removing uidProperty since we use the distinguished name and it is not a part of the ldap object

Author: vbouchaud

CHANGELOG.md

@@ -8,7 +8,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## [Unreleased]
 ### Server
 #### Added
-- User UID and username properties mapping with ldap can now be set with specific parameters or environment variable.
+- User username properties mapping with ldap can now be set with specific parameters or environment variable.
 
 #### Changed
 - Parameter `--member-of-property` is now `--memberof-property` (style consistency change)

cmd/server.go

@@ -75,12 +75,6 @@ func getServerCmd() *cli.Command {
 				EnvVars: []string{"LDAP_USER_USERNAMEPROPERTY"},
 				Usage:   "The `PROPERTY` that will be used as username in the TokenReview.",
 			},
-			&cli.StringFlag{
-				Name:    "uid-property",
-				Value:   "dn",
-				EnvVars: []string{"LDAP_USER_UIDPROPERTY"},
-				Usage:   "The `PROPERTY` that will be used as uid in the TokenReview.",
-			},
 			&cli.StringSliceFlag{
 				Name:    "extra-attributes",
 				EnvVars: []string{"LDAP_USER_EXTRAATTR"},
@@ -125,7 +119,6 @@ func getServerCmd() *cli.Command {
 				searchAttributes = c.StringSlice("search-attributes")
 				memberofProperty = c.String("memberof-property")
 				usernameProperty = c.String("username-property")
-				uidProperty      = c.String("uid-property")
 
 				privateKeyFile = c.String("private-key-file")
 				publicKeyFile  = c.String("public-key-file")
@@ -145,7 +138,6 @@ func getServerCmd() *cli.Command {
 					searchFilter,
 					memberofProperty,
 					usernameProperty,
-					uidProperty,
 					searchAttributes,
 				),
 				server.WithAccessLogs(),

ldap/ldap.go

@@ -19,7 +19,6 @@ type Ldap struct {
 	searchFilter     string
 	memberofProperty string
 	usernameProperty string
-	uidProperty      string
 	extraAttributes  []string
 	searchAttributes []string
 }
@@ -42,8 +41,7 @@ func NewInstance(
 	searchScope,
 	searchFilter,
 	memberofProperty,
-	usernameProperty,
-	uidProperty string,
+	usernameProperty string,
 	extraAttributes,
 	searchAttributes []string,
 ) *Ldap {
@@ -56,7 +54,6 @@ func NewInstance(
 		searchFilter:     searchFilter,
 		memberofProperty: memberofProperty,
 		usernameProperty: usernameProperty,
-		uidProperty:      uidProperty,
 		extraAttributes:  extraAttributes,
 		searchAttributes: searchAttributes,
 	}
@@ -124,7 +121,7 @@ func (s *Ldap) Search(username string) (*auth.UserInfo, error) {
 	}
 
 	user := &auth.UserInfo{
-		UID:      strings.ToLower(result.Entries[0].GetAttributeValue(s.uidProperty)),
+		UID:      strings.ToLower(result.Entries[0].DN),
 		Username: strings.ToLower(result.Entries[0].GetAttributeValue(s.usernameProperty)),
 		Groups:   sanitize(result.Entries[0].GetAttributeValues(s.memberofProperty)),
 		Extra:    extra,

server/options.go

@@ -23,8 +23,7 @@ func WithLdap(
 	searchScope,
 	searchFilter,
 	memberofProperty,
-	usernameProperty,
-	uidProperty string,
+	usernameProperty string,
 	extraAttributes []string) Option {
 	return func(i *Instance) error {
 		i.l = ldap.NewInstance(
@@ -36,9 +35,8 @@ func WithLdap(
 			searchFilter,
 			memberofProperty,
 			usernameProperty,
-			uidProperty,
 			extraAttributes,
-			append(extraAttributes, memberofProperty, usernameProperty, uidProperty),
+			append(extraAttributes, memberofProperty, usernameProperty),
 		)
 
 		return nil