bn-ldap-authentication 0.1.3 → 0.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 14cc57d47dba398f3845dd79a130bf8740cdb11c
4
- data.tar.gz: 4339cce37f6386370a7986a0cbff16e0574e6ec2
2
+ SHA256:
3
+ metadata.gz: 28f5306b5f744c0fab54d06be03409fa1d529786ba085b978e0a5f5734cb7d7e
4
+ data.tar.gz: 1001c8085fd135eac90e64fd9289f14d2dc993b4cc303ea73d3fcbc0e7967eff
5
5
  SHA512:
6
- metadata.gz: ea5690f381672e51cf6d9b5b2336d0fed7f5573a0b37818683a978d661956cdcb706a3422138ff3fb8992bceeecf6765960192f47fba56f4d6ff15e337f05b8e
7
- data.tar.gz: 6799da921c9d10f4c1a141fbb573e489bb8adf94486dc587f766c9354e3250a164cbad5ea5c1d81c4884bb00cb2363227de30dc5a70dc5089a20b04ec5b31d02
6
+ metadata.gz: 76a2a6da20e50dea91935d97d2af72b63f2fe38a9d9fc8188e119f200c9ab8402a55ca0ecc62c0729abf7084ef48516367ad8712acb0f23c32f8297aae92fe2d
7
+ data.tar.gz: ee165356298c039147a2c88f166c681cb1ae23b38fe94bb38e0f0315902b73061b9bcec8935f7caa5b7df1994b3a54356c2b31a3d0933b99eef250e10eee3519
@@ -4,7 +4,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
4
 
5
5
  Gem::Specification.new do |spec|
6
6
  spec.name = "bn-ldap-authentication"
7
- spec.version = "0.1.3"
7
+ spec.version = "0.1.4"
8
8
  spec.authors = ["shawn-higgins1"]
9
9
  spec.email = ["23224097+shawn-higgins1@users.noreply.github.com"]
10
10
 
@@ -1,70 +1,97 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module LdapAuthenticator
4
- LDAP_ATTRIBUTE_MAPPING = {
5
- 'name' => [:cn, :displayName],
6
- 'first_name' => [:givenName],
7
- 'last_name' => [:sn],
8
- 'email' => [:mail, :email, :userPrincipalName],
9
- 'nickname' => [:uid, :userid, :sAMAccountName],
10
- 'image' => [:jpegPhoto]
11
- }
4
+ LDAP_ATTRIBUTE_MAPPING = {
5
+ 'uid' => [:dn],
6
+ 'name' => [:cn, :displayName],
7
+ 'first_name' => [:givenName],
8
+ 'last_name' => [:sn],
9
+ 'email' => [:mail, :email, :userPrincipalName],
10
+ 'nickname' => [:uid, :userid, :sAMAccountName],
11
+ 'image' => [:jpegPhoto]
12
+ }
12
13
 
13
- def send_ldap_request(user_params, provider_info)
14
- case provider_info[:auth_method]
15
- when 'anonymous'
16
- auth = {
17
- method: :anonymous
18
- }
19
- when 'user'
20
- auth = {
21
- method: :simple,
22
- username: provider_info[:uid] + '=' + user_params[:username] + ',' + provider_info[:base],
23
- password: user_params[:password]
24
- }
25
- else
26
- auth = {
27
- method: :simple,
28
- username: provider_info[:bind_dn],
29
- password: provider_info[:password]
30
- }
31
- end
32
- ldap = Net::LDAP.new(
33
- host: provider_info[:host],
34
- port: provider_info[:port],
35
- auth: auth,
36
- encryption: provider_info[:encryption]
37
- )
38
-
39
- ldap_filter = Net::LDAP::Filter.eq(provider_info[:uid], user_params[:username])
40
- if provider_info[:filter].present?
41
- ldap_filter = ldap_filter & Net::LDAP::Filter.construct(provider_info[:filter])
42
- end
14
+ def send_ldap_request(user_params, provider_info)
15
+ case provider_info[:auth_method]
16
+ when 'anonymous'
17
+ auth = {
18
+ method: :anonymous
19
+ }
20
+ when 'user'
21
+ auth = {
22
+ method: :simple,
23
+ username: provider_info[:uid] + '=' + user_params[:username] + ',' + provider_info[:base],
24
+ password: user_params[:password]
25
+ }
26
+ else
27
+ auth = {
28
+ method: :simple,
29
+ username: provider_info[:bind_dn],
30
+ password: provider_info[:password]
31
+ }
32
+ end
33
+ ldap = Net::LDAP.new(
34
+ host: provider_info[:host],
35
+ port: provider_info[:port],
36
+ auth: auth,
37
+ encryption: provider_info[:encryption]
38
+ )
43
39
 
