use of com.unboundid.ldap.sdk.Attribute in project gitblit by gitblit.
the class LdapAuthProvider method getTeamsFromLdap.
private void getTeamsFromLdap(LdapConnection ldapConnection, String simpleUsername, SearchResultEntry loggingInUser, UserModel user) {
String loggingInUserDN = loggingInUser.getDN();
// Clear the users team memberships - we're going to get them from LDAP
user.teams.clear();
String groupBase = settings.getString(Keys.realm.ldap.groupBase, "");
String groupMemberPattern = settings.getString(Keys.realm.ldap.groupMemberPattern, "(&(objectClass=group)(member=${dn}))");
groupMemberPattern = StringUtils.replace(groupMemberPattern, "${dn}", LdapConnection.escapeLDAPSearchFilter(loggingInUserDN));
groupMemberPattern = StringUtils.replace(groupMemberPattern, "${username}", LdapConnection.escapeLDAPSearchFilter(simpleUsername));
// Fill in attributes into groupMemberPattern
for (Attribute userAttribute : loggingInUser.getAttributes()) {
groupMemberPattern = StringUtils.replace(groupMemberPattern, "${" + userAttribute.getName() + "}", LdapConnection.escapeLDAPSearchFilter(userAttribute.getValue()));
}
SearchResult teamMembershipResult = searchTeamsInLdap(ldapConnection, groupBase, true, groupMemberPattern, Arrays.asList("cn"));
if (teamMembershipResult != null && teamMembershipResult.getEntryCount() > 0) {
for (int i = 0; i < teamMembershipResult.getEntryCount(); i++) {
SearchResultEntry teamEntry = teamMembershipResult.getSearchEntries().get(i);
String teamName = teamEntry.getAttribute("cn").getValue();
TeamModel teamModel = userManager.getTeamModel(teamName);
if (teamModel == null) {
teamModel = createTeamFromLdap(teamEntry);
}
user.teams.add(teamModel);
teamModel.addUser(user.getName());
}
}
}
use of com.unboundid.ldap.sdk.Attribute in project gitblit by gitblit.
the class LdapAuthProvider method setUserAttributes.
private void setUserAttributes(UserModel user, SearchResultEntry userEntry) {
// Is this user an admin?
setAdminAttribute(user);
// Don't want visibility into the real password, make up a dummy
user.password = Constants.EXTERNAL_ACCOUNT;
user.accountType = getAccountType();
// Get full name Attribute
String displayName = settings.getString(Keys.realm.ldap.displayName, "");
if (!StringUtils.isEmpty(displayName)) {
// Replace embedded ${} with attributes
if (displayName.contains("${")) {
for (Attribute userAttribute : userEntry.getAttributes()) {
displayName = StringUtils.replace(displayName, "${" + userAttribute.getName() + "}", userAttribute.getValue());
}
user.displayName = displayName;
} else {
Attribute attribute = userEntry.getAttribute(displayName);
if (attribute != null && attribute.hasValue()) {
user.displayName = attribute.getValue();
}
}
}
// Get email address Attribute
String email = settings.getString(Keys.realm.ldap.email, "");
if (!StringUtils.isEmpty(email)) {
if (email.contains("${")) {
for (Attribute userAttribute : userEntry.getAttributes()) {
email = StringUtils.replace(email, "${" + userAttribute.getName() + "}", userAttribute.getValue());
}
user.emailAddress = email;
} else {
Attribute attribute = userEntry.getAttribute(email);
if (attribute != null && attribute.hasValue()) {
user.emailAddress = attribute.getValue();
} else {
// issue-456/ticket-134
// allow LDAP to delete an email address
user.emailAddress = null;
}
}
}
}
use of com.unboundid.ldap.sdk.Attribute in project keywhiz by square.
the class LdapAuthenticatorTest method setup.
@Before
public void setup() throws Exception {
LdapLookupConfig config = new LdapLookupConfig("ou=users,dc=example,dc=com", "uid", ImmutableSet.of("admin"), "ou=roles,dc=example,dc=com");
ldapAuthenticator = new LdapAuthenticator(ldapConnectionFactory, config);
List<SearchResultEntry> dnResults = Arrays.asList(new SearchResultEntry(PEOPLE_DN, new Attribute[] {}));
List<SearchResultEntry> roleResults = Arrays.asList(new SearchResultEntry("cn=admin,ou=roles", new Attribute[] {}));
when(ldapConnectionFactory.getLDAPConnection()).thenReturn(ldapConnection);
doAnswer(invocation -> dnSearchResult).when(ldapConnection).search(argThat(searchRequest -> Optional.ofNullable(searchRequest).map(SearchRequest::getBaseDN).map(o -> o.equals("ou=users,dc=example,dc=com")).orElse(false)));
// when(ldapConnection.search(argThat(new IsDnSearch()))).thenReturn(dnSearchResult);
when(dnSearchResult.getEntryCount()).thenReturn(1);
when(dnSearchResult.getSearchEntries()).thenReturn(dnResults);
doAnswer(invocation -> roleSearchResult).when(ldapConnection).search(argThat(searchRequest -> Optional.ofNullable(searchRequest).map(SearchRequest::getBaseDN).map(o -> o.equals("ou=roles,dc=example,dc=com")).orElse(false)));
// when(ldapConnection.search(argThat(new IsRoleSearch()))).thenReturn(roleSearchResult);
when(roleSearchResult.getEntryCount()).thenReturn(1);
when(roleSearchResult.getSearchEntries()).thenReturn(roleResults);
}
Aggregations