| 144 | } |
| 145 | |
| 146 | func (ldap *LdapService) GetUserDN(username string) (string, error) { |
| 147 | // Escape the username to prevent LDAP injection |
| 148 | escapedUsername := ldapgo.EscapeFilter(username) |
| 149 | filter := fmt.Sprintf(ldap.config.SearchFilter, escapedUsername) |
| 150 | |
| 151 | searchRequest := ldapgo.NewSearchRequest( |
| 152 | ldap.config.BaseDN, |
| 153 | ldapgo.ScopeWholeSubtree, ldapgo.NeverDerefAliases, 0, 0, false, |
| 154 | filter, |
| 155 | []string{"dn"}, |
| 156 | nil, |
| 157 | ) |
| 158 | |
| 159 | ldap.mutex.Lock() |
| 160 | defer ldap.mutex.Unlock() |
| 161 | |
| 162 | searchResult, err := ldap.conn.Search(searchRequest) |
| 163 | if err != nil { |
| 164 | return "", err |
| 165 | } |
| 166 | |
| 167 | if len(searchResult.Entries) != 1 { |
| 168 | return "", fmt.Errorf("multiple or no entries found for user %s", username) |
| 169 | } |
| 170 | |
| 171 | userDN := searchResult.Entries[0].DN |
| 172 | return userDN, nil |
| 173 | } |
| 174 | |
| 175 | func (ldap *LdapService) GetUserGroups(userDN string) ([]string, error) { |
| 176 | escapedUserDN := ldapgo.EscapeFilter(userDN) |