providers/ldap: fix session cache being lost on provider refresh
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
fa04883ac1
commit
bb244b8338
|
@ -23,15 +23,21 @@ type SessionBinder struct {
|
||||||
sessions *ttlcache.Cache[Credentials, ldap.LDAPResultCode]
|
sessions *ttlcache.Cache[Credentials, ldap.LDAPResultCode]
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewSessionBinder(si server.LDAPServerInstance) *SessionBinder {
|
func NewSessionBinder(si server.LDAPServerInstance, oldBinder bind.Binder) *SessionBinder {
|
||||||
sb := &SessionBinder{
|
sb := &SessionBinder{
|
||||||
DirectBinder: *direct.NewDirectBinder(si),
|
si: si,
|
||||||
si: si,
|
log: log.WithField("logger", "authentik.outpost.ldap.binder.session"),
|
||||||
log: log.WithField("logger", "authentik.outpost.ldap.binder.session"),
|
}
|
||||||
sessions: ttlcache.New(ttlcache.WithDisableTouchOnHit[Credentials, ldap.LDAPResultCode]()),
|
if oldSb, ok := oldBinder.(*SessionBinder); ok {
|
||||||
|
sb.DirectBinder = oldSb.DirectBinder
|
||||||
|
sb.sessions = oldSb.sessions
|
||||||
|
sb.log.Info("re-initialised session binder")
|
||||||
|
} else {
|
||||||
|
sb.sessions = ttlcache.New(ttlcache.WithDisableTouchOnHit[Credentials, ldap.LDAPResultCode]())
|
||||||
|
sb.DirectBinder = *direct.NewDirectBinder(si)
|
||||||
|
go sb.sessions.Start()
|
||||||
|
sb.log.Info("initialised session binder")
|
||||||
}
|
}
|
||||||
go sb.sessions.Start()
|
|
||||||
sb.log.Info("initialised session binder")
|
|
||||||
return sb
|
return sb
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -83,7 +83,7 @@ func (ls *LDAPServer) Refresh() error {
|
||||||
providers[idx].searcher = directsearch.NewDirectSearcher(providers[idx])
|
providers[idx].searcher = directsearch.NewDirectSearcher(providers[idx])
|
||||||
}
|
}
|
||||||
if *provider.BindMode.Ptr() == api.LDAPAPIACCESSMODE_CACHED {
|
if *provider.BindMode.Ptr() == api.LDAPAPIACCESSMODE_CACHED {
|
||||||
providers[idx].binder = memorybind.NewSessionBinder(providers[idx])
|
providers[idx].binder = memorybind.NewSessionBinder(providers[idx], providers[idx].binder)
|
||||||
} else if *provider.BindMode.Ptr() == api.LDAPAPIACCESSMODE_DIRECT {
|
} else if *provider.BindMode.Ptr() == api.LDAPAPIACCESSMODE_DIRECT {
|
||||||
providers[idx].binder = directbind.NewDirectBinder(providers[idx])
|
providers[idx].binder = directbind.NewDirectBinder(providers[idx])
|
||||||
}
|
}
|
||||||
|
|
Reference in a new issue