outposts/ldap: fix client usage

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-05-24 15:58:59 +02:00
parent 1b346866da
commit 763c3fcfe0
4 changed files with 12 additions and 19 deletions

View file

@ -56,7 +56,7 @@ gen-outpost:
-i /local/schema.yml \
-g go \
-o /local/outpost/api \
--additional-properties=packageName=api,enumClassPrefix=true
--additional-properties=packageName=api,enumClassPrefix=true,useOneOfDiscriminatorLookup=true
rm -f outpost/api/go.mod outpost/api/go.sum
gen: gen-build gen-clean gen-web gen-outpost

View file

@ -88,7 +88,10 @@ class TaskInfo:
start = default_timer()
if hasattr(self, "start_timestamp"):
start = self.start_timestamp
try:
duration = max(self.finish_timestamp - start, 0)
except TypeError:
duration = 0
GAUGE_TASKS.labels(
task_name=self.task_name,
task_uid=self.result.uid or "",

View file

@ -277,7 +277,7 @@ class FlowExecutorView(APIView):
if self.plan.stages:
self._logger.debug(
"f(exec): Continuing with next stage",
reamining=len(self.plan.stages),
remaining=len(self.plan.stages),
)
kwargs = self.kwargs
kwargs.update({"flow_slug": self.flow.slug})

View file

@ -152,17 +152,9 @@ func (pi *ProviderInstance) solveFlowChallenge(bindDN string, password string, c
responseReq := client.FlowsApi.FlowsExecutorSolve(context.Background(), pi.flowSlug).Query(urlParams)
switch ch.GetComponent() {
case "ak-stage-identification":
responseReq.ChallengeResponseRequest(api.ChallengeResponseRequest{
IdentificationChallengeResponseRequest: &api.IdentificationChallengeResponseRequest{
UidField: bindDN,
},
})
responseReq = responseReq.ChallengeResponseRequest(api.IdentificationChallengeResponseRequestAsChallengeResponseRequest(api.NewIdentificationChallengeResponseRequest(bindDN)))
case "ak-stage-password":
responseReq.ChallengeResponseRequest(api.ChallengeResponseRequest{
PasswordChallengeResponseRequest: &api.PasswordChallengeResponseRequest{
Password: password,
},
})
responseReq = responseReq.ChallengeResponseRequest(api.PasswordChallengeResponseRequestAsChallengeResponseRequest(api.NewPasswordChallengeResponseRequest(password)))
case "ak-stage-authenticator-validate":
// We only support duo as authenticator, check if that's allowed
var deviceChallenge *api.DeviceChallenge
@ -179,11 +171,9 @@ func (pi *ProviderInstance) solveFlowChallenge(bindDN string, password string, c
return false, errors.New("failed to convert duo device id to int")
}
devId32 := int32(devId)
responseReq.ChallengeResponseRequest(api.ChallengeResponseRequest{
AuthenticatorValidationChallengeResponseRequest: &api.AuthenticatorValidationChallengeResponseRequest{
Duo: &devId32,
},
})
inner := api.NewAuthenticatorValidationChallengeResponseRequest()
inner.Duo = &devId32
responseReq = responseReq.ChallengeResponseRequest(api.AuthenticatorValidationChallengeResponseRequestAsChallengeResponseRequest(inner))
case "ak-stage-access-denied":
return false, errors.New("got ak-stage-access-denied")
default:
@ -206,7 +196,7 @@ func (pi *ProviderInstance) solveFlowChallenge(bindDN string, password string, c
if len(ch.GetResponseErrors()) > 0 {
for key, errs := range ch.GetResponseErrors() {
for _, err := range errs {
pi.log.WithField("key", key).WithField("code", err.Code).Debug(err.String)
pi.log.WithField("key", key).WithField("code", err.Code).WithField("msg", err.String).Warning("Flow error")
return false, nil
}
}