MCPcopy
hub / github.com/tinyauthapp/tinyauth / Init

Method Init

internal/service/ldap_service.go:59–107  ·  view source on GitHub ↗
()

Source from the content-addressed store, hash-verified

57}
58
59func (ldap *LdapService) Init() error {
60 if ldap.config.Address == "" {
61 ldap.isConfigured = false
62 return nil
63 }
64
65 ldap.isConfigured = true
66
67 // Check whether authentication with client certificate is possible
68 if ldap.config.AuthCert != "" && ldap.config.AuthKey != "" {
69 cert, err := tls.LoadX509KeyPair(ldap.config.AuthCert, ldap.config.AuthKey)
70 if err != nil {
71 return fmt.Errorf("failed to initialize LDAP with mTLS authentication: %w", err)
72 }
73 ldap.cert = &cert
74 tlog.App.Info().Msg("Using LDAP with mTLS authentication")
75
76 // TODO: Add optional extra CA certificates, instead of `InsecureSkipVerify`
77 /*
78 caCert, _ := ioutil.ReadFile(*caFile)
79 caCertPool := x509.NewCertPool()
80 caCertPool.AppendCertsFromPEM(caCert)
81 tlsConfig := &tls.Config{
82 ...
83 RootCAs: caCertPool,
84 }
85 */
86 }
87 _, err := ldap.connect()
88 if err != nil {
89 return fmt.Errorf("failed to connect to LDAP server: %w", err)
90 }
91
92 go func() {
93 for range time.Tick(time.Duration(5) * time.Minute) {
94 err := ldap.heartbeat()
95 if err != nil {
96 tlog.App.Error().Err(err).Msg("LDAP connection heartbeat failed")
97 if reconnectErr := ldap.reconnect(); reconnectErr != nil {
98 tlog.App.Error().Err(reconnectErr).Msg("Failed to reconnect to LDAP server")
99 continue
100 }
101 tlog.App.Info().Msg("Successfully reconnected to LDAP server")
102 }
103 }
104 }()
105
106 return nil
107}
108
109func (ldap *LdapService) connect() (*ldapgo.Conn, error) {
110 ldap.mutex.Lock()

Callers 3

TestUserControllerFunction · 0.95
TestProxyControllerFunction · 0.95
initServicesMethod · 0.95

Calls 3

connectMethod · 0.95
heartbeatMethod · 0.95
reconnectMethod · 0.95

Tested by 2

TestUserControllerFunction · 0.76
TestProxyControllerFunction · 0.76