adap 0.0.15 → 0.0.20
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +2 -0
- data/Gemfile.lock +3 -3
- data/lib/adap/adap.rb +17 -11
- data/lib/adap/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 717838e91b87a82d3c3989bbfb3b723c2d02d301fdfa619a74397f1b54faf847
|
|
4
|
+
data.tar.gz: 36670ebfbde205a1ddb89ad60b5b4f6a14d2c9e73abf5f8a9c26d2675674abcc
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8c383f2725b47a79632d68af4733243a841caf43ec017e932a20217fc63854acb00fb3998a3665346b2632200766f9ad55d36929197ab311e6cfc3544e9e5c32
|
|
7
|
+
data.tar.gz: dfdb8c54733642e6849b0ecc5b55b490184cb1d29136bdc551c0417d1080096b71b2e99540d89d4a5b242705bb494a5110f26c3032249a612f942b3bf410f347
|
data/Gemfile
CHANGED
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
adap (0.0.
|
|
4
|
+
adap (0.0.19)
|
|
5
5
|
|
|
6
6
|
GEM
|
|
7
7
|
remote: https://rubygems.org/
|
|
@@ -9,7 +9,7 @@ GEM
|
|
|
9
9
|
minitest (5.14.0)
|
|
10
10
|
mocha (1.11.2)
|
|
11
11
|
net-ldap (0.16.2)
|
|
12
|
-
rake (
|
|
12
|
+
rake (13.0.1)
|
|
13
13
|
unix-crypt (1.3.0)
|
|
14
14
|
|
|
15
15
|
PLATFORMS
|
|
@@ -21,7 +21,7 @@ DEPENDENCIES
|
|
|
21
21
|
minitest (~> 5.0)
|
|
22
22
|
mocha (~> 1.10)
|
|
23
23
|
net-ldap (~> 0.16.2)
|
|
24
|
-
rake (~>
|
|
24
|
+
rake (~> 13.0)
|
|
25
25
|
unix-crypt (~> 1.3)
|
|
26
26
|
|
|
27
27
|
BUNDLED WITH
|
data/lib/adap/adap.rb
CHANGED
|
@@ -24,9 +24,9 @@ class Adap
|
|
|
24
24
|
}
|
|
25
25
|
|
|
26
26
|
# List of attributes for user in AD
|
|
27
|
-
@ad_user_required_attributes = [:cn, :sn, :uid, :uidnumber, :gidnumber, :displayname, :loginshell, :gecos, :givenname, :unixhomedirectory]
|
|
27
|
+
@ad_user_required_attributes = [:cn, :sn, :uid, :uidnumber, :gidnumber, :displayname, :loginshell, :gecos, :givenname, :description, :mail, :unixhomedirectory]
|
|
28
28
|
# List of attributes for user in LDAP
|
|
29
|
-
@ldap_user_required_attributes = [:cn, :sn, :uid, :uidnumber, :gidnumber, :displayname, :loginshell, :gecos, :givenname, :homedirectory]
|
|
29
|
+
@ldap_user_required_attributes = [:cn, :sn, :uid, :uidnumber, :gidnumber, :displayname, :loginshell, :gecos, :givenname, :description, :mail, :homedirectory]
|
|
30
30
|
|
|
31
31
|
@ad_host = params[:ad_host]
|
|
32
32
|
@ad_port = (params[:ad_port] ? params[:ad_port] : 389)
|
|
@@ -36,6 +36,7 @@ class Adap
|
|
|
36
36
|
@ldap_host = params[:ldap_host]
|
|
37
37
|
@ldap_port = (params[:ldap_port] ? params[:ldap_port] : 389)
|
|
38
38
|
@ldap_binddn = params[:ldap_binddn]
|
|
39
|
+
@ldap_suffix_ou = (params[:ldap_suffix_ou] ? params[:ldap_suffix_ou] : "ou=Users")
|
|
39
40
|
@ldap_basedn = params[:ldap_basedn]
|
|
40
41
|
@ldap_user_basedn = params[:ldap_user_basedn]
|
|
41
42
|
@ldap_auth = (params.has_key?(:ldap_password) ? { :method => :simple, :username => @ldap_binddn, :password => params[:ldap_password] } : nil )
|
|
@@ -83,7 +84,7 @@ class Adap
|
|
|
83
84
|
end
|
|
84
85
|
|
|
85
86
|
def get_ldap_dn(username)
|
|
86
|
-
"uid=#{username}
|
|
87
|
+
"uid=#{username},#{@ldap_suffix_ou},#{@ldap_basedn}"
|
|
87
88
|
end
|
|
88
89
|
|
|
89
90
|
def create_ldap_attributes(ad_entry)
|
|
@@ -112,14 +113,12 @@ class Adap
|
|
|
112
113
|
end
|
|
113
114
|
|
|
114
115
|
def get_password(username)
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
raise "Failed to get password of #{username} from AD. Did you enabled AD password option virtualCryptSHA512 and/or virtualCryptSHA256?"
|
|
116
|
+
result = get_raw_password(username, @password_hash_algorithm)
|
|
117
|
+
if not result.nil? then
|
|
118
|
+
result = result.chomp
|
|
119
119
|
end
|
|
120
|
-
password = password.chomp
|
|
121
120
|
|
|
122
|
-
|
|
121
|
+
return result
|
|
123
122
|
end
|
|
124
123
|
|
|
125
124
|
def get_raw_password(username, algo)
|
|
@@ -183,6 +182,10 @@ class Adap
|
|
|
183
182
|
end
|
|
184
183
|
|
|
185
184
|
def add_user(ldap_user_dn, ad_entry, password)
|
|
185
|
+
if password == nil || password.empty?
|
|
186
|
+
raise "Password of #{ldap_user_dn} from AD in add_user is empty or nil. Did you enabled AD password option virtualCryptSHA512 and/or virtualCryptSHA256?"
|
|
187
|
+
end
|
|
188
|
+
|
|
186
189
|
attributes = create_ldap_attributes(ad_entry)
|
|
187
190
|
|
|
188
191
|
@ldap_client.add(
|
|
@@ -272,7 +275,9 @@ class Adap
|
|
|
272
275
|
|
|
273
276
|
# AD does not have password as simple ldap attribute.
|
|
274
277
|
# So password will always be updated for this reason.
|
|
275
|
-
|
|
278
|
+
if not password.nil? and not password.empty? then
|
|
279
|
+
operations.push([:replace, :userpassword, password])
|
|
280
|
+
end
|
|
276
281
|
|
|
277
282
|
operations
|
|
278
283
|
end
|
|
@@ -501,12 +506,13 @@ class Adap
|
|
|
501
506
|
|
|
502
507
|
def get_primary_gidnumber_from_ad(uid)
|
|
503
508
|
return nil if uid ==nil
|
|
509
|
+
primary_gid = nil
|
|
504
510
|
|
|
505
511
|
@ad_client.search(:base => "CN=#{uid},CN=Users,#{@ad_basedn}") do |entry|
|
|
506
512
|
primary_gid = entry[:gidnumber].first
|
|
507
513
|
end
|
|
508
514
|
|
|
509
|
-
|
|
515
|
+
primary_gid
|
|
510
516
|
end
|
|
511
517
|
|
|
512
518
|
end
|
data/lib/adap/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: adap
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.20
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Tsutomu Nakamura
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-
|
|
11
|
+
date: 2020-07-29 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|