primal/gitea
1
0
Fork 0
mirror of https://github.com/go-gitea/gitea synced 2026-02-03 11:10:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add an option to automatically verify SSH keys from LDAP (#35927)

Browse Source 
This pull request adds an option to automatically verify SSH keys from
LDAP authentication sources.

This allows a correct authentication and verification workflow for
LDAP-enabled organizations; under normal circumstances SSH keys in LDAP
are not managed by users manually.
This commit is contained in:
Ivan Tkatchev
2025-12-27 15:33:08 +03:00
committed by GitHub
parent 00cc84e37c
commit 19e1997ee2
15 changed files with 38 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files
cmd/admin_auth_ldap.go
+7
View File
@@ -94,6 +94,10 @@ func commonLdapCLIFlags() []cli.Flag {
Name: "public-ssh-key-attribute",
Usage: "The attribute of the users LDAP record containing the users public ssh key.",
},
&cli.BoolFlag{
Name: "ssh-keys-are-verified",
Usage: "Set to true to automatically flag SSH keys in LDAP as verified.",
},
&cli.BoolFlag{
Name: "skip-local-2fa",
Usage: "Set to true to skip local 2fa for users authenticated by this source",
@@ -294,6 +298,9 @@ func parseLdapConfig(c *cli.Command, config *ldap.Source) error {
if c.IsSet("public-ssh-key-attribute") {
config.AttributeSSHPublicKey = c.String("public-ssh-key-attribute")
}
if c.IsSet("ssh-keys-are-verified") {
config.SSHKeysAreVerified = c.Bool("ssh-keys-are-verified")
}
if c.IsSet("avatar-attribute") {
config.AttributeAvatar = c.String("avatar-attribute")
}