cul-ldap 0.0.1 → 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/.github/workflows/ci.yml +26 -0
- data/.ruby-version +1 -0
- data/README.md +41 -1
- data/VERSION +1 -1
- data/cul-ldap.gemspec +1 -1
- data/lib/cul/ldap/exceptions.rb +10 -0
- data/lib/cul/ldap.rb +53 -23
- metadata +12 -11
- data/.travis.yml +0 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: b3a6bd5501342e78f88d632e9595c97e1b32e54f1b3e121d9a551b2ebe9980e1
|
|
4
|
+
data.tar.gz: 47edc79408d68f64230c561b9239d8817361ff2c851070d2d2c5f3b93a2d434d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 81f14fb2b8752653c5d2c986178f890c53e1bab3c8aefa742e7a1b646f7196e4bedc359d74f0eb371cbbfd3c9092007f57e0f22ed4a83df72b9755bbf7bf3c71
|
|
7
|
+
data.tar.gz: 648ac9a4415823f2d43f991a0f77a8c30fe7046ecf6c123821a4ef60817b02ce3a08c32e42a9c8c3ca300026543f7e2e667e648c6a245d0ff35d1fe1e25437f2
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
name: CI
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
branches: [ '*' ]
|
|
6
|
+
|
|
7
|
+
jobs:
|
|
8
|
+
ci:
|
|
9
|
+
runs-on: ubuntu-latest
|
|
10
|
+
strategy:
|
|
11
|
+
matrix:
|
|
12
|
+
ruby-version: ['3.2.9', '3.3.9']
|
|
13
|
+
env:
|
|
14
|
+
NOKOGIRI_USE_SYSTEM_LIBRARIES: true
|
|
15
|
+
|
|
16
|
+
steps:
|
|
17
|
+
- uses: actions/checkout@v2
|
|
18
|
+
- name: Add --no-document option to .gemrc file to speed up bundle install
|
|
19
|
+
run: "echo 'gem: --no-document' > ~/.gemrc"
|
|
20
|
+
- name: Set up Ruby
|
|
21
|
+
uses: ruby/setup-ruby@v1
|
|
22
|
+
with:
|
|
23
|
+
ruby-version: ${{ matrix.ruby-version }}
|
|
24
|
+
bundler-cache: true # runs 'bundle install' and caches installed gems automatically
|
|
25
|
+
- name: Run CI task
|
|
26
|
+
run: bundle exec rspec spec
|
data/.ruby-version
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
3.3.8
|
data/README.md
CHANGED
|
@@ -20,13 +20,53 @@ Or install it yourself as:
|
|
|
20
20
|
|
|
21
21
|
## Usage
|
|
22
22
|
|
|
23
|
+
Users must provide a full configuration including the cul LDAP server host, port, and auth credentials. This can be done by passing a hash object to the class initializer, or by including a `cul_ldap.yml` file.
|
|
24
|
+
|
|
25
|
+
The configuration options here are the same ones supported by the Net::LDAP#initialize method. Cul::LDAP is built on top of Net::LDAP. [See the Net::LDAP#initialize documentation here](https://www.rubydoc.info/gems/ruby-net-ldap/Net/LDAP#initialize-instance_method).
|
|
26
|
+
|
|
27
|
+
|
|
28
|
+
Since this file will contain a username and password, remember to .gitignore this file in your repository.
|
|
29
|
+
|
|
30
|
+
```
|
|
31
|
+
host: 'servername' # Required.
|
|
32
|
+
port: 636 # Required. Standard port for simple-tls encrypted ldap connections.
|
|
33
|
+
encryption: simple_tls
|
|
34
|
+
auth: # Required (all fields).
|
|
35
|
+
method: simple
|
|
36
|
+
username: "USERNAME"
|
|
37
|
+
password: "PASSWORD"
|
|
38
|
+
```
|
|
39
|
+
|
|
40
|
+
**❗You can use the information in [this confluence page](https://columbiauniversitylibraries.atlassian.net/wiki/spaces/USGSERVICES/pages/10947594/LDAP+Lookup+including+affiliations+via+privileged+lookup#Using-a-secure-%E2%80%9Cldaps%3A%2F%2F%E2%80%9D-connection-(recommended)%3A) to fill out the username and password credentials here.❗**
|
|
41
|
+
|
|
42
|
+
### Standalone Gem Usage
|
|
43
|
+
|
|
23
44
|
```
|
|
24
45
|
require 'cul/ldap'
|
|
25
|
-
ldap = Cul::LDAP.new
|
|
46
|
+
ldap = Cul::LDAP.new # Assuming you have a proper cul_ldap.yml file
|
|
26
47
|
entry = ldap.find_by_uni("abc123")
|
|
27
48
|
entry = ldap.find_by_name("Doe, Jane")
|
|
28
49
|
```
|
|
29
50
|
|
|
51
|
+
### Rails app usage
|
|
52
|
+
|
|
53
|
+
If you're using cul-ldap in a Rails app, you can create a configuration file at `config/cul_ldap.yml` that looks the one at the top of this section. It will be read automatically.
