gered/nginx-ldap-auth
Archived
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

apply ldap filtering rules to values being substituted into ldap filters

Browse source
This commit is contained in:
Gered 2019-06-28 11:40:10 -04:00
parent 7bf37b35a5
commit c738c86fd1
2 changed files with 8 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
group/service.go
View file

@ -4,6 +4,8 @@ import (
"strings" "strings"
"github.com/tiagoapimenta/nginx-ldap-auth/ldap" "github.com/tiagoapimenta/nginx-ldap-auth/ldap"
gldap "gopkg.in/ldap.v2"
) )
type Service struct { type Service struct {
@ -23,6 +25,8 @@ func NewService(pool *ldap.Pool, base, filter, attr string) *Service {
} }
func (p *Service) Find(id string) ([]string, error) { func (p *Service) Find(id string) ([]string, error) {
id = gldap.EscapeFilter(id)
ok, _, groups, err := p.pool.Search( ok, _, groups, err := p.pool.Search(
p.base, p.base,
strings.Replace(p.filter, "{0}", id, -1), strings.Replace(p.filter, "{0}", id, -1),

4
user/service.go
View file

@ -4,6 +4,8 @@ import (
"strings" "strings"
"github.com/tiagoapimenta/nginx-ldap-auth/ldap" "github.com/tiagoapimenta/nginx-ldap-auth/ldap"
gldap "gopkg.in/ldap.v2"
) )
type Service struct { type Service struct {
@ -21,6 +23,8 @@ func NewService(pool *ldap.Pool, base, filter string) *Service {
} }
func (p *Service) Find(username string) (bool, string, error) { func (p *Service) Find(username string) (bool, string, error) {
username = gldap.EscapeFilter(username)
ok, id, _, err := p.pool.Search( ok, id, _, err := p.pool.Search(
p.base, p.base,
strings.Replace(p.filter, "{0}", username, -1), strings.Replace(p.filter, "{0}", username, -1),