Skip to content

feat: add LDAP authentication module with JWT issuance #2074

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: development
Choose a base branch
from
Open

feat: add LDAP authentication module with JWT issuance #2074

wants to merge 1 commit into from
+179 −0

Conversation

mundele2004
Copy link

Pull Request Template

Description:

  • Added a plug-and-play LDAP authentication module under internal/auth/ldapauth.
  • The module performs Bind(username, password) authentication against an LDAP server and issues a JWT token upon successful login.
  • Addresses the LDAP Integration proposal for GoFr Framework Extension as per SOC.
  • Closes: issue [GoFr-SOC]: LDAP Integration Helper Module #2014

Breaking Changes (if applicable):

  • None. This module is self-contained and does not interfere with any existing authentication mechanisms or routing middleware.

Additional Information:

  • External Library used: github.com/go-ldap/ldap/v3
  • JWT is issued using standard library packages (crypto/rand, encoding/base64) with HMAC SHA256 signing.
  • Unit tests include edge cases using a mock LDAP dialer function.
  • See mainFile/main.go for demo and testuser.ldif for testing against a local OpenLDAP instance.
  • Sample test user:

Summary

This PR introduces a standalone LDAP authentication module (internal/auth/ldapauth) for the GoFr framework. It uses Bind(username, password) to validate users and issues a JWT on successful login.

What's Included

  • ldapauth.go: Core logic for LDAP authentication and JWT issuance
  • ldapauth_test.go: Unit tests with mock LDAP dialer
  • main.go: Demo login flow using /login route
  • testuser.ldif: Sample LDAP user for testing

How to Test

  1. Run local LDAP server (e.g., using Docker: osixia/openldap)
  2. Load test user using testuser.ldif: 
    docker cp mainFile/testuser.ldif myldap:/testuser.ldif
docker exec -it myldap ldapadd -x -D "cn=admin,dc=example,dc=com" -w admin -f /testuser.ldif
  3. Run the server:- go run mainFile/main.go
  4. Test login:
    curl -X POST http://localhost:8080/login
    -H "Content-Type: application/json"
    -d '{"username":"testuser", "password":"testpass"}'

Checklist:

  • I have formatted my code using goimport and golangci-lint.
  • All new code is covered by unit tests.
  • This PR does not decrease the overall code coverage.
  • I have reviewed the code comments and documentation for clarity.

@mundele2004 mundele2004 marked this pull request as ready for review July 17, 2025 16:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@mundele2004