README
¶
gldap.testdirectory
The testdirectory package provides an in-memory test LDAP service with support
for capabilities which make writing tests that depend on an LDAP service much
easier.
testdirectory is also a great working example of how you can use gldap to build a custom
ldap server to meet your specific needs.
Example:
// this example demonstrates how can start a test directory for your
// unit tests which will automatically stop when the test is complete.
func TestDirectory_SimpleBindResponse(t *testing.T) {
// start a test directory running ldaps on an available free port (defaults)
// that allows anon binds (a default override)
td := testdirectory.Start(t,
testdirectory.WithDefaults(&testdirectory.Defaults{AllowAnonymousBind: true}),
)
// create some test new user entries (using defaults for ou, password, etc)
users := testdirectory.NewUsers(t, []string{"alice", "bob"})
// set the test directories user entries
td.SetUsers(users...)
}
Documentation
¶
Index ¶
- Constants
- func FreePort(t TestingT) int
- func GetTLSConfig(t TestingT, opt ...Option) (s *tls.Config, c *tls.Config)
- func NewGroup(t TestingT, groupName string, memberNames []string, opt ...Option) *gldap.Entry
- func NewMemberOf(t TestingT, groupNames []string, opt ...Option) []string
- func NewUsers(t TestingT, userNames []string, opt ...Option) []*gldap.Entry
- type CleanupT
- type Defaults
- type Directory
- func (d *Directory) AllowAnonymousBind() bool
- func (d *Directory) Cert() string
- func (d *Directory) ClientCert() string
- func (d *Directory) ClientKey() string
- func (d *Directory) Conn() *ldap.Conn
- func (d *Directory) Controls() []gldap.Control
- func (d *Directory) Groups() []*gldap.Entry
- func (d *Directory) Host() string
- func (d *Directory) Port() int
- func (d *Directory) SetAllowAnonymousBind(enabled bool)
- func (d *Directory) SetControls(controls ...gldap.Control)
- func (d *Directory) SetGroups(groups ...*gldap.Entry)
- func (d *Directory) SetTokenGroups(tokenGroups map[string][]*gldap.Entry)
- func (d *Directory) SetUsers(users ...*gldap.Entry)
- func (d *Directory) Stop()
- func (d *Directory) TokenGroups() map[string][]*gldap.Entry
- func (d *Directory) Users() []*gldap.Entry
- type HelperT
- type InfofT
- type Logger
- type Option
- func WithDefaults(t TestingT, defaults *Defaults) Option
- func WithDisablePanicRecovery(t TestingT, disable bool) Option
- func WithHost(t TestingT, host string) Option
- func WithLogger(t TestingT, l hclog.Logger) Option
- func WithMTLS(t TestingT) Option
- func WithMembersOf(t TestingT, membersOf ...string) Option
- func WithNoTLS(t TestingT) Option
- func WithPort(t TestingT, port int) Option
- func WithTokenGroups(t TestingT, tokenGroupSID ...[]byte) Option
- type TestingT
Constants ¶
const ( // DefaultUserAttr is the "username" attribute of the entry's DN and is // typically either the cn in ActiveDirectory or uid in openLDAP (default: // cn) DefaultUserAttr = "cn" // DefaultGroupAttr for the ClientConfig.GroupAttr DefaultGroupAttr = "cn" // DefaultUserDN defines a default base distinguished name to use when // searching for users for the Directory DefaultUserDN = "ou=people,dc=example,dc=org" // DefaultGroupDN defines a default base distinguished name to use when // searching for groups for the Directory DefaultGroupDN = "ou=groups,dc=example,dc=org" )
Variables ¶
This section is empty.
