semaphore feat: add ldap debug switch

Greetings!

It seems many users have problems integrating their LDAP solutions. See: https://github.com/ansible-semaphore/semaphore/issues/419, https://github.com/ansible-semaphore/semaphore/issues/808, https://github.com/ansible-semaphore/semaphore/issues/876, https://github.com/ansible-semaphore/semaphore/issues/903, https://github.com/ansible-semaphore/semaphore/issues/906, https://github.com/ansible-semaphore/semaphore/issues/1137, https://github.com/ansible-semaphore/semaphore/issues/1161, https://github.com/ansible-semaphore/semaphore/issues/1214 I have too. https://github.com/ansible-semaphore/semaphore/issues/1238

Semaphore currently lacks LDAP debug logging that would help users troubleshoot their setups. The underlaying 'go-ldap' package does provide a debug functionality. This PR allows to enable this ldap-debug-mode using the semaphore config-file!

Example output of a single ldap-login:

Debug disabled:

Server is running
WARN[0006] LDAP Result Code 2 "Protocol Error":

Debug enabled:

Server is running
LDAP Request: (Universal, Constructed, Sequence and Sequence of) Len=46 "<nil>"
 MessageID: (Universal, Primitive, Integer) Len=1 "1"
 Bind Request: (Application, Constructed, 0x00) Len=41 "<nil>"
  Version: (Universal, Primitive, Integer) Len=1 "3"
  User Name: (Universal, Primitive, Octet String) Len=10 "xxxBindUser"
  Password: (Context, Primitive, 0x00) Len=24 "xxxBindPwd"
2023/05/12 14:38:50 flags&startTLS = 0
2023/05/12 14:38:50 1: returning
2023/05/12 14:38:50 1: waiting for response
2023/05/12 14:38:50 Sending message 1
2023/05/12 14:38:51 Receiving message 1
2023/05/12 14:38:51 1: got response 0xc0006991f0
LDAP Response: (Universal, Constructed, Sequence and Sequence of) Len=29 "<nil>"
 Message ID: (Universal, Primitive, Integer) Len=1 "1"
 Bind Response: (Application, Constructed, 0x01) Len=24 "<nil>"
  Result Code (Success): (Universal, Primitive, Enumerated) Len=1 "0"
  Matched DN (): (Universal, Primitive, Octet String) Len=0 ""
  Success: (Universal, Primitive, Octet String) Len=17 "Valid access code"
2023/05/12 14:38:51 Finished message 1
LDAP Request: (Universal, Constructed, Sequence and Sequence of) Len=303 "<nil>"
 MessageID: (Universal, Primitive, Integer) Len=1 "2"
 Search Request: (Application, Constructed, 0x03) Len=296 "<nil>"
  Base DN: (Universal, Primitive, Octet String) Len=19 "dc=org,dc=com"
  Scope: (Universal, Primitive, Enumerated) Len=1 "2"
  Deref Aliases: (Universal, Primitive, Enumerated) Len=1 "0"
  Size Limit: (Universal, Primitive, Integer) Len=1 "0"
  Time Limit: (Universal, Primitive, Integer) Len=1 "0"
  Types Only: (Universal, Primitive, Boolean) Len=1 "false"
  And: (Context, Constructed, 0x00) Len=251 "<nil>"
   Equality Match: (Context, Constructed, 0x03) Len=31 "<nil>"
    Attribute: (Universal, Primitive, Octet String) Len=4 "mail"
    Condition: (Universal, Primitive, Octet String) Len=23 "[email protected]"
   Equality Match: (Context, Constructed, 0x03) Len=21 "<nil>"
    Attribute: (Universal, Primitive, Octet String) Len=11 "objectClass"
    Condition: (Universal, Primitive, Octet String) Len=6 "person"
   Or: (Context, Constructed, 0x01) Len=192 "<nil>"
    Extensible Match: (Context, Constructed, 0x09) Len=65 "<nil>"
     Matching Rule Assertion Type: (Context, Primitive, 0x02) Len=8 "memberof"
     Matching Rule Assertion Match Value: (Context, Primitive, 0x03) Len=53 "cn=semaphore,ou=Groups,dc=org,dc=com"
    Extensible Match: (Context, Constructed, 0x09) Len=65 "<nil>"
  Attributes: (Universal, Constructed, Sequence and Sequence of) Len=4 "<nil>"
   Attribute: (Universal, Primitive, Octet String) Len=2 "dn"
2023/05/12 14:38:51 flags&startTLS = 0
2023/05/12 14:38:51 2: returning
2023/05/12 14:38:51 2: waiting for response
2023/05/12 14:38:51 Sending message 2
2023/05/12 14:38:52 Receiving message 2
2023/05/12 14:38:52 2: got response 0xc0001cc000
LDAP Response: (Universal, Constructed, Sequence and Sequence of) Len=85 "<nil>"
