Documentation ¶
Index ¶
- Variables
- type SearchResult
- type SecurityProtocol
- type Source
- func (source *Source) Authenticate(ctx context.Context, user *user_model.User, userName, password string) (*user_model.User, error)
- func (source *Source) FromDB(bs []byte) error
- func (source *Source) HasTLS() bool
- func (source *Source) IsSkipLocalTwoFA() bool
- func (source *Source) IsSkipVerify() bool
- func (source *Source) ProvidesSSHKeys() bool
- func (source *Source) SearchEntries() ([]*SearchResult, error)
- func (source *Source) SearchEntry(name, passwd string, directBind bool) *SearchResult
- func (source *Source) SecurityProtocolName() string
- func (source *Source) SetAuthSource(authSource *auth.Source)
- func (source *Source) Sync(ctx context.Context, updateExisting bool) error
- func (source *Source) ToDB() ([]byte, error)
- func (source *Source) UsePagedSearch() bool
- func (source *Source) UseTLS() bool
Constants ¶
This section is empty.
Variables ¶
var MockedSearchEntry func(source *Source, name, passwd string, directBind bool) *SearchResult
var SecurityProtocolNames = map[SecurityProtocol]string{ SecurityProtocolUnencrypted: "Unencrypted", SecurityProtocolLDAPS: "LDAPS", SecurityProtocolStartTLS: "StartTLS", }
SecurityProtocolNames contains the name of SecurityProtocol values.
Functions ¶
This section is empty.
Types ¶
type SearchResult ¶
type SearchResult struct { Username string // Username Name string // Name Surname string // Surname Mail string // E-mail address SSHPublicKey []string // SSH Public Key IsAdmin bool // if user is administrator IsRestricted bool // if user is restricted LowerName string // LowerName Avatar []byte Groups container.Set[string] }
SearchResult : user data
type SecurityProtocol ¶
type SecurityProtocol int
SecurityProtocol protocol type
const ( SecurityProtocolUnencrypted SecurityProtocol = iota SecurityProtocolLDAPS SecurityProtocolStartTLS )
Note: new type must be added at the end of list to maintain compatibility.
func (SecurityProtocol) Int ¶
func (s SecurityProtocol) Int() int
Int returns the int value of the SecurityProtocol
func (SecurityProtocol) String ¶
func (s SecurityProtocol) String() string
String returns the name of the SecurityProtocol
type Source ¶
type Source struct { Name string // canonical name (ie. corporate.ad) Host string // LDAP host Port int // port number SecurityProtocol SecurityProtocol SkipVerify bool BindDN string // DN to bind with BindPasswordEncrypt string // Encrypted Bind BN password BindPassword string // Bind DN password UserBase string // Base search path for users UserDN string // Template for the DN of the user for simple auth AttributeUsername string // Username attribute AttributeName string // First name attribute AttributeSurname string // Surname attribute AttributeMail string // E-mail attribute AttributesInBind bool // fetch attributes in bind context (not user) AttributeSSHPublicKey string // LDAP SSH Public Key attribute AttributeAvatar string SearchPageSize uint32 // Search with paging page size Filter string // Query filter to validate entry AdminFilter string // Query filter to check if user is admin RestrictedFilter string // Query filter to check if user is restricted Enabled bool // if this source is disabled AllowDeactivateAll bool // Allow an empty search response to deactivate all users from this source GroupsEnabled bool // if the group checking is enabled GroupDN string // Group Search Base GroupFilter string // Group Name Filter GroupMemberUID string // Group Attribute containing array of UserUID GroupTeamMap string // Map LDAP groups to teams GroupTeamMapRemoval bool // Remove user from teams which are synchronized and user is not a member of the corresponding LDAP group UserUID string // User Attribute listed in Group SkipLocalTwoFA bool `json:",omitempty"` // Skip Local 2fa for users authenticated with this source // contains filtered or unexported fields }
Source Basic LDAP authentication service
func (*Source) Authenticate ¶
func (source *Source) Authenticate(ctx context.Context, user *user_model.User, userName, password string) (*user_model.User, error)
Authenticate queries if login/password is valid against the LDAP directory pool, and create a local user if success when enabled.
func (*Source) IsSkipLocalTwoFA ¶
IsSkipLocalTwoFA returns if this source should skip local 2fa for password authentication
func (*Source) IsSkipVerify ¶
IsSkipVerify returns if SkipVerify is set
func (*Source) ProvidesSSHKeys ¶
ProvidesSSHKeys returns if this source provides SSH Keys
func (*Source) SearchEntries ¶
func (source *Source) SearchEntries() ([]*SearchResult, error)
SearchEntries : search an LDAP source for all users matching userFilter
func (*Source) SearchEntry ¶
func (source *Source) SearchEntry(name, passwd string, directBind bool) *SearchResult
SearchEntry : search an LDAP source if an entry (name, passwd) is valid and in the specific filter
func (*Source) SecurityProtocolName ¶
SecurityProtocolName returns the name of configured security protocol.
func (*Source) SetAuthSource ¶
SetAuthSource sets the related AuthSource
func (*Source) UsePagedSearch ¶
UsePagedSearch returns if need to use paged search