[FEAT] Support for LDAP auth method

Question

[FEAT] Support for LDAP auth method

DDuarte opened this issue 2 years ago · 0 comments

Is your feature request related to a problem? Please describe.

LDAP Auth Method is not currently supported by this action for logins. method/path + authPayload is not a good fit because LDAP auth URL uses a username in the URL after /login instead of accepting username in the payload.

Describe the solution you'd like

method: ldap is supported, with the ability to define a username and password for auth

Describe alternatives you've considered

There's a working workaround which I am not proud of creating:

with:
    ...
    path: ldap/login/${{ secrets.USERNAME }}?
    authPayload: '{"password":"${{ secrets.PASSWORD }}"}'

This works because of the ? above after the username. The hardcoded /login at the end of the auth url defined at https://github.com/hashicorp/vault-action/blob/v2.5.0/src/auth.js#L115 will be ignored because it will be part of the query string.

Perhaps the solution is adding a new config named raw_path that allows defining the full path for auth, e.g raw_path: v1/auth/ldap/login/myusername