#!/usr/bin/env perl
use
lib
"$FindBin::RealBin/../3rd/lib/perl5"
;
use
lib
"$FindBin::RealBin/../lib"
;
plugin
'GSSAPI'
;
my
$ad_server
=
'adserver.myad.domain'
;
my
$ad_user
=
'ldapsearch@MYAD.DOMAIN'
;
my
$ad_password
=
'myadpassword'
;
get
'/'
=>
sub
(
$c
) {
my
$user
=
$c
->gssapi_auth or
return
;
$c
->
log
->error(
"user $user authenticated"
);
my
$ldap
= Net::LDAP->new(
$ad_server
,
onerror
=>
sub
(
$msg
) {
$c
->
log
->error(
"LDAP ERROR: "
.
$msg
->error);
},
timeout
=> 5,
);
$ldap
->start_tls(
verify
=>
'none'
);
$ldap
->
bind
(
$ad_user
,
password
=>
$ad_password
);
my
$base
= get_base_dn(
$ldap
);
$c
->
log
->debug(
"BaseDN $base"
);
my
$msg
=
$ldap
->search(
base
=>
$base
,
filter
=>
'(userprincipalname='
.
$user
.
')'
,
);
if
(
$msg
->count == 0) {
return
$c
->render(
text
=>
"<h1>$user</h1><div>Not found in $base LDAP</div>"
,
state
=>404);
}
$c
->render(
text
=>
"<h1>$user</h1><pre>"
.
$msg
->entry(0)->ldif.
"</pre>"
);
};
app->start;
sub
get_base_dn (
$ldap
) {
if
(not
$ldap
->{baseDN}){
my
$rootDSE
=
$ldap
->search(
base
=>
''
,
filter
=>
'(objectclass=*)'
,
scope
=>
'base'
,
attrs
=> [
'defaultNamingContext'
],
)->entry(0);
$ldap
->{baseDN} =
$rootDSE
->get_value(
'defaultnamingcontext'
);
}
return
$ldap
->{baseDN};
}