outposts/ldap: add support for boolean fields in ldap

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-01 11:50:51 +02:00
parent 3c3fd53999
commit ade8644da6
3 changed files with 13 additions and 14 deletions
--- a/outpost/pkg/ldap/instance_search.go
+++ b/outpost/pkg/ldap/instance_search.go
@ -98,19 +98,9 @@ func (pi *ProviderInstance) UserEntry(u api.User) *ldap.Entry {
 		},
 	}

-	if *u.IsActive {
-        attrs = append(attrs, &ldap.EntryAttribute{Name: "accountStatus", Values: []string{"active"}})
-	} else {
-        attrs = append(attrs, &ldap.EntryAttribute{Name: "accountStatus", Values: []string{"inactive"}})
-	}
-
-	if u.IsSuperuser {
-		attrs = append(attrs, &ldap.EntryAttribute{Name: "superuser", Values: []string{"active"}})
-	} else {
-        attrs = append(attrs, &ldap.EntryAttribute{Name: "superuser", Values: []string{"inactive"}})
-	}
-
 	attrs = append(attrs, &ldap.EntryAttribute{Name: "memberOf", Values: pi.GroupsForUser(u)})
+	attrs = append(attrs, &ldap.EntryAttribute{Name: "goauthentik.io/ldap/active", Values: []string{BoolToString(*u.IsActive)}})
+	attrs = append(attrs, &ldap.EntryAttribute{Name: "goauthentik.io/ldap/superuser", Values: []string{BoolToString(u.IsSuperuser)}})

 	attrs = append(attrs, AKAttrsToLDAP(u.Attributes)...)