providers/ldap: add unbind flow execution (#4484)

add unbind flow execution Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-23 20:36:30 +01:00
parent b2d272bf6f
commit a9b32e2f97
13 changed files with 267 additions and 132 deletions
--- a/internal/outpost/ldap/bind/direct/unbind.go
+++ b/internal/outpost/ldap/bind/direct/unbind.go
@ -0,0 +1,29 @@
+package direct
+
+import (
+	"github.com/nmcclain/ldap"
+	log "github.com/sirupsen/logrus"
+	"goauthentik.io/internal/outpost/flow"
+	"goauthentik.io/internal/outpost/ldap/bind"
+)
+
+func (db *DirectBinder) Unbind(username string, req *bind.Request) (ldap.LDAPResultCode, error) {
+	flags := db.si.GetFlags(req.BindDN)
+	if flags == nil || flags.Session == nil {
+		return ldap.LDAPResultSuccess, nil
+	}
+	fe := flow.NewFlowExecutor(req.Context(), db.si.GetInvalidationFlowSlug(), db.si.GetAPIClient().GetConfig(), log.Fields{
+		"boundDN":   req.BindDN,
+		"client":    req.RemoteAddr(),
+		"requestId": req.ID(),
+	})
+	fe.SetSession(flags.Session)
+	fe.DelegateClientIP(req.RemoteAddr())
+	fe.Params.Add("goauthentik.io/outpost/ldap", "true")
+	_, err := fe.Execute()
+	if err != nil {
+		db.log.WithError(err).Warning("failed to logout user")
+	}
+	db.si.SetFlags(req.BindDN, nil)
+	return ldap.LDAPResultSuccess, nil
+}