Fix scheme for DialURL ldap connection (#3677)

nabokihms · nabokihms · commit 54fb570ffa9b · 2024-08-07T19:45:06.000+02:00
* Use scheme without :// suffix
* Make test ldap server listen on custom ports to avoid stepping into go-ldap defaults

Signed-off-by: m.nabokikh &lt;maksim.nabokikh@flant.com&gt;
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -121,8 +121,8 @@ jobs:
           DEX_ETCD_ENDPOINTS: http://localhost:${{ job.services.etcd.ports[2379] }}
 
           DEX_LDAP_HOST: localhost
-          DEX_LDAP_PORT: 389
-          DEX_LDAP_TLS_PORT: 636
+          DEX_LDAP_PORT: 3890
+          DEX_LDAP_TLS_PORT: 6360
 
           DEX_KEYSTONE_URL: http://localhost:${{ job.services.keystone.ports[5000] }}
           DEX_KEYSTONE_ADMIN_URL: http://localhost:${{ job.services.keystone.ports[35357] }}
diff --git a/connector/ldap/ldap.go b/connector/ldap/ldap.go
@@ -322,10 +322,10 @@ func (c *ldapConnector) do(_ context.Context, f func(c *ldap.Conn) error) error
 
 	switch {
 	case c.InsecureNoSSL:
-		u := url.URL{Scheme: "ldap://", Host: c.Host}
+		u := url.URL{Scheme: "ldap", Host: c.Host}
 		conn, err = ldap.DialURL(u.String())
 	case c.StartTLS:
-		u := url.URL{Scheme: "ldap://", Host: c.Host}
+		u := url.URL{Scheme: "ldap", Host: c.Host}
 		conn, err = ldap.DialURL(u.String())
 		if err != nil {
 			return fmt.Errorf("failed to connect: %v", err)
@@ -334,7 +334,7 @@ func (c *ldapConnector) do(_ context.Context, f func(c *ldap.Conn) error) error
 			return fmt.Errorf("start TLS failed: %v", err)
 		}
 	default:
-		u := url.URL{Scheme: "ldaps://", Host: c.Host}
+		u := url.URL{Scheme: "ldaps", Host: c.Host}
 		conn, err = ldap.DialURL(u.String(), ldap.DialWithTLSConfig(c.tlsConfig))
 	}
 	if err != nil {
diff --git a/docker-compose.test.yaml b/docker-compose.test.yaml
@@ -11,8 +11,8 @@ services:
             LDAP_TLS: "true"
             LDAP_TLS_VERIFY_CLIENT: try
         ports:
-            - 389:389
-            - 636:636
+            - 3890:389
+            - 6360:636
         volumes:
             - ./connector/ldap/testdata/certs:/container/service/slapd/assets/certs
             - ./connector/ldap/testdata/schema.ldif:/container/service/slapd/assets/config/bootstrap/ldif/99-schema.ldif
