providers/ldap: memory Query (#1681)

* outposts/ldap: modularise ldap outpost, to allow different searchers and binders

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: add basic in-memory searcher

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/ldap: add search mode field

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost: add search mode field

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

web/src/locales/en.po

@@ -625,6 +625,10 @@ msgstr "Cached flows"
 msgid "Cached policies"
 msgstr "Cached policies"
 
+#: src/pages/providers/ldap/LDAPProviderForm.ts
+msgid "Cached querying, the outpost holds all users and groups in-memory and will refresh every 5 Minutes."
+msgstr "Cached querying, the outpost holds all users and groups in-memory and will refresh every 5 Minutes."
+
 #: src/pages/sources/oauth/OAuthSourceViewPage.ts
 msgid "Callback URL"
 msgstr "Callback URL"
@@ -913,6 +917,10 @@ msgstr "Configure how the flow executor should handle an invalid response to a c
 msgid "Configure how the issuer field of the ID Token should be filled."
 msgstr "Configure how the issuer field of the ID Token should be filled."
 
+#: src/pages/providers/ldap/LDAPProviderForm.ts
+msgid "Configure how the outpost queries the core authentik server's users."
+msgstr "Configure how the outpost queries the core authentik server's users."
+
 #: 
 #: 
 #~ msgid "Configure settings relevant to your user profile."
@@ -1416,6 +1424,10 @@ msgstr "Digest algorithm"
 msgid "Digits"
 msgstr "Digits"
 
+#: src/pages/providers/ldap/LDAPProviderForm.ts
+msgid "Direct querying, always returns the latest data, but slower than cached querying."
+msgstr "Direct querying, always returns the latest data, but slower than cached querying."
+
 #: 
 #: 
 #~ msgid "Disable"
@@ -3802,6 +3814,10 @@ msgstr "Score"
 msgid "Search group"
 msgstr "Search group"
 
+#: src/pages/providers/ldap/LDAPProviderForm.ts
+msgid "Search mode"
+msgstr "Search mode"
+
 #: src/elements/table/TableSearch.ts
 #: src/user/LibraryPage.ts
 msgid "Search..."

web/src/locales/fr_FR.po

@@ -627,6 +627,10 @@ msgstr "Flux mis en cache"
 msgid "Cached policies"
 msgstr "Politiques mises en cache"
 
+#: src/pages/providers/ldap/LDAPProviderForm.ts
+msgid "Cached querying, the outpost holds all users and groups in-memory and will refresh every 5 Minutes."
+msgstr ""
+
 #: src/pages/sources/oauth/OAuthSourceViewPage.ts
 msgid "Callback URL"
 msgstr "URL de rappel"
@@ -913,6 +917,10 @@ msgstr "Configure comment l'exécuteur de flux gère une réponse invalide à un
 msgid "Configure how the issuer field of the ID Token should be filled."
 msgstr "Configure comment le champ émetteur du jeton ID sera rempli."
 
+#: src/pages/providers/ldap/LDAPProviderForm.ts
+msgid "Configure how the outpost queries the core authentik server's users."
+msgstr ""
+
 #~ msgid "Configure settings relevant to your user profile."
 #~ msgstr "Configure les paramètre applicable à votre profil."
 
@@ -1406,6 +1414,10 @@ msgstr "Algorithme d'empreinte"
 msgid "Digits"
 msgstr "Chiffres"
 
+#: src/pages/providers/ldap/LDAPProviderForm.ts
+msgid "Direct querying, always returns the latest data, but slower than cached querying."
+msgstr ""
+
 #~ msgid "Disable"
 #~ msgstr "Désactiver"
 
@@ -3770,6 +3782,10 @@ msgstr "Note"
 msgid "Search group"
 msgstr "Rechercher un groupe"
 
+#: src/pages/providers/ldap/LDAPProviderForm.ts
+msgid "Search mode"
+msgstr ""
+
 #: src/elements/table/TableSearch.ts
 #: src/user/LibraryPage.ts
 msgid "Search..."

web/src/locales/pseudo-LOCALE.po

@@ -621,6 +621,10 @@ msgstr ""
 msgid "Cached policies"
 msgstr ""
 
+#: src/pages/providers/ldap/LDAPProviderForm.ts
+msgid "Cached querying, the outpost holds all users and groups in-memory and will refresh every 5 Minutes."
+msgstr ""
+
 #: src/pages/sources/oauth/OAuthSourceViewPage.ts
 msgid "Callback URL"
 msgstr ""
@@ -907,6 +911,10 @@ msgstr ""
 msgid "Configure how the issuer field of the ID Token should be filled."
 msgstr ""
 
+#: src/pages/providers/ldap/LDAPProviderForm.ts
+msgid "Configure how the outpost queries the core authentik server's users."
+msgstr ""
+
 #: 
 #: 
 #~ msgid "Configure settings relevant to your user profile."
@@ -1408,6 +1416,10 @@ msgstr ""
 msgid "Digits"
 msgstr ""
 
+#: src/pages/providers/ldap/LDAPProviderForm.ts
+msgid "Direct querying, always returns the latest data, but slower than cached querying."
+msgstr ""
+
 #: 
 #: 
 #~ msgid "Disable"
@@ -3794,6 +3806,10 @@ msgstr ""
 msgid "Search group"
 msgstr ""
 
+#: src/pages/providers/ldap/LDAPProviderForm.ts
+msgid "Search mode"
+msgstr ""
+
 #: src/elements/table/TableSearch.ts
 #: src/user/LibraryPage.ts
 msgid "Search..."

web/src/pages/providers/ldap/LDAPProviderForm.ts

@@ -12,6 +12,7 @@ import {
     FlowsInstancesListDesignationEnum,
     LDAPProvider,
     ProvidersApi,
+    SearchModeEnum,
 } from "@goauthentik/api";
 
 import { DEFAULT_CONFIG, tenant } from "../../../api/Config";
@@ -118,6 +119,25 @@ export class LDAPProviderFormPage extends ModelForm<LDAPProvider, number> {
                     ${t`Users in the selected group can do search queries. If no group is selected, no LDAP Searches are allowed.`}
                 </p>
             </ak-form-element-horizontal>
+            <ak-form-element-horizontal label=${t`Search mode`} name="searchMode">
+                <select class="pf-c-form-control">
+                    <option
+                        value=""
+                        ?selected=${this.instance?.searchMode === SearchModeEnum.Cached}
+                    >
+                        ${t`Cached querying, the outpost holds all users and groups in-memory and will refresh every 5 Minutes.`}
+                    </option>
+                    <option
+                        value=""
+                        ?selected=${this.instance?.searchMode === SearchModeEnum.Direct}
+                    >
+                        ${t`Direct querying, always returns the latest data, but slower than cached querying.`}
+                    </option>
+                </select>
+                <p class="pf-c-form__helper-text">
+                    ${t`Configure how the outpost queries the core authentik server's users.`}
+                </p>
+            </ak-form-element-horizontal>
 
             <ak-form-group .expanded=${true}>
                 <span slot="header"> ${t`Protocol settings`} </span>