Add LDAP Configuration Resource

## Feature Request: LDAP Configuration Management

Add support for managing LDAP integration settings through Terraform.

### Use Case
LDAP configuration is essential for:
- Enterprise identity integration
- Single Sign-On (SSO) implementation
- Automated user provisioning from corporate directories
- Group synchronization from Active Directory/OpenLDAP
- Centralized authentication management
- Compliance with corporate security policies

### Proposed Resource
```hcl
resource "pocketid_ldap_config" "main" {
  enabled = true
  
  # Connection settings
  url                = "ldaps://ldap.example.com:636"
  bind_dn           = "cn=admin,dc=example,dc=com"
  bind_password     = var.ldap_bind_password
  base_dn           = "dc=example,dc=com"
  skip_cert_verify  = false
  
  # User configuration
  user_base_dn      = "ou=users,dc=example,dc=com"
  user_filter       = "(objectClass=person)"
  username_attribute = "uid"
  email_attribute   = "mail"
  display_name_attribute = "displayName"
  
  # Group configuration
  group_base_dn     = "ou=groups,dc=example,dc=com"
  group_filter      = "(objectClass=groupOfNames)"
  group_name_attribute = "cn"
  member_attribute  = "member"
  
  # Sync settings
  sync_interval_minutes = 30
  sync_on_login        = true
}

# Trigger manual sync
resource "pocketid_ldap_sync" "initial" {
  depends_on = [pocketid_ldap_config.main]
  trigger    = timestamp() # Forces sync on apply
}
```

### API Endpoints
Based on the application configuration endpoints:
- `GET /api/application-configuration/all` - Get current LDAP settings
- `PUT /api/application-configuration` - Update LDAP configuration
- `POST /api/application-configuration/sync-ldap` - Trigger LDAP sync

### Implementation Notes
- Sensitive fields (bind_password) must be marked as sensitive
- Consider validation for LDAP URL format
- Handle connection testing during plan/apply
- Support both LDAP and LDAPS protocols
- Document attribute mapping for common LDAP schemas (AD, OpenLDAP)
- Consider import functionality for existing configurations

### Data Source
Add a data source to test LDAP connectivity:
```hcl
data "pocketid_ldap_test" "verify" {
  depends_on = [pocketid_ldap_config.main]
}

output "ldap_status" {
  value = data.pocketid_ldap_test.verify.connection_status
}
```

### Security Considerations
- Store bind credentials securely
- Support certificate validation options
- Document least-privilege bind DN requirements
- Consider integration with secret management tools

### References
- [Pocket-ID LDAP Service Implementation](https://github.com/pocket-id/pocket-id/blob/main/backend/internal/service/ldap_service.go)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add LDAP Configuration Resource #3

Feature Request: LDAP Configuration Management

Use Case

Proposed Resource

API Endpoints

Implementation Notes

Data Source

Security Considerations

References

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Add LDAP Configuration Resource #3

Description

Feature Request: LDAP Configuration Management

Use Case

Proposed Resource

API Endpoints

Implementation Notes

Data Source

Security Considerations

References

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions