feat: add ldap external idp to login api (#5938)

* fix: handling of ldap login through separate endpoint

* fix: handling of ldap login through separate endpoint

* fix: handling of ldap login through separate endpoint

* fix: successful intent for ldap

* fix: successful intent for ldap

* fix: successful intent for ldap

* fix: add changes from code review

* fix: remove set intent credentials and handle ldap errors

* fix: remove set intent credentials and handle ldap errors

* refactor into separate methods and fix merge

* remove mocks

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>

internal/idp/providers/ldap/ldap.go

@@ -218,6 +218,14 @@ func (p *Provider) BeginAuth(ctx context.Context, state string, params ...any) (
 	}, nil
 }
 
+func (p *Provider) GetSession(username, password string) *Session {
+	return &Session{
+		Provider: p,
+		User:     username,
+		Password: password,
+	}
+}
+
 func (p *Provider) IsLinkingAllowed() bool {
 	return p.isLinkingAllowed
 }

internal/idp/providers/ldap/session.go

@@ -26,6 +26,7 @@ type Session struct {
 	loginUrl string
 	User     string
 	Password string
+	Entry    *ldap.Entry
 }
 
 func (s *Session) GetAuthURL() string {
@@ -57,6 +58,7 @@ func (s *Session) FetchUser(_ context.Context) (_ idp.User, err error) {
 	if err != nil {
 		return nil, err
 	}
+	s.Entry = user
 
 	return mapLDAPEntryToUser(
 		user,

internal/idp/providers/ldap/session_test.go

@@ -219,19 +219,19 @@ func TestProvider_mapLDAPEntryToUser(t *testing.T) {
 			},
 			want: want{
 				user: &User{
-					id:                "",
-					firstName:         "",
-					lastName:          "",
-					displayName:       "",
-					nickName:          "",
-					preferredUsername: "",
-					email:             "",
-					emailVerified:     false,
-					phone:             "",
-					phoneVerified:     false,
-					preferredLanguage: language.Tag{},
-					avatarURL:         "",
-					profile:           "",
+					ID:                "",
+					FirstName:         "",
+					LastName:          "",
+					DisplayName:       "",
+					NickName:          "",
+					PreferredUsername: "",
+					Email:             "",
+					EmailVerified:     false,
+					Phone:             "",
+					PhoneVerified:     false,
+					PreferredLanguage: language.Tag{},
+					AvatarURL:         "",
+					Profile:           "",
 				},
 			},
 		},
@@ -351,19 +351,19 @@ func TestProvider_mapLDAPEntryToUser(t *testing.T) {
 			},
 			want: want{
 				user: &User{
-					id:                "id",
-					firstName:         "first",
-					lastName:          "last",
-					displayName:       "display",
-					nickName:          "nick",
-					preferredUsername: "preferred",
-					email:             "email",
-					emailVerified:     false,
-					phone:             "phone",
-					phoneVerified:     false,
-					preferredLanguage: language.Make("und"),
-					avatarURL:         "avatar",
-					profile:           "profile",
+					ID:                "id",
+					FirstName:         "first",
+					LastName:          "last",
+					DisplayName:       "display",
+					NickName:          "nick",
+					PreferredUsername: "preferred",
+					Email:             "email",
+					EmailVerified:     false,
+					Phone:             "phone",
+					PhoneVerified:     false,
+					PreferredLanguage: language.Make("und"),
+					AvatarURL:         "avatar",
+					Profile:           "profile",
 				},
 			},
 		},

internal/idp/providers/ldap/user.go

@@ -7,19 +7,19 @@ import (
 )
 
 type User struct {
-	id                string
-	firstName         string
-	lastName          string
-	displayName       string
-	nickName          string
-	preferredUsername string
-	email             domain.EmailAddress
-	emailVerified     bool
-	phone             domain.PhoneNumber
-	phoneVerified     bool
-	preferredLanguage language.Tag
-	avatarURL         string
-	profile           string
+	ID                string              `json:"id,omitempty"`
+	FirstName         string              `json:"firstName,omitempty"`
+	LastName          string              `json:"lastName,omitempty"`
+	DisplayName       string              `json:"displayName,omitempty"`
+	NickName          string              `json:"nickName,omitempty"`
+	PreferredUsername string              `json:"preferredUsername,omitempty"`
+	Email             domain.EmailAddress `json:"email,omitempty"`
+	EmailVerified     bool                `json:"emailVerified,omitempty"`
+	Phone             domain.PhoneNumber  `json:"phone,omitempty"`
+	PhoneVerified     bool                `json:"phoneVerified,omitempty"`
+	PreferredLanguage language.Tag        `json:"preferredLanguage,omitempty"`
+	AvatarURL         string              `json:"avatarURL,omitempty"`
+	Profile           string              `json:"profile,omitempty"`
 }
 
 func NewUser(
@@ -55,41 +55,41 @@ func NewUser(
 }
 
 func (u *User) GetID() string {
-	return u.id
+	return u.ID
 }
 func (u *User) GetFirstName() string {
-	return u.firstName
+	return u.FirstName
 }
 func (u *User) GetLastName() string {
-	return u.lastName
+	return u.LastName
 }
 func (u *User) GetDisplayName() string {
-	return u.displayName
+	return u.DisplayName
 }
 func (u *User) GetNickname() string {
-	return u.nickName
+	return u.NickName
 }
 func (u *User) GetPreferredUsername() string {
-	return u.preferredUsername
+	return u.PreferredUsername
 }
 func (u *User) GetEmail() domain.EmailAddress {
-	return u.email
+	return u.Email
 }
 func (u *User) IsEmailVerified() bool {
-	return u.emailVerified
+	return u.EmailVerified
 }
 func (u *User) GetPhone() domain.PhoneNumber {
-	return u.phone
+	return u.Phone
 }
 func (u *User) IsPhoneVerified() bool {
-	return u.phoneVerified
+	return u.PhoneVerified
 }
 func (u *User) GetPreferredLanguage() language.Tag {
-	return u.preferredLanguage
+	return u.PreferredLanguage
 }
 func (u *User) GetAvatarURL() string {
-	return u.avatarURL
+	return u.AvatarURL
 }
 func (u *User) GetProfile() string {
-	return u.profile
+	return u.Profile
 }