-
-
Notifications
You must be signed in to change notification settings - Fork 5
/
config.go
149 lines (132 loc) · 4.3 KB
/
config.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
package adc
import (
"time"
)
type Config struct {
// LDAP server URL. Examle 'ldaps://cl.local:636'
URL string `json:"url"`
// Use insecure SSL connection.
InsecureTLS bool `json:"insecure_tls"`
// Time limit for requests.
Timeout time.Duration
// Base OU for search requests.
SearchBase string `json:"search_base"`
// Bind account info.
Bind *BindAccount `json:"bind"`
// Requests filters vars.
Users *UsersConfigs `json:"users"`
// Requests filters vars.
Groups *GroupsConfigs `json:"groups"`
}
// Account attributes to authentificate in AD.
type BindAccount struct {
DN string `json:"dn"`
Password string `json:"password"`
}
type UsersConfigs struct {
// The ID attribute name for group.
IdAttribute string `json:"id_attribute"`
// User attributes for fetch from AD.
Attributes []string `json:"attributes"`
// Base OU to search users requests. Sets to Config.SearchBase if not provided.
SearchBase string `json:"search_base"`
// LDAP filter to get user by ID.
FilterById string `json:"filter_by_id"`
// LDAP filter to get user by DN.
FilterByDn string `json:"filter_by_dn"`
// LDAP filter to get user groups membership.
FilterGroupsByDn string `json:"filter_groups_by_dn"`
}
type GroupsConfigs struct {
// The ID attribute name for group.
IdAttribute string `json:"id_attribute"`
// Group attributes for fetch from AD.
Attributes []string `json:"attributes"`
// Base OU to search groups requests. Sets to Config.SearchBase if not provided.
SearchBase string `json:"search_base"`
// LDAP filter to get group by ID.
FilterById string `json:"filter_by_id"`
// LDAP filter to get group by DN.
FilterByDn string `json:"filter_by_dn"`
// LDAP filter to get group members.
FilterMembersByDn string `json:"filter_members_by_dn"`
}
// Appends attributes to params in client config file.
func (cfg *Config) AppendUsesAttributes(attrs ...string) {
cfg.Users.Attributes = append(cfg.Users.Attributes, attrs...)
}
// Appends attributes to params in client config file.
func (cfg *Config) AppendGroupsAttributes(attrs ...string) {
cfg.Groups.Attributes = append(cfg.Groups.Attributes, attrs...)
}
func getDefaultConfig() *Config {
return &Config{
Timeout: 10 * time.Second,
Users: &UsersConfigs{
IdAttribute: "sAMAccountName",
Attributes: []string{"sAMAccountName", "givenName", "sn", "mail"},
FilterById: "(&(objectClass=person)(sAMAccountName=%v))",
FilterByDn: "(&(objectClass=person)(distinguishedName=%v))",
FilterGroupsByDn: "(&(objectClass=group)(member=%v))",
},
Groups: &GroupsConfigs{
IdAttribute: "sAMAccountName",
Attributes: []string{"sAMAccountName", "cn", "description"},
FilterById: "(&(objectClass=group)(sAMAccountName=%v))",
FilterByDn: "(&(objectClass=group)(distinguishedName=%v))",
FilterMembersByDn: "(&(objectCategory=person)(memberOf=%v))",
},
}
}
func populateConfig(cfg *Config) *Config {
result := getDefaultConfig()
if cfg == nil {
return result
}
result.URL = cfg.URL
result.InsecureTLS = cfg.InsecureTLS
result.SearchBase = cfg.SearchBase
result.Users.SearchBase = cfg.SearchBase
result.Groups.SearchBase = cfg.SearchBase
result.Bind = cfg.Bind
if cfg.Timeout != 0 {
result.Timeout = cfg.Timeout
}
if cfg.Users != nil {
result.Users.SearchBase = cfg.Users.SearchBase
if len(cfg.Users.Attributes) > 0 {
result.Users.Attributes = cfg.Users.Attributes
}
if cfg.Users.IdAttribute != "" {
result.Users.IdAttribute = cfg.Users.IdAttribute
}
if cfg.Users.FilterById != "" {
result.Users.FilterById = cfg.Users.FilterById
}
if cfg.Users.FilterByDn != "" {
result.Users.FilterByDn = cfg.Users.FilterByDn
}
if cfg.Users.FilterGroupsByDn != "" {
result.Users.FilterGroupsByDn = cfg.Users.FilterGroupsByDn
}
}
if cfg.Groups != nil {
result.Groups.SearchBase = cfg.Groups.SearchBase
if len(cfg.Groups.Attributes) > 0 {
result.Groups.Attributes = cfg.Groups.Attributes
}
if cfg.Groups.IdAttribute != "" {
result.Groups.IdAttribute = cfg.Groups.IdAttribute
}
if cfg.Groups.FilterById != "" {
result.Groups.FilterById = cfg.Groups.FilterById
}
if cfg.Groups.FilterByDn != "" {
result.Groups.FilterByDn = cfg.Groups.FilterByDn
}
if cfg.Groups.FilterMembersByDn != "" {
result.Groups.FilterMembersByDn = cfg.Groups.FilterMembersByDn
}
}
return result
}