|
|
54
|
+
|
|
55
|
+
## Common Errors Troubleshooting
|
|
56
|
+
Cul::LDAP will raise an error if any of the expected configuration options are missing when an instance is initialized. It only validates that they are present, nothing else; if there is a misconfigured option or a different error, an underlying call to the Net::LDAP gem will likely be the one to raise it.
|
|
57
|
+
|
|
58
|
+
#### Cul::LDAP errors:
|
|
59
|
+
- **InvalidOptionError**: You are missing a configuration option (in cul_ldap.yml or in the option hash passed to new)
|
|
60
|
+
- **AuthError: Cul::LDAP**: was able to make the request to the LDAP service, but received a response indicating invalid credentials (user/pass). The exact error will be printed.
|
|
61
|
+
- code 49: bad username
|
|
62
|
+
- code 50: bad username and password
|
|
63
|
+
- code 53: bad password
|
|
64
|
+
|
|
65
|
+
#### Other common error cases:
|
|
66
|
+
- **Net::LDAP:Error: Operation timed out**: The request never received a response. Could be a network error.
|
|
67
|
+
- **Net::LDAP::Error: getaddrinfo**: invalid host url
|
|
68
|
+
- **Errno::ECONNREFUSED: Connection refused**: invalid host url - usually when it is an empty string (in which case Net::LDAP will set host to 0.0.0.0)
|
|
69
|
+
- **Errno::ECONNRESET: Connection reset by peer**: unknown/invalid `encryption` option was given.
|
|
30
70
|
## Development
|
|
31
71
|
|
|
32
72
|
After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.0
|
|
1
|
+
0.1.0
|
data/cul-ldap.gemspec
CHANGED
|
@@ -21,7 +21,7 @@ Gem::Specification.new do |spec|
|
|
|
21
21
|
|
|
22
22
|
spec.add_runtime_dependency "net-ldap", '~> 0.16'
|
|
23
23
|
|
|
24
|
-
spec.add_development_dependency "bundler", "~>
|
|
24
|
+
spec.add_development_dependency "bundler", "~> 2.0"
|
|
25
25
|
spec.add_development_dependency "rake", "~> 10.0"
|
|
26
26
|
spec.add_development_dependency "rspec", "~> 3.0"
|
|
27
27
|
spec.add_development_dependency "rspec-its", "~> 1.2"
|
data/lib/cul/ldap.rb
CHANGED
|
@@ -2,20 +2,24 @@ require "net/ldap"
|
|
|
2
2
|
require "yaml"
|
|
3
3
|
|
|
4
4
|
require "cul/ldap/version"
|
|
5
|
+
require "cul/ldap/exceptions"
|
|
5
6
|
require "cul/ldap/entry"
|
|
6
7
|
|
|
7
8
|
module Cul
|
|
8
9
|
class LDAP < Net::LDAP
|
|
9
10
|
CONFIG_FILENAME = 'cul_ldap.yml'
|
|
10
11
|
CONFIG_DEFAULTS = {
|
|
11
|
-
host: 'ldap.columbia.edu',
|
|
12
|
-
port: '636',
|
|
13
12
|
encryption: {
|
|
14
13
|
method: :simple_tls,
|
|
15
14
|
tls_options: OpenSSL::SSL::SSLContext::DEFAULT_PARAMS
|
|
16
|
-
}
|
|
15
|
+
},
|
|
17
16
|
}.freeze
|
|
17
|
+
REQUIRED_OPTS = [ :host, :port, :auth ].freeze
|
|
18
|
+
REQUIRED_AUTH_OPTS = [ :method, :username, :password ].freeze
|
|
18
19
|
|
|
20
|
+
# Create a new Cul::LDAP object
|
|
21
|
+
# @param options [Hash] A set of Net::LDAP constructor options. See Net::LDAP#initialize for
|
|
22
|
+
# the full set of supported options.
|
|
19
23
|
def initialize(options = {})
|
|
20
24
|
super(build_config(options)) # All keys have to be symbols.
