github.com/Tyktechnologies/tyk@v2.9.5+incompatible/gateway/ldap_auth_handler.go (about)

     1  package gateway
     2  
     3  import (
     4  	"errors"
     5  	"strings"
     6  
     7  	"github.com/mavricknz/ldap"
     8  )
     9  
    10  // LDAPStorageHandler implements storage.Handler, this is a read-only implementation to access keys from an LDAP service
    11  type LDAPStorageHandler struct {
    12  	LDAPServer           string
    13  	LDAPPort             uint16
    14  	BaseDN               string
    15  	Attributes           []string
    16  	SessionAttributeName string
    17  	SearchString         string
    18  	store                *ldap.LDAPConnection
    19  }
    20  
    21  func (l *LDAPStorageHandler) LoadConfFromMeta(meta map[string]interface{}) {
    22  	l.LDAPServer = meta["ldap_server"].(string)
    23  	l.LDAPPort = uint16(meta["ldap_port"].(float64))
    24  	l.BaseDN = meta["base_dn"].(string)
    25  
    26  	attrArray := []string{}
    27  
    28  	for _, attr := range meta["attributes"].([]interface{}) {
    29  		val := attr.(string)
    30  		attrArray = append(attrArray, val)
    31  	}
    32  
    33  	l.Attributes = attrArray
    34  	l.SessionAttributeName = meta["session_attribute_name"].(string)
    35  	l.SearchString = meta["search_string"].(string)
    36  
    37  }
    38  
    39  func (l *LDAPStorageHandler) Connect() bool {
    40  	conn := ldap.NewLDAPConnection(l.LDAPServer, l.LDAPPort)
    41  	if err := conn.Connect(); err != nil {
    42  		log.Error("LDAP server connection failed: ", err)
    43  		return false
    44  	}
    45  	log.Info("LDAP: Connection established")
    46  	l.store = conn
    47  	return true
    48  }
    49  
    50  func (l *LDAPStorageHandler) GetKey(filter string) (string, error) {
    51  	log.Debug("Searching for filter: ", filter)
    52  
    53  	useFilter := strings.Replace(l.SearchString, "TYKKEYID", filter, 1)
    54  	log.Warning("Search filter is: ", useFilter)
    55  
    56  	search_request := ldap.NewSearchRequest(
    57  		l.BaseDN,
    58  		ldap.ScopeWholeSubtree, ldap.DerefAlways, 0, 0, false,
    59  		useFilter,
    60  		l.Attributes,
    61  		nil)
    62  
    63  	sr, err := l.store.Search(search_request)
    64  	if err != nil {
    65  		log.Debug("LDAP Key search failed: ", err)
    66  		return "", err
    67  	}
    68  
    69  	if len(sr.Entries) == 0 {
    70  		return "", nil
    71  	}
    72  
    73  	log.Debug("Found Key: ", sr.Entries[0])
    74  
    75  	entry := sr.Entries[0]
    76  
    77  	if entry.Attributes == nil {
    78  		log.Error("LDAP: No attributes found to check for session state. Failing")
    79  		return "", errors.New("Attributes for entry are empty")
    80  	}
    81  
    82  	for _, attr := range entry.Attributes {
    83  		if attr.Name == l.SessionAttributeName {
    84  			log.Debug("Found session data: ", attr.Values[0])
    85  			return attr.Values[0], nil
    86  		}
    87  	}
    88  
    89  	return "", nil
    90  }
    91  
    92  func (r *LDAPStorageHandler) GetMultiKey(keyNames []string) ([]string, error) {
    93  	log.Warning("Not implementated")
    94  
    95  	return nil, nil
    96  }
    97  
    98  func (l *LDAPStorageHandler) GetRawKey(filter string) (string, error) {
    99  	log.Warning("Not implementated")
   100  
   101  	return "", nil
   102  }
   103  
   104  func (l *LDAPStorageHandler) SetExp(cn string, exp int64) error {
   105  	log.Warning("Not implementated")
   106  	return nil
   107  }
   108  
   109  func (l *LDAPStorageHandler) GetExp(cn string) (int64, error) {
   110  	log.Warning("Not implementated")
   111  	return 0, nil
   112  }
   113  
   114  func (l *LDAPStorageHandler) GetKeys(filter string) []string {
   115  	log.Warning("Not implementated")
   116  	s := []string{}
   117  
   118  	return s
   119  }
   120  func (l *LDAPStorageHandler) GetKeysAndValues() map[string]string {
   121  	log.Warning("Not implementated")
   122  
   123  	s := map[string]string{}
   124  	return s
   125  }
   126  func (l *LDAPStorageHandler) GetKeysAndValuesWithFilter(filter string) map[string]string {
   127  	log.Warning("Not implementated")
   128  	s := map[string]string{}
   129  	return s
   130  }
   131  
   132  func (l *LDAPStorageHandler) SetKey(cn, session string, timeout int64) error {
   133  	l.notifyReadOnly()
   134  	return nil
   135  }
   136  
   137  func (l *LDAPStorageHandler) SetRawKey(cn, session string, timeout int64) error {
   138  	l.notifyReadOnly()
   139  	return nil
   140  }
   141  
   142  func (l *LDAPStorageHandler) DeleteKey(cn string) bool {
   143  	return l.notifyReadOnly()
   144  }
   145  
   146  func (r *LDAPStorageHandler) DeleteAllKeys() bool {
   147  	log.Warning("Not implementated")
   148  	return false
   149  }
   150  
   151  func (l *LDAPStorageHandler) DeleteRawKey(cn string) bool {
   152  	return l.notifyReadOnly()
   153  }
   154  
   155  func (l *LDAPStorageHandler) DeleteKeys(keys []string) bool {
   156  	return l.notifyReadOnly()
   157  }
   158  
   159  func (l *LDAPStorageHandler) Decrement(keyName string) {
   160  	l.notifyReadOnly()
   161  }
   162  
   163  func (l *LDAPStorageHandler) IncrememntWithExpire(keyName string, timeout int64) int64 {
   164  	l.notifyReadOnly()
   165  	return 999
   166  }
   167  
   168  func (l *LDAPStorageHandler) notifyReadOnly() bool {
   169  	log.Warning("LDAP storage is READ ONLY")
   170  	return false
   171  }
   172  
   173  func (l *LDAPStorageHandler) SetRollingWindow(keyName string, per int64, val string, pipeline bool) (int, []interface{}) {
   174  	log.Warning("Not Implemented!")
   175  	return 0, nil
   176  }
   177  
   178  func (l *LDAPStorageHandler) GetRollingWindow(keyName string, per int64, pipeline bool) (int, []interface{}) {
   179  	log.Warning("Not Implemented!")
   180  	return 0, nil
   181  }
   182  
   183  func (l LDAPStorageHandler) GetSet(keyName string) (map[string]string, error) {
   184  	log.Error("Not implemented")
   185  	return nil, nil
   186  }
   187  
   188  func (l LDAPStorageHandler) AddToSet(keyName, value string) {
   189  	log.Error("Not implemented")
   190  }
   191  
   192  func (l LDAPStorageHandler) AppendToSet(keyName, value string) {
   193  	log.Error("Not implemented")
   194  }
   195  
   196  func (r *LDAPStorageHandler) AppendToSetPipelined(key string, values []string) {
   197  	log.Error("Not implemented")
   198  }
   199  
   200  func (l LDAPStorageHandler) RemoveFromSet(keyName, value string) {
   201  	log.Error("Not implemented")
   202  }
   203  
   204  func (l LDAPStorageHandler) GetAndDeleteSet(keyName string) []interface{} {
   205  	log.Error("Not implemented")
   206  	return nil
   207  }
   208  
   209  func (l LDAPStorageHandler) DeleteScanMatch(pattern string) bool {
   210  	log.Error("Not implemented")
   211  	return false
   212  }
   213  
   214  func (l LDAPStorageHandler) GetKeyPrefix() string {
   215  	log.Error("Not implemented")
   216  	return ""
   217  }
   218  
   219  func (l LDAPStorageHandler) AddToSortedSet(keyName, value string, score float64) {
   220  	log.Error("Not implemented")
   221  }
   222  
   223  func (l LDAPStorageHandler) GetSortedSetRange(keyName, scoreFrom, scoreTo string) ([]string, []float64, error) {
   224  	log.Error("Not implemented")
   225  	return nil, nil, nil
   226  }
   227  
   228  func (l LDAPStorageHandler) RemoveSortedSetRange(keyName, scoreFrom, scoreTo string) error {
   229  	log.Error("Not implemented")
   230  	return nil
   231  }
   232  
   233  func (l LDAPStorageHandler) RemoveFromList(keyName, value string) error {
   234  	log.Error("Not implemented")
   235  	return nil
   236  }
   237  
   238  func (l *LDAPStorageHandler) GetListRange(keyName string, from, to int64) ([]string, error) {
   239  	log.Error("Not implemented")
   240  	return nil, nil
   241  }
   242  
   243  func (l LDAPStorageHandler) Exists(keyName string) (bool, error) {
   244  	log.Error("Not implemented")
   245  	return false, nil
   246  }