3 ldapauthn - Webhook OpenLdap server for k8s written in go

github.com godoc.org goreportcard.com posted by hankmartinez 1652 days ago   

LdapAuthn


Description


LdapAuthn is a simple go web server that integrates with your OpenLDAP instance to handle k8s webook `TokenReview` requests



Specifications
LdapAuthn can run as binary or in a docker container and exposes on the port `8082` the following endpoints (more details on https://github.com/almartino/ldapauthn):

  • / (webhook endpoint)
    • 

  • /health (health endpoint)
    • 

Details for Webhook endpoint


When a `TokenReview` hits the webhook endpoint by default the following error responses can occurs (details of status codes on https://github.com/almartino/ldapauthn):


  • 400 | BadRequest 
  • 401 | Unauthorized  
  • 403 | Forbidden
  • 405 | MethodNotAllowed
  • 406 | NotAcceptable
  • 500 | InternalServerError
    • 

Env
LdapAuthn is docker ready. I choosed to configure the application via env variables.
See https://github.com/almartino/ldapauthn for the complete list of env variables.
Init


Direct
```bash

 LDAP_URL='ldap://LDAP_HOST:389' \

 LDAP_ADMIN_DN='cn=admin,dc=example,dc=org' \

 LDAP_ADMIN_PASSWORD='PASSWORD' LDAP_BASE_DN='dc=example,dc=org' \

 LDAP_USER_PREFIX='ou=people,ou=users' \

 LDAP_UID_ATTR='uid' authn

```



Docker


```bash

docker run -e LDAP_URL='ldap://LDAP_HOST:389' \

           -e LDAP_ADMIN_DN='cn=admin,dc=example,dc=org' \

           -e LDAP_ADMIN_PASSWORD='PASSWORD' LDAP_BASE_DN='dc=example,dc=org' \

           -e LDAP_USER_PREFIX='ou=people,ou=users' \

           -e LDAP_UID_ATTR='uid' almartino/ldapauthn:latest

```
Helm

Coming soon ...
Register to comment or vote on this story