omniauth-ldap 1.0.5 → 2.3.1

data/lib/omniauth-ldap.rb

@@ -1,4 +1,9 @@
+require "version_gem"
+
 require "omniauth-ldap/version"
 require "omniauth-ldap/adaptor"
-require 'omniauth/strategies/ldap'
+require "omniauth/strategies/ldap"
 
+OmniAuth::LDAP::Version.class_eval do
+  extend VersionGem::Basic
+end

data/sig/omniauth/ldap/adaptor.rbs

@@ -0,0 +1,54 @@
+module OmniAuth
+  module LDAP
+    class Adaptor
+      class LdapError < ::StandardError
+      end
+
+      class ConfigurationError < ::StandardError
+      end
+
+      class AuthenticationError < ::StandardError
+      end
+
+      class ConnectionError < ::StandardError
+      end
+
+      VALID_ADAPTER_CONFIGURATION_KEYS: Array[Symbol]
+      MUST_HAVE_KEYS: Array[untyped]
+      METHOD: Hash[Symbol, Symbol?]
+
+      attr_accessor bind_dn: String?
+      attr_accessor password: String?
+
+      # Net::LDAP is provided by the net-ldap gem; we reference it here for clarity.
+      attr_reader connection: Net::LDAP
+      attr_reader uid: String?
+      attr_reader base: String?
+      # auth is the hash passed to Net::LDAP#auth or similar
+      attr_reader auth: Hash[Symbol, untyped]
+      # filter is an LDAP filter string when configured
+      attr_reader filter: String?
+
+      # Validate that required keys exist in the configuration
+      def self.validate: (?Hash[Symbol, untyped]) -> void
+      def initialize: (?Hash[Symbol, untyped]) -> void
+
+      # Perform a search and optionally bind; returns the matched entry or false
+      def bind_as: (?Hash[Symbol, untyped]) -> (Net::LDAP::Entry? | false)
+
+      private
+
+      # Returns a Net::LDAP encryption symbol (e.g. :simple_tls, :start_tls) or nil
+      def ensure_method: (untyped) -> Symbol?
+
+      # Returns an array of SASL auth hashes
+      def sasl_auths: (?Hash[Symbol, untyped]) -> Array[Hash[Symbol, untyped]]
+
+      # Returns initial credential (string) and a proc that accepts a challenge and returns the response
+      # Use Array[untyped] here to avoid tuple syntax issues in some linters; the runtime value
+      # is commonly a two-element array [initial_credential, proc].
+      def sasl_bind_setup_digest_md5: (?Hash[Symbol, untyped]) -> Array[untyped]
+      def sasl_bind_setup_gss_spnego: (?Hash[Symbol, untyped]) -> Array[untyped]
+    end
+  end
+end

data/sig/omniauth/ldap/version.rbs

@@ -0,0 +1,11 @@
+module OmniAuth
+  module LDAP
+    module Version
+      VERSION: String
+    end
+
+    # Traditional constant alias
+    VERSION: String
+  end
+end
+

data/sig/omniauth/strategies/ldap.rbs

@@ -0,0 +1,32 @@
+module OmniAuth
+  module Strategies
+    class LDAP
+      OMNIAUTH_GTE_V2: bool
+
+      # CONFIG is a read-only mapping of string keys to mapping definitions
+      CONFIG: Hash[String, untyped]
+
+      # The request_phase either returns a Rack-compatible response or the form response.
+      def request_phase: () -> (Rack::Response | Array[untyped] | String)
+
+      # The callback_phase may call super (untyped) or return a failure symbol
+      def callback_phase: () -> untyped
+
+      # Accepts an adaptor and returns a Net::LDAP::Filter or similar
+      # Optional second argument allows overriding the username (used for header-based SSO)
+      def filter: (OmniAuth::LDAP::Adaptor) -> Net::LDAP::Filter
+                | (OmniAuth::LDAP::Adaptor, String?) -> Net::LDAP::Filter
+
+      # Map a user object (Net::LDAP::Entry-like) into a Hash for the auth info
+      def self.map_user: (Hash[String, untyped], untyped) -> Hash[String, untyped]
+
+      def missing_credentials?: () -> bool
+
+      # Extract username from a trusted header when enabled
+      def header_username: () -> (String | nil)
+
+      # Perform a directory lookup for a given username; returns an Entry or nil
+      def directory_lookup: (OmniAuth::LDAP::Adaptor, String) -> untyped
+    end
+  end
+end

data/sig/omniauth-ldap.rbs

@@ -0,0 +1,5 @@
+# Top-level signature file for the gem. Detailed signatures live in the files below:
+# - sig/omniauth/ldap/version.rbs
+# - sig/omniauth/ldap/adaptor.rbs
+# - sig/omniauth/strategies/ldap.rbs
+# This file is intentionally minimal to avoid duplicating declarations.

data/sig/rbs/net-ldap.rbs

@@ -0,0 +1,19 @@
+# Minimal stubs for net-ldap types used by the gem
+module Net
+  class LDAP
+    def initialize: (Hash[Symbol, untyped]) -> void
+    def open: () { (self) -> untyped } -> untyped
+    def search: (?Hash[Symbol, untyped]) -> Array[Net::LDAP::Entry]
+    def bind: (?Hash[Symbol, untyped]) -> bool
+  end
+
+  class LDAP::Entry
+    def dn: () -> String
+  end
+
+  class LDAP::Filter
+    def self.construct: (String) -> Net::LDAP::Filter
+    def self.eq: (String, String) -> Net::LDAP::Filter
+  end
+end
+

data/sig/rbs/net-ntlm.rbs

@@ -0,0 +1,16 @@
+# Minimal stubs for net-ntlm types used by the gem
+module Net
+  module NTLM
+    class Message
+      def self.parse: (untyped) -> Net::NTLM::Message
+      def response: (?Hash[Symbol, untyped], ?Hash[Symbol, untyped]) -> Net::NTLM::Message
+    end
+
+    class Message::Type1
+      def serialize: () -> String
+    end
+
+    def self.encode_utf16le: (String) -> String
+  end
+end
+

data/sig/rbs/sasl.rbs

@@ -0,0 +1,12 @@
+# Minimal stubs for SASL bindings used in tests
+module SASL
+  class Preferences
+    def initialize: (?Hash[Symbol, untyped]) -> void
+  end
+
+  class SASL
+    def initialize: (String, SASL::Preferences) -> void
+    def receive: (String, untyped) -> [untyped, untyped]
+  end
+end
+