wangwei
/
aiforge
Not watched
1
0
Fork 0
Code
Releases 128 Wiki Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain
You can not select more than 25 topics Topics must start with a chinese character,a letter or number, can include dashes ('-') and can be up to 35 characters long.
2596 Commits
197 Branches
346 MB
788 Download
Tree: 71fd10dd37
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '71fd10dd37'
${ noResults }
aiforge/modules/auth/ldap/ldap.go

ldap.go 4.1 kB
Raw Normal View History

Merge branch 'develop' of https://github.com/SergioBenitez/gogs into develop # Conflicts: # modules/bindata/bindata.go
10 years ago
initial support for LDAP authentication/MSAD
11 years ago
Merge branch 'develop' of https://github.com/SergioBenitez/gogs into develop # Conflicts: # modules/bindata/bindata.go
10 years ago
initial support for LDAP authentication/MSAD
11 years ago
ldap support
11 years ago
Remove ldap dep
11 years ago
initial support for LDAP authentication/MSAD
11 years ago
ldap support
11 years ago
Merge branch 'develop' of https://github.com/SergioBenitez/gogs into develop # Conflicts: # modules/bindata/bindata.go
10 years ago
initial support for LDAP authentication/MSAD
11 years ago
Merge branch 'develop' of https://github.com/SergioBenitez/gogs into develop # Conflicts: # modules/bindata/bindata.go
10 years ago
Significantly enhanced LDAP support in Gogs.
10 years ago
Merge branch 'develop' of https://github.com/SergioBenitez/gogs into develop # Conflicts: # modules/bindata/bindata.go
10 years ago
Significantly enhanced LDAP support in Gogs.
10 years ago
initial support for LDAP authentication/MSAD
11 years ago
Significantly enhanced LDAP support in Gogs.
10 years ago
Merge branch 'develop' of https://github.com/SergioBenitez/gogs into develop # Conflicts: # modules/bindata/bindata.go
10 years ago
initial support for LDAP authentication/MSAD
11 years ago
Significantly enhanced LDAP support in Gogs.
10 years ago
Merge branch 'develop' of https://github.com/SergioBenitez/gogs into develop # Conflicts: # modules/bindata/bindata.go
10 years ago
Significantly enhanced LDAP support in Gogs.
10 years ago
Merge branch 'develop' of https://github.com/SergioBenitez/gogs into develop # Conflicts: # modules/bindata/bindata.go
10 years ago
initial support for LDAP authentication/MSAD
11 years ago
Significantly enhanced LDAP support in Gogs.
10 years ago
Merge branch 'develop' of https://github.com/SergioBenitez/gogs into develop # Conflicts: # modules/bindata/bindata.go
10 years ago
Significantly enhanced LDAP support in Gogs.
10 years ago
Merge branch 'develop' of https://github.com/SergioBenitez/gogs into develop # Conflicts: # modules/bindata/bindata.go
10 years ago
Significantly enhanced LDAP support in Gogs.
10 years ago
Merge branch 'develop' of https://github.com/SergioBenitez/gogs into develop # Conflicts: # modules/bindata/bindata.go
10 years ago
initial support for LDAP authentication/MSAD
11 years ago
Significantly enhanced LDAP support in Gogs.
10 years ago
Add LDAP over SSL support
11 years ago
initial support for LDAP authentication/MSAD
11 years ago
New UI merge in progress
11 years ago
initial support for LDAP authentication/MSAD
11 years ago
Significantly enhanced LDAP support in Gogs.
10 years ago
initial support for LDAP authentication/MSAD
11 years ago
Significantly enhanced LDAP support in Gogs.
10 years ago
initial support for LDAP authentication/MSAD
11 years ago
Significantly enhanced LDAP support in Gogs.
10 years ago
initial support for LDAP authentication/MSAD
11 years ago
Significantly enhanced LDAP support in Gogs.
10 years ago
initial support for LDAP authentication/MSAD
11 years ago
Significantly enhanced LDAP support in Gogs.
10 years ago
Remove ldap dep
11 years ago
Significantly enhanced LDAP support in Gogs.
10 years ago
initial support for LDAP authentication/MSAD
11 years ago
Significantly enhanced LDAP support in Gogs.
10 years ago
initial support for LDAP authentication/MSAD
11 years ago
Significantly enhanced LDAP support in Gogs.
10 years ago
initial support for LDAP authentication/MSAD
11 years ago
Significantly enhanced LDAP support in Gogs.
10 years ago
initial support for LDAP authentication/MSAD
11 years ago
Add LDAP over SSL support
11 years ago
Remove ldap dep
11 years ago
Add LDAP over SSL support
11 years ago
Significantly enhanced LDAP support in Gogs.
10 years ago
Remove ldap dep
11 years ago
Add LDAP over SSL support
11 years ago
Remove ldap dep
11 years ago
Add LDAP over SSL support
11 years ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. // Package ldap provide functions & structure to query a LDAP ldap directory

  6. // For now, it's mainly tested again an MS Active Directory service, see README.md for more information

  7. package ldap

  8. 

  9. import (

  10. 	"fmt"

  11. 

  12. 	"github.com/gogits/gogs/modules/ldap"

  13. 	"github.com/gogits/gogs/modules/log"

  14. )

  15. 

