RubyGems - bn-ldap-authentication - Versions diffs - 0.1.3 → 0.1.4 - Mend

bn-ldap-authentication 0.1.3 → 0.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

checksums.yaml +5 -5
data/bn-ldap-authentication.gemspec +1 -1
data/lib/bn-ldap-authentication.rb +84 -57
metadata +3 -4

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 14cc57d47dba398f3845dd79a130bf8740cdb11c
-  data.tar.gz: 4339cce37f6386370a7986a0cbff16e0574e6ec2
+SHA256:
+  metadata.gz: 28f5306b5f744c0fab54d06be03409fa1d529786ba085b978e0a5f5734cb7d7e
+  data.tar.gz: 1001c8085fd135eac90e64fd9289f14d2dc993b4cc303ea73d3fcbc0e7967eff
 SHA512:
-  metadata.gz: ea5690f381672e51cf6d9b5b2336d0fed7f5573a0b37818683a978d661956cdcb706a3422138ff3fb8992bceeecf6765960192f47fba56f4d6ff15e337f05b8e
-  data.tar.gz: 6799da921c9d10f4c1a141fbb573e489bb8adf94486dc587f766c9354e3250a164cbad5ea5c1d81c4884bb00cb2363227de30dc5a70dc5089a20b04ec5b31d02
+  metadata.gz: 76a2a6da20e50dea91935d97d2af72b63f2fe38a9d9fc8188e119f200c9ab8402a55ca0ecc62c0729abf7084ef48516367ad8712acb0f23c32f8297aae92fe2d
+  data.tar.gz: ee165356298c039147a2c88f166c681cb1ae23b38fe94bb38e0f0315902b73061b9bcec8935f7caa5b7df1994b3a54356c2b31a3d0933b99eef250e10eee3519

data/bn-ldap-authentication.gemspec CHANGED

@@ -4,7 +4,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 Gem::Specification.new do |spec|
   spec.name          = "bn-ldap-authentication"
-  spec.version       = "0.1.3"
+  spec.version       = "0.1.4"
   spec.authors       = ["shawn-higgins1"]
   spec.email         = ["23224097+shawn-higgins1@users.noreply.github.com"]

data/lib/bn-ldap-authentication.rb CHANGED

@@ -1,70 +1,97 @@
 # frozen_string_literal: true
 module LdapAuthenticator
-    LDAP_ATTRIBUTE_MAPPING = {
-        'name' => [:cn, :displayName],
-        'first_name' => [:givenName],
-        'last_name' => [:sn],
-        'email' => [:mail, :email, :userPrincipalName],
-        'nickname' => [:uid, :userid, :sAMAccountName],
-        'image' => [:jpegPhoto]
-    }
+  LDAP_ATTRIBUTE_MAPPING = {
+    'uid' => [:dn],
+    'name' => [:cn, :displayName],
+    'first_name' => [:givenName],
+    'last_name' => [:sn],
+    'email' => [:mail, :email, :userPrincipalName],
+    'nickname' => [:uid, :userid, :sAMAccountName],
+    'image' => [:jpegPhoto]
+  }
-    def send_ldap_request(user_params, provider_info)
-        case provider_info[:auth_method]
-        when 'anonymous'
-            auth = {
-                method: :anonymous
-            }
-        when 'user'
-            auth = {
-                method: :simple,
-                username: provider_info[:uid] + '=' + user_params[:username] + ',' + provider_info[:base],
-                password: user_params[:password]
-            }
-        else
-            auth = {
-                method: :simple,
-                username: provider_info[:bind_dn],
-                password: provider_info[:password]
-            }
-        end
-        ldap = Net::LDAP.new(
-            host: provider_info[:host],
-            port: provider_info[:port],
-            auth: auth,
-            encryption: provider_info[:encryption]
-        )
-        ldap_filter = Net::LDAP::Filter.eq(provider_info[:uid], user_params[:username])
-        if provider_info[:filter].present?
-          ldap_filter = ldap_filter & Net::LDAP::Filter.construct(provider_info[:filter])
-        end
+  def send_ldap_request(user_params, provider_info)
+    case provider_info[:auth_method]
+    when 'anonymous'
+      auth = {
+          method: :anonymous
+      }
+    when 'user'
+      auth = {
+        method: :simple,
+        username: provider_info[:uid] + '=' + user_params[:username] + ',' + provider_info[:base],
+        password: user_params[:password]
+      }
+    else
+      auth = {
+        method: :simple,
+        username: provider_info[:bind_dn],
+        password: provider_info[:password]
+      }
+    end
+    ldap = Net::LDAP.new(
+      host: provider_info[:host],
+      port: provider_info[:port],
+      auth: auth,
+      encryption: provider_info[:encryption]
+    )
-        ldap.bind_as(
-            base: provider_info[:base],
-            filter: ldap_filter,
-            password: user_params[:password]
-        )
+    ldap_filter = Net::LDAP::Filter.eq(provider_info[:uid], user_params[:username])
+    if provider_info[:filter].present?
+      ldap_filter = ldap_filter & Net::LDAP::Filter.construct(provider_info[:filter])
     end
-    def parse_auth(result, role_field)
-        auth = {}
-        auth['info'] = {}
-        auth['uid'] = result.dn
-        auth['provider'] = :ldap
+    ldap.bind_as(
+      base: provider_info[:base],
+      filter: ldap_filter,
+      password: user_params[:password]
+    )
+  end
+  def parse_auth(result, role_field, mapping)
+    use_attribute_mapping(mapping)
+    auth = {}
+    auth['info'] = {}
+    auth['provider'] = :ldap
+    LDAP_ATTRIBUTE_MAPPING.each do |key, value|
+      value.each do |v|
+        next unless result[v].first
-        LDAP_ATTRIBUTE_MAPPING.each do |key, value|
-            value.each do |v|
-                if result[v].first
-                    auth['info'][key] = result[v].first
-                    break
-                end
-            end
+        if key == "uid"
+          auth[key] = result[v].first
+          break
+        else
+          auth['info'][key] = result[v].first
+          break
         end
+      end
+    end
+    auth['info']['roles'] = result[role_field].first
+    auth
+  end
+  private
+  def use_attribute_mapping(mapping)
+    return if mapping.blank?
+    # Split the different mappings into an array
+    mapping = mapping.split(";")
-        auth['info']['roles'] = result[role_field].first
+    # Loop through all pairs (name=test) and split them apart
+    mapping.each do |pair|
+      key_val = pair.split("=")
-        auth
+      # Skip this attribute if value isn't set up correctly
+      next if key_val[1].blank?
+      # Make the attribute the preferred option by prepending it to the attribute mapping array if it exists
+      LDAP_ATTRIBUTE_MAPPING[key_val[0]].prepend(key_val[1].to_sym) if LDAP_ATTRIBUTE_MAPPING[key_val[0]].present?
     end
+  end
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bn-ldap-authentication
 version: !ruby/object:Gem::Version
-  version: 0.1.3
+  version: 0.1.4
 platform: ruby
 authors:
 - shawn-higgins1
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2020-05-28 00:00:00.000000000 Z
+date: 2020-06-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -99,8 +99,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project:
-rubygems_version: 2.6.8
+rubygems_version: 3.1.2
 signing_key:
 specification_version: 4
 summary: An ruby gem for authenticating users with ldap