|
|
21
25
|
end
|
|
@@ -27,7 +31,7 @@ module Cul
|
|
|
27
31
|
# @return [nil] if record for uni could not be found, or more than one record was found
|
|
28
32
|
def find_by_uni(uni)
|
|
29
33
|
entries = search(base: "ou=People,o=Columbia University, c=US", filter: Net::LDAP::Filter.eq("uid", uni))
|
|
30
|
-
(entries.count == 1) ? entries.first : nil
|
|
34
|
+
(entries && entries.count == 1) ? entries.first : nil
|
|
31
35
|
end
|
|
32
36
|
|
|
33
37
|
# LDAP lookup based on name.
|
|
@@ -46,47 +50,73 @@ module Cul
|
|
|
46
50
|
# Wrapper around Net::LDAP#search, converts Net::LDAP::Entry objects to
|
|
47
51
|
# Cul::LDAP::Entry objects.
|
|
48
52
|
def search(args = {})
|
|
49
|
-
super(args).tap do |result|
|
|
53
|
+
search_res = super(args).tap do |result|
|
|
50
54
|
if result.is_a?(Array)
|
|
51
55
|
result.map!{ |e| Cul::LDAP::Entry.new(e) }
|
|
52
56
|
end
|
|
53
57
|
end
|
|
58
|
+
|
|
59
|
+
# If a username and password were provided, the query will return a result no matter what. Check if auth failed:
|
|
60
|
+
check_operation_result
|
|
61
|
+
|
|
62
|
+
search_res
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
# Checks for some common error cases that the user can easily remidy (all auth errors)
|
|
66
|
+
# For all LDAP operation result codes and their meanings: https://ldap.com/ldap-result-code-reference/
|
|
67
|
+
def check_operation_result
|
|
68
|
+
operation_result = get_operation_result
|
|
69
|
+
if [49, 50, 53].include? operation_result.code
|
|
70
|
+
raise Exceptions::AuthError, "LDAP Error: (code #{operation_result.code}) '#{operation_result.error_message}' Make sure you provide a proper username and password for authentication."
|
|
71
|
+
end
|
|
54
72
|
end
|
|
55
73
|
|
|
56
74
|
private
|
|
57
75
|
|
|
58
76
|
def build_config(options)
|
|
59
|
-
config = CONFIG_DEFAULTS.
|
|
60
|
-
credentials = config.fetch(:auth, nil)
|
|
61
|
-
credentials = nil if !credentials.nil? && credentials.empty?
|
|
62
|
-
|
|
63
|
-
# If rails app fetch credentials using rails code, otherwise read from
|
|
64
|
-
# cul_ldap.yml if credentials are nil.
|
|
65
|
-
if credentials.nil?
|
|
66
|
-
credentials = rails_credentials || credentials_from_file
|
|
67
|
-
credentials = nil if !credentials.nil? && credentials.empty?
|
|
68
|
-
end
|
|
77
|
+
config = CONFIG_DEFAULTS.dup
|
|
69
78
|
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
79
|
+
# If a cul_ldap.yml config file is found, merge in those settings first
|
|
80
|
+
options_from_config_file = options_from_rails_config || options_from_file_config
|
|
81
|
+
|
|
82
|
+
config = config.merge(options_from_config_file) if options_from_config_file
|
|
83
|
+
|
|
84
|
+
# Then merge in any settings supplies by options
|
|
85
|
+
config = config.merge(options) if options
|
|
86
|
+
|
|
87
|
+
# If auth method has been supplied as a string, convert it to a symbol
|
|
88
|
+
config[:auth][:method] = :simple if config[:auth] && config.dig(:auth, :method) == 'simple'
|
|
89
|
+
|
|
90
|
+
# If any required information is missing from the options, raise an error
|
|
91
|
+
validate_config(config)
|
|
74
92
|
|
|
75
|
-
config[:auth] = credentials
|
|
76
93
|
config
|
|
77
94
|
end
|
|
78
95
|
|
|
79
|
-
def
|
|
96
|
+
def options_from_file_config
|
|
80
97
|
(File.exist?(CONFIG_FILENAME)) ? YAML.load_file(CONFIG_FILENAME) : nil
|
|
81
98
|
end
|
|
82
99
|
|
|
83
|
-
def
|
|
100
|
+
def options_from_rails_config
|
|
84
101
|
if defined?(Rails.application.config_for) && File.exist?(File.join(Rails.root, 'config', CONFIG_FILENAME))
|
|
85
|
-
|
|
102
|
+
if Rails.application.config_for(CONFIG_FILENAME.gsub(/.yml$/, '').to_sym).empty?
