[ldap] auth method fix request_timeout (#11975)

* [ldap] auth method fix request_timeout

* add changelog

* Update sdk/helper/ldaputil/config_test.go

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>

* Update sdk/helper/ldaputil/config_test.go

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>

* Update changelog/11975.txt

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>

changelog/11975.txt

@@ -0,0 +1,3 @@
+```release-note:bug
+auth/ldap: Fix a bug where the LDAP auth method does not return the request_timeout configuration parameter on config read.
+```

sdk/helper/ldaputil/client_test.go

@@ -43,7 +43,7 @@ func TestLDAPEscape(t *testing.T) {
 }
 
 func TestGetTLSConfigs(t *testing.T) {
-	config := testConfig()
+	config := testConfig(t)
 	if err := config.Validate(); err != nil {
 		t.Fatal(err)
 	}

sdk/helper/ldaputil/config.go

@@ -417,6 +417,7 @@ func (c *ConfigEntry) PasswordlessMap() map[string]interface{} {
 		"tls_max_version":        c.TLSMaxVersion,
 		"use_token_groups":       c.UseTokenGroups,
 		"anonymous_group_search": c.AnonymousGroupSearch,
+		"request_timeout":        c.RequestTimeout,
 	}
 	if c.CaseSensitiveNames != nil {
 		m["case_sensitive_names"] = *c.CaseSensitiveNames

sdk/helper/ldaputil/config_test.go

@@ -5,11 +5,12 @@ import (
 	"testing"
 
 	"github.com/go-test/deep"
+	"github.com/hashicorp/vault/sdk/framework"
 )
 
 func TestCertificateValidation(t *testing.T) {
 	// certificate should default to "" without error if it doesn't exist
-	config := testConfig()
+	config := testConfig(t)
 	if err := config.Validate(); err != nil {
 		t.Fatal(err)
 	}
@@ -30,9 +31,24 @@ func TestCertificateValidation(t *testing.T) {
 	}
 }
 
+func TestNewConfigEntry(t *testing.T) {
+	s := &framework.FieldData{Schema: ConfigFields()}
+	config, err := NewConfigEntry(nil, s)
+	if err != nil {
+		t.Fatal("error getting default config")
+	}
+	configFromJSON := testJSONConfig(t, jsonConfigDefault)
+
+	t.Run("equality_check", func(t *testing.T) {
+		if diff := deep.Equal(config, configFromJSON); len(diff) > 0 {
+			t.Fatalf("bad, diff: %#v", diff)
+		}
+	})
+}
+
 func TestConfig(t *testing.T) {
-	config := testConfig()
+	config := testConfig(t)
-	configFromJSON := testJSONConfig(t)
+	configFromJSON := testJSONConfig(t, jsonConfig)
 
 	t.Run("equality_check", func(t *testing.T) {
 		if diff := deep.Equal(config, configFromJSON); len(diff) > 0 {
@@ -51,7 +67,9 @@ func TestConfig(t *testing.T) {
 	})
 }
 
-func testConfig() *ConfigEntry {
+func testConfig(t *testing.T) *ConfigEntry {
+	t.Helper()
+
 	return &ConfigEntry{
 		Url:            "ldap://138.91.247.105",
 		UserDN:         "example,com",
@@ -63,9 +81,11 @@ func testConfig() *ConfigEntry {
 	}
 }
 
-func testJSONConfig(t *testing.T) *ConfigEntry {
+func testJSONConfig(t *testing.T, rawJson []byte) *ConfigEntry {
+	t.Helper()
+
 	config := new(ConfigEntry)
-	if err := json.Unmarshal(jsonConfig, config); err != nil {
+	if err := json.Unmarshal(rawJson, config); err != nil {
 		t.Fatal(err)
 	}
 	return config
@@ -119,3 +139,31 @@ var jsonConfig = []byte(`
 	"request_timeout": 30
 }
 `)
+
+var jsonConfigDefault = []byte(`
+{
+  "url": "ldap://127.0.0.1",
+  "userdn": "",
+  "anonymous_group_search": false,
+  "groupdn": "",
+  "groupfilter": "(|(memberUid={{.Username}})(member={{.UserDN}})(uniqueMember={{.UserDN}}))",
+  "groupattr": "cn",
+  "upndomain": "",
+  "userattr": "cn",
+  "certificate": "",
+  "client_tls_cert": "",
+  "client_tsl_key": "",
+  "insecure_tls": false,
+  "starttls": false,
+  "binddn": "",
+  "bindpass": "",
+  "deny_null_bind": true,
+  "discoverdn": false,
+  "tls_min_version": "tls12",
+  "tls_max_version": "tls12",
+  "use_token_groups": false,
+  "use_pre111_group_cn_behavior": null,
+  "request_timeout": 90,
+  "case_sensitive_names": false
+}
+`)