ldap

package

v0.0.0-...-2b29b9b Latest Latest Go to latest Published: Dec 25, 2024 License: Apache-2.0 Imports: 18 Imported by: 1

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/yunionio/onecloud

Documentation ¶

Index ¶

Constants
Variables
func NewLDAPDriver(idpId, idpName, template, targetDomainId string, conf api.TConfigs) (driver.IIdentityBackend, error)
type SDomainInfo
type SGroupInfo
type SLDAPDriver
type SLDAPDriverClass
type SUserInfo

Constants ¶

View Source

const (
	ErrEmptyDN      = errors.Error("empty DN")
	ErrEmptyId      = errors.Error("empty id")
	ErrEmptyName    = errors.Error("empty name")
	ErrDisabledUser = errors.Error("disabled user")
)

Variables ¶

View Source

var (
	MicrosoftActiveDirectorySingleDomainTemplate = api.SLDAPIdpConfigOptions{
		UserObjectclass:      "organizationalPerson",
		UserIdAttribute:      "sAMAccountName",
		UserNameAttribute:    "sAMAccountName",
		UserEnabledAttribute: "userAccountControl",
		UserEnabledMask:      2,
		UserEnabledDefault:   "512",
		UserEnabledInvert:    true,
		UserAdditionalAttribute: []string{
			"displayName:displayname",
			"telephoneNumber:mobile",
			"mail:email",
		},
		UserQueryScope:       "sub",
		GroupObjectclass:     "group",
		GroupIdAttribute:     "sAMAccountName",
		GroupNameAttribute:   "name",
		GroupMemberAttribute: "member",
		GroupMembersAreIds:   false,
		GroupQueryScope:      "sub",
	}

	MicrosoftActiveDirectoryMultipleDomainTemplate = api.SLDAPIdpConfigOptions{
		DomainObjectclass:    "organizationalUnit",
		DomainIdAttribute:    "objectGUID",
		DomainNameAttribute:  "name",
		DomainQueryScope:     "one",
		UserObjectclass:      "organizationalPerson",
		UserIdAttribute:      "sAMAccountName",
		UserNameAttribute:    "sAMAccountName",
		UserEnabledAttribute: "userAccountControl",
		UserEnabledMask:      2,
		UserEnabledDefault:   "512",
		UserEnabledInvert:    true,
		UserAdditionalAttribute: []string{
			"displayName:displayname",
			"telephoneNumber:mobile",
			"mail:email",
		},
		UserQueryScope:       "sub",
		GroupObjectclass:     "group",
		GroupIdAttribute:     "sAMAccountName",
		GroupNameAttribute:   "name",
		GroupMemberAttribute: "member",
		GroupMembersAreIds:   false,
		GroupQueryScope:      "sub",
	}

	OpenLdapSingleDomainTemplate = api.SLDAPIdpConfigOptions{
		UserObjectclass:      "person",
		UserIdAttribute:      "uid",
		UserNameAttribute:    "uid",
		UserEnabledAttribute: "nsAccountLock",
		UserEnabledDefault:   "FALSE",
		UserEnabledInvert:    true,
		UserAdditionalAttribute: []string{
			"displayName:displayname",
			"mobile:mobile",
			"mail:email",
		},
		UserQueryScope:       "sub",
		GroupObjectclass:     "ipausergroup",
		GroupIdAttribute:     "cn",
		GroupNameAttribute:   "cn",
		GroupMemberAttribute: "member",
		GroupMembersAreIds:   false,
		GroupQueryScope:      "sub",
	}
)

Functions ¶

func NewLDAPDriver ¶

func NewLDAPDriver(idpId, idpName, template, targetDomainId string, conf api.TConfigs) (driver.IIdentityBackend, error)

Types ¶

type SDomainInfo ¶

type SDomainInfo struct {
	DN   string
	Id   string
	Name string
}

type SGroupInfo ¶

type SGroupInfo struct {
	SDomainInfo
	Members []string
}

type SLDAPDriver ¶

type SLDAPDriver struct {
	driver.SBaseIdentityDriver
	// contains filtered or unexported fields
}

func (*SLDAPDriver) Authenticate ¶

func (drv *SLDAPDriver) Authenticate(ctx context.Context, ident mcclient.SAuthenticationIdentity) (*api.SUserExtended, error)

func (*SLDAPDriver) GetSsoRedirectUri ¶

func (ldap *SLDAPDriver) GetSsoRedirectUri(ctx context.Context, callbackUrl, state string) (string, error)

func (*SLDAPDriver) Probe ¶

func (drv *SLDAPDriver) Probe(ctx context.Context) error

func (*SLDAPDriver) Sync ¶

func (drv *SLDAPDriver) Sync(ctx context.Context) error

type SLDAPDriverClass ¶

type SLDAPDriverClass struct{}

func (*SLDAPDriverClass) ForceSyncUser ¶

func (self *SLDAPDriverClass) ForceSyncUser() bool

func (*SLDAPDriverClass) GetDefaultIconUri ¶

func (self *SLDAPDriverClass) GetDefaultIconUri(tmpName string) string

func (*SLDAPDriverClass) IsSso ¶

func (self *SLDAPDriverClass) IsSso() bool

func (*SLDAPDriverClass) Name ¶

func (self *SLDAPDriverClass) Name() string

func (*SLDAPDriverClass) NewDriver ¶

func (self *SLDAPDriverClass) NewDriver(idpId, idpName, template, targetDomainId string, conf api.TConfigs) (driver.IIdentityBackend, error)

func (*SLDAPDriverClass) SingletonInstance ¶

func (self *SLDAPDriverClass) SingletonInstance() bool

func (*SLDAPDriverClass) SyncMethod ¶

func (self *SLDAPDriverClass) SyncMethod() string

func (*SLDAPDriverClass) ValidateConfig ¶

func (self *SLDAPDriverClass) ValidateConfig(ctx context.Context, userCred mcclient.TokenCredential, template string, tconf api.TConfigs, idpId, domainId string) (api.TConfigs, error)

type SUserInfo ¶

type SUserInfo struct {
	SDomainInfo
	Enabled bool
	Extra   map[string]string
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL