Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Authentik ¶
Authentik source
func NewAuthentikClient ¶
func NewAuthentikClient(config SourceConfig) (Authentik, error)
NewAuthentikClient init Authentik source
func (Authentik) GetGroupByName ¶
GetGroupByName Get Authentik group by name
func (Authentik) GetGroupMembers ¶
GetGroupMembers Get Authentik group members
type Jumpcloud ¶
type Jumpcloud struct {
V1 *jcapiv1.APIClient
V1Auth context.Context
V2 *jcapiv2.APIClient
V2Auth context.Context
ContentType string
}
Jumpcloud source
func NewJCClient ¶
func NewJCClient(config SourceConfig) (Jumpcloud, error)
NewJCClient init Jumpcloud source
func (Jumpcloud) GetGroupByName ¶
GetGroupByName Get Jumpcloud group by name
func (Jumpcloud) GetGroupMembers ¶
GetGroupMembers gets ALL JumpCloud group members (handles pagination)
type LDAP ¶ added in v1.1.0
type LDAP struct {
Addr string // "host:389" or "host:636"
UseTLS bool // true for LDAPS on 636 (preferred). If false, StartTLS is attempted.
BindDN string
BindPass string
BaseDN string
// Attribute preferences (override if your directory differs)
GroupNameAttr string // usually "cn"
UserEmailAttr string // AD: "mail" (or "userPrincipalName"); OpenLDAP/JumpCloud: "mail"
UserLoginAttrs []string // tried in order to produce username: e.g. ["sAMAccountName","uid","cn"]
GroupMemberAttrs []string // for DN members: ["member","uniqueMember"]
PosixMemberUidAttr string // for posixGroup usernames: "memberUid"
UserObjectClasses []string // e.g. ["person","organizationalPerson","user","inetOrgPerson"]
GroupObjectClasses []string // e.g. ["groupOfNames","group","posixGroup"]
// When true, if a member is a group DN, expand one level (NOT recursive).
ExpandOneLevelNested bool
// Domain used to synthesize an email when none is present (username@DefaultEmailDomain).
DefaultEmailDomain string
}
LDAP implements Source for LDAP directories (AD / OpenLDAP / JumpCloud LDAPaaS). It supports:
- groupOfNames / group via "member" / "uniqueMember" (DN-valued)
- posixGroup via "memberUid" (login name / uid-valued)
func NewLDAPClient ¶ added in v1.1.0
func NewLDAPClient(config SourceConfig) (*LDAP, error)
NewLDAPClient constructs an LDAP client with sensible defaults.
func (*LDAP) GetGroupByName ¶ added in v1.1.0
GetGroupByName finds the first group whose GroupNameAttr (default "cn") exactly matches the provided groupName. It returns the group's DN as ID.
func (*LDAP) GetGroupMembers ¶ added in v1.1.0
GetGroupMembers returns users in the group identified by groupID (expected to be a DN). For posixGroup, it resolves memberUid logins to user entries. For groupOfNames/group, it resolves each member DN to a user entry. If ExpandOneLevelNested is true, a member that is itself a group will be expanded one level.
type Source ¶
type Source interface {
GetGroupByName(grounName string) (*models.Group, error)
GetGroupMembers(groupId string, stripEmailDomain bool) ([]models.User, error)
GetUserInfo(userId string, stripEmailDomain bool) (models.User, error)
}
Source interface
type SourceConfig ¶
type SourceConfig struct {
Name string // Name source name
Endpoint string // Endpoint source endpoint
Token string // Token source auth token
LDAPBindPassword string // LDAP bind password
LDAPBindDN string // LDAP BindDN
LDAPBaseDN string // LDAP BaseDN
LDAPDefaultEmailDomain string // Default email domain what used for synthesize an email when none is present (username@DefaultEmailDomain).
}
SourceConfig config source
Source Files