vividboarder/bitwarden_rs_ldap
1
0
Fork 0
mirror of https://github.com/ViViDboarder/bitwarden_rs_ldap.git synced 2024-11-21 18:56:27 +00:00
Code Issues Releases Wiki Activity

created anonymous binding database + test

Browse Source
This commit is contained in:
Shaun See Tow 2024-11-21 15:17:57 +08:00
parent d76e9e731e
commit 65b8c6fd10
6 changed files with 32 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
Makefile
View File

@ -60,24 +60,24 @@ itest: itest-up itest-run itest-stop
.PHONY: itest-up-anon .PHONY: itest-up-anon
itest-up-anon: itest-up-anon:
docker compose -f docker-compose.yml \ docker compose -f docker-compose.yml \
-f itest/docker-compose.itest.yml \ -f itest/docker-compose.itest-anon.yml \
build build
docker compose -f docker-compose.yml \ docker compose -f docker-compose.yml \
-f itest/docker-compose.itest.yml \ -f itest/docker-compose.itest-anon.yml \
up -d vaultwarden ldap up -d vaultwarden ldap
.PHONY: itest-run-anon .PHONY: itest-run-anon
itest-run-anon: itest-run-anon:
docker compose -f docker-compose.yml \ docker compose -f docker-compose.yml \
-f itest/docker-compose.itest.yml \ -f itest/docker-compose.itest-anon.yml \
run ldap_sync run --rm ldap_sync
.PHONY: itest-stop-anon .PHONY: itest-stop-anon
itest-stop-anon: itest-stop-anon:
docker compose stop docker compose stop
.PHONY: itest-anon .PHONY: itest-anon
itest: itest-up-anon itest-run-anon itest-stop-anon itest-anon: itest-up-anon itest-run-anon itest-stop-anon
# Run bootstrapped integration test using env for config # Run bootstrapped integration test using env for config
.PHONY: itest-env .PHONY: itest-env

8
itest/config-anon.toml Normal file
View File

@ -0,0 +1,8 @@
vaultwarden_url = "http://vaultwarden:80"
vaultwarden_admin_token = "admin"
ldap_host = "ldap"
# ldap_bind_dn = "cn=readonly,dc=example,dc=org"
# ldap_bind_password = "readonly"
ldap_search_base_dn = "dc=example,dc=org"
ldap_search_filter = "(&(objectClass=*)(uid=*))"
ldap_sync_loop = false

3
itest/docker-compose.itest-anon-env.yml
View File

@ -17,4 +17,5 @@ services:
ldap: ldap:
command: ["--copy-service"] command: ["--copy-service"]
volumes: volumes:
- ./itest/50-seed-user.ldif:/container/service/slapd/assets/config/bootstrap/ldif/custom/50-seed-user.ldif - ./itest/ldif:/container/service/slapd/assets/config/bootstrap/ldif/custom
- ./itest/schema/anon.ldif:/container/service/slapd/assets/config/bootstrap/ldif/custom/anon.ldif

3
itest/docker-compose.itest-anon.yml
View File

@ -9,4 +9,5 @@ services:
ldap: ldap:
command: ["--copy-service"] command: ["--copy-service"]
volumes: volumes:
- ./itest/50-seed-user.ldif:/container/service/slapd/assets/config/bootstrap/ldif/custom/50-seed-user.ldif - ./itest/ldif:/container/service/slapd/assets/config/bootstrap/ldif/custom
- ./itest/schema/anon.ldif:/container/service/slapd/assets/config/bootstrap/ldif/custom/anon.ldif

0
itest/ldif/anon.ldif Normal file
View File

15
itest/schema/anon.ldif Normal file
View File

@ -0,0 +1,15 @@
dn: olcDatabase={1}mdb,cn=config
changetype: modify
replace: olcAccess
olcAccess: to *
by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage
by * break
olcAccess: to attrs=userPassword,shadowLastChange
by self write
by dn="cn=admin,dc=example,dc=org" write
by anonymous auth
by * none
olcAccess: to *
by anonymous read
by dn="cn=admin,dc=example,dc=org" write
by * none