impl: helper to get a new client with different credentials

netresearch · Oct 4, 2023 · 73f51cd · 73f51cd
1 parent 8622caf
commit 73f51cd
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 1 deletion.
diff --git a/auth.go b/auth.go
@@ -13,7 +13,7 @@ var (
 	ErrActiveDirectoryMustBeLDAPS = errors.New("ActiveDirectory servers must be connected to via LDAPS to change passwords")
 )
 
-func (l LDAP) CheckPasswordForSAMAccountName(sAMAccountName, password string) (*User, error) {
+func (l *LDAP) CheckPasswordForSAMAccountName(sAMAccountName, password string) (*User, error) {
 	c, err := l.getConnection()
 	if err != nil {
 		return nil, err
@@ -33,6 +33,26 @@ func (l LDAP) CheckPasswordForSAMAccountName(sAMAccountName, password string) (*
 	return user, nil
 }
 
+func (l *LDAP) CheckPasswordForDN(dn, password string) (*User, error) {
+	c, err := l.getConnection()
+	if err != nil {
+		return nil, err
+	}
+	defer c.Close()
+
+	user, err := l.FindUserByDN(dn)
+	if err != nil {
+		return nil, err
+	}
+
+	err = c.Bind(user.DN(), password)
+	if err != nil {
+		return nil, err
+	}
+
+	return user, nil
+}
+
 func encodePassword(password string) (string, error) {
 	encoded, err := utf16le.NewEncoder().String("\"" + password + "\"")
 	if err != nil {

diff --git a/client.go b/client.go
@@ -38,6 +38,10 @@ func New(config Config, user, password string) (*LDAP, error) {
 	return l, nil
 }
 
+func (l *LDAP) WithCredentials(dn, password string) (*LDAP, error) {
+	return New(l.config, dn, password)
+}
+
 func (l LDAP) getConnection() (*ldap.Conn, error) {
 	c, err := ldap.DialURL(l.config.Server)
 	if err != nil {