barbercollie/tinyauth
1
0
Fork 1
mirror of https://github.com/steveiliop56/tinyauth.git synced 2026-06-09 13:00:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add LDAP BindPasswordFile

Browse Source 
Fixes #927
This commit is contained in:
Ryc O'Chet
2026-06-08 12:46:39 +01:00
parent 426eac2d0b
commit 3d28c6e6d9
2 changed files with 13 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/model/config.go
+10 -9
View File
@@ -178,15 +178,16 @@ type UIConfig struct {
} }
type LDAPConfig struct { type LDAPConfig struct {
Address string `description:"LDAP server address." yaml:"address"` Address string `description:"LDAP server address." yaml:"address"`
BindDN string `description:"Bind DN for LDAP authentication." yaml:"bindDn"` BindDN string `description:"Bind DN for LDAP authentication." yaml:"bindDn"`
BindPassword string `description:"Bind password for LDAP authentication." yaml:"bindPassword"` BindPassword string `description:"Bind password for LDAP authentication." yaml:"bindPassword"`
BaseDN string `description:"Base DN for LDAP searches." yaml:"baseDn"` BindPasswordFile string `description:"Path to the Bind password." yaml:"bindPasswordFile"`
Insecure bool `description:"Allow insecure LDAP connections." yaml:"insecure"` BaseDN string `description:"Base DN for LDAP searches." yaml:"baseDn"`
SearchFilter string `description:"LDAP search filter." yaml:"searchFilter"` Insecure bool `description:"Allow insecure LDAP connections." yaml:"insecure"`
AuthCert string `description:"Certificate for mTLS authentication." yaml:"authCert"` SearchFilter string `description:"LDAP search filter." yaml:"searchFilter"`
AuthKey string `description:"Certificate key for mTLS authentication." yaml:"authKey"` AuthCert string `description:"Certificate for mTLS authentication." yaml:"authCert"`
GroupCacheTTL int `description:"Cache duration for LDAP group membership in seconds." yaml:"groupCacheTTL"` AuthKey string `description:"Certificate key for mTLS authentication." yaml:"authKey"`
GroupCacheTTL int `description:"Cache duration for LDAP group membership in seconds." yaml:"groupCacheTTL"`
} }
type LogConfig struct { type LogConfig struct {
internal/service/ldap_service.go
+3
View File
@@ -212,6 +212,9 @@ func (ldap *LdapService) BindService(rebind bool) error {
if ldap.cert != nil { if ldap.cert != nil {
return ldap.conn.ExternalBind() return ldap.conn.ExternalBind()
} }
secret := utils.GetSecret(ldap.config.LDAP.BindPassword, ldap.config.LDAP.BindPasswordFile)
ldap.config.LDAP.BindPassword = secret
ldap.config.LDAP.BindPasswordFile = ""
return ldap.conn.Bind(ldap.config.LDAP.BindDN, ldap.config.LDAP.BindPassword) return ldap.conn.Bind(ldap.config.LDAP.BindDN, ldap.config.LDAP.BindPassword)
} }