  16. // Basic LDAP authentication service

  17. type Ldapsource struct {

  18. 	Name             string // canonical name (ie. corporate.ad)

  19. 	Host             string // LDAP host

  20. 	Port             int    // port number

  21. 	UseSSL           bool   // Use SSL

  22. 	BindDN           string // DN to bind with

  23. 	BindPassword     string // Bind DN password

  24. 	UserBase         string // Base search path for users

  25. 	AttributeName    string // First name attribute

  26. 	AttributeSurname string // Surname attribute

  27. 	AttributeMail    string // E-mail attribute

  28. 	Filter           string // Query filter to validate entry

  29. 	Enabled          bool   // if this source is disabled

  30. }

  31. 

  32. func (ls Ldapsource) FindUserDN(name string) (string, bool) {

  33. 	l, err := ldapDial(ls)

  34. 	if err != nil {

  35. 		log.Error(4, "LDAP Connect error, %s:%v", ls.Host, err)

  36. 		ls.Enabled = false

  37. 		return "", false

  38. 	}

  39. 	defer l.Close()

  40. 

  41. 	log.Trace("Search for LDAP user: %s", name)

  42. 	if ls.BindDN != "" && ls.BindPassword != "" {

  43. 		err = l.Bind(ls.BindDN, ls.BindPassword)

  44. 		if err != nil {

  45. 			log.Debug("Failed to bind as BindDN: %s, %s", ls.BindDN, err.Error())

  46. 			return "", false

  47. 		}

  48. 		log.Trace("Bound as BindDN %s", ls.BindDN)

  49. 	} else {

  50. 		log.Trace("Proceeding with anonymous LDAP search.")

  51. 	}

  52. 

  53. 	// A search for the user.

  54. 	userFilter := fmt.Sprintf(ls.Filter, name)

  55. 	log.Trace("Searching using filter %s", userFilter)

  56. 	search := ldap.NewSearchRequest(

  57. 		ls.UserBase, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0,

  58. 		false, userFilter, []string{}, nil)

  59. 

  60. 	// Ensure we found a user

  61. 	sr, err := l.Search(search)

  62. 	if err != nil || len(sr.Entries) < 1 {

  63. 		log.Debug("Failed search using filter %s: %s", userFilter, err.Error())

  64. 		return "", false

  65. 	} else if len(sr.Entries) > 1 {

  66. 		log.Debug("Filter '%s' returned more than one user.", userFilter)

  67. 		return "", false

  68. 	}

  69. 

  70. 	userDN := sr.Entries[0].DN

  71. 	if userDN == "" {

  72. 		log.Error(4, "LDAP search was succesful, but found no DN!")

  73. 		return "", false

  74. 	}

  75. 

  76. 	return userDN, true

  77. }

  78. 

  79. // searchEntry : search an LDAP source if an entry (name, passwd) is valid and in the specific filter

  80. func (ls Ldapsource) SearchEntry(name, passwd string) (string, string, string, bool) {

  81. 	userDN, found := ls.FindUserDN(name)

  82. 	if !found {

  83. 		return "", "", "", false

  84. 	}

  85. 

  86. 	l, err := ldapDial(ls)

  87. 	if err != nil {

  88. 		log.Error(4, "LDAP Connect error, %s:%v", ls.Host, err)

  89. 		ls.Enabled = false

  90. 		return "", "", "", false

  91. 	}

  92. 

  93. 	defer l.Close()

  94. 

  95. 	log.Trace("Binding with userDN: %s", userDN)

  96. 	err = l.Bind(userDN, passwd)

  97. 	if err != nil {

  98. 		log.Debug("LDAP auth. failed for %s, reason: %s", userDN, err.Error())

  99. 		return "", "", "", false

  100. 	}

  101. 

  102. 	log.Trace("Bound successfully with userDN: %s", userDN)

  103. 	userFilter := fmt.Sprintf(ls.Filter, name)

  104. 	search := ldap.NewSearchRequest(

  105. 		userDN, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, userFilter,

  106. 		[]string{ls.AttributeName, ls.AttributeSurname, ls.AttributeMail},

  107. 		nil)

  108. 

  109. 	sr, err := l.Search(search)

  110. 	if err != nil {

  111. 		log.Error(4, "LDAP Search failed unexpectedly! (%s)", err.Error())

  112. 		return "", "", "", false

  113. 	} else if len(sr.Entries) < 1 {

  114. 		log.Error(4, "LDAP Search failed unexpectedly! (0 entries)")

  115. 		return "", "", "", false

  116. 	}

  117. 

  118. 	name_attr := sr.Entries[0].GetAttributeValue(ls.AttributeName)

  119. 	sn_attr := sr.Entries[0].GetAttributeValue(ls.AttributeSurname)

  120. 	mail_attr := sr.Entries[0].GetAttributeValue(ls.AttributeMail)

  121. 	return name_attr, sn_attr, mail_attr, true

  122. }

  123. 

  124. func ldapDial(ls Ldapsource) (*ldap.Conn, error) {

  125. 	if ls.UseSSL {

  126. 		log.Debug("Using TLS for LDAP")

  127. 		return ldap.DialTLS("tcp", fmt.Sprintf("%s:%d", ls.Host, ls.Port), nil)

  128. 	} else {

  129. 		return ldap.Dial("tcp", fmt.Sprintf("%s:%d", ls.Host, ls.Port))

  130. 	}

  131. }

No Description