barbercollie/tinyauth
1
0
Fork 1
mirror of https://github.com/steveiliop56/tinyauth.git synced 2025-10-28 04:35:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
dc3b2bc83e61004f6fa2713898e3d7de6bd28f8f
tinyauth/internal/ldap/ldap.go
Stavros dc3b2bc83e refactor: bot suggestions
2025-07-05 15:37:48 +03:00

78 lines
1.7 KiB
Go
Raw Blame History

package ldap
import (
"crypto/tls"
"fmt"
"tinyauth/internal/types"
ldapgo "github.com/go-ldap/ldap/v3"
)
type LDAP struct {
Config types.LdapConfig
Conn *ldapgo.Conn
BaseDN string
}
func NewLDAP(config types.LdapConfig) (*LDAP, error) {
// Connect to the LDAP server
conn, err := ldapgo.DialURL(config.Address, ldapgo.DialWithTLSConfig(&tls.Config{
InsecureSkipVerify: config.Insecure,
MinVersion: tls.VersionTLS12,
}))
if err != nil {
return nil, err
}
// Bind to the LDAP server with the provided credentials
err = conn.Bind(config.BindDN, config.BindPassword)
if err != nil {
return nil, err
}
return &LDAP{
Config: config,
Conn: conn,
BaseDN: config.BaseDN,
}, nil
}
func (l *LDAP) Search(username string) (string, error) {
// Escape the username to prevent LDAP injection
escapedUsername := ldapgo.EscapeFilter(username)
filter := fmt.Sprintf(l.Config.SearchFilter, escapedUsername)
// Create a search request to find the user by username
searchRequest := ldapgo.NewSearchRequest(
l.BaseDN,
ldapgo.ScopeWholeSubtree, ldapgo.NeverDerefAliases, 0, 0, false,
filter,
[]string{"dn"},
nil,
)
// Perform the search
searchResult, err := l.Conn.Search(searchRequest)
if err != nil {
return "", err
}
if len(searchResult.Entries) != 1 {
return "", fmt.Errorf("err multiple or no entries found for user %s", username)
}
// User found, return the distinguished name (DN)
userDN := searchResult.Entries[0].DN
return userDN, nil
}
func (l *LDAP) Bind(userDN string, password string) error {
// Bind to the LDAP server with the user's DN and password
err := l.Conn.Bind(userDN, password)
if err != nil {
return err
}
return nil
}
Reference in New Issue View Git Blame Copy Permalink