From f6a502f7ff835dcc703b772604c9470d16bd58cd Mon Sep 17 00:00:00 2001 From: Shenyz Date: Thu, 2 Feb 2023 15:33:44 +0800 Subject: [PATCH] feat: add user password in ldap server search result (#1513) * fix: ldap server search return inconsistent cn attribute * feat: add user password in ldap server search result --- controllers/ldapserver.go | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/controllers/ldapserver.go b/controllers/ldapserver.go index 939c8fa4..daeb0295 100644 --- a/controllers/ldapserver.go +++ b/controllers/ldapserver.go @@ -105,14 +105,34 @@ func handleSearch(w ldapserver.ResponseWriter, m *ldapserver.Message) { } for i := 0; i < len(users); i++ { user := users[i] - dn := fmt.Sprintf("cn=%s,%s", user.DisplayName, string(r.BaseObject())) + dn := fmt.Sprintf("cn=%s,%s", user.Name, string(r.BaseObject())) e := ldapserver.NewSearchResultEntry(dn) e.AddAttribute("cn", message.AttributeValue(user.Name)) e.AddAttribute("uid", message.AttributeValue(user.Name)) e.AddAttribute("email", message.AttributeValue(user.Email)) e.AddAttribute("mobile", message.AttributeValue(user.Phone)) + e.AddAttribute("userPassword", message.AttributeValue(getUserPasswordWithType(user))) // e.AddAttribute("postalAddress", message.AttributeValue(user.Address[0])) w.Write(e) } w.Write(res) } + +// get user password with hash type prefix +// TODO not handle salt yet +// @return {md5}5f4dcc3b5aa765d61d8327deb882cf99 +func getUserPasswordWithType(user *object.User) string { + org := object.GetOrganizationByUser(user) + if org.PasswordType == "" || org.PasswordType == "plain" { + return user.Password + } + prefix := org.PasswordType + if prefix == "salt" { + prefix = "sha256" + } else if prefix == "md5-salt" { + prefix = "md5" + } else if prefix == "pbkdf2-salt" { + prefix = "pbkdf2" + } + return fmt.Sprintf("{%s}%s", prefix, user.Password) +}