...

Source file src/github.com/go-ldap/ldap/v3/whoami.go

Documentation: github.com/go-ldap/ldap/v3 

     1  package ldap
     2  
     3  // This file contains the "Who Am I?" extended operation as specified in rfc 4532
     4  //
     5  // https://tools.ietf.org/html/rfc4532
     6  
     7  import (
     8  	"errors"
     9  	"fmt"
    10  
    11  	ber "github.com/go-asn1-ber/asn1-ber"
    12  )
    13  
    14  type whoAmIRequest bool
    15  
    16  // WhoAmIResult is returned by the WhoAmI() call
    17  type WhoAmIResult struct {
    18  	AuthzID string
    19  }
    20  
    21  func (r whoAmIRequest) encode() (*ber.Packet, error) {
    22  	request := ber.Encode(ber.ClassApplication, ber.TypeConstructed, ApplicationExtendedRequest, nil, "Who Am I? Extended Operation")
    23  	request.AppendChild(ber.NewString(ber.ClassContext, ber.TypePrimitive, 0, ControlTypeWhoAmI, "Extended Request Name: Who Am I? OID"))
    24  	return request, nil
    25  }
    26  
    27  // WhoAmI returns the authzId the server thinks we are, you may pass controls
    28  // like a Proxied Authorization control
    29  func (l *Conn) WhoAmI(controls []Control) (*WhoAmIResult, error) {
    30  	packet := ber.Encode(ber.ClassUniversal, ber.TypeConstructed, ber.TagSequence, nil, "LDAP Request")
    31  	packet.AppendChild(ber.NewInteger(ber.ClassUniversal, ber.TypePrimitive, ber.TagInteger, l.nextMessageID(), "MessageID"))
    32  	req := whoAmIRequest(true)
    33  	encodedWhoAmIRequest, err := req.encode()
    34  	if err != nil {
    35  		return nil, err
    36  	}
    37  	packet.AppendChild(encodedWhoAmIRequest)
    38  
    39  	if len(controls) != 0 {
    40  		packet.AppendChild(encodeControls(controls))
    41  	}
    42  
    43  	l.Debug.PrintPacket(packet)
    44  
    45  	msgCtx, err := l.sendMessage(packet)
    46  	if err != nil {
    47  		return nil, err
    48  	}
    49  	defer l.finishMessage(msgCtx)
    50  
    51  	result := &WhoAmIResult{}
    52  
    53  	l.Debug.Printf("%d: waiting for response", msgCtx.id)
    54  	packetResponse, ok := <-msgCtx.responses
    55  	if !ok {
    56  		return nil, NewError(ErrorNetwork, errors.New("ldap: response channel closed"))
    57  	}
    58  	packet, err = packetResponse.ReadPacket()
    59  	l.Debug.Printf("%d: got response %p", msgCtx.id, packet)
    60  	if err != nil {
    61  		return nil, err
    62  	}
    63  
    64  	if packet == nil {
    65  		return nil, NewError(ErrorNetwork, errors.New("ldap: could not retrieve message"))
    66  	}
    67  
    68  	if l.Debug {
    69  		if err := addLDAPDescriptions(packet); err != nil {
    70  			return nil, err
    71  		}
    72  		ber.PrintPacket(packet)
    73  	}
    74  
    75  	if packet.Children[1].Tag == ApplicationExtendedResponse {
    76  		if err := GetLDAPError(packet); err != nil {
    77  			return nil, err
    78  		}
    79  	} else {
    80  		return nil, NewError(ErrorUnexpectedResponse, fmt.Errorf("Unexpected Response: %d", packet.Children[1].Tag))
    81  	}
    82  
    83  	extendedResponse := packet.Children[1]
    84  	for _, child := range extendedResponse.Children {
    85  		if child.Tag == 11 {
    86  			result.AuthzID = ber.DecodeString(child.Data.Bytes())
    87  		}
    88  	}
    89  
    90  	return result, nil
    91  }
    92  

View as plain text