alt/zot-wo-auth
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: npe if ldap query doesn't return attributes (#2151)

Browse Source 
We cannot assume the LDAP server will have group attributes programmed
everytime. So handle it accordingly.

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
This commit is contained in:
Ramkumar Chinchani 2024-01-12 14:08:35 -08:00 committed by GitHub
parent 1c756b4db9
commit d685adb029
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
pkg/api/ldap.go
View File

@ -173,8 +173,11 @@ func (lc *LDAPClient) Authenticate(username, password string) (bool, map[string]
} }
attributes := lc.Attributes attributes := lc.Attributes
attributes = append(attributes, "dn") attributes = append(attributes, "dn")
if lc.UserGroupAttribute != "" {
attributes = append(attributes, lc.UserGroupAttribute) attributes = append(attributes, lc.UserGroupAttribute)
}
searchScope := ldap.ScopeSingleLevel searchScope := ldap.ScopeSingleLevel
@ -216,8 +219,13 @@ func (lc *LDAPClient) Authenticate(username, password string) (bool, map[string]
} }
userDN := search.Entries[0].DN userDN := search.Entries[0].DN
var userGroups []string
if lc.UserGroupAttribute != "" && len(search.Entries[0].Attributes) > 0 {
userAttributes := search.Entries[0].Attributes[0] userAttributes := search.Entries[0].Attributes[0]
userGroups := userAttributes.Values userGroups = userAttributes.Values
}
user := map[string]string{} user := map[string]string{}
for _, attr := range lc.Attributes { for _, attr := range lc.Attributes {