From 56776512486cbb1665be5f670117a7ddee9b24c2 Mon Sep 17 00:00:00 2001 From: songupta7 Date: Fri, 27 May 2022 14:03:44 +0530 Subject: [PATCH 01/10] changes for ldap pack --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index f7e72e4..f0af59e 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ [![Docker Stars](https://img.shields.io/docker/stars/hotelsdotcom/flyte-ldap.svg)](https://hub.docker.com/r/hotelsdotcom/flyte-ldap) [![Docker Pulls](https://img.shields.io/docker/pulls/hotelsdotcom/flyte-ldap.svg)](https://hub.docker.com/r/hotelsdotcom/flyte-ldap) -## Overview +### Overview The LDAP pack provides the ability to connect to and search directories, e.g. Microsoft Active Directory. ## Build and Run From 004cbbcab9ff237ee85071e45f46d11eb810eb30 Mon Sep 17 00:00:00 2001 From: songupta7 Date: Fri, 27 May 2022 14:05:14 +0530 Subject: [PATCH 02/10] test commit --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index f0af59e..e956a5a 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ [![Docker Stars](https://img.shields.io/docker/stars/hotelsdotcom/flyte-ldap.svg)](https://hub.docker.com/r/hotelsdotcom/flyte-ldap) [![Docker Pulls](https://img.shields.io/docker/pulls/hotelsdotcom/flyte-ldap.svg)](https://hub.docker.com/r/hotelsdotcom/flyte-ldap) -### Overview +##### Overview The LDAP pack provides the ability to connect to and search directories, e.g. Microsoft Active Directory. ## Build and Run From 36e6ad1ce819ff4763bf6b72dc73e2ab67c5ec0f Mon Sep 17 00:00:00 2001 From: songupta7 Date: Fri, 27 May 2022 14:27:21 +0530 Subject: [PATCH 03/10] Changes to connect via TLS --- command/groups.go | 3 +++ group/search.go | 2 +- group/search_test.go | 39 ++++++++++++++++++++++++++++++--------- ldap/client.go | 24 ++++++++++++++++++++++++ 4 files changed, 58 insertions(+), 10 deletions(-) diff --git a/command/groups.go b/command/groups.go index c15caa7..3f5584c 100644 --- a/command/groups.go +++ b/command/groups.go @@ -20,6 +20,7 @@ import ( "encoding/json" "github.com/ExpediaGroup/flyte-ldap/group" "github.com/HotelsDotCom/flyte-client/flyte" + "github.com/HotelsDotCom/go-logger" ) const getGroupsCommandName = "GetGroups" @@ -64,8 +65,10 @@ func getGroupsHandler(searcher group.Searcher, searchDetails *group.SearchDetail // group search userGroups, err := searcher.GetGroupsFor(searchDetails, args.UserName) if err != nil { + logger.Debugf("Got error as %v", err) return NewGetGroupsErrorEvent(err.Error(), args.UserName) } + logger.Debugf("Got the user groups as %v", userGroups) return flyte.Event{ EventDef: getGroupsSuccessEventDef, diff --git a/group/search.go b/group/search.go index c7338e5..3c744f0 100644 --- a/group/search.go +++ b/group/search.go @@ -43,7 +43,7 @@ func NewSearcher(client ldap.Client) Searcher { } func (searcher *searcher) GetGroupsFor(sd *SearchDetails, username string) ([]string, error) { - if err := searcher.client.Connect(); err != nil { + if err := searcher.client.ConnectTls(); err != nil { return nil, err } defer searcher.client.Close() diff --git a/group/search_test.go b/group/search_test.go index b8a8558..a9bcdb2 100644 --- a/group/search_test.go +++ b/group/search_test.go @@ -32,6 +32,10 @@ func