예제 #1
0
// queryForUser queries for an LDAP user entry identified with an LDAP user UID on an LDAP server
// determined from a clientConfig by creating a search request from an LDAP query template and
// determining which attributes to search for with a LDAPuserAttributeDefiner
func (e *LDAPInterface) queryForUser(ldapUserUID string) (*ldap.Entry, error) {
	// create the search request
	searchRequest, err := e.userQuery.NewSearchRequest(ldapUserUID, e.requiredUserAttributes())
	if err != nil {
		return nil, err
	}

	return ldaputil.QueryForUniqueEntry(e.clientConfig, searchRequest)
}
예제 #2
0
// queryForGroup queries for a specific group identified by a ldapGroupUID with the query config stored
// in a LDAPInterface
func (e *LDAPInterface) queryForGroup(ldapGroupUID string) (group *ldap.Entry, err error) {
	allAttributes := sets.NewString(e.groupNameAttributes...)
	allAttributes.Insert(e.groupMembershipAttributes...)

	// create the search request
	searchRequest, err := e.groupQuery.NewSearchRequest(ldapGroupUID, allAttributes.List())
	if err != nil {
		return nil, err
	}

	return ldaputil.QueryForUniqueEntry(e.clientConfig, searchRequest)
}
예제 #3
0
// userEntryFor returns an LDAP group entry for the given group UID by searching the internal cache
// of the LDAPInterface first, then sending an LDAP query if the cache did not contain the entry
func (e *LDAPInterface) userEntryFor(ldapUserUID string) (user *ldap.Entry, err error) {
	user, exists := e.cachedUsers[ldapUserUID]
	if exists {
		return user, nil
	}

	searchRequest, err := e.userQuery.NewSearchRequest(ldapUserUID, e.requiredUserAttributes())
	if err != nil {
		return nil, err
	}

	user, err = ldaputil.QueryForUniqueEntry(e.clientConfig, searchRequest)
	if err != nil {
		return nil, err
	}
	e.cachedUsers[ldapUserUID] = user
	return user, nil
}
예제 #4
0
// GroupEntryFor returns an LDAP group entry for the given group UID by searching the internal cache
// of the LDAPInterface first, then sending an LDAP query if the cache did not contain the entry.
// This also satisfies the LDAPGroupGetter interface
func (e *LDAPInterface) GroupEntryFor(ldapGroupUID string) (*ldap.Entry, error) {
	group, exists := e.cachedGroups[ldapGroupUID]
	if exists {
		return group, nil
	}

	searchRequest, err := e.groupQuery.NewSearchRequest(ldapGroupUID, e.requiredGroupAttributes())
	if err != nil {
		return nil, err
	}

	group, err = ldaputil.QueryForUniqueEntry(e.clientConfig, searchRequest)
	if err != nil {
		return nil, err
	}
	e.cachedGroups[ldapGroupUID] = group
	return group, nil
}