Added LDAP authentication support. Fixes #2186

2025-02-25 18:55:31 -06:00 · 2020-04-06 15:57:05 +05:30
parent 8ceeb39268
commit f77aa3284f
26 changed files with 1243 additions and 165 deletions
--- a/web/regression/python_test_utils/csrf_test_client.py
+++ b/web/regression/python_test_utils/csrf_test_client.py
@@ -109,7 +109,7 @@ class TestClient(testing.FlaskClient):
            csrf_token = self.generate_csrf_token()

        res = self.post(
-            '/login', data=dict(
+            '/authenticate/login', data=dict(
                email=email, password=password,
                csrf_token=csrf_token,
            ),
@@ -120,5 +120,5 @@ class TestClient(testing.FlaskClient):
        return res

    def logout(self):
-        res = self.get('/logout', follow_redirects=False)
+        res = self.get('/logout?next=/browser/', follow_redirects=False)
        self.csrf_token = None
--- a/web/regression/runtests.py
+++ b/web/regression/runtests.py
@@ -118,6 +118,11 @@ app.PGADMIN_RUNTIME = True
 if config.SERVER_MODE is True:
    app.PGADMIN_RUNTIME = False
 app.config['WTF_CSRF_ENABLED'] = True
+
+# Authentication sources
+app.PGADMIN_DEFAULT_AUTH_SOURCE = 'internal'
+app.PGADMIN_EXTERNAL_AUTH_SOURCE = 'ldap'
+
 app.test_client_class = TestClient
 test_client = app.test_client()
 test_client.setApp(app)
@@ -195,6 +200,8 @@ def get_test_modules(arguments):
            "browser.tests.test_login",
            "browser.tests.test_logout",
            "browser.tests.test_reset_password",
+            "browser.tests.test_ldap_login",
+            "browser.tests.test_ldap_with_mocking",
        ])
    if arguments['exclude'] is not None:
        exclude_pkgs += arguments['exclude'].split(',')
--- a/web/regression/test_config.json.in
+++ b/web/regression/test_config.json.in
@@ -11,6 +11,49 @@
    "login_password": "PASSWORD",
    "login_username": "USER@EXAMPLE.COM"
  },
+  "pgAdmin4_ldap_credentials": {
+    "login_password": "PASSWORD",
+    "login_username": "USERNAME"
+  },
+  "ldap_config": [
+    {
+    "ldap": {
+      "name": "Ldap scenario name"
+      "uri": "ldap://IP-ADDRESS/HOSTNAME:389",
+      "base_dn": "BASE-DN",
+      "search_base_dn": "SEARCH-BASE-DN",
+      "username_atr": "UID",
+      "search_filter": "(objectclass=*)",
+      "use_starttls": false,
+      "ca_cert_file": "",
+      "cert_file": "",
+      "key_file": ""
+    },
+    "ldap_with_ssl": {
+      "name": "Ldap scenario name"
+      "uri": "ldaps://IP-ADDRESS/HOSTNAME:636",
+      "base_dn": "BASE-DN",
+      "search_base_dn": "SEARCH-BASE-DN",
+      "username_atr": "UID",
+      "search_filter": "(objectclass=*)",
+      "use_starttls": false,
+      "ca_cert_file": "",
+      "cert_file": "",
+      "key_file": ""
+    },
+    "ldap_with_tls": {
+      "name": "Ldap scenario name"
+      "uri": "ldap://IP-ADDRESS/HOSTNAME:389",
+      "base_dn": "BASE-DN",
+      "search_base_dn": "SEARCH-BASE-DN",
+      "username_atr": "UID",
+      "search_filter": "(objectclass=*)",
+      "use_starttls": true,
+      "ca_cert_file": "",
+      "cert_file": "",
+      "key_file": ""
+    }
+  }],
  "server_group": 1,
  "server_credentials": [
    {