outposts: Refactor session end signal and add LDAP support (#14539)
* outpost: promote session end signal to non-provider specific Signed-off-by: Jens Langhammer <jens@goauthentik.io> * implement server-side logout in ldap Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix previous import Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use better retry logic Signed-off-by: Jens Langhammer <jens@goauthentik.io> * log Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make more generic if we switch from ws to something else Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make it possible to e2e test WS Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix ldap session id Signed-off-by: Jens Langhammer <jens@goauthentik.io> * ok I actually need to go to bed this took me an hour to fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * format; add ldap test Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix leftover state Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove thread Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use ws base for radius Signed-off-by: Jens Langhammer <jens@goauthentik.io> * separate test utils Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rename Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix missing super calls Signed-off-by: Jens Langhammer <jens@goauthentik.io> * websocket tests with browser 🎉 Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add proxy test for sign out Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix install_id issue with channels tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix proxy basic auth test Signed-off-by: Jens Langhammer <jens@goauthentik.io> * big code dedupe Signed-off-by: Jens Langhammer <jens@goauthentik.io> * allow passing go build args Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve waiting for outpost Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rewrite ldap tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * ok actually fix the tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * undo a couple things that need more time to cook Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove unused lockfile-lint dependency since we use a shell script and SFE does not have a lockfile Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix session id for ldap Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix missing createTimestamp and modifyTimestamp ldap attributes closes #10474 Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens L.
@ -6,7 +6,6 @@ import (
|
||||
"strconv"
|
||||
"sync"
|
||||
|
||||
"github.com/mitchellh/mapstructure"
|
||||
log "github.com/sirupsen/logrus"
|
||||
"github.com/wwt/guac"
|
||||
|
||||
@ -30,7 +29,7 @@ func NewServer(ac *ak.APIController) ak.Outpost {
|
||||
connm: sync.RWMutex{},
|
||||
conns: map[string]connection.Connection{},
|
||||
}
|
||||
ac.AddWSHandler(rs.wsHandler)
|
||||
ac.AddEventHandler(rs.wsHandler)
|
||||
return rs
|
||||
}
|
||||
|
||||
@ -52,12 +51,14 @@ func parseIntOrZero(input string) int {
|
||||
return x
|
||||
}
|
||||
|
||||
func (rs *RACServer) wsHandler(ctx context.Context, args map[string]interface{}) {
|
||||
func (rs *RACServer) wsHandler(ctx context.Context, msg ak.Event) error {
|
||||
if msg.Instruction != ak.EventKindProviderSpecific {
|
||||
return nil
|
||||
}
|
||||
wsm := WSMessage{}
|
||||
err := mapstructure.Decode(args, &wsm)
|
||||
err := msg.ArgsAs(&wsm)
|
||||
if err != nil {
|
||||
rs.log.WithError(err).Warning("invalid ws message")
|
||||
return
|
||||
return err
|
||||
}
|
||||
config := guac.NewGuacamoleConfiguration()
|
||||
config.Protocol = wsm.Protocol
|
||||
@ -71,23 +72,23 @@ func (rs *RACServer) wsHandler(ctx context.Context, args map[string]interface{})
|
||||
}
|
||||
cc, err := connection.NewConnection(rs.ac, wsm.DestChannelID, config)
|
||||
if err != nil {
|
||||
rs.log.WithError(err).Warning("failed to setup connection")
|
||||
return
|
||||
return err
|
||||
}
|
||||
cc.OnError = func(err error) {
|
||||
rs.connm.Lock()
|
||||
delete(rs.conns, wsm.ConnID)
|
||||
_ = rs.ac.SendWSHello(map[string]interface{}{
|
||||
_ = rs.ac.SendEventHello(map[string]interface{}{
|
||||
"active_connections": len(rs.conns),
|
||||
})
|
||||
rs.connm.Unlock()
|
||||
}
|
||||
rs.connm.Lock()
|
||||
rs.conns[wsm.ConnID] = *cc
|
||||
_ = rs.ac.SendWSHello(map[string]interface{}{
|
||||
_ = rs.ac.SendEventHello(map[string]interface{}{
|
||||
"active_connections": len(rs.conns),
|
||||
})
|
||||
rs.connm.Unlock()
|
||||
return nil
|
||||
}
|
||||
|
||||
func (rs *RACServer) Start() error {
|
||||
|
||||
Reference in New Issue
Block a user