205hlab-mirrors/authentik
2
0
Fork 0
mirror of https://github.com/goauthentik/authentik.git synced 2026-06-17 19:09:11 +03:00
Code Issues Packages Projects Releases Wiki Activity

proviers/ldap: avoid concurrent header writes in API Client (#21223)

Browse Source 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens L.
2026-03-29 19:52:49 +01:00
committed by GitHub
parent 2b3b6e045a
commit 189251dc26
1 changed files with 3 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/outpost/ldap/search/direct/direct.go
+3 -7
View File
@@ -83,10 +83,6 @@ func (ds *DirectSearcher) Search(req *search.Request) (ldap.ServerSearchResult,
entries := make([]*ldap.Entry, 0)
// Create a custom client to set additional headers
c := api.NewAPIClient(ds.si.GetAPIClient().GetConfig())
c.GetConfig().AddDefaultHeader("X-authentik-outpost-ldap-query", req.Filter)
scope := req.Scope
needUsers, needGroups := ds.si.GetNeededObjects(scope, req.BaseDN, req.FilterObjectClass)
@@ -113,7 +109,7 @@ func (ds *DirectSearcher) Search(req *search.Request) (ldap.ServerSearchResult,
errs.Go(func() error {
if flags.CanSearch {
uapisp := sentry.StartSpan(errCtx, "authentik.providers.ldap.search.api_user")
searchReq, skip := utils.ParseFilterForUser(c.CoreAPI.CoreUsersList(uapisp.Context()).IncludeGroups(true), parsedFilter, false)
searchReq, skip := utils.ParseFilterForUser(ds.si.GetAPIClient().CoreAPI.CoreUsersList(uapisp.Context()).IncludeGroups(true), parsedFilter, false)
if skip {
req.Log().Trace("Skip backend request")
@@ -132,7 +128,7 @@ func (ds *DirectSearcher) Search(req *search.Request) (ldap.ServerSearchResult,
} else {
if flags.UserInfo == nil {
uapisp := sentry.StartSpan(errCtx, "authentik.providers.ldap.search.api_user")
u, _, err := c.CoreAPI.CoreUsersRetrieve(uapisp.Context(), flags.UserPk).Execute()
u, _, err := ds.si.GetAPIClient().CoreAPI.CoreUsersRetrieve(uapisp.Context(), flags.UserPk).Execute()
uapisp.Finish()
if err != nil {
@@ -155,7 +151,7 @@ func (ds *DirectSearcher) Search(req *search.Request) (ldap.ServerSearchResult,
if needGroups {
errs.Go(func() error {
gapisp := sentry.StartSpan(errCtx, "authentik.providers.ldap.search.api_group")
searchReq, skip := utils.ParseFilterForGroup(c.CoreAPI.CoreGroupsList(gapisp.Context()).IncludeUsers(true).IncludeChildren(true).IncludeParents(true), parsedFilter, false)
searchReq, skip := utils.ParseFilterForGroup(ds.si.GetAPIClient().CoreAPI.CoreGroupsList(gapisp.Context()).IncludeUsers(true).IncludeChildren(true).IncludeParents(true), parsedFilter, false)
if skip {
req.Log().Trace("Skip backend request")
return nil