This commit further refactors existing work to make windows LDAP and … #18021
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
alistanis
force-pushed
the
ccooper/refactor-desktop-certificate-generation
branch
2 times, most recently
from
135ef5a
to
7766dcb
Compare
zmb3
approved these changes
Nov 2, 2022
lib/auth/windows/ldap.go
Outdated
| return sb.String() | ||
| } | ||
|
|
||
| // ComputerAttributes are the attributes we fetch when discovering |
There was a problem hiding this comment.
These can probably stay in windows_server.go since they are tailored towards discovering computers for desktop access.
There was a problem hiding this comment.
I see your point there. That makes sense.
alistanis
force-pushed
the
ccooper/refactor-desktop-certificate-generation
branch
from
7766dcb
to
4dde4e3
Compare
smallinsky
approved these changes
Nov 3, 2022
Comment on lines
30
to
34
| func NewCertificateAuthority(clusterName string, | ||
| ldapConfig LDAPConfig, | ||
| ldapClient *LDAPClient, | ||
| ap auth.WindowsDesktopAccessPoint, | ||
| log logrus.FieldLogger) *CertificateAuthority { |
There was a problem hiding this comment.
nit: Why not just:
Suggested change
| func NewCertificateAuthority(clusterName string, | |
| ldapConfig LDAPConfig, | |
| ldapClient *LDAPClient, | |
| ap auth.WindowsDesktopAccessPoint, | |
| log logrus.FieldLogger) *CertificateAuthority { | |
| func NewCertificateAuthority(cfg CertificateAuthorityConfig) (*CertificateAuthority, error) { | |
| if err := cfg.ValidateAndSetDefault(); err != nil { | |
| return nil, err | |
| } | |
| return CertificateAuthority{cfg: cfg}, nil | |
| } |
where clusterName and lc can be part of CertificateAuthorityConfig
There was a problem hiding this comment.
Sounds very reasonable.
lib/srv/desktop/windows_server.go
Outdated
| @@ -351,6 +364,8 @@ func NewWindowsService(cfg WindowsServiceConfig) (*WindowsService, error) { | |||
| s.cfg.Log.Infoln("desktop discovery via LDAP is disabled, set 'base_dn' to enable") | |||
| } | |||
|
|
|||
| s.ca = windows.NewCertificateAuthority(s.clusterName, s.cfg.LDAPConfig, s.lc, s.cfg.AccessPoint, s.cfg.Log) | |||
There was a problem hiding this comment.
nit: What would you cay about renaming NewCertificateAuthority to something like NewStoreClient ?
At first glance ca and NewCertificateAuthority naming is a bit misleading for a reader and indicatate the ca contains some kind of CertificateAuthority object but actually the ca is a windows store client that allows to update ca in that store.
There was a problem hiding this comment.
I think that's a good idea.
alistanis
force-pushed
the
ccooper/refactor-desktop-certificate-generation
branch
3 times, most recently
from
a84d1e1
to
70c6fed
Compare
alistanis
force-pushed
the
ccooper/refactor-desktop-certificate-generation
branch
5 times, most recently
from
f9213f7
to
a54b6f2
Compare
This commit further refactors existing work to make windows LDAP and Certificate services available to other parts of Teleport. In particular, this PR moves the majority of the LDAP and CA services from windows_server.go into the windows package and into a new structure CertificateAuthority
alistanis
force-pushed
the
ccooper/refactor-desktop-certificate-generation
branch
from
a54b6f2
to
6771e20
Compare
ibeckermayer
pushed a commit
that referenced
this pull request
Dec 29, 2022
This commit further refactors existing work to make windows LDAP and Certificate services available to other parts of Teleport. In particular, this PR moves the majority of the LDAP and CA services from windows_server.go into the windows package and into a new structure CertificateAuthority
ibeckermayer
pushed a commit
that referenced
this pull request
Jan 3, 2023
This commit further refactors existing work to make windows LDAP and Certificate services available to other parts of Teleport. In particular, this PR moves the majority of the LDAP and CA services from windows_server.go into the windows package and into a new structure CertificateAuthority
ibeckermayer
pushed a commit
that referenced
this pull request
Jan 3, 2023
This commit further refactors existing work to make windows LDAP and Certificate services available to other parts of Teleport. In particular, this PR moves the majority of the LDAP and CA services from windows_server.go into the windows package and into a new structure CertificateAuthority
ibeckermayer
added a commit
that referenced
this pull request
Jan 6, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
…Certificate services available to other parts of Teleport. In particular, this PR moves the majority of the LDAP and CA services from windows_server.go into the windows package and into a new structure CertificateAuthority