package ldap import ( "encoding/json" "log" "net/http" "strconv" auth "imuslab.com/arozos/mod/auth" "imuslab.com/arozos/mod/auth/ldap/ldapreader" reg "imuslab.com/arozos/mod/auth/register" "imuslab.com/arozos/mod/common" db "imuslab.com/arozos/mod/database" ) type ldapHandler struct { ag *auth.AuthAgent ldapreader *ldapreader.LdapReader reg *reg.RegisterHandler coredb *db.Database } type Config struct { Enabled bool `json:"enabled"` AutoRedirect bool `json:"auto_redirect"` BindUsername string `json:"bind_username"` BindPassword string `json:"bind_password"` FQDN string `json:"fqdn"` BaseDN string `json:"base_dn"` } /* const ( BindUsername = "uid=root,cn=users,dc=dsm" BindPassword = "12345678" FQDN = "192.168.1.147" BaseDN = "cn=users,dc=dsm" ) */ /* TODO: not sure why enabled will keep enable */ //NewLdapHandler xxx func NewLdapHandler(authAgent *auth.AuthAgent, register *reg.RegisterHandler, coreDb *db.Database) *ldapHandler { //ldap handler init log.Println("Starting LDAP client...") err := coreDb.NewTable("ldap") if err != nil { log.Println("Failed to create LDAP database. Terminating.") panic(err) } //key value to be used for LDAP authentication BindUsername := readSingleConfig("BindUsername", coreDb) BindPassword := readSingleConfig("BindPassword", coreDb) FQDN := readSingleConfig("FQDN", coreDb) BaseDN := readSingleConfig("BaseDN", coreDb) LDAPHandler := ldapHandler{ ag: authAgent, ldapreader: ldapreader.NewLDAPReader(BindUsername, BindPassword, FQDN, BaseDN), reg: register, coredb: coreDb, } return &LDAPHandler } func (ldap *ldapHandler) ReadConfig(w http.ResponseWriter, r *http.Request) { //basic components enabled, err := strconv.ParseBool(ldap.readSingleConfig("enabled")) if err != nil { common.SendTextResponse(w, "Invalid config value [key=enabled].") return } autoredirect, err := strconv.ParseBool(ldap.readSingleConfig("autoredirect")) if err != nil { common.SendTextResponse(w, "Invalid config value [key=autoredirect].") return } //get the LDAP config from db BindUsername := ldap.readSingleConfig("BindUsername") BindPassword := ldap.readSingleConfig("BindPassword") FQDN := ldap.readSingleConfig("FQDN") BaseDN := ldap.readSingleConfig("BaseDN") //marshall it and return config, err := json.Marshal(Config{ Enabled: enabled, AutoRedirect: autoredirect, BindUsername: BindUsername, BindPassword: BindPassword, FQDN: FQDN, BaseDN: BaseDN, }) if err != nil { empty, err := json.Marshal(Config{}) if err != nil { common.SendErrorResponse(w, "Error while marshalling config") } common.SendJSONResponse(w, string(empty)) } common.SendJSONResponse(w, string(config)) } func (ldap *ldapHandler) WriteConfig(w http.ResponseWriter, r *http.Request) { enabled, err := common.Mv(r, "enabled", true) if err != nil { common.SendErrorResponse(w, "enabled field can't be empty") return } autoredirect, err := common.Mv(r, "autoredirect", true) if err != nil { common.SendErrorResponse(w, "enabled field can't be empty") return } //allow empty fields if enabled is false showError := true if enabled != "true" { showError = false } //four fields to store the LDAP authentication information BindUsername, err := common.Mv(r, "bind_username", true) if err != nil { if showError { common.SendErrorResponse(w, "bind_username field can't be empty") return } } BindPassword, err := common.Mv(r, "bind_password", true) if err != nil { if showError { common.SendErrorResponse(w, "bind_password field can't be empty") return } } FQDN, err := common.Mv(r, "fqdn", true) if err != nil { if showError { common.SendErrorResponse(w, "fqdn field can't be empty") return } } BaseDN, err := common.Mv(r, "base_dn", true) if err != nil { if showError { common.SendErrorResponse(w, "base_dn field can't be empty") return } } ldap.coredb.Write("ldap", "enabled", enabled) ldap.coredb.Write("ldap", "autoredirect", autoredirect) ldap.coredb.Write("ldap", "BindUsername", BindUsername) ldap.coredb.Write("ldap", "BindPassword", BindPassword) ldap.coredb.Write("ldap", "FQDN", FQDN) ldap.coredb.Write("ldap", "BaseDN", BaseDN) //update the new authencation infromation ldap.ldapreader = ldapreader.NewLDAPReader(BindUsername, BindPassword, FQDN, BaseDN) common.SendOK(w) } func (handler *ldapHandler) SyncInformation() { result, _ := handler.ldapreader.GetAllUser() for _, v := range result { v.PrettyPrint(4) } }