Browse Source

Implement password change request.

master
Robert Jacob 2 years ago
parent
commit
ad9423da28
7 changed files with 112 additions and 12 deletions
  1. +1
    -0
      .gitignore
  2. +7
    -0
      config-example.json
  3. +40
    -6
      config.go
  4. +2
    -0
      go.mod
  5. +5
    -0
      go.sum
  6. +55
    -4
      ldap.go
  7. +2
    -2
      main.go

+ 1
- 0
.gitignore View File

@ -1 +1,2 @@
ldapmin
config.json

+ 7
- 0
config-example.json View File

@ -0,0 +1,7 @@
{
"ldap": {
"url": "ldap://ldap.example.com",
"starttls": true,
"userformat": "cn=%s,ou=users,dc=example,dc=com"
}
}

+ 40
- 6
config.go View File

@ -1,18 +1,52 @@
package main
import "github.com/spf13/pflag"
import (
"encoding/json"
"errors"
"fmt"
"os"
"github.com/spf13/pflag"
)
type config struct {
ListenAddr string
ListenAddr string `json:"listenAddr"`
Ldap ldapConfig `json:"ldap"`
}
type ldapConfig struct {
URL string `json:"url"`
StartTLS bool `json:"starttls"`
UserFormat string `json:"userformat"`
}
func parseConfig() (config, error) {
c := config{
ListenAddr: ":8080",
}
configFile := "config.json"
pflag.StringVarP(&c.ListenAddr, "listen-addr", "l", c.ListenAddr, "Network address to listen on.")
pflag.StringVarP(&configFile, "config", "c", configFile, "Path to configuration file.")
pflag.Parse()
var c config
file, err := os.Open(configFile)
if err != nil {
return c, fmt.Errorf("can not open configuration file: %s", err)
}
if err := json.NewDecoder(file).Decode(&c); err != nil {
return c, fmt.Errorf("can not parse configuration: %s", err)
}
if c.ListenAddr == "" {
c.ListenAddr = ":8080"
}
if c.Ldap.URL == "" {
return c, errors.New("ldap.url can not be empty")
}
if c.Ldap.UserFormat == "" {
return c, errors.New("ldap.userformat can not be empty")
}
return c, nil
}

+ 2
- 0
go.mod View File

@ -7,4 +7,6 @@ require (
github.com/inconshreveable/mousetrap v1.0.0 // indirect
github.com/sirupsen/logrus v1.2.0
github.com/spf13/pflag v1.0.3
gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d // indirect
gopkg.in/ldap.v3 v3.0.0-20181126164332-5c2c0f997205
)

+ 5
- 0
go.sum View File

@ -182,6 +182,7 @@ github.com/gobuffalo/x v0.0.0-20181003152136-452098b06085/go.mod h1:WevpGD+5YOre
github.com/gobuffalo/x v0.0.0-20181007152206-913e47c59ca7/go.mod h1:9rDPXaB3kXdKWzMc4odGQQdG2e2DIEmANy5aSJ9yesY=
github.com/gofrs/uuid v3.1.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
github.com/golang/protobuf v1.1.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/golang/protobuf v1.2.0 h1:P3YflyNX/ehuJFLhxviNdFxQPkGK5cDcApsge1SqnvM=
github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/gorilla/context v1.1.1 h1:AWwleXJkX/nhcU9bZSnZoi3h/qGYqQAGhq6zZe/aQW8=
github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg=
@ -363,12 +364,16 @@ golang.org/x/tools v0.0.0-20181212172921-837e80568c09/go.mod h1:n7NCudcB/nEzxVGm
google.golang.org/appengine v1.2.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U=
gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc/go.mod h1:m7x9LTH6d71AHyAX77c9yqWCCa3UKHcVEj9y7hAtKDk=
gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d h1:TxyelI5cVkbREznMhfzycHdkp5cLA7DpE+GKjSslYhM=
gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d/go.mod h1:cuepJuh7vyXfUyUwEgHQXw849cJrilpS5NeIjOWESAw=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
gopkg.in/gemnasium/logrus-airbrake-hook.v2 v2.1.2/go.mod h1:Xk6kEKp8OKb+X14hQBKWaSkCsqBpgog8nAV2xsGOxlo=
gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df/go.mod h1:LRQQ+SO6ZHR7tOkpBDuZnXENFzX8qRjMDMyPD6BRkCw=
gopkg.in/ldap.v3 v3.0.0-20181126164332-5c2c0f997205 h1:a3+w42N8T8PbRnx/bVRl+1jCJVYzC8hZbPqAz5cTJ10=
gopkg.in/ldap.v3 v3.0.0-20181126164332-5c2c0f997205/go.mod h1:oxD7NyBuxchC+SgJDE1Q5Od05eGt29SDQVBmV+HYbzw=
gopkg.in/mail.v2 v2.0.0-20180731213649-a0242b2233b4/go.mod h1:htwXN1Qh09vZJ1NVKxQqHPBaCBbzKhp5GzuJEA4VJWw=
gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=


+ 55
- 4
ldap.go View File

@ -1,11 +1,62 @@
package main
type ldapConnection struct{}
import (
"crypto/tls"
"fmt"
"net/url"
func newLDAP(cfg config) (*ldapConnection, error) {
return &ldapConnection{}, nil
ldap "gopkg.in/ldap.v3"
)
type ldapConnection struct {
cfg ldapConfig
}
func newLDAP(cfg ldapConfig) (*ldapConnection, error) {
return &ldapConnection{
cfg: cfg,
}, nil
}
func (l *ldapConnection) ChangePassword(username, password, newPassword string) (bool, error) {
return false, nil
userDN := fmt.Sprintf(l.cfg.UserFormat, username)
c, err := ldap.DialURL(l.cfg.URL)
if err != nil {
return false, fmt.Errorf("can not connect to LDAP: %s", err)
}
if l.cfg.StartTLS {
serverURL, err := url.Parse(l.cfg.URL)
if err != nil {
return false, fmt.Errorf("can not parse server URL: %s", err)
}
tlsConfig := &tls.Config{
ServerName: serverURL.Host,
}
if err := c.StartTLS(tlsConfig); err != nil {
return false, fmt.Errorf("can not enable startTLS: %s", err)
}
}
if err := c.Bind(userDN, password); err != nil {
if ldapErr, ok := err.(*ldap.Error); ok && ldapErr.ResultCode == 49 {
return false, nil
}
return false, fmt.Errorf("can not bind: %s", err)
}
passwordReq := &ldap.PasswordModifyRequest{
UserIdentity: userDN,
OldPassword: password,
NewPassword: newPassword,
}
if _, err := c.PasswordModify(passwordReq); err != nil {
return false, fmt.Errorf("can not modify password: %s", err)
}
return true, nil
}

+ 2
- 2
main.go View File

@ -18,10 +18,10 @@ var (
func main() {
cfg, err := parseConfig()
if err != nil {
log.Fatal(err)
log.Fatalf("Configuration error: %s", err)
}
ldap, err := newLDAP(cfg)
ldap, err := newLDAP(cfg.Ldap)
if err != nil {
log.Fatalf("Error initializing LDAP connection: %s", err)
}


Loading…
Cancel
Save