分享
golang ldap
csimonj · · 2812 次点击 · · 开始浏览这是一个创建于 的文章,其中的信息可能已经有所发展或是发生改变。
配置:
addr:ip:389
bindUserName: cn=admin,dc=simon,dc=com
bindPassword:xxxxx
searchDn: dc=simon,dc=com
实现
参考:https://github.com/go-ldap/ldap
import (
"fmt"
"github.com/go-ldap/ldap"
)
type LDAPConfig struct {
Addr string
BindUserName string
BindPassword string
SearchDN string
}
type LDAPService struct {
Conn *ldap.Conn
Config LDAPConfig
}
func NewLDAPService(config LDAPConfig) (*LDAPService, error) {
conn, err := ldap.Dial("tcp", config.Addr)
if err != nil {
return nil, err
}
// NOTE(chenjun): 暂时先不skip verify
// err = conn.StartTLS(&tls.Config{InsecureSkipVerify: true})
// if err != nil {
// return nil, err
// }
err = conn.Bind(config.BindUserName, config.BindPassword)
if err != nil {
return nil, err
}
return &LDAPService{Conn: conn, Config: config}, nil
}
// Login 登录
func (l *LDAPService) Login(userName, password string) (bool, error) {
searchRequest := ldap.NewSearchRequest(
l.SearchDN,
ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
fmt.Sprintf("(&(objectClass=inetOrgPerson)(mail=%s))", userName),
[]string{"dn"},
nil,
)
sr, err := l.Conn.Search(searchRequest)
if err != nil {
return false, err
}
if len(sr.Entries) != 1 {
return false, fmt.Errorf("User does not exist or too many entries returned")
}
userDN := sr.Entries[0].DN
err = l.Conn.Bind(userDN, password)
if err != nil {
return false, err
}
err = l.Conn.Bind(l.Config.BindUserName, l.Config.BindPassword)
if err != nil {
return false, nil
}
return true, nil
}```有疑问加站长微信联系(非本文作者)
入群交流(和以上内容无关):加入Go大咖交流群,或添加微信:liuxiaoyan-s 备注:入群;或加QQ群:692541889
关注微信2812 次点击
添加一条新回复
(您需要 后才能回复 没有账号 ?)
- 请尽量让自己的回复能够对别人有帮助
- 支持 Markdown 格式, **粗体**、~~删除线~~、
`单行代码` - 支持 @ 本站用户;支持表情(输入 : 提示),见 Emoji cheat sheet
- 图片支持拖拽、截图粘贴等方式上传
收入到我管理的专栏 新建专栏
配置:
addr:ip:389
bindUserName: cn=admin,dc=simon,dc=com
bindPassword:xxxxx
searchDn: dc=simon,dc=com
实现
参考:https://github.com/go-ldap/ldap
import (
"fmt"
"github.com/go-ldap/ldap"
)
type LDAPConfig struct {
Addr string
BindUserName string
BindPassword string
SearchDN string
}
type LDAPService struct {
Conn *ldap.Conn
Config LDAPConfig
}
func NewLDAPService(config LDAPConfig) (*LDAPService, error) {
conn, err := ldap.Dial("tcp", config.Addr)
if err != nil {
return nil, err
}
// NOTE(chenjun): 暂时先不skip verify
// err = conn.StartTLS(&tls.Config{InsecureSkipVerify: true})
// if err != nil {
// return nil, err
// }
err = conn.Bind(config.BindUserName, config.BindPassword)
if err != nil {
return nil, err
}
return &LDAPService{Conn: conn, Config: config}, nil
}
// Login 登录
func (l *LDAPService) Login(userName, password string) (bool, error) {
searchRequest := ldap.NewSearchRequest(
l.SearchDN,
ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
fmt.Sprintf("(&(objectClass=inetOrgPerson)(mail=%s))", userName),
[]string{"dn"},
nil,
)
sr, err := l.Conn.Search(searchRequest)
if err != nil {
return false, err
}
if len(sr.Entries) != 1 {
return false, fmt.Errorf("User does not exist or too many entries returned")
}
userDN := sr.Entries[0].DN
err = l.Conn.Bind(userDN, password)
if err != nil {
return false, err
}
err = l.Conn.Bind(l.Config.BindUserName, l.Config.BindPassword)
if err != nil {
return false, nil
}
return true, nil
}```