readd ldap file

2020-09-17 16:20:04 -04:00 · 2020-09-17 16:20:04 -04:00 · 8e8781b06b
parent e48d321f29
commit 8e8781b06b
1 changed files with 82 additions and 0 deletions
--- a/ldap.go
+++ b/ldap.go
@ -0,0 +1,82 @@
+package main
+
+import (
+	"errors"
+	"fmt"
+	"log"
+
+	"github.com/go-ldap/ldap"
+)
+
+func createLDAPAccount(uname string, pwd string, email string) error {
+	url := Conf.Ldap.Url
+	newdn := fmt.Sprintf("%v=%v,%v,%v", Conf.Ldap.UserAttr, uname, Conf.Ldap.UserOu, Conf.Ldap.LdapDc)
+	binddn := fmt.Sprintf("%v,%v", Conf.Ldap.AdminUser, Conf.Ldap.LdapDc)
+	l, err := ldap.DialURL(url)
+	if err != nil {
+		return err
+	}
+	defer l.Close()
+	err = l.Bind(binddn, Conf.Ldap.LdapPass)
+	if err != nil {
+		return err
+	}
+	addReq := ldap.NewAddRequest(newdn, []ldap.Control{})
+	addReq.Attribute("objectClass", []string{"top", "person", "organizationalPerson", "inetOrgPerson"})
+	addReq.Attribute("cn", []string{uname})
+	addReq.Attribute("mail", []string{email})
+	addReq.Attribute("sn", []string{"The Nameless"})
+
+	if err := l.Add(addReq); err != nil {
+		log.Printf("error adding service:", addReq, err)
+		return errors.New("Error creating LDAP account")
+	}
+
+	passwordModifyRequest := ldap.NewPasswordModifyRequest(newdn, "", pwd)
+	_, err = l.PasswordModify(passwordModifyRequest)
+
+	if err != nil {
+		log.Printf("Password could not be changed: %s", err.Error())
+		return errors.New("Error setting password")
+	}
+	return nil
+}
+
+func loginLDAPAccount(uname string, pwd string) error {
+	url := Conf.Ldap.Url
+	userdn := fmt.Sprintf("%v=%v,%v,%v", Conf.Ldap.UserAttr, uname, Conf.Ldap.UserOu, Conf.Ldap.LdapDc)
+	binddn := fmt.Sprintf("%v,%v", Conf.Ldap.AdminUser, Conf.Ldap.LdapDc)
+	basedn := fmt.Sprintf("%v,%v", Conf.Ldap.UserOu, Conf.Ldap.LdapDc)
+	l, err := ldap.DialURL(url)
+	if err != nil {
+		return err
+	}
+	defer l.Close()
+	err = l.Bind(binddn, Conf.Ldap.LdapPass)
+	if err != nil {
+		return err
+	}
+	result, err := l.Search(ldap.NewSearchRequest(
+		basedn,
+		ldap.ScopeWholeSubtree,
+		ldap.NeverDerefAliases,
+		0,
+		0,
+		false,
+		fmt.Sprintf("(&(objectClass=organizationalPerson)(uid=%s))", uname),
+		[]string{"dn"},
+		nil,
+	))
+	if err != nil {
+		return err
+	}
+	if len(result.Entries) != 1 {
+		err_text := fmt.Sprintf("Error finding login user: Wanted 1 result, got %v\n", len(result.Entries))
+		return errors.New(err_text)
+	}
+	err = l.Bind(userdn, pwd)
+	if err != nil {
+		return err
+	}
+	return nil
+}