auth

package
v2.6.10 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 19, 2024 License: MIT Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Dial

func Dial(opts *DialOptions) (conn net.Conn, err error)

Dial connects to an LDAP server

func ListSupportedAuthTypes

func ListSupportedAuthTypes(quote bool) []string

Types

type AuthType

type AuthType int

AuthType is an LDAP authentication type (RFC 4511)

const (
	UNAUTHENTICATED AuthType = iota + 1
	SIMPLE
	MD5
	NTLM
	SASL
	KERBEROS // not supported yet, to be implemented
)

func TypeFromString

func TypeFromString(str string) AuthType

Parse type from string

func (AuthType) IsValid

func (t AuthType) IsValid() bool

IsValid returns true if the authentication type is valid

func (AuthType) String

func (t AuthType) String() string

String returns the string representation of an authentication type

type BindParameters

type BindParameters struct {
	// AuthType is the authentication type
	AuthType AuthType `validate:"required,is_valid"` // default: SIMPLE
	// Domain is user's domain (for NTLM authentication)
	Domain string
	// Use NTLM hash instead of password
	AsHash bool
	// User's password
	Password string `validate:"required_unless=AuthType UNAUTHENTICATED"`
	// Username
	User string `validate:"required_unless=AuthType UNAUTHENTICATED"`
}

BindParameters are parameters for binding to the server

func NewBindParameters

func NewBindParameters() *BindParameters

NewBindParameters creates a new BindParameters instance

func (*BindParameters) FromKeyring

func (p *BindParameters) FromKeyring() error

FromKeyring loads credentials from keyring

func (*BindParameters) SetDefaults

func (p *BindParameters) SetDefaults()

SetDefaults sets default values

func (*BindParameters) SetDomain

func (p *BindParameters) SetDomain(domain string) *BindParameters

SetDomain sets domain (required for NTLM-based authentication)

func (*BindParameters) SetPassword

func (p *BindParameters) SetPassword(password string) *BindParameters

SetPassword sets password

func (*BindParameters) SetType

func (p *BindParameters) SetType(authType AuthType) *BindParameters

SetType sets authentication type

func (*BindParameters) SetUser

func (p *BindParameters) SetUser(user string) *BindParameters

SetUser sets username

func (BindParameters) ToKeyring

func (p BindParameters) ToKeyring() error

ToKeyring saves credentials to keyring

func (*BindParameters) Validate

func (p *BindParameters) Validate() error

Validate validates bind parameters

type Connection

type Connection struct {
	// LDAP connection
	*ldap.Conn
	// Dial options
	*DialOptions
	// contains filtered or unexported fields
}

Connection object

func Bind

func Bind(parameters *BindParameters, options *DialOptions) (*Connection, error)

Bind establishes a connection to the server and binds to it

func (Connection) Close

func (c Connection) Close() error

Close closes the underlying TCP connection

func (Connection) RemoteHost

func (c Connection) RemoteHost() string

RemoteHost returns the remote host of the domain controller

type DialOptions

type DialOptions struct {
	// Number of max retries if failing
	MaxRetries uint `validate:"required" default:"3"`
	// Limits number of objects returned by an LDAP query
	SizeLimit int64
	// Timeout for connection handshake and LDAP queries
	TimeLimit time.Duration `validate:"required" default:"10s"`
	// Custom TLS config
	TLSConfig *tls.Config
	// Server URL
	URL *URL `validate:"required,is_valid"` // default: ldap://localhost:389
}

Options for dialer

func NewDialOptions

func NewDialOptions() *DialOptions

NewDialOptions creates new options

func (*DialOptions) SetDefaults

func (o *DialOptions) SetDefaults()

Sets default URL

func (*DialOptions) SetMaxRetries

func (o *DialOptions) SetMaxRetries(retries uint) *DialOptions

SetMaxRetries sets max retries

func (*DialOptions) SetSizeLimit

func (o *DialOptions) SetSizeLimit(limit int64) *DialOptions

SetSizeLimit sets size limit

func (*DialOptions) SetTLSConfig

func (o *DialOptions) SetTLSConfig(conf *tls.Config) *DialOptions

SetTLSConfig sets TLS config

func (*DialOptions) SetTimeLimit

func (o *DialOptions) SetTimeLimit(limit time.Duration) *DialOptions

SetTimeLimit sets time limit

func (*DialOptions) SetURL

func (o *DialOptions) SetURL(addr string) *DialOptions

SetURL sets URL

func (*DialOptions) Validate

func (o *DialOptions) Validate() error

Validate validates options

type GSSAPIClient added in v2.6.6

type GSSAPIClient struct{}

not supported yet, to be implemented

func (*GSSAPIClient) DeleteSecContext added in v2.6.6

func (*GSSAPIClient) DeleteSecContext() error

func (*GSSAPIClient) InitSecContext added in v2.6.6

func (*GSSAPIClient) InitSecContext(target string, token []byte) (outputToken []byte, needContinue bool, err error)

func (*GSSAPIClient) NegotiateSaslAuth added in v2.6.6

func (*GSSAPIClient) NegotiateSaslAuth(token []byte, authzID string) ([]byte, error)

type Port

type Port int
const (
	// LDAP_RW is the default LDAP port (local catalogue port)
	LDAP_RW Port = 389
	// LDAP_RO is the global catalogue port
	LDAP_RO Port = 3268
	// LDAPS_RW is the default LDAP port over TLS (local catalogue port)
	LDAPS_RW Port = 636
	// LDAPS_RO is the global catalogue port over TLS
	LDAPS_RO Port = 3269
)

type Scheme

type Scheme string

Scheme is an LDAP scheme

const (
	CLDAP Scheme = "cldap"
	LDAP  Scheme = "ldap"
	LDAPI Scheme = "ldapi"
	LDAPS Scheme = "ldaps"
)

func (Scheme) IsValid

func (s Scheme) IsValid() bool

IsValid returns true if the scheme is valid

type URL

type URL struct {
	// Scheme
	Scheme Scheme `validate:"required,is_valid"`
	// Server's domain name
	Host string `validate:"required"`
	// Server's port
	Port Port `validate:"excluded_if=Scheme ldapi,required_unless=Scheme ldapi"`
}

URL is a URL (RFC 4516)

func NewURL

func NewURL() *URL

NewURL returns a new URL

func URLFromString

func URLFromString(in string) (*URL, error)

URLFromString returns an URL from a string (<scheme>://<hostname>:<port>)

func (URL) HostPort

func (u URL) HostPort() string

HostPort returns <hostname>:<port>

func (URL) IsValid

func (u URL) IsValid() bool

IsValid returns true if the URL is valid

func (*URL) SetHost

func (u *URL) SetHost(h string) *URL

SetHost sets host

func (*URL) SetPort

func (u *URL) SetPort(p Port) *URL

SetPort sets port

func (*URL) SetScheme

func (u *URL) SetScheme(s Scheme) *URL

SetScheme sets scheme

func (URL) String

func (u URL) String() string

String returns the string representation of an URL (<scheme>://<hostname>:<?port>)

func (URL) ToBaseDirectoryPath

func (u URL) ToBaseDirectoryPath() string

ToBaseDirectoryPath builds base DN from host

func (*URL) Validate

func (u *URL) Validate() error

Validate validates the URL

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL