We use cookies to ensure you get the best experience on our website
Accueil Explorer
Connexion
egonr
/
gogs
miroir de https://github.com/gogs/gogs
1
0
Fork 0
Fichiers
Aborescence: 2316b09eaf
Branches Tags
gogs
/
internal
/
auth
/
ldap
/
provider.go

provider.go 1.7 KB
Historique Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374 
  1. package ldap
    2. 

  2. 

  3. import (
    4. 

  4. 	"fmt"
    5. 

  5. 

  6. 	"gogs.io/gogs/internal/auth"
    7. 

  7. )
    8. 

  8. 

  9. // Provider contains configuration of an LDAP authentication provider.
    10. 

  10. type Provider struct {
    11. 

  11. 	directBind bool
    12. 

  12. 	config     *Config
    13. 

  13. }
    14. 

  14. 

  15. // NewProvider creates a new LDAP authentication provider.
    16. 

  16. func NewProvider(directBind bool, cfg *Config) auth.Provider {
    17. 

  17. 	return &Provider{
    18. 

  18. 		directBind: directBind,
    19. 

  19. 		config:     cfg,
    20. 

  20. 	}
    21. 

  21. }
    22. 

  22. 

  23. // Authenticate queries if login/password is valid against the LDAP directory pool,
    24. 

  24. // and returns queried information when succeeded.
    25. 

  25. func (p *Provider) Authenticate(login, password string) (*auth.ExternalAccount, error) {
    26. 

  26. 	username, fn, sn, email, isAdmin, succeed := p.config.searchEntry(login, password, p.directBind)
    27. 

  27. 	if !succeed {
    28. 

  28. 		return nil, auth.ErrBadCredentials{Args: map[string]any{"login": login}}
    29. 

  29. 	}
    30. 

  30. 

  31. 	if username == "" {
    32. 

  32. 		username = login
    33. 

  33. 	}
    34. 

  34. 	if email == "" {
    35. 

  35. 		email = fmt.Sprintf("%s@localhost", username)
    36. 

  36. 	}
    37. 

  37. 

  38. 	composeFullName := func(firstname, surname, username string) string {
    39. 

  39. 		switch {
    40. 

  40. 		case firstname == "" && surname == "":
    41. 

  41. 			return username
    42. 

  42. 		case firstname == "":
    43. 

  43. 			return surname
    44. 

  44. 		case surname == "":
    45. 

  45. 			return firstname
    46. 

  46. 		default:
    47. 

  47. 			return firstname + " " + surname
    48. 

  48. 		}
    49. 

  49. 	}
    50. 

  50. 

  51. 	return &auth.ExternalAccount{
    52. 

  52. 		Login:    login,
    53. 

  53. 		Name:     username,
    54. 

  54. 		FullName: composeFullName(fn, sn, username),
    55. 

  55. 		Email:    email,
    56. 

  56. 		Admin:    isAdmin,
    57. 

  57. 	}, nil
    58. 

  58. }
    59. 

  59. 

  60. func (p *Provider) Config() any {
    61. 

  61. 	return p.config
    62. 

  62. }
    63. 

  63. 

  64. func (p *Provider) HasTLS() bool {
    65. 

  65. 	return p.config.SecurityProtocol > SecurityProtocolUnencrypted
    66. 

  66. }
    67. 

  67. 

  68. func (p *Provider) UseTLS() bool {
    69. 

  69. 	return p.config.SecurityProtocol > SecurityProtocolUnencrypted
    70. 

  70. }
    71. 

  71. 

  72. func (p *Provider) SkipTLSVerify() bool {
    73. 

  73. 	return p.config.SkipVerify
    74. 

  74. }
    75.