oa-ldap 0.0.1 → 0.0.2
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/omniauth/strategies/ldap.rb +83 -29
- metadata +65 -55
@@ -1,6 +1,8 @@
|
|
1
|
-
require 'net/ldap'
|
1
|
+
#require 'net/ldap'
|
2
|
+
require 'ldap'
|
2
3
|
require 'omniauth/core'
|
3
4
|
|
5
|
+
|
4
6
|
module OmniAuth
|
5
7
|
module Strategies
|
6
8
|
class LDAP
|
@@ -9,58 +11,110 @@ module OmniAuth
|
|
9
11
|
def initialize(app, name, host, port, base, options = {})
|
10
12
|
@options = options
|
11
13
|
@base = base
|
12
|
-
@
|
14
|
+
@uid_key = options[:identifier_key] || "uid"
|
15
|
+
|
16
|
+
@auth = nil
|
17
|
+
@host = host
|
18
|
+
@port = port
|
13
19
|
|
14
|
-
@ldap = Net::LDAP.new(:host => host, :port => port)
|
15
20
|
if options[:username] && options[:password]
|
16
|
-
@
|
21
|
+
@auth = {:method => :simple,
|
22
|
+
:username => options[:username],
|
23
|
+
:password => options[:password]}
|
17
24
|
end
|
18
25
|
|
19
26
|
super(app, name)
|
20
27
|
end
|
21
28
|
|
29
|
+
def connect
|
30
|
+
end
|
22
31
|
|
23
|
-
def request_phase
|
24
|
-
return fail!(:missing_information) unless (request[:identifier] && request[:password])
|
25
|
-
|
26
32
|
|
27
|
-
|
28
|
-
|
29
|
-
:password => request[:password])
|
30
|
-
|
33
|
+
def bind(username, password)
|
34
|
+
filter = "(#{@uid_key}=#{username})"
|
31
35
|
|
36
|
+
ldap = Net::LDAP.new(:host => @host, :port => @port, :auth => @auth)
|
37
|
+
result = ldap.bind_as(:base => @base,
|
38
|
+
:filter => filter,
|
39
|
+
:password => password)
|
32
40
|
if result
|
33
|
-
|
34
|
-
env['PATH_INFO'] = request.path + '/callback'
|
35
|
-
request['auth'] = auth_hash(result.first)
|
36
|
-
@app.call(env)
|
41
|
+
result.first.inspect
|
37
42
|
else
|
38
|
-
|
43
|
+
false
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
47
|
+
def bind_jruby(username, password)
|
48
|
+
|
49
|
+
begin
|
50
|
+
conn = ::LDAP::Conn.new(host=@host, port=@port)
|
51
|
+
dn = "#{@uid_key}=#{username},#{@base}"
|
52
|
+
|
53
|
+
result = false
|
54
|
+
|
55
|
+
conn.bind(dn=dn, password=password, method=::LDAP::LDAP_AUTH_SIMPLE) do
|
56
|
+
conn.search(dn, ::LDAP::LDAP_SCOPE_BASE, "(&(objectclass=person))",
|
57
|
+
["name","email","displayName"]) do |entry|
|
58
|
+
|
59
|
+
result = entry
|
60
|
+
end
|
61
|
+
end
|
62
|
+
|
63
|
+
result = result.inspect
|
64
|
+
|
65
|
+
@user_info = entry_map result
|
66
|
+
@user_info[@uid_key] = username
|
67
|
+
@ldap_user_info = result
|
68
|
+
return result
|
69
|
+
|
70
|
+
rescue
|
71
|
+
false
|
39
72
|
end
|
73
|
+
end
|
74
|
+
|
75
|
+
def request_phase
|
76
|
+
return fail!(:missing_information) unless (request[:username] && request[:password])
|
77
|
+
|
78
|
+
result = bind_jruby(request[:username], request[:password])
|
79
|
+
|
80
|
+
if result
|
81
|
+
@env['REQUEST_METHOD'] = 'GET'
|
82
|
+
@env['PATH_INFO'] = "#{OmniAuth.config.path_prefix}/#{name}/callback"
|
83
|
+
@env['omniauth.auth'] = auth_hash
|
40
84
|
|
85
|
+
callback_phase
|
86
|
+
else
|
87
|
+
fail!(:invalid_credentials)
|
88
|
+
end
|
41
89
|
end
|
42
90
|
|
43
91
|
|
44
|
-
def auth_hash
|
92
|
+
def auth_hash
|
45
93
|
OmniAuth::Utils.deep_merge(super(), {
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
'displayName' => entry_attr(entry, :displayName),
|
51
|
-
'uid' => entry_attr(entry, :uid),
|
52
|
-
'email' => entry_attr(entry, :mail) || entry_attr(entry, :email)
|
53
|
-
}
|
94
|
+
'uid' => @user_info["uid"],
|
95
|
+
'strategy' => self.class.to_s,
|
96
|
+
'user_info' => @user_info,
|
97
|
+
'extra' => @ldap_user_info
|
54
98
|
})
|
55
99
|
end
|
56
100
|
|
57
101
|
|
58
|
-
def
|
59
|
-
|
60
|
-
|
102
|
+
def entry_map(entry)
|
103
|
+
{
|
104
|
+
'name' => entry_attr(entry, :name) || entry_attr(entry, :displayName),
|
105
|
+
'displayName' => entry_attr(entry, :displayName),
|
106
|
+
'uid' => entry_attr(entry, :uid),
|
107
|
+
'email' => entry_attr(entry, :mail) || entry_attr(entry, :email)
|
108
|
+
}
|
109
|
+
end
|
61
110
|
|
62
111
|
def entry_attr(entry, key)
|
63
|
-
|
112
|
+
key = key.to_s
|
113
|
+
if entry[key]
|
114
|
+
entry[key].first
|
115
|
+
else
|
116
|
+
nil
|
117
|
+
end
|
64
118
|
end
|
65
119
|
|
66
120
|
end
|
metadata
CHANGED
@@ -3,50 +3,62 @@ name: oa-ldap
|
|
3
3
|
version: !ruby/object:Gem::Version
|
4
4
|
prerelease: false
|
5
5
|
segments:
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
version: 0.0.
