Compare commits
	
		
			34 Commits
		
	
	
		
			v1.0.5
			...
			16a70beb4c
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| 16a70beb4c | |||
|  | aab78cc262 | ||
|  | dd75e3cdb6 | ||
| 891c6c85b0 | |||
| 849b05a707 | |||
| d424e6dde0 | |||
| 9bce28767f | |||
| 16af2bfc84 | |||
| 8d5e2b4b86 | |||
| 5fdd48a946 | |||
| 49ae5b912c | |||
| 9d6b35c9a2 | |||
| 6fea43f1b3 | |||
| 6739d9b014 | |||
| ae181116d1 | |||
| 7a9516e276 | |||
| eb4d9548c2 | |||
| 82a326c11e | |||
| 487c83f163 | |||
| c2749a573e | |||
| eec5343c07 | |||
| b3a6ed5c4c | |||
| 72e6d38c84 | |||
| 877d018b60 | |||
| 1864200690 | |||
|  | 929c381cc8 | ||
|  | 105b11cae5 | ||
| 222864868d | |||
| 33566572fb | |||
| 7da5c22313 | |||
| bf80945168 | |||
| e18737c043 | |||
| 162eda70b9 | |||
| 0d1dd540c0 | 
							
								
								
									
										4
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										4
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							| @@ -1,3 +1,3 @@ | ||||
| **/go.sum | ||||
| **/config.json | ||||
| go.sum | ||||
| dist/* | ||||
| **/config.json | ||||
							
								
								
									
										4
									
								
								Makefile
									
									
									
									
									
								
							
							
						
						
									
										4
									
								
								Makefile
									
									
									
									
									
								
							| @@ -1,10 +1,10 @@ | ||||
| .PHONY: build test clean dev-init | ||||
| .PHONY: build test clean dev-init dev-reinit | ||||
|  | ||||
| build: clean | ||||
| 	@echo "======================== Building Binary =======================" | ||||
| 	CGO_ENABLED=0 go build -ldflags="-s -w" -v -o dist/ . | ||||
|  | ||||
| tests: dev-reinit | ||||
| test: dev-reinit | ||||
| 	@echo "======================== Running Tests =========================" | ||||
| 	go test -v -cover -coverpkg=./app/ -coverprofile coverage ./test/ | ||||
| 	@echo "======================= Coverage Report ========================" | ||||
|   | ||||
							
								
								
									
										13
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										13
									
								
								README.md
									
									
									
									
									
								
							| @@ -30,9 +30,16 @@ ProxmoxAAS LDAP provides a simple API for managing users and groups in a simplif | ||||
|  | ||||
| 1. Download `proxmoxaas-ldap` binary and `template.config.json` file from [releases](https://git.tronnet.net/tronnet/ProxmoxAAS-LDAP/releases) | ||||
| 2. Rename `template.config.json` to `config.json` and modify: | ||||
|     - listenPort: port for PAAS-LDAP to bind and listen on  | ||||
|     - ldapURL: url to the ldap server ie. `ldap://ldap.domain.net` | ||||
|     - baseDN: base DN ie. `dc=domain,dc=net` | ||||
|     - sessionSecretKey: random value used to randomize cookie values, replace with any sufficiently large random string | ||||
|     - startTLS: true if backend LDAP supports StartTLS | ||||
|     - basedn: base DN ie. `dc=domain,dc=net` | ||||
|     - sessionCookieName: name of the session cookie | ||||
|     - sessionCookie: specific cookie properties | ||||
|         - path: cookie path | ||||
|         - httpOnly: cookie http-only | ||||
|         - secure: cookie secure | ||||
|         - maxAge: cookie max-age | ||||
| 3. Run the binary | ||||
|  | ||||
| ## Building and Testing from Source | ||||
| @@ -50,4 +57,4 @@ Building requires the go toolchain. Testing requires the go toolchain, make, and | ||||
| 1. Clone the repository | ||||
| 2. Run `go get` to get requirements | ||||
| 3. Run `make dev-init` to install test requirements including openldap (slapd), ldap-utils, debconf-utils | ||||
| 4. Run `make tests` to run all tests | ||||
| 4. Run `make test` to run all tests | ||||
							
								
								
									
										21
									
								
								app/app.go
									
									
									
									
									
								
							
							
						
						
									
										21
									
								
								app/app.go
									
									
									