TestClientConnectAndCloseAreCalledWhenCallingGetGroupsFor(t *testing.T) { isClientConnectCalled = true return nil }, + connectTls: func() error { + isClientConnectCalled = true + return nil + }, close: func() { isClientCloseCalled = true }, @@ -59,6 +63,9 @@ func TestErrorIsReturnedIfClientConnectError(t *testing.T) { connect: func() error { return errors.New("Meh") }, + connectTls: func() error { + return errors.New("Meh") + }, } searcher := NewSearcher(mockClient) searchDetails := &SearchDetails{} @@ -91,7 +98,10 @@ func TestSearchShouldReturnsUserGroups(t *testing.T) { } mockClient := &mockClient{ connect: func() error { return nil }, - close: func() {}, + connectTls: func() error { + return nil + }, + close: func() {}, search: func(sr ldap.SearchRequest) (*ldapClient.SearchResult, error) { return returnedSearchResults, nil }} @@ -120,7 +130,10 @@ func TestSearchShouldReturnsUserGroups(t *testing.T) { func TestSearchShouldNotReturnsUserGroupsIfNoSearchResultsAreReturned(t *testing.T) { mockClient := &mockClient{ connect: func() error { return nil }, - close: func() {}, + connectTls: func() error { + return nil + }, + close: func() {}, search: func(sr ldap.SearchRequest) (*ldapClient.SearchResult, error) { return &ldapClient.SearchResult{}, nil }} @@ -139,8 +152,10 @@ func TestSearchShouldNotReturnsUserGroupsIfNoSearchResultsAreReturned(t *testing func TestSearchShouldReturnClientSearchError(t *testing.T) { mockClient := &mockClient{ - connect: func() error { return nil }, - close: func() {}, + connect: func() error { return nil }, + connectTls: func() error { return nil }, + + close: func() {}, search: func(sr ldap.SearchRequest) (*ldapClient.SearchResult, error) { return nil, errors.New("Some error") }} @@ -160,8 +175,9 @@ func TestSearchShouldReturnClientSearchError(t *testing.T) { func TestCorrectParametersArePassedToClientSearch(t *testing.T) { var searchRequest ldap.SearchRequest mockClient := &mockClient{ - connect: func() error { return nil }, - close: func() {}, + connect: func() error { return nil }, + connectTls: func() error { return nil }, + close: func() {}, search: func(sr ldap.SearchRequest) (*ldapClient.SearchResult, error) { searchRequest = sr return &ldapClient.SearchResult{}, nil @@ -239,9 +255,14 @@ func someSearchDetails() *SearchDetails { } type mockClient struct { - connect func() error - close func() - search func(sr ldap.SearchRequest) (*ldapClient.SearchResult, error) + connect func() error + connectTls func() error + close func() + search func(sr ldap.SearchRequest) (*ldapClient.SearchResult, error) +} + +func (c *mockClient) ConnectTls() error { + return c.connectTls() } func (c *mockClient) Connect() error { diff --git a/ldap/client.go b/ldap/client.go index d532271..e27a4e6 100644 --- a/ldap/client.go +++ b/ldap/client.go @@ -17,12 +17,15 @@ limitations under the License. package ldap import ( + "crypto/tls" "fmt" + "github.com/HotelsDotCom/go-logger" "gopkg.in/ldap.v2" ) type Client interface { Connect() error + ConnectTls() error Search(sr SearchRequest) (*ldap.SearchResult, error) Close() } @@ -56,6 +59,27 @@ func NewClient(bindUsername, bindPassword, ldapServerUrl string) Client { func (c *ldapClient) Connect() error { ldapConn, err := ldap.Dial("tcp", c.ldapServerUrl) + logger.Debugf("%v got URL as ", c.ldapServerUrl) + if err != nil { + return fmt.Errorf("Cannot connect to LDAP: %v", err) + } + + err = ldapConn.Bind(c.bindUsername, c.bindPassword) + if err != nil { + ldapConn.Close() + return fmt.Errorf("Cannot bind to LDAP: %v", err) + } + + c.ldapSearcher = ldapConn + + return nil +} + +func (c *ldapClient) ConnectTls() error { + var config tls.Config + config.InsecureSkipVerify = true + ldapConn, err := ldap.DialTLS("tcp", c.ldapServerUrl, &config) + logger.Debugf("%v got URL as ", c.ldapServerUrl) if err != nil { return fmt.Errorf("Cannot connect to LDAP: %v", err) } From 50fcdf1ec5ed7a6fedd00098741c1369db489e20 Mon Sep 17 00:00:00 2001 From: songupta7 Date: Fri, 27 May 2022 14:34:00 +0530 Subject: [PATCH 04/10] Removed debug traces --- command/groups.go | 3 --- ldap/client.go | 1 - 2 files changed, 4 deletions(-) diff --git a/command/groups.go b/command/groups.go index 3f5584c..c15caa7 100644 --- a/command/groups.go +++ b/command/groups.go @@ -20,7 +20,6 @@ import ( "encoding/json" "github.com/ExpediaGroup/flyte-ldap/group" "github.com/HotelsDotCom/flyte-client/flyte" - "github.com/HotelsDotCom/go-logger" ) const getGroupsCommandName = "GetGroups" @@ -65,10 +64,8 @@ func getGroupsHandler(searcher group.Searcher, searchDetails *group.SearchDetail // group search userGroups, err := searcher.GetGroupsFor(searchDetails, args.UserName) if err != nil { - logger.Debugf("Got error as %v", err) return NewGetGroupsErrorEvent(err.Error(), args.UserName) } - logger.Debugf("Got the user groups as %v", userGroups) return flyte.Event{ EventDef: getGroupsSuccessEventDef, diff --git a/ldap/client.go b/ldap/client.go index e27a4e6..8a46704 100644 --- a/ldap/client.go +++ b/ldap/client.go @@ -79,7 +79,6 @@ func (c *ldapClient) ConnectTls() error { var config tls.Config config.InsecureSkipVerify = true ldapConn, err := ldap.DialTLS("tcp", c.ldapServerUrl, &config) - logger.Debugf("%v got URL as ", c.ldapServerUrl) if err != nil { return fmt.Errorf("Cannot connect to LDAP: %v", err) } From 04807d606b07008bd81c3ccee12122dd0ff059ad Mon Sep 17 00:00:00 2001 From: songupta7 <97512350+songupta7@users.noreply.github.com> Date: Wed, 1 Jun 2022 11:59:19 +0530 Subject: [PATCH 05/10] Update README.md Co-authored-by: Dan Gorst --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index e956a5a..f7e72e4 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ [![Docker Stars](https://img.shields.io/docker/stars/hotelsdotcom/flyte-ldap.svg)](https://hub.docker.com/r/hotelsdotcom/flyte-ldap) [![Docker Pulls](https://img.shields.io/docker/pulls/hotelsdotcom/flyte-ldap.svg)](https://hub.docker.com/r/hotelsdotcom/flyte-ldap) -##### Overview +## Overview The LDAP pack provides the ability to connect to and search directories, e.g. Microsoft Active Directory. ## Build and Run From 549c580407de40012a9529ce24b9eed441f34163 Mon Sep 17 00:00:00 2001 From: songupta7 Date: Wed, 1 Jun 2022 13:09:47 +0530 Subject: [PATCH 06/10] Incorporated the review comments --- group/search.go | 9 ++++++++- main.go | 5 +++++ 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/group/search.go b/group/search.go index 3c744f0..32f5d58 100644 --- a/group/search.go +++ b/group/search.go @@ -28,6 +28,7 @@ type SearchDetails struct { SearchFilter string GroupAttribute string // the attribute that gives the name of the group from the attribute values, e.g. 