ferry/pkg/ldap/search.go

59 lines
1.3 KiB
Go
Raw Normal View History

package ldap
import (
"errors"
"ferry/pkg/logger"
"fmt"
"github.com/go-ldap/ldap/v3"
"github.com/spf13/viper"
)
/*
@Author : lanyulei
*/
func searchRequest(username string) (userInfo *ldap.Entry, err error) {
var cur *ldap.SearchResult
// 用来获取查询权限的用户。如果 ldap 禁止了匿名查询,那我们就需要先用这个帐户 bind 以下才能开始查询
if !viper.GetBool("settings.ldap.anonymousQuery") {
err = conn.Bind(
fmt.Sprintf("cn=%v,%v",
viper.GetString("settings.ldap.bindUser"),
viper.GetString("settings.ldap.baseDn")),
viper.GetString("settings.ldap.bindPwd"))
if err != nil {
logger.Error("用户或密码错误。", err)
return
}
}
sql := ldap.NewSearchRequest(
viper.GetString("settings.ldap.baseDn"),
ldap.ScopeWholeSubtree,
ldap.DerefAlways,
0,
0,
false,
fmt.Sprintf("(cn=%s)", username),
[]string{"dn", "sAMAccountName", "displayName", "mail", "mobile", "employeeID", "givenName"},
nil)
if cur, err = conn.Search(sql); err != nil {
err = errors.New(fmt.Sprintf("在Ldap搜索用户失败, %v", err))
logger.Error(err)
return
}
if len(cur.Entries) == 0 {
err = errors.New("未查询到对应的用户信息。")
logger.Error(err)
return
}
userInfo = cur.Entries[0]
return
}