-
Notifications
You must be signed in to change notification settings - Fork 17
/
Copy pathoptions.go
154 lines (137 loc) · 3.65 KB
/
options.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0
package ldap
// Option defines a common functional options type which can be used in a
// variadic parameter pattern.
type Option func(interface{})
type configOptions struct {
withURLs []string
withInsecureTLS bool
withTLSMinVersion string
withTLSMaxVersion string
withCertificates []string
withClientTLSCert string
withClientTLSKey string
withGroups bool
withUserAttributes bool
withLowerUserAttributeKeys bool
withEmptyAnonymousGroupSearch bool
}
func configDefaults() configOptions {
return configOptions{}
}
// getConfigOpts gets the defaults and applies the opt overrides passed
// in.
func getConfigOpts(opt ...Option) configOptions {
opts := configDefaults()
ApplyOpts(&opts, opt...)
return opts
}
// ApplyOpts takes a pointer to the options struct as a set of default options
// and applies the slice of opts as overrides.
func ApplyOpts(opts interface{}, opt ...Option) {
for _, o := range opt {
if o == nil { // ignore any nil Options
continue
}
o(opts)
}
}
// WithURLs provides a set of optional ldap URLs for directory services
func WithURLs(urls ...string) Option {
return func(o interface{}) {
switch v := o.(type) {
case *configOptions:
v.withURLs = urls
}
}
}
// WithGroups requests that the groups be included in the response.
func WithGroups() Option {
return func(o interface{}) {
switch v := o.(type) {
case *configOptions:
v.withGroups = true
}
}
}
// WithUserAttributes requests that authenticating user's DN and attributes be
// included in the response. Note: the default password attribute for both
// openLDAP (userPassword) and AD (unicodePwd) will always be excluded. To
// exclude additional attributes see: Config.ExcludedUserAttributes.
func WithUserAttributes() Option {
return func(o interface{}) {
switch v := o.(type) {
case *configOptions:
v.withUserAttributes = true
}
}
}
// WithLowerUserAttributeKeys returns a User Attribute map where the keys
// are all cast to lower case. This is necessary for some clients, such as Vault,
// where user configured user attribute key names have always been stored lower case.
func WithLowerUserAttributeKeys() Option {
return func(o interface{}) {
switch v := o.(type) {
case *configOptions:
v.withLowerUserAttributeKeys = true
}
}
}
// WithEmptyAnonymousGroupSearch removes userDN from anonymous group searches.
func WithEmptyAnonymousGroupSearch() Option {
return func(o interface{}) {
switch v := o.(type) {
case *configOptions:
v.withEmptyAnonymousGroupSearch = true
}
}
}
func withTLSMinVersion(version string) Option {
return func(o interface{}) {
switch v := o.(type) {
case *configOptions:
v.withTLSMinVersion = version
}
}
}
func withTLSMaxVersion(version string) Option {
return func(o interface{}) {
switch v := o.(type) {
case *configOptions:
v.withTLSMaxVersion = version
}
}
}
func withInsecureTLS(withInsecure bool) Option {
return func(o interface{}) {
switch v := o.(type) {
case *configOptions:
v.withInsecureTLS = withInsecure
}
}
}
func withCertificates(cert ...string) Option {
return func(o interface{}) {
switch v := o.(type) {
case *configOptions:
v.withCertificates = cert
}
}
}
func withClientTLSKey(key string) Option {
return func(o interface{}) {
switch v := o.(type) {
case *configOptions:
v.withClientTLSKey = key
}
}
}
func withClientTLSCert(cert string) Option {
return func(o interface{}) {
switch v := o.(type) {
case *configOptions:
v.withClientTLSCert = cert
}
}
}