60 lines
1.5 KiB
Go
60 lines
1.5 KiB
Go
package ldap
|
|
|
|
import (
|
|
"fmt"
|
|
"strconv"
|
|
"strings"
|
|
|
|
"beryju.io/ldap"
|
|
|
|
"goauthentik.io/api/v3"
|
|
"goauthentik.io/internal/outpost/ldap/constants"
|
|
"goauthentik.io/internal/outpost/ldap/utils"
|
|
)
|
|
|
|
func (pi *ProviderInstance) UserEntry(u api.User) *ldap.Entry {
|
|
dn := pi.GetUserDN(u.Username)
|
|
attrs := utils.AttributesToLDAP(u.Attributes, func(key string) string {
|
|
return utils.AttributeKeySanitize(key)
|
|
}, func(value []string) []string {
|
|
for i, v := range value {
|
|
if strings.Contains(v, "%s") {
|
|
value[i] = fmt.Sprintf(v, u.Username)
|
|
}
|
|
}
|
|
return value
|
|
})
|
|
|
|
if u.IsActive == nil {
|
|
u.IsActive = api.PtrBool(false)
|
|
}
|
|
if u.Email == nil {
|
|
u.Email = api.PtrString("")
|
|
}
|
|
attrs = utils.EnsureAttributes(attrs, map[string][]string{
|
|
"ak-active": {strings.ToUpper(strconv.FormatBool(*u.IsActive))},
|
|
"ak-superuser": {strings.ToUpper(strconv.FormatBool(u.IsSuperuser))},
|
|
"memberOf": pi.GroupsForUser(u),
|
|
"cn": {u.Username},
|
|
"sAMAccountName": {u.Username},
|
|
"uid": {u.Uid},
|
|
"name": {u.Name},
|
|
"displayName": {u.Name},
|
|
"mail": {*u.Email},
|
|
"objectClass": {
|
|
constants.OCTop,
|
|
constants.OCPerson,
|
|
constants.OCOrgPerson,
|
|
constants.OCInetOrgPerson,
|
|
constants.OCUser,
|
|
constants.OCPosixAccount,
|
|
constants.OCAKUser,
|
|
},
|
|
"uidNumber": {pi.GetUserUidNumber(u)},
|
|
"gidNumber": {pi.GetUserGidNumber(u)},
|
|
"homeDirectory": {fmt.Sprintf("/home/%s", u.Username)},
|
|
"sn": {u.Name},
|
|
})
|
|
return &ldap.Entry{DN: dn, Attributes: attrs}
|
|
}
|