ldap

Documentation

Overview

Package ldap provides a simple ldap client to authenticate, retrieve basic information and groups for a user. https://github.com/jtblin/go-ldap-clien

Index

• Constants
• Variables
• type LDAPClient
  • func (lc *LDAPClient) Authenticate(username, password string) (bool, bool, map[string]string, error)
  • func (lc *LDAPClient) Close()
  • func (lc *LDAPClient) Connect() error
  • func (lc *LDAPClient) GetGroupsOfUser(username string) ([]string, error)

Constants

const (
	ScopeBaseObject   = 0
	ScopeSingleLevel  = 1
	ScopeWholeSubtree = 2
)

scope choices

const (
	NeverDerefAliases   = 0
	DerefInSearching    = 1
	DerefFindingBaseObj = 2
	DerefAlways         = 3
)

derefAliases

Variables

var DerefMap = map[int]string{
	NeverDerefAliases:   "NeverDerefAliases",
	DerefInSearching:    "DerefInSearching",
	DerefFindingBaseObj: "DerefFindingBaseObj",
	DerefAlways:         "DerefAlways",
}

DerefMap contains human readable descriptions of derefAliases choices

var ScopeMap = map[int]string{
	ScopeBaseObject:   "Base Object",
	ScopeSingleLevel:  "Single Level",
	ScopeWholeSubtree: "Whole Subtree",
}

ScopeMap contains human readable descriptions of scope choices

Types

type LDAPClient

type LDAPClient struct {
	Attributes          []string `default:"[givenName,sn,mail,uid,distinguishedName]"`
	Base                string   `default:"dc=example,dc=com"`
	BindDN              string   `default:""`
	BindPassword        string   `default:""`
	GroupFilter         string   `default:"(memberUid=%s)"`
	GroupAttribute      []string `default:"[memberOf]"`
	Host                string   `default:"127.0.0.1"`
	ServerName          string   `default:""`
	UserFilter          string   `default:"(uid=%s)"`
	Conn                *ldap.Conn
	Port                int    `default:"389"`
	InsecureSkipVerify  bool   `default:"true"`
	ShortGroup          bool   `default:"false"`
	ShortDNForGroup     bool   `default:"false"`
	NestedGroup         bool   `default:"false"`
	UseSSL              bool   `default:"false"`
	Anonymous           bool   `default:"false"`
	UserDN              string `default:""`
	SkipTLS             bool   `default:"true"`
	AdminGroup          string `default:""`
	AdminMode           bool   `default:"false"`
	UserGroup           string `default:""`
	UserMode            bool   `default:"false"`
	UseDNForGroupSearch bool   `default:"false"`
	DerefName           string `default:""`
	DerefValue          int    `default:"3"`
	SearchLimit         int    `default:"0"`
	GroupLimit          int    `default:"0"`
	TimeLimit           int    `default:"0"`
	ScopeName           string `default:""`
	ScopeValue          int    `default:"2"`

	ClientCertificates []tls.Certificate // Adding client certificates
}

func (*LDAPClient) Authenticate

func (lc *LDAPClient) Authenticate(username, password string) (bool, bool, map[string]string, error)

Authenticate authenticates the user against the ldap backend.

func (*LDAPClient) Close

func (lc *LDAPClient) Close()

Close closes the ldap backend connection.

func (*LDAPClient) Connect

func (lc *LDAPClient) Connect() error

Connect connects to the ldap backend.

func (*LDAPClient) GetGroupsOfUser

func (lc *LDAPClient) GetGroupsOfUser(username string) ([]string, error)

GetGroupsOfUser returns the group for a user.