trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

providers/ldap: fix: Return user DN with virtual group (#1142) 

* fix: incorrect ldap virtual group member DN

Signed-off-by: Toboshii Nakama <toboshii@gmail.com>

* fix: imports

Signed-off-by: Toboshii Nakama <toboshii@gmail.com>
This commit is contained in:
Toboshii Nakama 2021-07-14 05:59:40 -05:00 committed by GitHub
parent 4fe0bd4b6c
commit efa09d5e1d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
outpost/pkg/ldap/utils.go
View File

@ -2,10 +2,10 @@ package ldap
import ( import (
"fmt" "fmt"
"strings"
"math/big" "math/big"
"strconv"
"reflect" "reflect"
"strconv"
"strings"
"github.com/nmcclain/ldap" "github.com/nmcclain/ldap"
log "github.com/sirupsen/logrus" log "github.com/sirupsen/logrus"
@ -94,7 +94,7 @@ func (pi *ProviderInstance) APIGroupToLDAPGroup(g api.Group) LDAPGroup {
} }
func (pi *ProviderInstance) APIUserToLDAPGroup(u api.User) LDAPGroup { func (pi *ProviderInstance) APIUserToLDAPGroup(u api.User) LDAPGroup {
dn := fmt.Sprintf("cn=%s,%s", u.Username, pi.GroupDN) dn := fmt.Sprintf("cn=%s,%s", u.Username, pi.UserDN)
return LDAPGroup{ return LDAPGroup{
dn: dn, dn: dn,
@ -125,8 +125,8 @@ func (pi *ProviderInstance) GetGidNumber(group api.Group) string {
} }
func (pi *ProviderInstance) GetRIDForGroup(uid string) int32 { func (pi *ProviderInstance) GetRIDForGroup(uid string) int32 {
var i big.Int var i big.Int
i.SetString(strings.Replace(uid, "-", "", -1), 16) i.SetString(strings.Replace(uid, "-", "", -1), 16)
intStr := i.String() intStr := i.String()
// Get the last 5 characters/digits of the int-version of the UUID // Get the last 5 characters/digits of the int-version of the UUID

2
website/docs/outposts/ldap/ldap.md
View File

@ -55,7 +55,7 @@ The following fields are current set for groups:
- "group" - "group"
- "goauthentik.io/ldap/group" - "goauthentik.io/ldap/group"
A virtual group is also created for each user, they have the same fields as groups but have an additional objectClass: `goauthentik.io/ldap/group`. A virtual group is also created for each user, they have the same fields as groups but have an additional objectClass: `goauthentik.io/ldap/virtual-group`.
The virtual groups gidNumber is equal to the uidNumber of the user. The virtual groups gidNumber is equal to the uidNumber of the user.
**Additionally**, for both users and (non-virtual) groups, any attributes you set are also present as LDAP Attributes. **Additionally**, for both users and (non-virtual) groups, any attributes you set are also present as LDAP Attributes.