 Message ID: (Universal, Primitive, Integer) Len=1 "2"
 Search Result Entry: (Application, Constructed, 0x04) Len=80 "<nil>"
  Object Name: (Universal, Primitive, Octet String) Len=76 "uid=user.name,ou=Users,dc=org,dc=com"
  Attributes: (Universal, Constructed, Sequence and Sequence of) Len=0 "<nil>"
2023/05/12 14:38:52 2: waiting for response
2023/05/12 14:38:52 Receiving message 2
2023/05/12 14:38:52 2: got response 0xc0001cc230
LDAP Response: (Universal, Constructed, Sequence and Sequence of) Len=12 "<nil>"
 Message ID: (Universal, Primitive, Integer) Len=1 "2"
 Search Result Done: (Application, Constructed, 0x05) Len=7 "<nil>"
  Result Code (Success): (Universal, Primitive, Enumerated) Len=1 "0"
  Matched DN (): (Universal, Primitive, Octet String) Len=0 ""
  Success: (Universal, Primitive, Octet String) Len=0 ""
2023/05/12 14:38:52 Finished message 2
LDAP Request: (Universal, Constructed, Sequence and Sequence of) Len=119 "<nil>"
 MessageID: (Universal, Primitive, Integer) Len=1 "3"
 Bind Request: (Application, Constructed, 0x00) Len=114 "<nil>"
  Version: (Universal, Primitive, Integer) Len=1 "3"
  User Name: (Universal, Primitive, Octet String) Len=76 "uid=user.name,ou=Users,dc=org,dc=com"
  Password: (Context, Primitive, 0x00) Len=31 "xxxUserPwd"
2023/05/12 14:38:52 flags&startTLS = 0
2023/05/12 14:38:52 3: returning
2023/05/12 14:38:52 3: waiting for response
2023/05/12 14:38:52 Sending message 3
2023/05/12 14:38:53 Receiving message 3
2023/05/12 14:38:53 3: got response 0xc0001cc770
LDAP Response: (Universal, Constructed, Sequence and Sequence of) Len=12 "<nil>"
 Message ID: (Universal, Primitive, Integer) Len=1 "3"
 Bind Response: (Application, Constructed, 0x01) Len=7 "<nil>"
  Result Code (Success): (Universal, Primitive, Enumerated) Len=1 "0"
  Matched DN (): (Universal, Primitive, Octet String) Len=0 ""
  Success: (Universal, Primitive, Octet String) Len=0 ""
2023/05/12 14:38:53 Finished message 3
LDAP Request: (Universal, Constructed, Sequence and Sequence of) Len=30 "<nil>"
 MessageID: (Universal, Primitive, Integer) Len=1 "4"
 Who Am I? Extended Operation: (Application, Constructed, 0x17) Len=25 "<nil>"
  Extended Request Name: Who Am I? OID: (Context, Primitive, 0x00) Len=23 "1.3.6.1.4.1.4203.1.11.3"
2023/05/12 14:38:53 flags&startTLS = 0
2023/05/12 14:38:53 4: waiting for response
2023/05/12 14:38:53 Sending message 4
2023/05/12 14:38:53 Receiving message 4
2023/05/12 14:38:53 4: got response 0xc000516000
LDAP Response: (Universal, Constructed, Sequence and Sequence of) Len=12 "<nil>"
 Message ID: (Universal, Primitive, Integer) Len=1 "4"
 Extended Response: (Application, Constructed, 0x18) Len=7 "<nil>"
  (Universal, Primitive, Enumerated) Len=1 "2"
  (Universal, Primitive, Octet String) Len=0 ""
  (Universal, Primitive, Octet String) Len=0 ""
2023/05/12 14:38:53 Sending quit message and waiting for confirmation
2023/05/12 14:38:53 Finished message 4
2023/05/12 14:38:53 Shutting down - quit message received
2023/05/12 14:38:53 Closing network connection
WARN[0004] LDAP Result Code 2 "Protocol Error":

This information allows further troubleshooting.

- Rath

May 12 '23 13:05 NiceRath

Also: Documentation would need to inform the user that passwords will get 'logged' in plaintext when 'ldap_debug' is enabled..

- Rath

May 12 '23 13:05 NiceRath

@fiftin Greetings! I think that config-switch would help many users! What do you say/think?

- Rath

Jun 09 '23 12:06 NiceRath

https://github.com/ansible-semaphore/semaphore/issues/1238#issuecomment-1585597826 - Looks like @fiftin approved the addition of the config-switch here. Is that something you can get in with this PR?

Jul 06 '23 21:07 aaronnad

Hi @NiceRath , sorry for delay. Unfortunately I didn't have time to work on the project all this time. But now I have some free time to work on the project.

I will merge you PR soon after test it with Dredd. Thank you!

Jul 08 '23 18:07 fiftin

Thank you @fiftin I get the lack of time.. Have the same problem with my side-projects :/

- Rath

Jul 10 '23 04:07 NiceRath