									
									
								
							| @@ -1,6 +1,7 @@ | ||||
| package app | ||||
|  | ||||
| import ( | ||||
| 	"crypto/rand" | ||||
| 	"encoding/gob" | ||||
| 	"flag" | ||||
| 	"log" | ||||
| @@ -15,11 +16,12 @@ import ( | ||||
| ) | ||||
|  | ||||
| var LDAPSessions map[string]*LDAPClient | ||||
| var AppVersion = "1.0.5" | ||||
| var AppVersion = "1.0.6" | ||||
| var APIVersion = "1.0.4" | ||||
|  | ||||
| func Run() { | ||||
| 	gob.Register(LDAPClient{}) | ||||
| 	gin.SetMode(gin.ReleaseMode) | ||||
|  | ||||
| 	log.Printf("Starting ProxmoxAAS-LDAP version %s\n", APIVersion) | ||||
|  | ||||
| @@ -28,13 +30,19 @@ func Run() { | ||||
|  | ||||
| 	config, err := GetConfig(*configPath) | ||||
| 	if err != nil { | ||||
| 		log.Fatal("Error when reading config file: ", err) | ||||
| 		log.Fatalf("Error when reading config file: %s\n", err) | ||||
| 	} | ||||
| 	log.Printf("Read in config from %s\n", *configPath) | ||||
|  | ||||
| 	gin.SetMode(gin.ReleaseMode) | ||||
| 	secretKey := make([]byte, 256) | ||||
| 	n, err := rand.Read(secretKey) | ||||
| 	if err != nil { | ||||
| 		log.Fatalf("Error when generating session secret key: %s\n", err.Error()) | ||||
| 	} | ||||
| 	log.Printf("Generated session secret key of length %d\n", n) | ||||
|  | ||||
| 	router := gin.Default() | ||||
| 	store := cookie.NewStore([]byte(config.SessionSecretKey)) | ||||
| 	store := cookie.NewStore(secretKey) | ||||
| 	store.Options(sessions.Options{ | ||||
| 		Path:     config.SessionCookie.Path, | ||||
| 		HttpOnly: config.SessionCookie.HttpOnly, | ||||
| @@ -310,5 +318,8 @@ func Run() { | ||||
|  | ||||
| 	log.Printf("Starting LDAP API on port %s\n", strconv.Itoa(config.ListenPort)) | ||||
|  | ||||
| 	router.Run("0.0.0.0:" + strconv.Itoa(config.ListenPort)) | ||||
| 	err = router.Run("0.0.0.0:" + strconv.Itoa(config.ListenPort)) | ||||
| 	if err != nil { | ||||
| 		log.Fatalf("Error starting router: %s", err.Error()) | ||||
| 	} | ||||
| } | ||||
|   | ||||
| @@ -13,7 +13,6 @@ type Config struct { | ||||
| 	LdapURL           string `json:"ldapURL"` | ||||
| 	StartTLS          bool   `json:"startTLS"` | ||||
| 	BaseDN            string `json:"baseDN"` | ||||
| 	SessionSecretKey  string `json:"sessionSecretKey"` | ||||
| 	SessionCookieName string `json:"sessionCookieName"` | ||||
| 	SessionCookie     struct { | ||||
| 		Path     string `json:"path"` | ||||
|   | ||||
| @@ -3,7 +3,6 @@ | ||||
|     "ldapURL": "ldap://localhost", | ||||
|     "startTLS": true, | ||||
|     "basedn": "dc=example,dc=com", | ||||
|     "sessionSecretKey": "super secret key", | ||||
|     "sessionCookieName": "PAASLDAPAuthTicket", | ||||
|     "sessionCookie": { | ||||
|         "path": "/", | ||||
|   | ||||
							
								
								
									
										37
									
								
								go.mod
									
									
									
									
									
								
							
							
						
						
									
										37
									
								
								go.mod
									
									
									
									
									
