providers/ldap: fix session cache being lost on provider refresh

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2022-06-04 18:03:00 +02:00
parent fa04883ac1
commit bb244b8338
2 changed files with 14 additions and 8 deletions

View file

@ -23,15 +23,21 @@ type SessionBinder struct {
sessions *ttlcache.Cache[Credentials, ldap.LDAPResultCode] sessions *ttlcache.Cache[Credentials, ldap.LDAPResultCode]
} }
func NewSessionBinder(si server.LDAPServerInstance) *SessionBinder { func NewSessionBinder(si server.LDAPServerInstance, oldBinder bind.Binder) *SessionBinder {
sb := &SessionBinder{ sb := &SessionBinder{
DirectBinder: *direct.NewDirectBinder(si),
si: si, si: si,
log: log.WithField("logger", "authentik.outpost.ldap.binder.session"), log: log.WithField("logger", "authentik.outpost.ldap.binder.session"),
sessions: ttlcache.New(ttlcache.WithDisableTouchOnHit[Credentials, ldap.LDAPResultCode]()),
} }
if oldSb, ok := oldBinder.(*SessionBinder); ok {
sb.DirectBinder = oldSb.DirectBinder
sb.sessions = oldSb.sessions
sb.log.Info("re-initialised session binder")
} else {
sb.sessions = ttlcache.New(ttlcache.WithDisableTouchOnHit[Credentials, ldap.LDAPResultCode]())
sb.DirectBinder = *direct.NewDirectBinder(si)
go sb.sessions.Start() go sb.sessions.Start()
sb.log.Info("initialised session binder") sb.log.Info("initialised session binder")
}
return sb return sb
} }

View file

@ -83,7 +83,7 @@ func (ls *LDAPServer) Refresh() error {
providers[idx].searcher = directsearch.NewDirectSearcher(providers[idx]) providers[idx].searcher = directsearch.NewDirectSearcher(providers[idx])
} }
if *provider.BindMode.Ptr() == api.LDAPAPIACCESSMODE_CACHED { if *provider.BindMode.Ptr() == api.LDAPAPIACCESSMODE_CACHED {
providers[idx].binder = memorybind.NewSessionBinder(providers[idx]) providers[idx].binder = memorybind.NewSessionBinder(providers[idx], providers[idx].binder)
} else if *provider.BindMode.Ptr() == api.LDAPAPIACCESSMODE_DIRECT { } else if *provider.BindMode.Ptr() == api.LDAPAPIACCESSMODE_DIRECT {
providers[idx].binder = directbind.NewDirectBinder(providers[idx]) providers[idx].binder = directbind.NewDirectBinder(providers[idx])
} }