Add enable flag for LDAP IDP config (#16805)

2025-11-07 12:52:58 -05:00 · 2023-03-16 11:58:59 -07:00
parent d1e775313d
commit 58266c9e2c
4 changed files with 146 additions and 125 deletions
--- a/internal/config/identity/ldap/config.go
+++ b/internal/config/identity/ldap/config.go
@@ -98,6 +98,10 @@ var removedKeys = []string{
 // DefaultKVS - default config for LDAP config
 var (
 	DefaultKVS = config.KVS{
+		config.KV{
+			Key:   config.Enable,
+			Value: "",
+		},
 		config.KV{
 			Key:   ServerAddr,
 			Value: "",
@@ -184,6 +188,16 @@ func Lookup(s config.Config, rootCAs *x509.CertPool) (l Config, err error) {
 		ServerAddr:    ldapServer,
 		SRVRecordName: getCfgVal(SRVRecordName),
 	}
+
+	// Parse explicity enable=on/off flag. If not set, defaults to `true`
+	// because ServerAddr is set.
+	if v := getCfgVal(config.Enable); v != "" {
+		l.LDAP.Enabled, err = config.ParseBool(v)
+		if err != nil {
+			return l, err
+		}
+	}
+
 	l.stsExpiryDuration = defaultLDAPExpiry

 	// LDAP connection configuration