'cn' SearchTimeout int + EnableTLS bool } type Searcher interface { @@ -43,7 +44,13 @@ func NewSearcher(client ldap.Client) Searcher { } func (searcher *searcher) GetGroupsFor(sd *SearchDetails, username string) ([]string, error) { - if err := searcher.client.ConnectTls(); err != nil { + var err error + if sd.EnableTLS == true { + err = searcher.client.ConnectTls() + } else { + err = searcher.client.Connect() + } + if err != nil { return nil, err } defer searcher.client.Close() diff --git a/main.go b/main.go index a353ac4..7e17544 100644 --- a/main.go +++ b/main.go @@ -47,6 +47,10 @@ func main() { if err != nil { logger.Fatalf("LDAP group timeout '%v' not convertible to an integer. Error: %v", configVal("SEARCH_TIMEOUT_IN_SECONDS"), err) } + tlsEnabledFlag, err := strconv.ParseBool(configVal("ENABLE_TLS")) + if err != nil { + logger.Fatalf("TLS enabled flag is not provided '%v' Error: %v", configVal("ENABLE_TLS"), err) + } lc := ldap.NewClient(configVal("BIND_USERNAME"), configVal("BIND_PASSWORD"), configVal("LDAP_URL")) searcher := group.NewSearcher(lc) @@ -56,6 +60,7 @@ func main() { SearchFilter: configVal("SEARCH_FILTER"), SearchTimeout: searchTimeout, GroupAttribute: configVal("GROUP_ATTRIBUTE"), + EnableTLS: tlsEnabledFlag, } packDef := flyte.PackDef{ From b396c8663973d8194b0a81f461e5065f35ce6a86 Mon Sep 17 00:00:00 2001 From: songupta7 Date: Wed, 1 Jun 2022 14:36:22 +0530 Subject: [PATCH 07/10] Incorporated the review comments- Added InsecureSkipVerify Env variable --- README.md | 8 ++++---- group/search.go | 15 ++++++++------- group/search_test.go | 18 +++++++++--------- ldap/client.go | 8 +++----- main.go | 17 +++++++++++------ 5 files changed, 35 insertions(+), 31 deletions(-) diff --git a/README.md b/README.md index f7e72e4..4f3ce91 100644 --- a/README.md +++ b/README.md @@ -13,10 +13,10 @@ To build and run from the command line: * Clone this repo * Run `dep ensure` (must have [dep](https://github.com/golang/dep) installed ) * Run `go build` -* Run `FLYTE_API_URL= BIND_USERNAME= BIND_PASSWORD= LDAP_URL= GROUP_ATTRIBUTE= ATTRIBUTES= BASE_DN= SEARCH_FILTER= SEARCH_TIMEOUT_IN_SECONDS= ./flyte-ldap` +* Run `FLYTE_API_URL= BIND_USERNAME= BIND_PASSWORD= LDAP_URL= GROUP_ATTRIBUTE= ATTRIBUTES= BASE_DN= SEARCH_FILTER= SEARCH_TIMEOUT_IN_SECONDS= ENABLE_TLS= INSECURE_SKIP_VERIFY= ./flyte-ldap` * All of these environment variables need to be provided with the exception of 'SEARCH_TIMEOUT_IN_SECONDS', which has a default (see main.go). #### Example -* Run `FLYTE_API_URL='http://myflyteapi.com' BIND_USERNAME='someUsername' BIND_PASSWORD='somePassword' LDAP_URL='my.ldap.com:123' GROUP_ATTRIBUTE='cn' ATTRIBUTES='memberOf' BASE_DN='DC=QQ,DC=WOW,DC=XYZ,DC=com' SEARCH_FILTER='(mailNickname={username})' SEARCH_TIMEOUT_IN_SECONDS='20' ./flyte-ldap` +* Run `FLYTE_API_URL='http://myflyteapi.com' BIND_USERNAME='someUsername' BIND_PASSWORD='somePassword' LDAP_URL='my.ldap.com:123' GROUP_ATTRIBUTE='cn' ATTRIBUTES='memberOf' BASE_DN='DC=QQ,DC=WOW,DC=XYZ,DC=com' SEARCH_FILTER='(mailNickname={username})' SEARCH_TIMEOUT_IN_SECONDS='20' ENABLE_TLS= INSECURE_SKIP_VERIFY= ./flyte-ldap` ### Run tests To run the unit tests: @@ -25,10 +25,10 @@ To run the unit tests: ### Docker To build and run from docker * Run `docker build -t flyte-ldap .