reversuserldap

2026-02-03 10:04:10 +01:00
parent 980fd50cf5
commit 3f245b3f02
3 changed files with 2 additions and 6 deletions
--- a/conf/config.go
+++ b/conf/config.go
@@ -12,7 +12,6 @@ type Config struct {
 	LDAPBindDN     string
 	LDAPBindPW     string
 	LDAPBaseDN     string
-	LDAPUserBaseDN string
 	LDAPRoleBaseDN string

 	ClientSecret                string
--- a/infrastructure/auth_connector/ldap.go
+++ b/infrastructure/auth_connector/ldap.go
@@ -49,7 +49,6 @@ type Config struct {
 	BindPass       string            `envconfig:"bindpw" json:"-" desc:"a LDAP bind password"`
 	BaseDN         string            `envconfig:"basedn" required:"true" desc:"a LDAP base DN for searching users"`
 	AttrClaims     map[string]string `envconfig:"attr_claims" default:"name:name,sn:family_name,givenName:given_name,mail:email" desc:"a mapping of LDAP attributes to OpenID connect claims"`
-	UserBaseDN     string            `envconfig:"user_basedn" required:"true" desc:"a LDAP base DN for searching users"`
 	RoleBaseDN     string            `envconfig:"role_basedn" required:"true" desc:"a LDAP base DN for searching roles"`
 	RoleAttr       string            `envconfig:"role_attr" default:"description" desc:"a LDAP group's attribute that contains a role's name"`
 	RoleClaim      string            `envconfig:"role_claim" default:"https://github.com/i-core/werther/claims/roles" desc:"a name of an OpenID Connect claim that contains user roles"`
@@ -67,7 +66,6 @@ func New() *Client {
 		BindPass:   conf.GetConfig().LDAPBindPW,
 		BaseDN:     conf.GetConfig().LDAPBaseDN,
 		RoleBaseDN: conf.GetConfig().LDAPRoleBaseDN,
-		UserBaseDN: conf.GetConfig().LDAPUserBaseDN,
 	}
 	return &Client{
 		Config:    cnf,
@@ -374,8 +372,8 @@ func (cli *Client) findRoles(cn conn, attrs ...string) (map[string]LDAPRoles, er

 // findBasicUserDetails finds user's LDAP attributes that were specified. It returns nil if no such user.
 func (cli *Client) findBasicUserDetails(cn conn, username string, attrs []string) (map[string][]string, error) {
-	fmt.Println("Second woth : ", cli.UserBaseDN, cli.BindPass)
-	if cli.UserBaseDN != "" {
+	fmt.Println("Second woth : ", cli.BindDN, cli.BindPass)
+	if cli.BindDN != "" {
 		// We need to login to a LDAP server with a service account for retrieving user data.
 		if err := cn.Bind(cli.BindDN, cli.BindPass); err != nil {
 			return nil, errors.New(err.Error() + " : failed to login to a LDAP woth a service account")
--- a/main.go
+++ b/main.go
@@ -59,7 +59,6 @@ func main() {
 	conf.GetConfig().LDAPBindDN = o.GetStringDefault("LDAP_BINDDN", "cn=admin,dc=example,dc=com")
 	conf.GetConfig().LDAPBindPW = o.GetStringDefault("LDAP_BINDPW", "password")
 	conf.GetConfig().LDAPBaseDN = o.GetStringDefault("LDAP_BASEDN", "dc=example,dc=com")
-	conf.GetConfig().LDAPUserBaseDN = o.GetStringDefault("LDAP_USER_BASEDN", "ou=users,dc=example,dc=com")
 	conf.GetConfig().LDAPRoleBaseDN = o.GetStringDefault("LDAP_ROLE_BASEDN", "ou=AppRoles,dc=example,dc=com")
 	go generateSelfPeer()
 	go generateRole()