								
							| @@ -1,36 +1,35 @@ | ||||
| module proxmoxaas-ldap | ||||
|  | ||||
| go 1.23 | ||||
|  | ||||
| toolchain go1.23.2 | ||||
| go 1.23.6 | ||||
|  | ||||
| require ( | ||||
| 	github.com/gin-contrib/sessions v1.0.1 | ||||
| 	github.com/gin-contrib/sessions v1.0.2 | ||||
| 	github.com/gin-gonic/gin v1.10.0 | ||||
| 	github.com/go-ldap/ldap/v3 v3.4.8 | ||||
| 	github.com/go-ldap/ldap/v3 v3.4.10 | ||||
| 	github.com/nu7hatch/gouuid v0.0.0-20131221200532-179d4d0c4d8d | ||||
| ) | ||||
|  | ||||
| require ( | ||||
| 	github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 // indirect | ||||
| 	github.com/bytedance/sonic v1.12.3 // indirect | ||||
| 	github.com/bytedance/sonic/loader v0.2.0 // indirect | ||||
| 	github.com/cloudwego/base64x v0.1.4 // indirect | ||||
| 	github.com/bytedance/sonic v1.12.8 // indirect | ||||
| 	github.com/bytedance/sonic/loader v0.2.3 // indirect | ||||
| 	github.com/cloudwego/base64x v0.1.5 // indirect | ||||
| 	github.com/cloudwego/iasm v0.2.0 // indirect | ||||
| 	github.com/gabriel-vasile/mimetype v1.4.6 // indirect | ||||
| 	github.com/gin-contrib/sse v0.1.0 // indirect | ||||
| 	github.com/gabriel-vasile/mimetype v1.4.8 // indirect | ||||
| 	github.com/gin-contrib/sse v1.0.0 // indirect | ||||
| 	github.com/go-asn1-ber/asn1-ber v1.5.7 // indirect | ||||
| 	github.com/go-playground/locales v0.14.1 // indirect | ||||
| 	github.com/go-playground/universal-translator v0.18.1 // indirect | ||||
| 	github.com/go-playground/validator/v10 v10.22.1 // indirect | ||||
| 	github.com/goccy/go-json v0.10.3 // indirect | ||||
| 	github.com/go-playground/validator/v10 v10.24.0 // indirect | ||||
| 	github.com/goccy/go-json v0.10.5 // indirect | ||||
| 	github.com/google/go-cmp v0.6.0 // indirect | ||||
| 	github.com/google/uuid v1.6.0 // indirect | ||||
| 	github.com/gorilla/context v1.1.2 // indirect | ||||
| 	github.com/gorilla/securecookie v1.1.2 // indirect | ||||
| 	github.com/gorilla/sessions v1.4.0 // indirect | ||||
| 	github.com/json-iterator/go v1.1.12 // indirect | ||||
| 	github.com/klauspost/cpuid/v2 v2.2.8 // indirect | ||||
| 	github.com/klauspost/cpuid/v2 v2.2.9 // indirect | ||||
| 	github.com/knz/go-libedit v1.10.1 // indirect | ||||
| 	github.com/leodido/go-urn v1.4.0 // indirect | ||||
| 	github.com/mattn/go-isatty v0.0.20 // indirect | ||||
| 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect | ||||
| @@ -38,11 +37,11 @@ require ( | ||||
| 	github.com/pelletier/go-toml/v2 v2.2.3 // indirect | ||||
| 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect | ||||
| 	github.com/ugorji/go/codec v1.2.12 // indirect | ||||
| 	golang.org/x/arch v0.11.0 // indirect | ||||
| 	golang.org/x/crypto v0.28.0 // indirect | ||||
| 	golang.org/x/net v0.30.0 // indirect | ||||
| 	golang.org/x/sys v0.26.0 // indirect | ||||
| 	golang.org/x/text v0.19.0 // indirect | ||||
| 	google.golang.org/protobuf v1.35.1 // indirect | ||||
| 	golang.org/x/arch v0.14.0 // indirect | ||||
| 	golang.org/x/crypto v0.33.0 // indirect | ||||
| 	golang.org/x/net v0.35.0 // indirect | ||||
| 	golang.org/x/sys v0.30.0 // indirect | ||||
| 	golang.org/x/text v0.22.0 // indirect | ||||
| 	google.golang.org/protobuf v1.36.5 // indirect | ||||
| 	gopkg.in/yaml.v3 v3.0.1 // indirect | ||||
| ) | ||||
|   | ||||
| @@ -1,8 +1,8 @@ | ||||
| .PHONY: dev-init | ||||
| .PHONY: prerequisites dev-init dev-reinit | ||||
|  | ||||
| prerequisites: | ||||
| 	@echo "=================== Installing Prerequisites ===================" | ||||
| 	apt install debconf-utils slapd ldap-utils sudo gettext | ||||
| 	apt install debconf-utils slapd ldap-utils sudo gettext gnutls-bin | ||||
| 	git clone https://git.tronnet.net/tronnet/open-ldap-setup | ||||
| 	cd open-ldap-setup/; bash gencert.sh < ../gencert.conf; | ||||
| 	rm -rf open-ldap-setup/ | ||||
|   | ||||
| @@ -3,7 +3,6 @@ | ||||
|     "ldapURL": "ldap://localhost", | ||||
|     "startTLS": true, | ||||
|     "basedn": "dc=test,dc=paasldap", | ||||
|     "sessionSecretKey": "test", | ||||
|     "sessionCookieName": "PAASLDAPAuthTicket", | ||||
|     "sessionCookie": { | ||||
|         "path": "/", | ||||
|   | ||||
| @@ -18,7 +18,6 @@ func TestConfig_ValidPath(t *testing.T) { | ||||
| 	AssertEquals(t, "config.ListenPort", config.ListenPort, 80) | ||||
| 	AssertEquals(t, "config.LdapURL", config.LdapURL, "ldap://localhost") | ||||
| 	AssertEquals(t, "config.BaseDN", config.BaseDN, "dc=test,dc=paasldap") | ||||
| 	AssertEquals(t, "config.SessionSecretKey", config.SessionSecretKey, "test") | ||||
| 	AssertEquals(t, "config.SessionCookieName", config.SessionCookieName, "PAASLDAPAuthTicket") | ||||
| 	AssertEquals(t, "config.SessionCookie.Path", config.SessionCookie.Path, "/") | ||||
| 	AssertEquals(t, "config.SessionCookie.HttpOnly", config.SessionCookie.HttpOnly, true) | ||||
|   | ||||
		Reference in New Issue
	
	Block a user