From 9b7149d8cc609cd3fcf0cddcf2f0e09081d9c208 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Tue, 14 Jun 2022 10:12:17 +0000 Subject: [PATCH] make idp only wait for certs when using ldap MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörn Friedrich Dreyer --- extensions/idp/pkg/service/v0/service.go | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/extensions/idp/pkg/service/v0/service.go b/extensions/idp/pkg/service/v0/service.go index 4b14094743..8f6b8db360 100644 --- a/extensions/idp/pkg/service/v0/service.go +++ b/extensions/idp/pkg/service/v0/service.go @@ -44,14 +44,6 @@ func NewService(opts ...Option) Service { assets.Config(options.Config), ) - if err := ldap.WaitForCA(options.Logger, options.Config.IDP.Insecure, options.Config.Ldap.TLSCACert); err != nil { - logger.Fatal().Err(err).Msg("The configured LDAP CA cert does not exist") - } - if options.Config.IDP.Insecure { - // force CACert to be empty to avoid lico try to load it - options.Config.Ldap.TLSCACert = "" - } - if err := createTemporaryClientsConfig( options.Config.IDP.IdentifierRegistrationConf, options.Config.IDP.Iss, @@ -67,6 +59,15 @@ func NewService(opts ...Option) Service { logger.Fatal().Err(err).Msg("could not initialize cs3 backend env vars") } case "ldap": + + if err := ldap.WaitForCA(options.Logger, options.Config.IDP.Insecure, options.Config.Ldap.TLSCACert); err != nil { + logger.Fatal().Err(err).Msg("The configured LDAP CA cert does not exist") + } + if options.Config.IDP.Insecure { + // force CACert to be empty to avoid lico try to load it + options.Config.Ldap.TLSCACert = "" + } + ldapBackendSupport.MustRegister() if err := initLicoInternalLDAPEnvVars(&options.Config.Ldap); err != nil { logger.Fatal().Err(err).Msg("could not initialize ldap env vars")