aboutsummaryrefslogtreecommitdiff
path: root/main.go
diff options
context:
space:
mode:
Diffstat (limited to 'main.go')
-rw-r--r--main.go111
1 files changed, 65 insertions, 46 deletions
diff --git a/main.go b/main.go
index f717382..aeeb421 100644
--- a/main.go
+++ b/main.go
@@ -58,26 +58,12 @@ func parseConsulResult(data []*consul.KVPair) (map[string]Entry, error) {
if _, exists := aggregator[dn]; !exists {
aggregator[dn] = Entry{}
}
- var value interface{}
+ var value []string
err := json.Unmarshal(val, &value)
if err != nil {
return nil, err
}
- if vlist, ok := value.([]interface{}); ok {
- vlist2 := []string{}
- for _, v := range vlist {
- if vstr, ok := v.(string); ok {
- vlist2 = append(vlist2, vstr)
- } else {
- return nil, fmt.Errorf("Not a string: %#v", v)
- }
- }
- aggregator[dn][attr] = vlist2
- } else if vstr, ok := value.(string); ok {
- aggregator[dn][attr] = vstr
- } else {
- return nil, fmt.Errorf("Not a string or a list of strings: %#v", value)
- }
+ aggregator[dn][attr] = value
}
return aggregator, nil
@@ -119,7 +105,7 @@ type State struct {
bindDn string
}
-type Entry map[string]interface{}
+type Entry map[string][]string
func main() {
//ldap logger
@@ -152,6 +138,7 @@ func main() {
routes := ldap.NewRouteMux()
routes.Bind(gobottin.handleBind)
routes.Search(gobottin.handleSearch)
+ routes.Add(gobottin.handleAdd)
ldapserver.Handle(routes)
// listen on 10389
@@ -179,13 +166,13 @@ func (server *Server) init() error {
base_attributes := Entry{
"objectClass": []string{"top", "dcObject", "organization"},
- "structuralObjectClass": "Organization",
+ "structuralObjectClass": []string{"Organization"},
}
suffix_dn, err := parseDN(server.config.Suffix)
if err != nil {
return err
}
- base_attributes[suffix_dn[0].Type] = suffix_dn[0].Value
+ base_attributes[suffix_dn[0].Type] = []string{suffix_dn[0].Value}
err = server.addElements(server.config.Suffix, base_attributes)
if err != nil {
@@ -200,10 +187,10 @@ func (server *Server) init() error {
admin_dn := "cn=admin," + server.config.Suffix
admin_attributes := Entry{
"objectClass": []string{"simpleSecurityObject", "organizationalRole"},
- "description": "LDAP administrator",
- "cn": "admin",
- "userpassword": admin_pass_hash,
- "structuralObjectClass": "organizationalRole",
+ "description": []string{"LDAP administrator"},
+ "cn": []string{"admin"},
+ "userpassword": []string{admin_pass_hash},
+ "structuralObjectClass": []string{"organizationalRole"},
"permissions": []string{"read", "write"},
}
@@ -241,7 +228,7 @@ func (server *Server) handleBind(s ldap.UserState, w ldap.ResponseWriter, m *lda
state := s.(*State)
r := m.GetBindRequest()
- result_code, err := server.handleBindInternal(state, w, &r)
+ result_code, err := server.handleBindInternal(state, &r)
res := ldap.NewBindResponse(result_code)
if err != nil {
@@ -251,7 +238,7 @@ func (server *Server) handleBind(s ldap.UserState, w ldap.ResponseWriter, m *lda
w.Write(res)
}
-func (server *Server) handleBindInternal(state *State, w ldap.ResponseWriter, r *message.BindRequest) (int, error) {
+func (server *Server) handleBindInternal(state *State, r *message.BindRequest) (int, error) {
pair, _, err := server.kv.Get(dnToConsul(string(r.Name()))+"/attribute=userpassword", nil)
if err != nil {
@@ -340,16 +327,9 @@ func (server *Server) handleSearchInternal(state *State, w ldap.ResponseWriter,
}
}
// Send result
- if val_str, ok := val.(string); ok {
+ for _, v := range val {
e.AddAttribute(message.AttributeDescription(attr),
- message.AttributeValue(val_str))
- } else if val_strlist, ok := val.([]string); ok {
- for _, v := range val_strlist {
- e.AddAttribute(message.AttributeDescription(attr),
- message.AttributeValue(v))
- }
- } else {
- panic(fmt.Sprintf("Invalid value: %#v", val))
+ message.AttributeValue(v))
}
}
w.Write(e)
@@ -402,20 +382,12 @@ func applyFilter(entry Entry, filter message.Filter) (bool, error) {
// Case insensitive attribute search
for entry_desc, value := range entry {
if strings.EqualFold(entry_desc, desc) {
- if vstr, ok := value.(string); ok {
- // If we have one value for the key, match exactly
- return vstr == target, nil
- } else if vlist, ok := value.([]string); ok {
- // If we have several values for the key, one must match
- for _, val := range vlist {
- if val == target {
- return true, nil
- }
+ for _, val := range value {
+ if val == target {
+ return true, nil
}
- return false, nil
- } else {
- panic(fmt.Sprintf("Invalid value: %#v", value))
}
+ return false, nil
}
}
return false, nil
@@ -423,3 +395,50 @@ func applyFilter(entry Entry, filter message.Filter) (bool, error) {
return false, fmt.Errorf("Unsupported filter: %#v %T", filter, filter)
}
}
+
+func (server *Server) handleAdd(s ldap.UserState, w ldap.ResponseWriter, m *ldap.Message) {
+ state := s.(*State)
+ r := m.GetAddRequest()
+
+ code, err := server.handleAddInternal(state, &r)
+
+ res := ldap.NewResponse(code)
+ if err != nil {
+ res.SetDiagnosticMessage(err.Error())
+ }
+ w.Write(message.AddResponse(res))
+}
+
+func (server *Server) handleAddInternal(state *State, r *message.AddRequest) (int, error) {
+ dn := string(r.Entry())
+
+ prefix := dnToConsul(dn) + "/"
+
+ data, _, err := server.kv.List(prefix, nil)
+ if err != nil {
+ return ldap.LDAPResultOperationsError, err
+ }
+ if len(data) > 0 {
+ return ldap.LDAPResultEntryAlreadyExists, nil
+ }
+
+ // TODO check permissions
+
+ entry := Entry{}
+ for _, attribute := range r.Attributes() {
+ key := string(attribute.Type_())
+ vals_str := []string{}
+ for _, val := range attribute.Vals() {
+ vals_str = append(vals_str, string(val))
+ }
+ entry[key] = vals_str
+ }
+
+ err = server.addElements(dn, entry)
+ if err != nil {
+ return ldap.LDAPResultOperationsError, err
+ }
+
+ return ldap.LDAPResultSuccess, nil
+}
+