` -* Run `docker run -e FLYTE_API_URL= -e BIND_USERNAME= -e BIND_PASSWORD= -e LDAP_URL= -e GROUP_ATTRIBUTE= -e ATTRIBUTES= -e BASE_DN= -e SEARCH_FILTER= -e SEARCH_TIMEOUT_IN_SECONDS= flyte-ldap` +* Run `docker run -e FLYTE_API_URL= -e BIND_USERNAME= -e BIND_PASSWORD= -e LDAP_URL= -e GROUP_ATTRIBUTE= -e ATTRIBUTES= -e BASE_DN= -e SEARCH_FILTER= -e SEARCH_TIMEOUT_IN_SECONDS= -e ENABLE_TLS='True' -e INSECURE_SKIP_VERIFY='True' flyte-ldap` * All of these environment variables need to be provided with the exception of 'SEARCH_TIMEOUT_IN_SECONDS', which has a default (see main.go). #### Example -* Run `docker run -e FLYTE_API_URL='http://myflyteapi.com' -e BIND_USERNAME='someUsername' -e BIND_PASSWORD='somePassword' -e LDAP_URL='my.ldap.com:123' -e GROUP_ATTRIBUTE='cn' -e ATTRIBUTES='memberOf' -e BASE_DN='DC=QQ,DC=WOW,DC=XYZ,DC=com' -e SEARCH_FILTER='(mailNickname={username})' -e SEARCH_TIMEOUT_IN_SECONDS='20' flyte-ldap` +* Run `docker run -e FLYTE_API_URL='http://myflyteapi.com' -e BIND_USERNAME='someUsername' -e BIND_PASSWORD='somePassword' -e LDAP_URL='my.ldap.com:123' -e GROUP_ATTRIBUTE='cn' -e ATTRIBUTES='memberOf' -e BASE_DN='DC=QQ,DC=WOW,DC=XYZ,DC=com' -e SEARCH_FILTER='(mailNickname={username})' -e SEARCH_TIMEOUT_IN_SECONDS='20' -e ENABLE_TLS='True' -e INSECURE_SKIP_VERIFY='True' flyte-ldap` #### LDAP Attribute explanation diff --git a/group/search.go b/group/search.go index 32f5d58..600115f 100644 --- a/group/search.go +++ b/group/search.go @@ -23,12 +23,13 @@ import ( ) type SearchDetails struct { - Attributes []string // i.e. the attributes to be returned by the group, e.g. 'memberOf' - BaseDn string - SearchFilter string - GroupAttribute string // the attribute that gives the name of the group from the attribute values, e.g. 'cn' - SearchTimeout int - EnableTLS bool + Attributes []string // i.e. the attributes to be returned by the group, e.g. 'memberOf' + BaseDn string + SearchFilter string + GroupAttribute string // the attribute that gives the name of the group from the attribute values, e.g. 'cn' + SearchTimeout int + EnableTLS bool + InsecureSkipVerify bool } type Searcher interface { @@ -46,7 +47,7 @@ func NewSearcher(client ldap.Client) Searcher { func (searcher *searcher) GetGroupsFor(sd *SearchDetails, username string) ([]string, error) { var err error if sd.EnableTLS == true { - err = searcher.client.ConnectTls() + err = searcher.client.ConnectTls(sd.InsecureSkipVerify) } else { err = searcher.client.Connect() } diff --git a/group/search_test.go b/group/search_test.go index a9bcdb2..cc444d7 100644 --- a/group/search_test.go +++ b/group/search_test.go @@ -32,7 +32,7 @@ func TestClientConnectAndCloseAreCalledWhenCallingGetGroupsFor(t *testing.T) { isClientConnectCalled = true return nil }, - connectTls: func() error { + connectTls: func(insecureSkipVerify bool) error { isClientConnectCalled = true return nil }, @@ -63,7 +63,7 @@ func TestErrorIsReturnedIfClientConnectError(t *testing.T) { connect: func() error { return errors.New("Meh") }, - connectTls: func() error { + connectTls: func(insecureSkipVerify bool) error { return errors.New("Meh") }, } @@ -98,7 +98,7 @@ func TestSearchShouldReturnsUserGroups(t *testing.T) { } mockClient := &mockClient{ connect: func() error { return nil }, - connectTls: func() error { + connectTls: func(insecureSkipVerify bool) error { return nil }, close: func() {}, @@ -130,7 +130,7 @@ func TestSearchShouldReturnsUserGroups(t *testing.T) { func TestSearchShouldNotReturnsUserGroupsIfNoSearchResultsAreReturned(t *testing.T) { mockClient := &mockClient{ connect: func() error { return nil }, - connectTls: func() error { + connectTls: func(insecureSkipVerify bool) error { return nil }, close: func() {}, @@ -153,7 +153,7 @@ func TestSearchShouldNotReturnsUserGroupsIfNoSearchResultsAreReturned(t *testing func TestSearchShouldReturnClientSearchError(t *testing.T) { mockClient := &mockClient{ connect: func() error { return nil }, - connectTls: func() error { return nil }, + connectTls: func(insecureSkipVerify bool) error { return nil }, close: func() {}, search: func(sr ldap.SearchRequest) (*ldapClient.SearchResult, error) { @@ -176,7 +176,7 @@ func TestCorrectParametersArePassedToClientSearch(t *testing.T) { var searchRequest ldap.SearchRequest mockClient := &mockClient{ connect: func() error { return nil }, - connectTls: func() error { return nil }, + connectTls: func(insecureSkipVerify bool) error { return nil }, close: func() {}, search: func(sr ldap.SearchRequest) (*ldapClient.SearchResult, error) { searchRequest = sr @@ -256,13 +256,13 @@ func someSearchDetails() *SearchDetails { type mockClient struct { connect func() error - connectTls func() error + connectTls func(insecureSkipVerify bool) error close func() search func(sr ldap.SearchRequest) (*ldapClient.SearchResult, error) } -func (c *mockClient) ConnectTls() error { - return c.connectTls() +func (c *mockClient) ConnectTls(insecureSkipVerify bool) error { + return c.connectTls(true) } func (c *mockClient) Connect() error { diff --git a/ldap/client.go b/ldap/client.go index 8a46704..2ecaca0 100644 --- a/ldap/client.go +++ b/ldap/client.go @@ -25,7 +25,7 @@ import ( type Client interface { Connect() error - ConnectTls() error + ConnectTls(insecureSkipVerify bool) error Search(sr SearchRequest) (*ldap.SearchResult, error) Close() } @@ -75,10 +75,8 @@ func (c *ldapClient) Connect() error { return nil } -func (c *ldapClient) ConnectTls() error { - var config tls.Config - config.InsecureSkipVerify = true - ldapConn, err := ldap.DialTLS("tcp", c.ldapServerUrl, &config) +func (c *ldapClient) ConnectTls(insecureSkipVerify bool) error { + ldapConn, err := ldap.DialTLS("tcp", c.ldapServerUrl, &tls.Config{InsecureSkipVerify: insecureSkipVerify}) if err != nil { return fmt.Errorf("Cannot connect to LDAP: %v", err) } diff --git a/main.go b/main.go index 7e17544..d6925f9 100644 --- a/main.go +++ b/main.go @@ -51,16 +51,21 @@ func main() { if err != nil { logger.Fatalf("TLS enabled flag is not provided '%v' Error: %v", configVal("ENABLE_TLS"), err) } + insecureSkipVerify, err := strconv.ParseBool(configVal("INSECURE_SKIP_VERIFY")) + if err != nil { + logger.Fatalf("TLS enabled flag is not provided '%v' Error: %v", configVal("INSECURE_SKIP_VERIFY"), err) + } lc := ldap.NewClient(configVal("BIND_USERNAME"), configVal("BIND_PASSWORD"), configVal("LDAP_URL")) searcher := group.NewSearcher(lc) searchDetails := &group.SearchDetails{ - Attributes: strings.Split(configVal("ATTRIBUTES"), ","), - BaseDn: configVal("BASE_DN"), - SearchFilter: configVal("SEARCH_FILTER"), - SearchTimeout: searchTimeout, - GroupAttribute: configVal("GROUP_ATTRIBUTE"), - EnableTLS: tlsEnabledFlag, + Attributes: strings.Split(configVal("ATTRIBUTES"), ","), + BaseDn: configVal("BASE_DN"), + SearchFilter: configVal("SEARCH_FILTER"), + SearchTimeout: searchTimeout, + GroupAttribute: configVal("GROUP_ATTRIBUTE"), + EnableTLS: tlsEnabledFlag, + InsecureSkipVerify: insecureSkipVerify, } packDef := flyte.PackDef{ From f727844fb3197562378e7c599f44955d8376c73b Mon Sep 17 00:00:00 2001 From: songupta7 Date: Wed, 1 Jun 2022 14:38:08 +0530 Subject: [PATCH 08/10] Remove the trace --- ldap/client.go | 2 -- 1 file changed, 2 deletions(-) diff --git a/ldap/client.go b/ldap/client.go index 2ecaca0..45b214f 100644 --- a/ldap/client.go +++ b/ldap/client.go @@ -19,7 +19,6 @@ package ldap import ( "crypto/tls" "fmt" - "github.com/HotelsDotCom/go-logger" "gopkg.in/ldap.v2" ) @@ -59,7 +58,6 @@ func NewClient(bindUsername, bindPassword, ldapServerUrl string) Client { func (c *ldapClient) Connect() error { ldapConn, err := ldap.Dial("tcp", c.ldapServerUrl) - logger.Debugf("%v got URL as ", c.ldapServerUrl) if err != nil { return fmt.Errorf("Cannot connect to LDAP: %v", err) } From c8c07c7ae28ac42c6ce7b031ee6ed6e36d3451d8 Mon Sep 17 00:00:00 2001 From: songupta7 Date: Wed, 1 Jun 2022 14:46:37 +0530 Subject: [PATCH 09/10] flag name corrected --- main.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.go b/main.go index d6925f9..fd26d4c 100644 --- a/main.go +++ b/main.go @@ -53,7 +53,7 @@ func main() { } insecureSkipVerify, err := strconv.ParseBool(configVal("INSECURE_SKIP_VERIFY")) if err != nil { - logger.Fatalf("TLS enabled flag is not provided '%v' Error: %v", configVal("INSECURE_SKIP_VERIFY"), err) + logger.Fatalf("InsecureSkipVerify flag is not provided '%v' Error: %v", configVal("INSECURE_SKIP_VERIFY"), err) } lc := ldap.NewClient(configVal("BIND_USERNAME"), configVal("BIND_PASSWORD"), configVal("LDAP_URL")) From 8eb109f313634b172af57df393ebd0187c0c2f5c Mon Sep 17 00:00:00 2001 From: songupta7 Date: Thu, 2 Jun 2022 10:43:01 +0530 Subject: [PATCH 10/10] setting default value of insecureSkipVerify flag to false --- main.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.go b/main.go index fd26d4c..ff2527f 100644 --- a/main.go +++ b/main.go @@ -53,7 +53,7 @@ func main() { } insecureSkipVerify, err := strconv.ParseBool(configVal("INSECURE_SKIP_VERIFY")) if err != nil { - logger.Fatalf("InsecureSkipVerify flag is not provided '%v' Error: %v", configVal("INSECURE_SKIP_VERIFY"), err) + insecureSkipVerify = false } lc := ldap.NewClient(configVal("BIND_USERNAME"), configVal("BIND_PASSWORD"), configVal("LDAP_URL"))