Better logging.

Author: oothman

main.go

@@ -27,7 +27,6 @@ import (
 )
 
 func main() {
-
 	setupProfiling()
 	cmd.Execute()
 }

pkg/backend.go

@@ -40,7 +40,6 @@ type session struct {
 }
 
 func (bmcLdap *BmcLdap) Bind(ctx ldap.Context, req *ldap.BindRequest) (bindResponse *ldap.BindResponse, err error) {
-
 	log := bmcLdap.logger
 
 	if req.DN == "" {
@@ -98,7 +97,7 @@ func (bmcLdap *BmcLdap) Bind(ctx ldap.Context, req *ldap.BindRequest) (bindRespo
 		log.Debug(fmt.Sprintf("Bind accept response %#v", bindResponse))
 		return bindResponse, err
 	} else {
-		log.Debug(fmt.Sprintf("BIND reject response %#v", bindResponse))
+		log.Debug(fmt.Sprintf("Bind reject response %#v", bindResponse))
 		return bindResponse, err
 	}
 }
@@ -276,6 +275,5 @@ func (bmcLdap *BmcLdap) ModifyDN(ctx ldap.Context, req *ldap.ModifyDNRequest) (*
 
 // Method added to conform to ldap.Server interface
 func (bmcLdap *BmcLdap) PasswordModify(ctx ldap.Context, req *ldap.PasswordModifyRequest) ([]byte, error) {
-
 	return []byte{}, nil
 }

pkg/providers/common.go

@@ -29,7 +29,6 @@ import (
 
 // ConnectRemoteServer returns a client to a remote ldap server
 func ConnectRemoteServer(ctx context.Context, clientCaCert string, server string, port int) (client *ldap.Client, err error) {
-
 	clientChan := make(chan *ldap.Client)
 
 	go func(clientChan chan<- *ldap.Client) {
@@ -56,7 +55,6 @@ func ConnectRemoteServer(ctx context.Context, clientCaCert string, server string
 	case <-ctx.Done():
 		return client, errors.New("LDAP client went away while connecting to backend LDAP server!")
 	}
-
 }
 
 // returns tls config with RootCA certs loaded

pkg/providers/dell/dell.go

@@ -56,30 +56,28 @@ func (d *Dell) Authenticate(ctx context.Context, bindDN string, bindPassword []b
 	return true
 }
 
-func (d *Dell) Authorize(ctx context.Context, req *ldap.SearchRequest) ([]*ldap.SearchResult, error) {
-	searchResults := ldap.SearchResult{}
-
+func (d *Dell) Authorize(ctx context.Context, req *ldap.SearchRequest) (results []*ldap.SearchResult, err error) {
 	ldapClient, err := providers.ConnectRemoteServer(ctx, d.Config.ClientCaCert, d.Config.RemoteServerName, d.Config.RemoteServerPortTLS)
 	defer ldapClient.Close()
 
 	if err != nil {
 		d.Logger.Warn(err)
-		return []*ldap.SearchResult{&searchResults}, err
+		return results, err
 	}
 
-	d.Logger.Debug("Filter string is " + req.Filter.String())
-
 	// Dell Search request 1: BMC validating the user account is present under the base DN.
 	// Pass this request to the backend LDAP server and return the response to the client as is.
 	if strings.Contains(req.Filter.String(), "objectClass=posixAccount") {
 		// req.BaseDN at this point is set to "cn=dell".
 		// This needs to be updated to a valid search base (starting point in the tree).
 		req.BaseDN = d.Config.BaseDN
 
-		d.Logger.Debug("Starting Dell Search 1 for " + req.BaseDN)
+		d.Logger.Debug("Starting Dell Search 1 for " + req.BaseDN + ", request filter is " + req.Filter.String())
 		searchResponse, err := ldapClient.Search(req)
 		if err != nil {
-			d.Logger.Warn(fmt.Sprintf("Remote LDAP search 1 request returned an error: %s", err))
+			d.Logger.Warn(fmt.Sprintf("Remote LDAP Search 1 request returned an error: %s", err))
+		} else {
+			d.Logger.Info(fmt.Sprintf("Remote LDAP Search 1 request succeeded, response: %+v", searchResponse))
 		}
 		return searchResponse, nil
 	}
@@ -89,7 +87,7 @@ func (d *Dell) Authorize(ctx context.Context, req *ldap.SearchRequest) ([]*ldap.
 	if strings.Contains(req.Filter.String(), "memberUid=") {
 		// req.BaseDN at this point would contain "cn=dell", to identify this BMC as Dell.
 		// (e.g. "cn=dell,cn=fooUsers,ou=Group,dc=example,dc=com")
-		d.Logger.Debug("Starting Dell Search 2 for " + req.BaseDN)
+		d.Logger.Debug("Starting Dell Search 2 for " + req.BaseDN + ", request filter is " + req.Filter.String())
 
 		// Strip out "cn=dell," from the request Base DN.
 		mainDN := strings.Replace(req.BaseDN, "cn=dell,", "", 1)
@@ -98,7 +96,7 @@ func (d *Dell) Authorize(ctx context.Context, req *ldap.SearchRequest) ([]*ldap.
 			req.BaseDN = strings.Replace(mainDN, "cn=", "cn="+prefix, -1)
 
 			// Indicate that we have changed something...
-			msg := "Performing actual search for " + req.BaseDN
+			msg := "Performing actual search for " + req.BaseDN + ", request filter is " + req.Filter.String()
 			if prefix != "" {
 				msg += " after adding " + prefix
 			}
@@ -107,7 +105,7 @@ func (d *Dell) Authorize(ctx context.Context, req *ldap.SearchRequest) ([]*ldap.
 			// The actual search.
 			searchResponse, err := ldapClient.Search(req)
 			if err != nil {
-				d.Logger.Warn(fmt.Sprintf("Remote LDAP search 2 request returned an error: %s", err))
+				d.Logger.Warn(fmt.Sprintf("Remote LDAP Search 2 request returned an error: %s", err))
 			}
 
 			if len(searchResponse) > 0 {
@@ -117,5 +115,7 @@ func (d *Dell) Authorize(ctx context.Context, req *ldap.SearchRequest) ([]*ldap.
 		}
 	}
 
-	return []*ldap.SearchResult{&searchResults}, nil
+	d.Logger.Info(fmt.Sprintf("Filter %s not found in group %s", req.Filter.String(), req.BaseDN))
+
+	return results, nil
 }