|
|
103
|
+
raise "Missing cul-ldap configuration in config/#{CONFIG_FILENAME}"
|
|
104
|
+
end
|
|
86
105
|
Rails.application.config_for(:cul_ldap)
|
|
87
106
|
else
|
|
88
107
|
nil
|
|
89
108
|
end
|
|
90
109
|
end
|
|
110
|
+
|
|
111
|
+
def validate_config(config)
|
|
112
|
+
REQUIRED_OPTS.each do |opt|
|
|
113
|
+
raise Exceptions::InvalidOptionError, "Missing required cul-ldap configuration option: #{opt}" unless config.has_key? opt
|
|
114
|
+
end
|
|
115
|
+
|
|
116
|
+
# Validate nested auth options
|
|
117
|
+
REQUIRED_AUTH_OPTS.each do |auth_opt|
|
|
118
|
+
raise Exceptions::InvalidOptionError, "Missing required cul-ldap configuration option: :auth=> { #{auth_opt} }" unless config[:auth].has_key? auth_opt
|
|
119
|
+
end
|
|
120
|
+
end
|
|
91
121
|
end
|
|
92
122
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: cul-ldap
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0
|
|
4
|
+
version: 0.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Carla Galarza
|
|
8
|
-
autorequire:
|
|
8
|
+
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2026-01-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: net-ldap
|
|
@@ -30,14 +30,14 @@ dependencies:
|
|
|
30
30
|
requirements:
|
|
31
31
|
- - "~>"
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
|
-
version: '
|
|
33
|
+
version: '2.0'
|
|
34
34
|
type: :development
|
|
35
35
|
prerelease: false
|
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
|
37
37
|
requirements:
|
|
38
38
|
- - "~>"
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
|
-
version: '
|
|
40
|
+
version: '2.0'
|
|
41
41
|
- !ruby/object:Gem::Dependency
|
|
42
42
|
name: rake
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -80,16 +80,17 @@ dependencies:
|
|
|
80
80
|
- - "~>"
|
|
81
81
|
- !ruby/object:Gem::Version
|
|
82
82
|
version: '1.2'
|
|
83
|
-
description:
|
|
83
|
+
description:
|
|
84
84
|
email:
|
|
85
85
|
- cmg2228@columbia.edu
|
|
86
86
|
executables: []
|
|
87
87
|
extensions: []
|
|
88
88
|
extra_rdoc_files: []
|
|
89
89
|
files:
|
|
90
|
+
- ".github/workflows/ci.yml"
|
|
90
91
|
- ".gitignore"
|
|
91
92
|
- ".rspec"
|
|
92
|
-
- ".
|
|
93
|
+
- ".ruby-version"
|
|
93
94
|
- Gemfile
|
|
94
95
|
- LICENSE.txt
|
|
95
96
|
- README.md
|
|
@@ -100,12 +101,13 @@ files:
|
|
|
100
101
|
- cul-ldap.gemspec
|
|
101
102
|
- lib/cul/ldap.rb
|
|
102
103
|
- lib/cul/ldap/entry.rb
|
|
104
|
+
- lib/cul/ldap/exceptions.rb
|
|
103
105
|
- lib/cul/ldap/version.rb
|
|
104
106
|
homepage: https://github.com/cul/cul-ldap
|
|
105
107
|
licenses:
|
|
106
108
|
- MIT
|
|
107
109
|
metadata: {}
|
|
108
|
-
post_install_message:
|
|
110
|
+
post_install_message:
|
|
109
111
|
rdoc_options: []
|
|
110
112
|
require_paths:
|
|
111
113
|
- lib
|
|
@@ -120,9 +122,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
120
122
|
- !ruby/object:Gem::Version
|
|
121
123
|
version: '0'
|
|
122
124
|
requirements: []
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
signing_key:
|
|
125
|
+
rubygems_version: 3.5.22
|
|
126
|
+
signing_key:
|
|
126
127
|
specification_version: 4
|
|
127
128
|
summary: Common queries of CU's LDAP server
|
|
128
129
|
test_files: []
|