fix: conditions to retrieve bindPassword adn cacheKey from secrets

ldapauth.go

@@ -24,6 +24,8 @@ import (
 	"github.com/gorilla/sessions"
 )
 
+const defaultCacheKey = "super-secret-key"
+
 // nolint
 var (
 	store *sessions.CookieStore
@@ -79,7 +81,7 @@ func CreateConfig() *Config {
 		CacheCookieName:            "ldapAuth_session_token",
 		CacheCookiePath:            "",
 		CacheCookieSecure:          false,
-		CacheKey:                   "super-secret-key",
+		CacheKey:                   defaultCacheKey,
 		CacheKeyLabel:              "LDAP_AUTH_CACHE_KEY",
 		StartTLS:                   false,
 		CertificateAuthority:       "",
@@ -117,19 +119,16 @@ func New(ctx context.Context, next http.Handler, config *Config, name string) (h
 	LoggerINFO.Printf("Starting %s Middleware...", name)
 
 	if config.BindDN != "" && config.BindPassword == "" {
-		bindPasswordLabel := "LDAP_AUTH_BIND_PASSWORD"
-		if config.BindPasswordLabel != "" {
-			bindPasswordLabel = config.BindPasswordLabel
-		}
-		config.BindPassword = getSecret(bindPasswordLabel)
+		config.BindPassword = getSecret(config.BindPasswordLabel)
 	}
 
-	if config.CacheKey != "" {
-		cacheKeyLabel := "LDAP_AUTH_CACHE_KEY"
-		if config.CacheKeyLabel != "" {
-			cacheKeyLabel = config.CacheKeyLabel
+	// if CacheKey is the default value we try to set it from secret
+	if config.CacheKey == defaultCacheKey {
+		cacheKey := getSecret(config.CacheKeyLabel)
+		// we could not retrieve the secret, so we keep the default value
+		if cacheKey != "" {
+			config.CacheKey = cacheKey
 		}
-		config.CacheKey = getSecret(cacheKeyLabel)
 	}
 
 	LogConfigParams(config)