Update README

2022-10-08 18:49:08 +02:00 · 2022-10-08 18:49:08 +02:00 · a0ca204fb9
commit a0ca204fb9
parent cb0443889b
1 changed files with 218 additions and 3 deletions
--- a/README.md
+++ b/README.md
@ -1,4 +1,219 @@
 # glapi

 Go Ldap API is an HTTP API to an LDAP backend.  
-Only supporting read at the moment, maybe one day it will break LDAP backends with ease and joy!
+Only supporting read at the moment, maybe one day it will write, and break LDAP backends with ease and joy!
+
+## Usage
+Start glapi with parameters on command line:
+```
+glapi -ldap-host ldap://ldap.example.org -ldap-base-dn dc=example,dc=org -ldap-user cn=yo,dc=example,dc=org -ldap-pass 'here_is_the_password'
+```
+
+or point it to a configuration file :
+```
+glapi -config glapi.env
+```
+
+## Configuration file
+``̀`
+LISTEN="127.0.0.1:8080"
+LDAP_HOST="ldap://ldap.example.org"
+LDAP_BASE_DN="dc=example,dc=org"
+LDAP_USER="cn=yo,dc=example,dc=org"
+LDAP_PASS='here_is_the_password'
+DEBUG=false
+```
+
+## Querying API  
+Search LDAP entries through the whole subtree, specifying organizationalUnit, commnName, objectClass, attribute to retrieve.
+Each one of these parameters can be replaced by "ALL" to act like a wildcard.
+``̀`
+% curl -u admin:admin http://127.0.0.1:8080/ou=domains/yo/person | jq      
+[
+  {
+    "DN": "cn=yo,dc=example.org,ou=domains,dc=example,dc=org",
+    "Attributes": [
+      {
+        "Name": "sn",
+        "Values": [
+          "yo"
+        ],
+        "ByteValues": [
+          "eW8="
+        ]
+      },
+      {
+        "Name": "cn",
+        "Values": [
+          "yo"
+        ],
+        "ByteValues": [
+          "eW8="
+        ]
+      },
+      {
+        "Name": "objectClass",
+        "Values": [
+          "inetOrgPerson",
+          "organizationalPerson",
+          "person",
+          "top",
+          "inetLocalMailRecipient"
+        ],
+        "ByteValues": [
+          "aW5ldE9yZ1BlcnNvbg==",
+          "b3JnYW5pemF0aW9uYWxQZXJzb24=",
+          "cGVyc29u",
+          "dG9w",
+          "aW5ldExvY2FsTWFpbFJlY2lwaWVudA=="
+        ]
+      },
+      {
+        "Name": "mail",
+        "Values": [
+          "yo@example.org"
+        ],
+        "ByteValues": [
+          "eW9AcGxvcGl0by50aw=="
+        ]
+      },
+      {
+        "Name": "mailLocalAddress",
+        "Values": [
+          "root@example.org",
+          "postmaster@example.org",
+        ],
+        "ByteValues": [
+          "cm9vdEBleGFtcGxlLm9yZw==",
+          "cG9zdG1hc3RlckBleGFtcGxlLm9yZw==",
+        ]
+      },
+      {
+        "Name": "uid",
+        "Values": [
+          "yo"
+        ],
+        "ByteValues": [
+          "eW8="
+        ]
+      }
+    ]
+  }
+]
+```
+
+Using wildcards everywhere and ldif format, you can get a dump of ldap:
+```
+% curl -u admin:admin "http://127.0.0.1:8080/ALL/ALL/ALL?format=ldif"
+dn: dc=example,dc=org
+objectClass: organization
+objectClass: top
+objectClass: dcObject
+dc: example
+o: example.org
+
+dn: cn=admin,dc=example,dc=org
+objectClass: organizationalRole
+objectClass: top
+objectClass: simpleSecurityObject
+cn: admin
+
+dn: cn=yo,dc=example,dc=org
+objectClass: organizationalRole
+objectClass: top
+objectClass: simpleSecurityObject
+cn: yo
+userPassword: {SSHA}edited
+
+[...]
+```
+
+Get operational attributes with "*,+" in attribute :
+``̀`
+% curl -u admin:admin "http://127.0.0.1:8080/ALL/ALL/ALL/*,+?format=ldif"   
+dn: dc=example,dc=org
+objectClass: organization
+objectClass: top
+objectClass: dcObject
+dc: example
+o: example.org
+structuralObjectClass: organization
+entryUUID: af93fd38-3139-103a-8d41-05c00494facf
+creatorsName: cn=admin,dc=example,dc=org
+createTimestamp: 20200523120715Z
+entryCSN: 20200523120715.282611Z#000000#000#000000
+modifiersName: cn=admin,dc=example,dc=org
+modifyTimestamp: 20200523120715Z
+entryDN: dc=example,dc=org
+subschemaSubentry: cn=Subschema
+hasSubordinates: TRUE
+
+dn: cn=admin,dc=example,dc=org
+objectClass: organizationalRole
+objectClass: top
+objectClass: simpleSecurityObject
+cn: admin
+structuralObjectClass: organizationalRole
+entryUUID: af9a1556-3139-103a-8d42-05c00494facf
+creatorsName: cn=admin,dc=example,dc=org
+createTimestamp: 20200523120715Z
+entryCSN: 20200523120715.322559Z#000000#000#000000
+modifiersName: cn=admin,dc=example,dc=org
+modifyTimestamp: 20200523120715Z
+entryDN: cn=admin,dc=example,dc=org
+subschemaSubentry: cn=Subschema
+hasSubordinates: FALSE
+
+[...]
+`̀``
+
+### Output format  
+Default output is in json. The following formats are supported, to be specified as a "format" query parameter:  
+- json (default)  
+- text (ini style)  
+- ldif  
+- textvalue (only attribute values are returned)  
+- textvalue-nodn ((only attribute values, no dn added, no linefeed between entries. To be used by Rspamd multimap module)  
+
+```
+% curl -u admin:admin "http://127.0.0.1:8080/ou=domains/yo/person?format=text"
+dn=cn=yo,dc=example.org,ou=domains,dc=example,dc=org
+sn=yo
+cn=yo
+objectClass=inetOrgPerson
+objectClass=organizationalPerson
+objectClass=person
+objectClass=top
+objectClass=inetLocalMailRecipient
+mail=yo@example.org
+mailLocalAddress=root@example.org
+mailLocalAddress=postmaster@example.org
+uid=yo
+
+% curl -u admin:admin "http://127.0.0.1:8080/ou=domains/yo/person?format=ldif"
+dn: cn=yo,dc=example.org,ou=domains,dc=example,dc=org
+sn: yo
+cn: yo
+objectClass: inetOrgPerson
+objectClass: organizationalPerson
+objectClass: person
+objectClass: top
+objectClass: inetLocalMailRecipient
+mail: yo@example.org
+mailLocalAddress: root@example.org
+mailLocalAddress=postmaster@example.org
+uid: yo
+
+```
+
+### Select attributes to get  
+You can specify attributes to get by adding them in 4th position :  
+̀```
+% curl -u admin:admin "http://127.0.0.1:8080/ou=domains/yo/person/mail?format=textvalue"
+cn=yo,dc=example.org,ou=domains,dc=example,dc=org
+yo@example.org
+
+% curl -u admin:admin "http://127.0.0.1:8080/ou=domains/yo/person/mail?format=textvalue-nodn"
+yo@example.org
+
+```