fix: npe if ldap query doesn't return attributes (#2151)

We cannot assume the LDAP server will have group attributes programmed everytime. So handle it accordingly. Signed-off-by: Ramkumar Chinchani <[email protected]>
project-zot · Jan 12, 2024 · d685adb · d685adb
1 parent 1c756b4
commit d685adb
Showing 1 changed file with 11 additions and 3 deletions.
diff --git a/pkg/api/ldap.go b/pkg/api/ldap.go
@@ -173,8 +173,11 @@ func (lc *LDAPClient) Authenticate(username, password string) (bool, map[string]
 	}
 
 	attributes := lc.Attributes
+
 	attributes = append(attributes, "dn")
-	attributes = append(attributes, lc.UserGroupAttribute)
+	if lc.UserGroupAttribute != "" {
+		attributes = append(attributes, lc.UserGroupAttribute)
+	}
 
 	searchScope := ldap.ScopeSingleLevel
 
@@ -216,8 +219,13 @@ func (lc *LDAPClient) Authenticate(username, password string) (bool, map[string]
 	}
 
 	userDN := search.Entries[0].DN
-	userAttributes := search.Entries[0].Attributes[0]
-	userGroups := userAttributes.Values
+
+	var userGroups []string
+
+	if lc.UserGroupAttribute != "" && len(search.Entries[0].Attributes) > 0 {
+		userAttributes := search.Entries[0].Attributes[0]
+		userGroups = userAttributes.Values
+	}
 	user := map[string]string{}
 
 	for _, attr := range lc.Attributes {