From de814e74ec69a847c13cc466b5bf25864a30a90e Mon Sep 17 00:00:00 2001
From: dlampsi <32041193+dlampsi@users.noreply.github.com>
Date: Wed, 3 Mar 2021 12:08:45 +0300
Subject: [PATCH] Fixing client connection overwrite (#6)

---
 adc.go | 24 ++++++++++++++++--------
 1 file changed, 16 insertions(+), 8 deletions(-)

diff --git a/adc.go b/adc.go
index de4a422..404a8e6 100644
--- a/adc.go
+++ b/adc.go
@@ -81,11 +81,7 @@ func (cl *Client) connect(bind *BindAccount) (ldap.Client, error) {
 
 	// Use default ldap module connection if no ldap client provided in client
 	if ldapCl == nil {
-		var opts []ldap.DialOpt
-		if strings.HasPrefix("ldaps://", cl.cfg.URL) {
-			opts = append(opts, ldap.DialWithTLSConfig(&tls.Config{InsecureSkipVerify: cl.cfg.InsecureTLS}))
-		}
-		conn, err := ldap.DialURL(cl.cfg.URL, opts...)
+		conn, err := cl.dialLdap()
 		if err != nil {
 			return nil, err
 		}
@@ -101,6 +97,15 @@ func (cl *Client) connect(bind *BindAccount) (ldap.Client, error) {
 	return ldapCl, nil
 }
 
+// Dials ldap server provided in client configuration.
+func (cl *Client) dialLdap() (ldap.Client, error) {
+	var opts []ldap.DialOpt
+	if strings.HasPrefix("ldaps://", cl.cfg.URL) {
+		opts = append(opts, ldap.DialWithTLSConfig(&tls.Config{InsecureSkipVerify: cl.cfg.InsecureTLS}))
+	}
+	return ldap.DialURL(cl.cfg.URL, opts...)
+}
+
 // Closes connection to AD.
 func (cl *Client) Disconnect() {
 	if cl.ldapCl != nil {
@@ -143,11 +148,14 @@ func (cl *Client) updateAttribute(dn string, attribute string, values []string)
 
 // Tries to authorise in AcitveDirecotry by provided DN and password and return error if failed.
 func (cl *Client) CheckAuthByDN(dn, password string) error {
-	bind := &BindAccount{DN: dn, Password: password}
-	conn, err := cl.connect(bind)
+	conn, err := cl.dialLdap()
 	if err != nil {
 		return err
 	}
-	conn.Close()
+	defer conn.Close()
+
+	if err := conn.Bind(dn, password); err != nil {
+		return err
+	}
 	return nil
 }