Created
February 8, 2022 15:06
-
-
Save mhf-ir/bf583a45fe4cccd2b644e15b7458aae5 to your computer and use it in GitHub Desktop.
ldap cli test
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "crypto/tls" | |
| "errors" | |
| "fmt" | |
| "log" | |
| "os" | |
| "strings" | |
| "github.com/go-ldap/ldap/v3" | |
| cli "github.com/urfave/cli/v2" | |
| ) | |
| func runTest(c *cli.Context) error { | |
| server := c.String("l") | |
| l, err := ldap.DialURL(server, ldap.DialWithTLSConfig(&tls.Config{InsecureSkipVerify: true})) | |
| if err != nil { | |
| log.Println(":> DialURL") | |
| log.Fatal(err) | |
| return err | |
| } | |
| defer l.Close() | |
| readOnlyUser := c.String("rou") | |
| readOnlyPassword := c.String("rop") | |
| err = l.Bind(readOnlyUser, c.String("rop")) | |
| if err != nil { | |
| log.Println(":> readOnlyUser Bind") | |
| log.Fatal(err) | |
| return err | |
| } | |
| username := c.String("u") | |
| password := c.String("p") | |
| baseDN := c.String("basedn") | |
| filter := c.String("filter") | |
| attributes := strings.Split(c.String("attributes"), ",") | |
| filter = strings.ReplaceAll(filter, "_USERNAME_", ldap.EscapeFilter(username)) | |
| fmt.Println("======") | |
| fmt.Printf("ldap server:\t%s\n", server) | |
| fmt.Printf("read only user:\t%s\n", readOnlyUser) | |
| fmt.Printf("read only password:\t%s\n", readOnlyPassword) | |
| fmt.Printf("base dn:\t%s\n", baseDN) | |
| fmt.Printf("filter:\t%s\n", filter) | |
| fmt.Printf("attributes:\t%s\n", strings.Join(attributes, ",")) | |
| fmt.Println("======") | |
| // Search for the given username | |
| searchRequest := ldap.NewSearchRequest( | |
| baseDN, | |
| ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, | |
| filter, | |
| attributes, | |
| nil, | |
| ) | |
| sr, err := l.Search(searchRequest) | |
| if err != nil { | |
| log.Println(":> Search") | |
| log.Fatal(err) | |
| return err | |
| } | |
| if len(sr.Entries) != 1 { | |
| log.Println(":> Entries") | |
| err := errors.New("user does not exist or too many entries returned") | |
| log.Fatal(err) | |
| return err | |
| } | |
| err = l.Bind(username, password) | |
| if err != nil { | |
| log.Println(":> Bind username") | |
| log.Fatal(err) | |
| return err | |
| } | |
| fmt.Println("Loggin successfully :D") | |
| return nil | |
| } | |
| func main() { | |
| app := cli.NewApp() | |
| app.Usage = "ldap-test" | |
| app.EnableBashCompletion = true | |
| app.Commands = []*cli.Command{ | |
| { | |
| Name: "test", | |
| Usage: "Run test", | |
| Action: runTest, | |
| Flags: []cli.Flag{ | |
| &cli.StringFlag{ | |
| Name: "l", | |
| Usage: "LDAP Server URL", | |
| Required: true, | |
| }, | |
| &cli.StringFlag{ | |
| Name: "rou", | |
| Usage: "Readonly username", | |
| Required: true, | |
| }, | |
| &cli.StringFlag{ | |
| Name: "rop", | |
| Usage: "Readonly password", | |
| Required: true, | |
| }, | |
| &cli.StringFlag{ | |
| Name: "u", | |
| Usage: "Username", | |
| Required: true, | |
| }, | |
| &cli.StringFlag{ | |
| Name: "p", | |
| Usage: "Password", | |
| Required: true, | |
| }, | |
| &cli.StringFlag{ | |
| Name: "basedn", | |
| Usage: "LDAP base DN", | |
| Required: true, | |
| }, | |
| &cli.StringFlag{ | |
| Name: "filter", | |
| Usage: "LDAP base DN", | |
| Value: "(&(objectClass=inetOrgPerson)(uid=_USERNAME_))", | |
| }, | |
| &cli.StringFlag{ | |
| Name: "attributes", | |
| Usage: "Attributes (comma separated)", | |
| Value: "dn", | |
| }, | |
| }, | |
| }, | |
| } | |
| err := app.Run(os.Args) | |
| if err != nil { | |
| log.Fatal(err) | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment