LDAP part

.gitignore

@@ -1,4 +1,5 @@
 
 *.o
 *.so
+/test
 

LDAPReader.h

@@ -1,7 +0,0 @@
-#include "interfaces.h"
-
-class LDAPReader: public ILDAPReader
-{
-    public:
-};
-

Makefile

@@ -1,6 +1,6 @@
 
 SRC=	ldap-auth.cpp	\
-		MySQLLDAPAuthModule.cpp
+		ldapReader.cpp
 
 OBJ=	$(SRC:.cpp=.o)
 
@@ -8,16 +8,21 @@ NAME=	ldap-auth.so
 
 CXXFLAGS+=-O2 -I/usr/include/mysql/server -fPIC -DMYSQL_DYNAMIC_PLUGIN
 
+LDFLAGS=	-lldap
+
 $(NAME): all
 
-all: $(OBJ)
-	$(CC) $(OBJ) -o $(NAME) -shared
+all: $(OBJ) test
+	$(CC) $(OBJ) -o $(NAME) -shared $(LDFLAGS)
 
 clean:
-	$(RM) $(OBJ)
+	$(RM) $(OBJ) test.o
 
 fclean: clean
-	$(RM) $(NAME)
+	$(RM) $(NAME) test
+
+test: $(OBJ) test.o
+	$(CXX) $(OBJ) test.o -O2 -o test $(LDFLAGS)
 
 re: fclean all
 

MySQLLDAPAuthModule.cpp

@@ -1,11 +0,0 @@
-#include "MySQLLDAPAuthModule.h"
-
-MySQLLDAPAuthModule::MySQLLDAPAuthModule(std::unique_ptr<ILDAPReader>&& _reader):
-    ldapReader(std::move(_reader))
-{}
-
-bool MySQLLDAPAuthModule::Authenticate(const std::string& username, const std::string& password)
-{
-    return username == "isundil" && password == "test";
-}
-

interfaces.h

@@ -2,11 +2,9 @@
 
 #include <string>
 
-class ILDAPReader
-{
-    public:
-        virtual ~ILDAPReader() {};
-};
+#define LDAP_URI "ldap://localhost:389"
+#define LDAP_ATTRIBUTE "uid"
+#define LDAP_BASEDN "ou=users,dc=example,dc=org"
 
 class IMySQLLDAPAuthModule
 {

ldap-auth.cpp

@@ -6,8 +6,7 @@
 #include <mysql/client_plugin.h>
 
 #include "interfaces.h"
-#include "MySQLLDAPAuthModule.h"
-#include "LDAPReader.h"
+#include "ldapReader.h"
 
 static IMySQLLDAPAuthModule* _module;
 
@@ -48,7 +47,7 @@ static struct st_mysql_auth auth_ldap_handler =
 
 int initModule(void*)
 {
-    _module = new MySQLLDAPAuthModule(std::make_unique<LDAPReader>());
+    _module = new LDAPReader(LDAP_URI, LDAP_ATTRIBUTE, LDAP_BASEDN);
     return 0;
 }
 

ldapReader.cpp

@@ -0,0 +1,51 @@
+#define LDAP_DEPRECATED // FIXME
+
+#include <iostream>
+#include <sstream>
+#include <ldap.h>
+#include "ldapReader.h"
+
+LDAPReader::LDAPReader(const std::string& _uri, const std::string& _attribute, const std::string& _base):
+    uri(_uri), attribute(_attribute), baseDn(_base)
+{}
+
+LDAPReader::~LDAPReader()
+{}
+
+void* LDAPReader::InitConnection()
+{
+    LDAP* ldapHandler;
+    int protoVersion = LDAP_VERSION3;
+
+    int err = ldap_initialize(&ldapHandler, uri.c_str());
+    if (err != LDAP_SUCCESS)
+    {
+        std::cerr << "LDAP Initialize error: (" << err << ") " << ldap_err2string(err) << std::endl;
+        return nullptr;
+    }
+
+    err = ldap_set_option(ldapHandler, LDAP_OPT_PROTOCOL_VERSION, &protoVersion);
+    if (err != LDAP_SUCCESS)
+    {
+        std::cerr << "LDAP Protocol error: (" << err << ") " << ldap_err2string(err) << std::endl;
+        return nullptr;
+    }
+
+    return ldapHandler;
+}
+
+bool LDAPReader::Authenticate(const std::string& username, const std::string& password)
+{
+    LDAP* ldapHandler = reinterpret_cast<LDAP*>(InitConnection());
+    if (!ldapHandler)
+        return false;
+
+    std::stringstream bindDn;
+    bindDn << attribute << "=" << username << "," << baseDn;
+    int err = ldap_simple_bind_s(ldapHandler, bindDn.str().c_str(), password.c_str());
+    if (err != LDAP_SUCCESS)
+        std::cerr << "LDAP Bind Error: (" << err << ") " << ldap_err2string(err) << std::endl;
+    ldap_unbind_ext(ldapHandler, nullptr, nullptr);
+    return err == LDAP_SUCCESS;
+}
+

ldapReader.h

@@ -0,0 +1,18 @@
+
+#include "interfaces.h"
+
+class LDAPReader: public IMySQLLDAPAuthModule
+{
+    public:
+        LDAPReader(const std::string& uri, const std::string& attribute, const std::string& baseDn);
+        ~LDAPReader();
+        bool Authenticate(const std::string& username, const std::string& password) override;
+
+    private:
+        void* InitConnection();
+
+        const std::string uri;
+        const std::string attribute;
+        const std::string baseDn;
+};
+

test.cpp

@@ -0,0 +1,16 @@
+
+#include <iostream>
+#include "ldapReader.h"
+
+#define LDAP_URI "ldap://localhost:389"
+#define LDAP_ATTRIBUTE "cn"
+#define LDAP_BASEDN "ou=users,dc=example,dc=org"
+#define LDAP_TEST_USERID "foo"
+#define LDAP_TEST_PASSWD "bar"
+
+int main()
+{
+    LDAPReader reader(LDAP_URI, LDAP_ATTRIBUTE, LDAP_BASEDN);
+    std::cout << reader.Authenticate(LDAP_TEST_USERID, LDAP_TEST_PASSWD) << std::endl;
+}
+