From fb33906637367895bc0f4ae390c5a79f43d5f530 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Tue, 22 Feb 2022 19:56:50 +0100 Subject: [PATCH] internal/ldap: fix panic when parsing lists with mixed types closes #2355 Signed-off-by: Jens Langhammer --- internal/outpost/ldap/utils/utils.go | 4 +- internal/outpost/ldap/utils/utils_test.go | 72 +++++++++++++++++++++++ 2 files changed, 75 insertions(+), 1 deletion(-) create mode 100644 internal/outpost/ldap/utils/utils_test.go diff --git a/internal/outpost/ldap/utils/utils.go b/internal/outpost/ldap/utils/utils.go index 1b33d7f9b..2e5147335 100644 --- a/internal/outpost/ldap/utils/utils.go +++ b/internal/outpost/ldap/utils/utils.go @@ -51,7 +51,9 @@ func AKAttrsToLDAP(attrs interface{}) []*ldap.EntryAttribute { entry.Values = make([]string, len(t)) for idx, v := range t { v := ldapResolveTypeSingle(v) - entry.Values[idx] = *v + if v != nil { + entry.Values[idx] = *v + } } default: v := ldapResolveTypeSingle(t) diff --git a/internal/outpost/ldap/utils/utils_test.go b/internal/outpost/ldap/utils/utils_test.go new file mode 100644 index 000000000..dcffffab0 --- /dev/null +++ b/internal/outpost/ldap/utils/utils_test.go @@ -0,0 +1,72 @@ +package utils + +import ( + "testing" + + "github.com/stretchr/testify/assert" + "goauthentik.io/api" +) + +func TestAKAttrsToLDAP_String(t *testing.T) { + var d *map[string]interface{} + + // normal string + d = &map[string]interface{}{ + "foo": "bar", + } + assert.Equal(t, 1, len(AKAttrsToLDAP(d))) + assert.Equal(t, "foo", AKAttrsToLDAP(d)[0].Name) + assert.Equal(t, []string{"bar"}, AKAttrsToLDAP(d)[0].Values) + // pointer string + d = &map[string]interface{}{ + "foo": api.PtrString("bar"), + } + assert.Equal(t, 1, len(AKAttrsToLDAP(d))) + assert.Equal(t, "foo", AKAttrsToLDAP(d)[0].Name) + assert.Equal(t, []string{"bar"}, AKAttrsToLDAP(d)[0].Values) +} + +func TestAKAttrsToLDAP_String_List(t *testing.T) { + var d *map[string]interface{} + // string list + d = &map[string]interface{}{ + "foo": []string{"bar"}, + } + assert.Equal(t, 1, len(AKAttrsToLDAP(d))) + assert.Equal(t, "foo", AKAttrsToLDAP(d)[0].Name) + assert.Equal(t, []string{"bar"}, AKAttrsToLDAP(d)[0].Values) + // pointer string list + d = &map[string]interface{}{ + "foo": &[]string{"bar"}, + } + assert.Equal(t, 1, len(AKAttrsToLDAP(d))) + assert.Equal(t, "foo", AKAttrsToLDAP(d)[0].Name) + assert.Equal(t, []string{"bar"}, AKAttrsToLDAP(d)[0].Values) +} + +func TestAKAttrsToLDAP_Dict(t *testing.T) { + // dict + d := &map[string]interface{}{ + "foo": map[string]string{ + "foo": "bar", + }, + } + assert.Equal(t, 1, len(AKAttrsToLDAP(d))) + assert.Equal(t, "foo", AKAttrsToLDAP(d)[0].Name) + // Dicts are currently unsupported, but make sure we don't crash + // assert.Equal(t, []string{nil}, AKAttrsToLDAP(d)[0].Values) +} + +func TestAKAttrsToLDAP_Mixed(t *testing.T) { + // dict + d := &map[string]interface{}{ + "foo": []interface{}{ + "foo", + 6, + }, + } + assert.Equal(t, 1, len(AKAttrsToLDAP(d))) + assert.Equal(t, "foo", AKAttrsToLDAP(d)[0].Name) + // Dicts are currently unsupported, but make sure we don't crash + // assert.Equal(t, []string{nil}, AKAttrsToLDAP(d)[0].Values) +}