Torkel Ödegaard
57 lines
1.2 KiB
Go
57 lines
1.2 KiB
Go
package ldapauth
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
"net/url"
|
|
|
|
"github.com/go-ldap/ldap"
|
|
"github.com/grafana/grafana/pkg/log"
|
|
"github.com/grafana/grafana/pkg/setting"
|
|
)
|
|
|
|
var (
|
|
ErrInvalidCredentials = errors.New("Invalid Username or Password")
|
|
)
|
|
|
|
func Login(username, password string) error {
|
|
url, err := url.Parse(setting.LdapHosts[0])
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
log.Info("Host: %v", url.Host)
|
|
conn, err := ldap.Dial("tcp", url.Host)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
defer conn.Close()
|
|
|
|
bindFormat := "cn=%s,dc=grafana,dc=org"
|
|
|
|
nx := fmt.Sprintf(bindFormat, username)
|
|
err = conn.Bind(nx, password)
|
|
|
|
if err != nil {
|
|
if ldapErr, ok := err.(*ldap.Error); ok {
|
|
if ldapErr.ResultCode == 49 {
|
|
return ErrInvalidCredentials
|
|
}
|
|
}
|
|
return err
|
|
}
|
|
return nil
|
|
|
|
// search := ldap.NewSearchRequest(url.Path,
|
|
// ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
|
|
// fmt.Sprintf(ls.Filter, name),
|
|
// []string{ls.AttributeUsername, ls.AttributeName, ls.AttributeSurname, ls.AttributeMail},
|
|
// nil)
|
|
// sr, err := l.Search(search)
|
|
// if err != nil {
|
|
// log.Debug("LDAP Authen OK but not in filter %s", name)
|
|
// return "", "", "", "", false
|
|
// }
|
|
}
|