yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

chore(sso): adjust the schema of the SSO LDAP backend

This commit is contained in:
firest 2023-09-22 11:58:27 +08:00
parent 9e55ae240a
commit 7286d15ca6
2 changed files with 19 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
apps/emqx_dashboard_sso/src/emqx_dashboard_sso_ldap.erl
View File

@ -106,23 +106,19 @@ ensure_bind_password(Config) ->
Config#{bind_password => <<"${password}">>}.
adjust_ldap_fields(Fields) ->
adjust_ldap_fields(Fields, []).
lists:map(fun adjust_ldap_field/1, Fields).
adjust_ldap_fields([{filter, Meta} | T], Acc) ->
adjust_ldap_fields(
T,
[
{filter, Meta#{
default => <<"(objectClass=user)">>,
example => <<"(objectClass=user)">>
}}
| Acc
]
);
adjust_ldap_fields([Any | T], Acc) ->
adjust_ldap_fields(T, [Any | Acc]);
adjust_ldap_fields([], Acc) ->
lists:reverse(Acc).
adjust_ldap_field({base_dn, Meta}) ->
{base_dn, maps:remove(example, Meta)};
adjust_ldap_field({filter, Meta}) ->
Default = <<"(& (objectClass=person) (uid=${username}))">>,
{filter, Meta#{
desc => ?DESC(filter),
default => Default,
example => Default
}};
adjust_ldap_field(Any) ->
Any.
login(
#{<<"username">> := Username} = Req,

7
rel/i18n/emqx_dashboard_sso_ldap.hocon
View File

@ -8,4 +8,11 @@ query_timeout.desc:
query_timeout.label:
"""Query Timeout"""
filter.desc:
"""The filter for matching users in LDAP is by default `(&(objectClass=person)(uid=${username}))`. For Active Directory, it should be set to `(&(objectClass=user)(sAMAccountName=${username}))` by default. Please refer to [LDAP Filters](https://ldap.com/ldap-filters/) for more details."""
filter.label:
"""Filter"""
}