Skip to content

Commit a6eeee3

Browse files
plaesplaes
committed
ldap: Make LdapService.config private
Now that we have ldap.BindService(), we don't need to access any members of LdapService.config externally.
1 parent a40cae3 commit a6eeee3

1 file changed

Lines changed: 10 additions & 10 deletions

File tree

internal/service/ldap_service.go

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -24,22 +24,22 @@ type LdapServiceConfig struct {
2424
}
2525

2626
type LdapService struct {
27-
Config LdapServiceConfig // exported so as the auth service can use it
27+
config LdapServiceConfig
2828
conn *ldapgo.Conn
2929
mutex sync.RWMutex
3030
cert *tls.Certificate
3131
}
3232

3333
func NewLdapService(config LdapServiceConfig) *LdapService {
3434
return &LdapService{
35-
Config: config,
35+
config: config,
3636
}
3737
}
3838

3939
func (ldap *LdapService) Init() error {
4040
// Check whether authentication with client certificate is possible
41-
if ldap.Config.AuthCert != "" && ldap.Config.AuthKey != "" {
42-
cert, err := tls.LoadX509KeyPair(ldap.Config.AuthCert, ldap.Config.AuthKey)
41+
if ldap.config.AuthCert != "" && ldap.config.AuthKey != "" {
42+
cert, err := tls.LoadX509KeyPair(ldap.config.AuthCert, ldap.config.AuthKey)
4343
if err != nil {
4444
return fmt.Errorf("failed to initalize LDAP with mTLS authentication: %w", err)
4545
}
@@ -76,13 +76,13 @@ func (ldap *LdapService) connect() (*ldapgo.Conn, error) {
7676
var err error
7777

7878
if ldap.cert != nil {
79-
conn, err = ldapgo.DialURL(ldap.Config.Address, ldapgo.DialWithTLSConfig(&tls.Config{
79+
conn, err = ldapgo.DialURL(ldap.config.Address, ldapgo.DialWithTLSConfig(&tls.Config{
8080
MinVersion: tls.VersionTLS12,
8181
Certificates: []tls.Certificate{*ldap.cert},
8282
}))
8383
} else {
84-
conn, err = ldapgo.DialURL(ldap.Config.Address, ldapgo.DialWithTLSConfig(&tls.Config{
85-
InsecureSkipVerify: ldap.Config.Insecure,
84+
conn, err = ldapgo.DialURL(ldap.config.Address, ldapgo.DialWithTLSConfig(&tls.Config{
85+
InsecureSkipVerify: ldap.config.Insecure,
8686
MinVersion: tls.VersionTLS12,
8787
}))
8888
}
@@ -102,10 +102,10 @@ func (ldap *LdapService) connect() (*ldapgo.Conn, error) {
102102
func (ldap *LdapService) Search(username string) (string, error) {
103103
// Escape the username to prevent LDAP injection
104104
escapedUsername := ldapgo.EscapeFilter(username)
105-
filter := fmt.Sprintf(ldap.Config.SearchFilter, escapedUsername)
105+
filter := fmt.Sprintf(ldap.config.SearchFilter, escapedUsername)
106106

107107
searchRequest := ldapgo.NewSearchRequest(
108-
ldap.Config.BaseDN,
108+
ldap.config.BaseDN,
109109
ldapgo.ScopeWholeSubtree, ldapgo.NeverDerefAliases, 0, 0, false,
110110
filter,
111111
[]string{"dn"},
@@ -138,7 +138,7 @@ func (ldap *LdapService) BindService(rebind bool) error {
138138
if ldap.cert != nil {
139139
return ldap.conn.ExternalBind()
140140
}
141-
return ldap.conn.Bind(ldap.Config.BindDN, ldap.Config.BindPassword)
141+
return ldap.conn.Bind(ldap.config.BindDN, ldap.config.BindPassword)
142142
}
143143

144144
func (ldap *LdapService) Bind(userDN string, password string) error {

0 commit comments

Comments
 (0)