From b864de7721e11e1287980a0b2740f7a7dcbdcaf8 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Sun, 16 Oct 2022 22:32:18 +0200 Subject: [PATCH] outposts/ldap: increase compatibility with different types in user and group attributes Signed-off-by: Jens Langhammer --- internal/outpost/ldap/entries.go | 6 ++++-- internal/outpost/ldap/group/group.go | 4 +++- internal/outpost/ldap/utils/utils.go | 26 +++++++++++------------ internal/outpost/ldap/utils/utils_test.go | 6 ++---- 4 files changed, 22 insertions(+), 20 deletions(-) diff --git a/internal/outpost/ldap/entries.go b/internal/outpost/ldap/entries.go index f5578578e..7b9ca96de 100644 --- a/internal/outpost/ldap/entries.go +++ b/internal/outpost/ldap/entries.go @@ -1,6 +1,8 @@ package ldap import ( + "strconv" + "github.com/nmcclain/ldap" "goauthentik.io/api/v3" "goauthentik.io/internal/outpost/ldap/constants" @@ -19,8 +21,8 @@ func (pi *ProviderInstance) UserEntry(u api.User) *ldap.Entry { } attrs = utils.EnsureAttributes(attrs, map[string][]string{ "memberOf": pi.GroupsForUser(u), - "goauthentik.io/ldap/active": {utils.BoolToString(*u.IsActive)}, - "goauthentik.io/ldap/superuser": {utils.BoolToString(u.IsSuperuser)}, + "goauthentik.io/ldap/active": {strconv.FormatBool(*u.IsActive)}, + "goauthentik.io/ldap/superuser": {strconv.FormatBool(u.IsSuperuser)}, "cn": {u.Username}, "sAMAccountName": {u.Username}, "uid": {u.Uid}, diff --git a/internal/outpost/ldap/group/group.go b/internal/outpost/ldap/group/group.go index 638e0f61c..1e942e57e 100644 --- a/internal/outpost/ldap/group/group.go +++ b/internal/outpost/ldap/group/group.go @@ -1,6 +1,8 @@ package group import ( + "strconv" + "github.com/nmcclain/ldap" "goauthentik.io/api/v3" "goauthentik.io/internal/outpost/ldap/constants" @@ -30,7 +32,7 @@ func (lg *LDAPGroup) Entry() *ldap.Entry { attrs = utils.EnsureAttributes(attrs, map[string][]string{ "objectClass": objectClass, "member": lg.Member, - "goauthentik.io/ldap/superuser": {utils.BoolToString(lg.IsSuperuser)}, + "goauthentik.io/ldap/superuser": {strconv.FormatBool(lg.IsSuperuser)}, "cn": {lg.CN}, "uid": {lg.Uid}, "sAMAccountName": {lg.CN}, diff --git a/internal/outpost/ldap/utils/utils.go b/internal/outpost/ldap/utils/utils.go index 25611033f..686c166ed 100644 --- a/internal/outpost/ldap/utils/utils.go +++ b/internal/outpost/ldap/utils/utils.go @@ -1,21 +1,14 @@ package utils import ( - "reflect" + "fmt" + "strconv" "strings" "github.com/nmcclain/ldap" - log "github.com/sirupsen/logrus" ldapConstants "goauthentik.io/internal/outpost/ldap/constants" ) -func BoolToString(in bool) string { - if in { - return "true" - } - return "false" -} - func ldapResolveTypeSingle(in interface{}) *string { switch t := in.(type) { case string: @@ -23,14 +16,21 @@ func ldapResolveTypeSingle(in interface{}) *string { case *string: return t case bool: - s := BoolToString(t) + s := strconv.FormatBool(t) return &s - case *bool: - s := BoolToString(*t) + case float32: + s := strconv.FormatFloat(float64(t), 'f', -1, 64) + return &s + case float64: + s := strconv.FormatFloat(t, 'f', -1, 64) + return &s + case int: + s := strconv.FormatInt(int64(t), 10) return &s default: if in != nil { - log.WithField("type", reflect.TypeOf(in).String()).Warning("Type can't be mapped to LDAP yet") + s := fmt.Sprintf("%s", in) + return &s } return nil } diff --git a/internal/outpost/ldap/utils/utils_test.go b/internal/outpost/ldap/utils/utils_test.go index 5a06561a8..f7d8254c3 100644 --- a/internal/outpost/ldap/utils/utils_test.go +++ b/internal/outpost/ldap/utils/utils_test.go @@ -58,8 +58,7 @@ func TestAKAttrsToLDAP_Dict(t *testing.T) { } assert.Equal(t, 1, len(AKAttrsToLDAP(d))) assert.Equal(t, "foo", AKAttrsToLDAP(d)[0].Name) - // Dicts are currently unsupported, but make sure we don't crash - assert.Equal(t, []string([]string(nil)), AKAttrsToLDAP(d)[0].Values) + assert.Equal(t, []string{"map[foo:bar]"}, AKAttrsToLDAP(d)[0].Values) } func TestAKAttrsToLDAP_Mixed(t *testing.T) { @@ -72,6 +71,5 @@ func TestAKAttrsToLDAP_Mixed(t *testing.T) { } assert.Equal(t, 1, len(AKAttrsToLDAP(d))) assert.Equal(t, "foo", AKAttrsToLDAP(d)[0].Name) - // Dicts are currently unsupported, but make sure we don't crash - assert.Equal(t, []string{"foo", ""}, AKAttrsToLDAP(d)[0].Values) + assert.Equal(t, []string{"foo", "6"}, AKAttrsToLDAP(d)[0].Values) }