|
6
|
+
- 0
|
7
|
+
- 0
|
8
|
+
- 2
|
9
|
+
version: 0.0.2
|
10
10
|
platform: ruby
|
11
11
|
authors:
|
12
|
-
- Pedro Teixeira
|
12
|
+
- Pedro Teixeira
|
13
13
|
autorequire:
|
14
14
|
bindir: bin
|
15
15
|
cert_chain: []
|
16
16
|
|
17
|
-
date: 2010-
|
17
|
+
date: 2010-10-18 00:00:00 -02:00
|
18
18
|
default_executable:
|
19
19
|
dependencies:
|
20
|
-
- !ruby/object:Gem::Dependency
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
20
|
+
- !ruby/object:Gem::Dependency
|
21
|
+
name: oa-core
|
22
|
+
prerelease: false
|
23
|
+
requirement: &id001 !ruby/object:Gem::Requirement
|
24
|
+
requirements:
|
25
|
+
- - ">="
|
26
|
+
- !ruby/object:Gem::Version
|
27
|
+
segments:
|
28
|
+
- 0
|
29
|
+
- 0
|
30
|
+
- 3
|
31
|
+
version: 0.0.3
|
32
|
+
type: :runtime
|
33
|
+
version_requirements: *id001
|
34
|
+
- !ruby/object:Gem::Dependency
|
35
|
+
name: net-ldap
|
36
|
+
prerelease: false
|
37
|
+
requirement: &id002 !ruby/object:Gem::Requirement
|
38
|
+
requirements:
|
39
|
+
- - ">="
|
40
|
+
- !ruby/object:Gem::Version
|
41
|
+
segments:
|
42
|
+
- 0
|
43
|
+
- 1
|
44
|
+
- 1
|
45
|
+
version: 0.1.1
|
46
|
+
type: :runtime
|
47
|
+
version_requirements: *id002
|
48
|
+
- !ruby/object:Gem::Dependency
|
49
|
+
name: jruby-ldap
|
50
|
+
prerelease: false
|
51
|
+
requirement: &id003 !ruby/object:Gem::Requirement
|
52
|
+
requirements:
|
53
|
+
- - ">="
|
54
|
+
- !ruby/object:Gem::Version
|
55
|
+
segments:
|
56
|
+
- 0
|
57
|
+
- 0
|
58
|
+
- 1
|
59
|
+
version: 0.0.1
|
60
|
+
type: :runtime
|
61
|
+
version_requirements: *id003
|
50
62
|
description: LDAP strategies for OmniAuth.
|
51
63
|
email: pedro.t@gmail.com
|
52
64
|
executables: []
|
@@ -56,11 +68,11 @@ extensions: []
|
|
56
68
|
extra_rdoc_files: []
|
57
69
|
|
58
70
|
files:
|
59
|
-
- lib/omniauth/
|
60
|
-
- lib/omniauth/ldap.rb
|
61
|
-
- README.rdoc
|
62
|
-
- LICENSE.rdoc
|
63
|
-
- CHANGELOG.rdoc
|
71
|
+
- lib/omniauth/ldap.rb
|
72
|
+
- lib/omniauth/strategies/ldap.rb
|
73
|
+
- README.rdoc
|
74
|
+
- LICENSE.rdoc
|
75
|
+
- CHANGELOG.rdoc
|
64
76
|
has_rdoc: true
|
65
77
|
homepage: http://github.com/pedroteixeira/oa-ldap
|
66
78
|
licenses: []
|
@@ -69,27 +81,25 @@ post_install_message:
|
|
69
81
|
rdoc_options: []
|
70
82
|
|
71
83
|
require_paths:
|
72
|
-
- lib
|
84
|
+
- lib
|
73
85
|
required_ruby_version: !ruby/object:Gem::Requirement
|
74
|
-
none: false
|
75
86
|
requirements:
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
80
|
-
|
87
|
+
- - ">="
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
segments:
|
90
|
+
- 0
|
91
|
+
version: "0"
|
81
92
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
82
|
-
none: false
|
83
93
|
requirements:
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
94
|
+
- - ">="
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
segments:
|
97
|
+
- 0
|
98
|
+
version: "0"
|
89
99
|
requirements: []
|
90
100
|
|
91
101
|
rubyforge_project:
|
92
|
-
rubygems_version: 1.3.
|
102
|
+
rubygems_version: 1.3.6
|
93
103
|
signing_key:
|
94
104
|
specification_version: 3
|
95
105
|
summary: LDAP strategies for OmniAuth.
|