Functions ¶
func GetTLSConfig ¶
supports WithMTLS
func NewMemberOf ¶
NewMemberOf creates memberOf attributes which can be assigned to user entries. Supported Options: WithDefaults
Types ¶
type CleanupT ¶
type CleanupT interface{ Cleanup(func()) }
CleanupT defines an single function interface for a testing.Cleanup(func()).
type Defaults ¶
type Defaults struct {
UserAttr string
GroupAttr string
// Users configures the user entries which are empty by default
Users []*gldap.Entry
// Groups configures the group entries which are empty by default
Groups []*gldap.Entry
// TokenGroups configures the tokenGroup entries which are empty be default
TokenGroups map[string][]*gldap.Entry
// UserDN is the base distinguished name to use when searching for users
// which is "ou=people,dc=example,dc=org" by default
UserDN string
// GroupDN is the base distinguished name to use when searching for groups
// which is "ou=groups,dc=example,dc=org" by default
GroupDN string
// AllowAnonymousBind determines if anon binds are allowed
AllowAnonymousBind bool
// UPNDomain is the userPrincipalName domain, which enables a
// userPrincipalDomain login with [username]@UPNDomain (optional)
UPNDomain string
}
Defaults define a type for composing all the defaults for Directory.Start(...)
type Directory ¶
type Directory struct {
// contains filtered or unexported fields
}
Directory is a local ldap directory that supports test ldap capabilities which makes writing tests much easier.
It's important to remember that the Directory is stateful (see any of its receiver functions that begin with Set*)
Once you started a Directory with Start(...), the following test ldap operations are supported:
- Bind
- StartTLS
- Search
- Modify
- Add
Making requests to the Directory is facilitated by:
- Directory.Conn() returns a *ldap.Conn connected to the Directory (honors WithMTLS options from start)
- Directory.Cert() returns the pem-encoded CA certificate used by the directory.
- Directory.Port() returns the port the directory is listening on.
- Directory.ClientCert() returns a client cert for mtls
- Directory.ClientKey() returns a client private key for mtls
func Start ¶
Start creates and starts a running Directory ldap server. Support options: WithPort, WithMTLS, WithNoTLS, WithDefaults, WithLogger.
The Directory will be shutdown when the test and all its subtests are compted via a registered function with t.Cleanup(...)
func (*Directory) AllowAnonymousBind ¶
AllowAnonymousBind returns the allow anon bind setting
func (*Directory) ClientCert ¶
ClientCert returns the pem-encoded certificate which can be used by a client for mTLS.
func (*Directory) ClientKey ¶
ClientKey returns the pem-encoded private key which can be used by a client for mTLS.
func (*Directory) Conn ¶
func (d *Directory) Conn() *ldap.Conn
Conn returns an *ldap.Conn that's connected (using whatever tls.Config is appropriate for the directory) and ready send requests to the directory.
func (*Directory) SetAllowAnonymousBind ¶
SetAllowAnonymousBind enables/disables anon binds
func (*Directory) SetControls ¶
SetControls sets the bind controls.
func (*Directory) SetTokenGroups ¶
SetTokenGroups will set the tokenGroup entries.
func (*Directory) Stop ¶
func (d *Directory) Stop()
Stop will stop the Directory if it wasn't started with a *testing.T if it was started with *testing.T then Stop() is ignored.
func (*Directory) TokenGroups ¶
TokenGroups will return the tokenGroup entries
type HelperT ¶
type HelperT interface{ Helper() }
HelperT defines a single function interface for a testing.Helper()
type InfofT ¶
type InfofT interface {
Infof(format string, args ...interface{})
}
InfofT defines a single function interface for a Info(format string, args ...interface{})
type Logger ¶
type Logger struct {
Logger hclog.Logger
}
Logger defines a logger that will implement the TestingT interface so it can be used with Directory.Start(...) as its t TestingT parameter.
type Option ¶
type Option func(interface{})
Option defines a common functional options type which can be used in a variadic parameter pattern.
func WithDefaults ¶
WithDefaults provides an option to provide a set of defaults to Directory.Start(...) which make it much more composable.
func WithLogger ¶
WithLogger provides the optional logger for the directory.
func WithMembersOf ¶
WithMembersOf specifies optional memberOf attributes for user entries
func WithPort ¶
WithPort provides an optional port for the directory. 0 causes a started server with a random port. Any other value returns a started server on that port.
func WithTokenGroups ¶
WithTokenGroups specifies optional test tokenGroups SID attributes for user entries
Source Files