44
- ldap.bind_as(
45
- base: provider_info[:base],
46
- filter: ldap_filter,
47
- password: user_params[:password]
48
- )
40
+ ldap_filter = Net::LDAP::Filter.eq(provider_info[:uid], user_params[:username])
41
+ if provider_info[:filter].present?
42
+ ldap_filter = ldap_filter & Net::LDAP::Filter.construct(provider_info[:filter])
49
43
  end
50
44
 
51
- def parse_auth(result, role_field)
52
- auth = {}
53
- auth['info'] = {}
54
- auth['uid'] = result.dn
55
- auth['provider'] = :ldap
45
+ ldap.bind_as(
46
+ base: provider_info[:base],
47
+ filter: ldap_filter,
48
+ password: user_params[:password]
49
+ )
50
+ end
51
+
52
+ def parse_auth(result, role_field, mapping)
53
+ use_attribute_mapping(mapping)
54
+
55
+ auth = {}
56
+ auth['info'] = {}
57
+ auth['provider'] = :ldap
58
+
59
+ LDAP_ATTRIBUTE_MAPPING.each do |key, value|
60
+ value.each do |v|
61
+ next unless result[v].first
56
62
 
57
- LDAP_ATTRIBUTE_MAPPING.each do |key, value|
58
- value.each do |v|
59
- if result[v].first
60
- auth['info'][key] = result[v].first
61
- break
62
- end
63
- end
63
+ if key == "uid"
64
+ auth[key] = result[v].first
65
+ break
66
+ else
67
+ auth['info'][key] = result[v].first
68
+ break
64
69
  end
70
+ end
71
+ end
72
+
73
+ auth['info']['roles'] = result[role_field].first
74
+
75
+ auth
76
+ end
77
+
78
+ private
79
+
80
+ def use_attribute_mapping(mapping)
81
+ return if mapping.blank?
82
+
83
+ # Split the different mappings into an array
84
+ mapping = mapping.split(";")
65
85
 
66
- auth['info']['roles'] = result[role_field].first
86
+ # Loop through all pairs (name=test) and split them apart
87
+ mapping.each do |pair|
88
+ key_val = pair.split("=")
67
89
 
68
- auth
90
+ # Skip this attribute if value isn't set up correctly
91
+ next if key_val[1].blank?
92
+
93
+ # Make the attribute the preferred option by prepending it to the attribute mapping array if it exists
94
+ LDAP_ATTRIBUTE_MAPPING[key_val[0]].prepend(key_val[1].to_sym) if LDAP_ATTRIBUTE_MAPPING[key_val[0]].present?
69
95
  end
96
+ end
70
97
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bn-ldap-authentication
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.3
4
+ version: 0.1.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - shawn-higgins1
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2020-05-28 00:00:00.000000000 Z
11
+ date: 2020-06-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -99,8 +99,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
99
99
  - !ruby/object:Gem::Version
100
100
  version: '0'
101
101
  requirements: []
102
- rubyforge_project:
103
- rubygems_version: 2.6.8
102
+ rubygems_version: 3.1.2
104
103
  signing_key:
105
104
  specification_version: 4
106
105
  summary: An ruby gem for authenticating users with ldap