forked from mystiq/dex
Merge pull request #317 from fnordahl/connector_ldap_make_const_defaults
connector_ldap: Make constants for default values, simplify logic
This commit is contained in:
commit
aff47d2cb2
1 changed files with 10 additions and 10 deletions
|
@ -76,6 +76,12 @@ func (cfg *LDAPConnectorConfig) Connector(ns url.URL, lf oidc.LoginFunc, tpls *t
|
||||||
return nil, fmt.Errorf("unable to find necessary HTML template")
|
return nil, fmt.Errorf("unable to find necessary HTML template")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// defaults
|
||||||
|
const defaultNameAttribute = "cn"
|
||||||
|
const defaultEmailAttribute = "mail"
|
||||||
|
const defaultBindTemplate = "uid=%u,%b"
|
||||||
|
const defaultSearchScope = ldap.ScopeWholeSubtree
|
||||||
|
|
||||||
if cfg.UseTLS && cfg.UseSSL {
|
if cfg.UseTLS && cfg.UseSSL {
|
||||||
return nil, fmt.Errorf("Invalid configuration. useTLS and useSSL are mutual exclusive.")
|
return nil, fmt.Errorf("Invalid configuration. useTLS and useSSL are mutual exclusive.")
|
||||||
}
|
}
|
||||||
|
@ -84,29 +90,25 @@ func (cfg *LDAPConnectorConfig) Connector(ns url.URL, lf oidc.LoginFunc, tpls *t
|
||||||
return nil, fmt.Errorf("Invalid configuration. Both certFile and keyFile must be specified.")
|
return nil, fmt.Errorf("Invalid configuration. Both certFile and keyFile must be specified.")
|
||||||
}
|
}
|
||||||
|
|
||||||
var nameAttribute, emailAttribute, bindTemplate string
|
nameAttribute := defaultNameAttribute
|
||||||
if len(cfg.NameAttribute) > 0 {
|
if len(cfg.NameAttribute) > 0 {
|
||||||
nameAttribute = cfg.NameAttribute
|
nameAttribute = cfg.NameAttribute
|
||||||
} else {
|
|
||||||
nameAttribute = "cn"
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
emailAttribute := defaultEmailAttribute
|
||||||
if len(cfg.EmailAttribute) > 0 {
|
if len(cfg.EmailAttribute) > 0 {
|
||||||
emailAttribute = cfg.EmailAttribute
|
emailAttribute = cfg.EmailAttribute
|
||||||
} else {
|
|
||||||
emailAttribute = "mail"
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
bindTemplate := defaultBindTemplate
|
||||||
if len(cfg.BindTemplate) > 0 {
|
if len(cfg.BindTemplate) > 0 {
|
||||||
if cfg.SearchBeforeAuth {
|
if cfg.SearchBeforeAuth {
|
||||||
log.Warningf("bindTemplate not used when searchBeforeAuth specified.")
|
log.Warningf("bindTemplate not used when searchBeforeAuth specified.")
|
||||||
}
|
}
|
||||||
bindTemplate = cfg.BindTemplate
|
bindTemplate = cfg.BindTemplate
|
||||||
} else {
|
|
||||||
bindTemplate = "uid=%u,%b"
|
|
||||||
}
|
}
|
||||||
|
|
||||||
var searchScope int
|
searchScope := defaultSearchScope
|
||||||
if len(cfg.SearchScope) > 0 {
|
if len(cfg.SearchScope) > 0 {
|
||||||
switch {
|
switch {
|
||||||
case strings.EqualFold(cfg.SearchScope, "BASE"):
|
case strings.EqualFold(cfg.SearchScope, "BASE"):
|
||||||
|
@ -118,8 +120,6 @@ func (cfg *LDAPConnectorConfig) Connector(ns url.URL, lf oidc.LoginFunc, tpls *t
|
||||||
default:
|
default:
|
||||||
return nil, fmt.Errorf("Invalid value for searchScope: '%v'. Must be one of 'base', 'one' or 'sub'.", cfg.SearchScope)
|
return nil, fmt.Errorf("Invalid value for searchScope: '%v'. Must be one of 'base', 'one' or 'sub'.", cfg.SearchScope)
|
||||||
}
|
}
|
||||||
} else {
|
|
||||||
searchScope = ldap.ScopeSingleLevel
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if cfg.Timeout != 0 {
|
if cfg.Timeout != 0 {
|
||||||
|
|
Loading…
Reference in a new issue