MCPcopy Index your code
hub / github.com/tinyauthapp/tinyauth / connect

Method connect

internal/service/ldap_service.go:109–144  ·  view source on GitHub ↗
()

Source from the content-addressed store, hash-verified

107}
108
109func (ldap *LdapService) connect() (*ldapgo.Conn, error) {
110 ldap.mutex.Lock()
111 defer ldap.mutex.Unlock()
112
113 var conn *ldapgo.Conn
114 var err error
115
116 // TODO: There's also STARTTLS (or SASL)-based mTLS authentication
117 // scenario, where we first connect to plain text port (389) and
118 // continue with a STARTTLS negotiation:
119 // 1. conn = ldap.DialURL("ldap://ldap.example.com:389")
120 // 2. conn.StartTLS(tlsConfig)
121 // 3. conn.externalBind()
122 if ldap.cert != nil {
123 conn, err = ldapgo.DialURL(ldap.config.Address, ldapgo.DialWithTLSConfig(&tls.Config{
124 MinVersion: tls.VersionTLS12,
125 Certificates: []tls.Certificate{*ldap.cert},
126 }))
127 } else {
128 conn, err = ldapgo.DialURL(ldap.config.Address, ldapgo.DialWithTLSConfig(&tls.Config{
129 InsecureSkipVerify: ldap.config.Insecure,
130 MinVersion: tls.VersionTLS12,
131 }))
132 }
133 if err != nil {
134 return nil, err
135 }
136
137 ldap.conn = conn
138
139 err = ldap.BindService(false)
140 if err != nil {
141 return nil, err
142 }
143 return ldap.conn, nil
144}
145
146func (ldap *LdapService) GetUserDN(username string) (string, error) {
147 // Escape the username to prevent LDAP injection

Callers 2

InitMethod · 0.95
reconnectMethod · 0.95

Calls 1

BindServiceMethod · 0.95

Tested by

no test coverage detected