habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

providers/ldap: making ldap compatible with synology (#4694)

Browse Source 
* internal/outpost/ldap: making ldap compatible with synology

* fix duplicate attributes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add docs about homedirectory

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix duplicate attributes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add substitution to values

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
roche-quentin
2023-02-22 15:26:41 +01:00
committed by GitHub
parent 51c6a14786
commit cd99b6e48f
8 changed files with 156 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
internal/outpost/ldap/utils/utils.go
View File

@ -44,33 +44,35 @@ func stringify(in interface{}) *string {
}
}
func AttributesToLDAP(attrs map[string]interface{}, sanitize bool) []*ldap.EntryAttribute {
func AttributesToLDAP(
attrs map[string]interface{},
keyFormatter func(key string) string,
valueFormatter func(value []string) []string,
) []*ldap.EntryAttribute {
attrList := []*ldap.EntryAttribute{}
if attrs == nil {
return attrList
}
for attrKey, attrValue := range attrs {
entry := &ldap.EntryAttribute{Name: attrKey}
if sanitize {
entry.Name = AttributeKeySanitize(attrKey)
}
entry := &ldap.EntryAttribute{Name: keyFormatter(attrKey)}
switch t := attrValue.(type) {
case []string:
entry.Values = t
entry.Values = valueFormatter(t)
case *[]string:
entry.Values = *t
entry.Values = valueFormatter(*t)
case []interface{}:
entry.Values = make([]string, len(t))
for idx, v := range t {
vv := make([]string, 0)
for _, v := range t {
v := stringify(v)
if v != nil {
entry.Values[idx] = *v
vv = append(vv, *v)
}
}
entry.Values = valueFormatter(vv)
default:
v := stringify(t)
if v != nil {
entry.Values = []string{*v}
entry.Values = valueFormatter([]string{*v})
}
}
attrList = append(attrList, entry)
@ -88,7 +90,7 @@ func EnsureAttributes(attrs []*ldap.EntryAttribute, shouldHave map[string][]stri
func MustHaveAttribute(attrs []*ldap.EntryAttribute, name string, value []string) []*ldap.EntryAttribute {
shouldSet := true
for _, attr := range attrs {
if attr.Name == name {
if strings.EqualFold(attr.Name, name) {
shouldSet = false
}
}

66
internal/outpost/ldap/utils/utils_test.go
View File

@ -19,16 +19,26 @@ func TestAKAttrsToLDAP_String(t *testing.T) {
u.Attributes = map[string]interface{}{
"foo": "bar",
}
assert.Equal(t, 1, len(AttributesToLDAP(u.Attributes, true)))
assert.Equal(t, "foo", AttributesToLDAP(u.Attributes, true)[0].Name)
assert.Equal(t, []string{"bar"}, AttributesToLDAP(u.Attributes, true)[0].Values)
mapped := AttributesToLDAP(u.Attributes, func(key string) string {
return AttributeKeySanitize(key)
}, func(value []string) []string {
return value
})
assert.Equal(t, 1, len(mapped))
assert.Equal(t, "foo", mapped[0].Name)
assert.Equal(t, []string{"bar"}, mapped[0].Values)
// pointer string
u.Attributes = map[string]interface{}{
"foo": api.PtrString("bar"),
}
assert.Equal(t, 1, len(AttributesToLDAP(u.Attributes, true)))
assert.Equal(t, "foo", AttributesToLDAP(u.Attributes, true)[0].Name)
assert.Equal(t, []string{"bar"}, AttributesToLDAP(u.Attributes, true)[0].Values)
mapped = AttributesToLDAP(u.Attributes, func(key string) string {
return AttributeKeySanitize(key)
}, func(value []string) []string {
return value
})
assert.Equal(t, 1, len(mapped))
assert.Equal(t, "foo", mapped[0].Name)
assert.Equal(t, []string{"bar"}, mapped[0].Values)
}
func TestAKAttrsToLDAP_String_List(t *testing.T) {
@ -37,16 +47,26 @@ func TestAKAttrsToLDAP_String_List(t *testing.T) {
u.Attributes = map[string]interface{}{
"foo": []string{"bar"},
}
assert.Equal(t, 1, len(AttributesToLDAP(u.Attributes, true)))
assert.Equal(t, "foo", AttributesToLDAP(u.Attributes, true)[0].Name)
assert.Equal(t, []string{"bar"}, AttributesToLDAP(u.Attributes, true)[0].Values)
mapped := AttributesToLDAP(u.Attributes, func(key string) string {
return AttributeKeySanitize(key)
}, func(value []string) []string {
return value
})
assert.Equal(t, 1, len(mapped))
assert.Equal(t, "foo", mapped[0].Name)
assert.Equal(t, []string{"bar"}, mapped[0].Values)
// pointer string list
u.Attributes = map[string]interface{}{
"foo": &[]string{"bar"},
}
assert.Equal(t, 1, len(AttributesToLDAP(u.Attributes, true)))
assert.Equal(t, "foo", AttributesToLDAP(u.Attributes, true)[0].Name)
assert.Equal(t, []string{"bar"}, AttributesToLDAP(u.Attributes, true)[0].Values)
mapped = AttributesToLDAP(u.Attributes, func(key string) string {
return AttributeKeySanitize(key)
}, func(value []string) []string {
return value
})
assert.Equal(t, 1, len(mapped))
assert.Equal(t, "foo", mapped[0].Name)
assert.Equal(t, []string{"bar"}, mapped[0].Values)
}
func TestAKAttrsToLDAP_Dict(t *testing.T) {
@ -56,9 +76,14 @@ func TestAKAttrsToLDAP_Dict(t *testing.T) {
"foo": "bar",
},
}
assert.Equal(t, 1, len(AttributesToLDAP(d, true)))
assert.Equal(t, "foo", AttributesToLDAP(d, true)[0].Name)
assert.Equal(t, []string{"map[foo:bar]"}, AttributesToLDAP(d, true)[0].Values)
mapped := AttributesToLDAP(d, func(key string) string {
return AttributeKeySanitize(key)
}, func(value []string) []string {
return value
})
assert.Equal(t, 1, len(mapped))
assert.Equal(t, "foo", mapped[0].Name)
assert.Equal(t, []string{"map[foo:bar]"}, mapped[0].Values)
}
func TestAKAttrsToLDAP_Mixed(t *testing.T) {
@ -69,7 +94,12 @@ func TestAKAttrsToLDAP_Mixed(t *testing.T) {
6,
},
}
assert.Equal(t, 1, len(AttributesToLDAP(d, true)))
assert.Equal(t, "foo", AttributesToLDAP(d, true)[0].Name)
assert.Equal(t, []string{"foo", "6"}, AttributesToLDAP(d, true)[0].Values)
mapped := AttributesToLDAP(d, func(key string) string {
return AttributeKeySanitize(key)
}, func(value []string) []string {
return value
})
assert.Equal(t, 1, len(mapped))
assert.Equal(t, "foo", mapped[0].Name)
assert.Equal(t, []string{"foo", "6"}, mapped[0].Values)
}