From 0eb24bdfd163ca2cb17bffb782a1a093c48bdba9 Mon Sep 17 00:00:00 2001
From: revolyssup <ashishjaitiwari15112000@gmail.com>
Date: Mon, 31 Jul 2023 14:19:58 +0530
Subject: [PATCH 1/3] feat: remove rust dependency by rollback lua-resty-ldap
 on master

Signed-off-by: revolyssup <ashishjaitiwari15112000@gmail.com>
---
 Makefile                          | 2 +-
 rockspec/apisix-master-0.rockspec | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/Makefile b/Makefile
index 0e2238f2af27..1fdf544f61f9 100644
--- a/Makefile
+++ b/Makefile
@@ -158,7 +158,7 @@ check-rust:
 
 ### deps : Installing dependencies
 .PHONY: deps
-deps: check-rust runtime
+deps: runtime
 	$(eval ENV_LUAROCKS_VER := $(shell $(ENV_LUAROCKS) --version | grep -E -o "luarocks [0-9]+."))
 	@if [ '$(ENV_LUAROCKS_VER)' = 'luarocks 3.' ]; then \
 		mkdir -p ~/.luarocks; \
diff --git a/rockspec/apisix-master-0.rockspec b/rockspec/apisix-master-0.rockspec
index f6cb44c4626a..6cc80deb8205 100644
--- a/rockspec/apisix-master-0.rockspec
+++ b/rockspec/apisix-master-0.rockspec
@@ -77,7 +77,7 @@ dependencies = {
     "xml2lua = 1.5-2",
     "nanoid = 0.1-1",
     "lua-resty-mediador = 0.1.2-1",
-    "lua-resty-ldap = 0.2.2-0"
+    "lua-resty-ldap = 0.1.0-0"
 }
 
 build = {

From df2a0430be4c3ffae87ca30f8bf0675b666726a3 Mon Sep 17 00:00:00 2001
From: revolyssup <ashishjaitiwari15112000@gmail.com>
Date: Thu, 3 Aug 2023 11:01:15 +0530
Subject: [PATCH 2/3] fix comma in rockspec

Signed-off-by: revolyssup <ashishjaitiwari15112000@gmail.com>
---
 rockspec/apisix-master-0.rockspec | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rockspec/apisix-master-0.rockspec b/rockspec/apisix-master-0.rockspec
index 97a868153f3b..9c91b959c714 100644
--- a/rockspec/apisix-master-0.rockspec
+++ b/rockspec/apisix-master-0.rockspec
@@ -77,7 +77,7 @@ dependencies = {
     "xml2lua = 1.5-2",
     "nanoid = 0.1-1",
     "lua-resty-mediador = 0.1.2-1",
-    "lua-resty-ldap = 0.1.0-0"
+    "lua-resty-ldap = 0.1.0-0",
     "lua-resty-t1k = 1.0.3"
 }
 

From 33bb96b561c5529f580446125aac9eebc1470340 Mon Sep 17 00:00:00 2001
From: Ashish Tiwari <ashishjaitiwari15112000@gmail.com>
Date: Wed, 16 Aug 2023 11:24:39 +0530
Subject: [PATCH 3/3] refactor apisix for ldap0.1

Signed-off-by: Ashish Tiwari <ashishjaitiwari15112000@gmail.com>
---
 apisix/plugins/ldap-auth.lua | 38 ++++++++++++++++++------------------
 1 file changed, 19 insertions(+), 19 deletions(-)

diff --git a/apisix/plugins/ldap-auth.lua b/apisix/plugins/ldap-auth.lua
index 41156c1bfb6e..11f205c6b8f5 100644
--- a/apisix/plugins/ldap-auth.lua
+++ b/apisix/plugins/ldap-auth.lua
@@ -18,7 +18,7 @@ local core = require("apisix.core")
 local ngx = ngx
 local ngx_re = require("ngx.re")
 local consumer_mod = require("apisix.consumer")
-local ok, ldap_cli = pcall(require, "resty.ldap.client")
+local ldap = require("resty.ldap")
 
 local schema = {
     type = "object",
@@ -100,11 +100,6 @@ local function extract_auth_header(authorization)
 end
 
 function _M.rewrite(conf, ctx)
-    if not ok then -- ensure rasn library loaded
-        core.log.error("failed to load lua-resty-ldap lib: ", ldap_cli)
-        return 501
-    end
-
     core.log.info("plugin rewrite phase, conf: ", core.json.delay_encode(conf))
 
     -- 1. extract authorization from header
@@ -115,31 +110,36 @@ function _M.rewrite(conf, ctx)
     end
 
     local user, err = extract_auth_header(auth_header)
-    if err then
-        core.log.warn(err)
+    if err or not user then
+        if err then
+          core.log.warn(err)
+        else
+          core.log.warn("nil user")
+        end
         return 401, { message = "Invalid authorization in request" }
     end
 
     -- 2. try authenticate the user against the ldap server
     local ldap_host, ldap_port = core.utils.parse_addr(conf.ldap_uri)
-    local ldap_client = ldap_cli:new(ldap_host, ldap_port, {
+    local ldapconf = {
+        timeout = 10000,
         start_tls = false,
+        ldap_host = ldap_host,
+        ldap_port = ldap_port or 389,
         ldaps = conf.use_tls,
-        ssl_verify = conf.tls_verify,
-        socket_timeout = 10000,
-        keepalive_pool_name = ldap_host .. ":" .. ldap_port .. "_ldapauth"
-                                .. (conf.use_tls and "_tls" or ""),
-        keepalive_pool_size = 5,
-        keepalive_timeout = 60000,
-    })
-
-    local user_dn =  conf.uid .. "=" .. user.username .. "," .. conf.base_dn
-    local res, err = ldap_client:simple_bind(user_dn, user.password)
+        tls_verify = conf.tls_verify,
+        base_dn = conf.base_dn,
+        attribute = conf.uid,
+        keepalive = 60000,
+    }
+    local res, err = ldap.ldap_authenticate(user.username, user.password, ldapconf)
     if not res then
         core.log.warn("ldap-auth failed: ", err)
         return 401, { message = "Invalid user authorization" }
     end
 
+    local user_dn =  conf.uid .. "=" .. user.username .. "," .. conf.base_dn
+
     -- 3. Retrieve consumer for authorization plugin
     local consumer_conf = consumer_mod.plugin(plugin_name)
     if not consumer_conf then