From 07c8dc6ca168cff7067b6b0a5e87024e557d4a94 Mon Sep 17 00:00:00 2001 From: Alexandre Iooss Date: Tue, 22 Sep 2020 12:54:12 +0200 Subject: [PATCH] LDAP authentification backend --- auth/auth.go | 24 +++++++++++++++++++++++- auth/ldap/ldap.go | 31 ++++++++++++++++++++++++++++++- go.mod | 1 + go.sum | 9 +++++++++ main.go | 3 +++ 5 files changed, 66 insertions(+), 2 deletions(-) diff --git a/auth/auth.go b/auth/auth.go index 89db521..127c0f0 100644 --- a/auth/auth.go +++ b/auth/auth.go @@ -1,11 +1,33 @@ package auth import ( + "errors" + "gitlab.crans.org/nounous/ghostream/auth/ldap" ) -// Options holds web package configuration +// Options holds package configuration type Options struct { Backend string LDAP ldap.Options } + +// Backend to log user in +type Backend interface { + Login(string, string) (bool, error) +} + +// New initialize authentification backend +func New(cfg *Options) (Backend, error) { + var backend Backend + + if cfg.Backend == "LDAP" { + backend = ldap.LDAP{Cfg: cfg.LDAP} + } else { + // Package is misconfigured + return nil, errors.New("Authentification backend not found") + } + + // Init and return backend + return backend, nil +} diff --git a/auth/ldap/ldap.go b/auth/ldap/ldap.go index 404d241..e6d9336 100644 --- a/auth/ldap/ldap.go +++ b/auth/ldap/ldap.go @@ -1,7 +1,36 @@ package ldap -// Options holds web package configuration +import ( + "github.com/go-ldap/ldap/v3" +) + +// Options holds package configuration type Options struct { URI string UserDn string } + +// LDAP authentification backend +type LDAP struct { + Cfg Options +} + +// Login tries to bind to LDAP +// Returns (true, nil) if success +func (a LDAP) Login(username string, password string) (bool, error) { + // Connect to LDAP server + l, err := ldap.DialURL(a.Cfg.URI) + if err != nil { + return false, err + } + defer l.Close() + + // Try to bind as user + err = l.Bind("cn=username,dc=example,dc=com", password) + if err != nil { + return false, err + } + + // Login succeeded + return true, nil +} diff --git a/go.mod b/go.mod index de3a5f1..e34a5a9 100644 --- a/go.mod +++ b/go.mod @@ -3,6 +3,7 @@ module gitlab.crans.org/nounous/ghostream go 1.13 require ( + github.com/go-ldap/ldap/v3 v3.2.3 github.com/prometheus/client_golang v1.7.1 github.com/spf13/viper v1.7.1 honnef.co/go/tools v0.0.1-2019.2.3 diff --git a/go.sum b/go.sum index 0b85708..9de5e74 100644 --- a/go.sum +++ b/go.sum @@ -11,6 +11,8 @@ cloud.google.com/go/firestore v1.1.0/go.mod h1:ulACoGHTpvq5r8rxGJ4ddJZBZqakUQqCl cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= +github.com/Azure/go-ntlmssp v0.0.0-20200615164410-66371956d46c h1:/IBSNwUN8+eKzUzbJPqhK839ygXJ82sde8x3ogr6R28= +github.com/Azure/go-ntlmssp v0.0.0-20200615164410-66371956d46c/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU= github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= @@ -47,9 +49,14 @@ github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5Kwzbycv github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= +github.com/go-asn1-ber/asn1-ber v1.5.1 h1:pDbRAunXzIUXfx4CB2QJFv5IuPiuoW+sWvr/Us009o8= +github.com/go-asn1-ber/asn1-ber v1.5.1/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= +github.com/go-ldap/ldap v3.0.3+incompatible h1:HTeSZO8hWMS1Rgb2Ziku6b8a7qRIZZMHjsvuZyatzwk= +github.com/go-ldap/ldap/v3 v3.2.3 h1:FBt+5w3q/vPVPb4eYMQSn+pOiz4zewPamYhlGMmc7yM= +github.com/go-ldap/ldap/v3 v3.2.3/go.mod h1:iYS1MdmrmceOJ1QOTnRXrIs7i3kloqtmGQjRvjKpyMg= github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= @@ -215,6 +222,8 @@ golang.org/x/crypto v0.0.0-20181029021203-45a5f77698d3/go.mod h1:6SG95UA2DQfeDnf golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200604202706-70a84ac30bf9 h1:vEg9joUBmeBcK9iSJftGNf3coIG4HqZElCPehJsfAYM= +golang.org/x/crypto v0.0.0-20200604202706-70a84ac30bf9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= diff --git a/main.go b/main.go index 0d0554b..082a919 100644 --- a/main.go +++ b/main.go @@ -61,6 +61,9 @@ func main() { log.Fatalln("Failed to load settings", err) } + // Init authentification + //authBackend := auth.New(&cfg.Auth) + // Start web server routine go func() { web.ServeHTTP(&cfg.Web)