfigureLogger(logger *zap.Logger) error

ConfigureLogger configures backend with the same logger as its user.

func (*Backend) ConfigureTokenProvider

func (b *Backend) ConfigureTokenProvider(upstream *jwtconfig.CommonTokenConfig) error

ConfigureTokenProvider configures TokenProvider.

func (*Backend) Do

func (b *Backend) Do(opts map[string]interface{}) error

Do performs the requested operation.

func (*Backend) GetMethod

func (b *Backend) GetMethod() string

GetMethod returns the authentication method associated with this backend.

func (*Backend) GetMfaTokens

func (b *Backend) GetMfaTokens(opts map[string]interface{}) ([]*identity.MfaToken, error)

GetMfaTokens return a list of MFA tokens associated with a user.

func (*Backend) GetName

func (b *Backend) GetName() string

GetName return the name associated with this backend.

func (*Backend) GetPublicKeys

func (b *Backend) GetPublicKeys(opts map[string]interface{}) ([]*identity.PublicKey, error)

GetPublicKeys return a list of public keys associated with a user.

func (*Backend) GetRealm

func (b *Backend) GetRealm() string

GetRealm return authentication realm.

func (*Backend) Validate

func (b *Backend) Validate() error

Validate checks whether Backend is functional.

func (*Backend) ValidateConfig

func (b *Backend) ValidateConfig() error

ValidateConfig checks whether Backend has mandatory configuration.

type UserAttributes

type UserAttributes struct {
	Name     string `json:"name,omitempty"`
	Surname  string `json:"surname,omitempty"`
	Username string `json:"username,omitempty"`
	MemberOf string `json:"member_of,omitempty"`
	Email    string `json:"email,omitempty"`
}

UserAttributes represent the mapping of LDAP attributes to JWT fields.

type UserGroup

type UserGroup struct {
	GroupDN string   `json:"dn,omitempty"`
	Roles   []string `json:"roles,omitempty"`
}

UserGroup represent the binding between BaseDN and a serarch filter. Upon successful authentation for the combination, a user gets assigned the roles associated with the binding.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL