feat: Casdoor's LDAP client supports LDAP server's self-signed certificates now (#3709)

object/ldap.go

@@ -23,17 +23,18 @@ type Ldap struct {
 	Owner       string `xorm:"varchar(100)" json:"owner"`
 	CreatedTime string `xorm:"varchar(100)" json:"createdTime"`
 
-	ServerName   string   `xorm:"varchar(100)" json:"serverName"`
-	Host         string   `xorm:"varchar(100)" json:"host"`
-	Port         int      `xorm:"int" json:"port"`
-	EnableSsl    bool     `xorm:"bool" json:"enableSsl"`
-	Username     string   `xorm:"varchar(100)" json:"username"`
-	Password     string   `xorm:"varchar(100)" json:"password"`
-	BaseDn       string   `xorm:"varchar(100)" json:"baseDn"`
-	Filter       string   `xorm:"varchar(200)" json:"filter"`
-	FilterFields []string `xorm:"varchar(100)" json:"filterFields"`
-	DefaultGroup string   `xorm:"varchar(100)" json:"defaultGroup"`
-	PasswordType string   `xorm:"varchar(100)" json:"passwordType"`
+	ServerName          string   `xorm:"varchar(100)" json:"serverName"`
+	Host                string   `xorm:"varchar(100)" json:"host"`
+	Port                int      `xorm:"int" json:"port"`
+	EnableSsl           bool     `xorm:"bool" json:"enableSsl"`
+	AllowSelfSignedCert bool     `xorm:"bool" json:"allowSelfSignedCert"`
+	Username            string   `xorm:"varchar(100)" json:"username"`
+	Password            string   `xorm:"varchar(100)" json:"password"`
+	BaseDn              string   `xorm:"varchar(100)" json:"baseDn"`
+	Filter              string   `xorm:"varchar(200)" json:"filter"`
+	FilterFields        []string `xorm:"varchar(100)" json:"filterFields"`
+	DefaultGroup        string   `xorm:"varchar(100)" json:"defaultGroup"`
+	PasswordType        string   `xorm:"varchar(100)" json:"passwordType"`
 
 	AutoSync int    `json:"autoSync"`
 	LastSync string `xorm:"varchar(100)" json:"lastSync"`
@@ -150,7 +151,7 @@ func UpdateLdap(ldap *Ldap) (bool, error) {
 	}
 
 	affected, err := ormer.Engine.ID(ldap.Id).Cols("owner", "server_name", "host",
-		"port", "enable_ssl", "username", "password", "base_dn", "filter", "filter_fields", "auto_sync", "default_group", "password_type").Update(ldap)
+		"port", "enable_ssl", "username", "password", "base_dn", "filter", "filter_fields", "auto_sync", "default_group", "password_type", "allow_self_signed_cert").Update(ldap)
 	if err != nil {
 		return false, nil
 	}

object/ldap_conn.go

@@ -16,6 +16,7 @@ package object
 
 import (
 	"crypto/md5"
+	"crypto/tls"
 	"encoding/base64"
 	"errors"
 	"fmt"
@@ -64,8 +65,11 @@ type LdapUser struct {
 
 func (ldap *Ldap) GetLdapConn() (c *LdapConn, err error) {
 	var conn *goldap.Conn
+	tlsConfig := tls.Config{
+		InsecureSkipVerify: ldap.AllowSelfSignedCert,
+	}
 	if ldap.EnableSsl {
-		conn, err = goldap.DialTLS("tcp", fmt.Sprintf("%s:%d", ldap.Host, ldap.Port), nil)
+		conn, err = goldap.DialTLS("tcp", fmt.Sprintf("%s:%d", ldap.Host, ldap.Port), &tlsConfig)
 	} else {
 		conn, err = goldap.Dial("tcp", fmt.Sprintf("%s:%d", ldap.Host, ldap.Port))
 	}

web/src/LdapEditPage.js

@@ -170,6 +170,16 @@ class LdapEditPage extends React.Component {
             }} />
           </Col>
         </Row>
+        <Row style={{marginTop: "20px"}} >
+          <Col style={{lineHeight: "32px", textAlign: "right", paddingRight: "25px"}} span={3}>
+            {Setting.getLabel(i18next.t("ldap:Allow self-signed certificate"), i18next.t("ldap:Allow self-signed certificate - Tooltip"))} :
+          </Col>
+          <Col span={21} >
+            <Switch checked={this.state.ldap.allowSelfSignedCert} onChange={checked => {
+              this.updateLdapField("allowSelfSignedCert", checked);
+            }} />
+          </Col>
+        </Row>
         <Row style={{marginTop: "20px"}}>
           <Col style={{lineHeight: "32px", textAlign: "right", paddingRight: "25px"}} span={3}>
             {Setting.getLabel(i18next.t("ldap:Base DN"), i18next.t("ldap:Base DN - Tooltip"))} :