ldap

package

v1.4.25 Latest Latest Go to latest Published: Sep 24, 2021 License: Apache-2.0 Imports: 16 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/stever/caddy-auth-portal

Links

Open Source Insights

Documentation ¶

Index ¶

type AuthServer
type Authenticator
- func NewAuthenticator() *Authenticator
type Backend
- func NewDatabaseBackend(cfg *Config, logger *zap.Logger) *Backend
type Config
type UserAttributes
type UserGroup

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AuthServer ¶

type AuthServer struct {
	Address          string   `json:"addr,omitempty"`
	URL              *url.URL `json:"-"`
	Port             string   `json:"-"`
	IgnoreCertErrors bool     `json:"ignore_cert_errors,omitempty"`
	Timeout          int      `json:"timeout,omitempty"`
}

AuthServer represents an instance of LDAP server.

type Authenticator ¶

type Authenticator struct {
	// contains filtered or unexported fields
}

Authenticator represents database connector.

func NewAuthenticator ¶

func NewAuthenticator() *Authenticator

NewAuthenticator returns an instance of Authenticator.

func (*Authenticator) AuthenticateUser ¶

func (sa *Authenticator) AuthenticateUser(r *requests.Request) error

AuthenticateUser checks the database for the presence of a username/email and password and returns user claims.

func (*Authenticator) ConfigureBindCredentials ¶

func (sa *Authenticator) ConfigureBindCredentials(cfg *Config) error

ConfigureBindCredentials configures user credentials for LDAP binding.

func (*Authenticator) ConfigureRealm ¶

func (sa *Authenticator) ConfigureRealm(cfg *Config) error

ConfigureRealm configures a domain name (realm) associated with the instance of authenticator.

func (*Authenticator) ConfigureSearch ¶

func (sa *Authenticator) ConfigureSearch(cfg *Config) error

ConfigureSearch configures base DN, search filter, attributes for LDAP queries.

func (*Authenticator) ConfigureServers ¶

func (sa *Authenticator) ConfigureServers(cfg *Config) error

ConfigureServers configures the addresses of LDAP servers.

func (*Authenticator) ConfigureTrustedAuthorities ¶

func (sa *Authenticator) ConfigureTrustedAuthorities(cfg *Config) error

ConfigureTrustedAuthorities configured trusted certificate authorities, if any.

func (*Authenticator) ConfigureUserGroups ¶

func (sa *Authenticator) ConfigureUserGroups(cfg *Config) error

ConfigureUserGroups configures user group bindings for LDAP searching.

type Backend ¶

type Backend struct {
	Config        *Config        `json:"-"`
	Authenticator *Authenticator `json:"-"`
	// contains filtered or unexported fields
}

Backend represents authentication provider with LDAP backend.

func NewDatabaseBackend ¶

func NewDatabaseBackend(cfg *Config, logger *zap.Logger) *Backend

NewDatabaseBackend return an instance of authentication provider with LDAP backend.

func (*Backend) Authenticate ¶

func (b *Backend) Authenticate(r *requests.Request) error

Authenticate performs authentication.

func (*Backend) Configure ¶

func (b *Backend) Configure() error

Configure configures Backend.

func (*Backend) GetConfig ¶

func (b *Backend) GetConfig() string

GetConfig returns Backend configuration.

func (*Backend) GetMethod ¶

func (b *Backend) GetMethod() string

GetMethod returns the authentication method associated with this backend.

func (*Backend) GetName ¶

func (b *Backend) GetName() string

GetName return the name associated with this backend.

func (*Backend) GetRealm ¶

func (b *Backend) GetRealm() string

GetRealm return authentication realm.

func (*Backend) Request ¶

func (b *Backend) Request(op operator.Type, r *requests.Request) error

Request performs the requested backend operation.

func (*Backend) Validate ¶

func (b *Backend) Validate() error

Validate checks whether Backend is functional.

type Config ¶

type Config struct {
	Name               string         `json:"name,omitempty"`
	Method             string         `json:"method,omitempty"`
	Realm              string         `json:"realm,omitempty"`
	Servers            []AuthServer   `json:"servers,omitempty"`
	BindUsername       string         `json:"username,omitempty"`
	BindPassword       string         `json:"password,omitempty"`
	Attributes         UserAttributes `json:"attributes,omitempty"`
	SearchBaseDN       string         `json:"search_base_dn,omitempty"`
	SearchFilter       string         `json:"search_filter,omitempty"`
	Groups             []UserGroup    `json:"groups,omitempty"`
	TrustedAuthorities []string       `json:"trusted_authorities,omitempty"`
}

Config holds the configuration for the backend.

type UserAttributes ¶

type UserAttributes struct {
	Name     string `json:"name,omitempty"`
	Surname  string `json:"surname,omitempty"`
	Username string `json:"username,omitempty"`
	MemberOf string `json:"member_of,omitempty"`
	Email    string `json:"email,omitempty"`
}

UserAttributes represent the mapping of LDAP attributes to JWT fields.

type UserGroup ¶

type UserGroup struct {
	GroupDN string   `json:"dn,omitempty"`
	Roles   []string `json:"roles,omitempty"`
}

UserGroup represent the binding between BaseDN and a serarch filter. Upon successful authentation for the combination, a user gets assigned the roles associated with the binding.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL