ldap

package

v0.0.0-...-8fe0c81 Latest Latest Go to latest Published: Sep 30, 2022 License: GPL-3.0 Imports: 12 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/koobind/koobind

Documentation ¶

Index ¶

type LdapProviderConfig
- func (this *LdapProviderConfig) Open(idx int, configFolder string) (providers.Provider, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type LdapProviderConfig ¶

type LdapProviderConfig struct {
	config.BaseProviderConfig `yaml:",inline"`

	// The host and port of the LDAP server.
	// If port isn't supplied, it will be guessed based on the TLS configuration. 389 or 636.
	Host string `yaml:"host"`
	Port string `yaml:"port"`

	// Required if LDAP host does not use TLS.
	InsecureNoSSL bool `yaml:"insecureNoSSL"`

	// Don't verify the CA.
	InsecureSkipVerify bool `yaml:"insecureSkipVerify"`

	// Connect to the insecure port then issue a StartTLS command to negotiate a
	// secure connection. If unsupplied secure connections will use the LDAPS
	// protocol.
	StartTLS bool `yaml:"startTLS"`

	// Path to a trusted root certificate file.
	RootCA string `yaml:"rootCA"`
	// Base64 encoded PEM data containing root CAs.
	RootCAData []byte `yaml:"rootCAData"`
	// Path to a client cert file
	ClientCert string `yaml:"clientCert"`
	// Path to a client private key file
	ClientKey string `yaml:"clientKey"`

	// BindDN and BindPW for an application service account. The connector uses these
	// credentials to search for users and groups.
	BindDN string `yaml:"bindDN"`
	BindPW string `yaml:"bindPW"`

	UserSearch struct {
		// BaseDN to start the search from. For example "cn=users,dc=example,dc=com"
		BaseDN string `yaml:"baseDN"`

		// Optional filter to apply when searching the directory. For example "(objectClass=person)"
		Filter string `yaml:"filter"`

		// Attribute to match against the login. This will be translated and combined
		// with the other filter as "(<loginAttr>=<login>)".
		LoginAttr string `yaml:"loginAttr"`

		// Can either be:
		// * "sub" - search the whole sub tree
		// * "one" - only search one level
		Scope string `yaml:"scope"`

		// The attribute providing the numerical user ID
		NumericalIdAttr string `yaml:"numericalIdAttr"`

		// The attribute providing the user's email
		EmailAttr string `yaml:"emailAttr"`

		// The attribute providing the user's common name
		CnAttr string `yaml:"cnAttr"`
	} `yaml:"userSearch"`

	// Group search configuration.
	GroupSearch struct {
		// BaseDN to start the search from. For example "cn=groups,dc=example,dc=com"
		BaseDN string `yaml:"baseDN"`

		// Optional filter to apply when searching the directory. For example "(objectClass=posixGroup)"
		Filter string `yaml:"filter"`

		Scope string `yaml:"scope"` // Defaults to "sub"

		// The attribute of the group that represents its name.
		NameAttr string `yaml:"nameAttr"`

		// The filter for group/user relationship will be: (<linkGroupAttr>=<Value of LinkUserAttr for the user>)
		// If there is several value for LinkUserAttr, we will loop on.
		LinkUserAttr  string `yaml:"linkUserAttr"`
		LinkGroupAttr string `yaml:"linkGroupAttr"`
	} `yaml:"groupSearch"`
}

NB: These values are strongly inspired from dex configuration (https://github.com/dexidp/dex)

func (*LdapProviderConfig) Open ¶

func (this *LdapProviderConfig) Open(idx int, configFolder string) (providers.Provider, error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL