sheffield_ldap_lookup 0.0.5 → 0.0.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/.ruby-version +1 -0
- data/lib/sheffield_ldap_lookup/ldap_finder.rb +27 -5
- data/lib/sheffield_ldap_lookup/version.rb +1 -1
- data/sheffield_ldap_lookup.gemspec +6 -6
- data/spec/lib/ldap_finder_spec.rb +118 -26
- metadata +19 -18
- data/.rvmrc +0 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 2a0dc52a5bd9f5aa8ec1401e62ca05c0d5f7062c0f382afb77d1f4d8595df0b5
|
4
|
+
data.tar.gz: f945bc9ded89ea4b1d9a047ae6b1c5a7b71786b2a7d98acdd426f5172c7720c4
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 42ed11ed5b09a6a6b3b159fc4fee3757235802bfad7ce87420b3507751ba4f7561502195c03e51a44e373ee7069595f768d2b0234177a98f4ef99c7bac564ed6
|
7
|
+
data.tar.gz: 46017a6b493efd2d91b87f8669e9118ececac71a9190dea0782ca3958b480b8001849e632143fcc0b7d8a3b6c0183d83d07713480cb2011d59ee33a0b0ddff2e
|
data/.ruby-version
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
ruby-3.1
|
@@ -12,13 +12,17 @@ module SheffieldLdapLookup
|
|
12
12
|
|
13
13
|
class << self
|
14
14
|
attr_accessor :ldap_config
|
15
|
+
attr_accessor :error_notification_proc
|
15
16
|
end
|
16
17
|
|
17
18
|
def lookup
|
18
19
|
begin
|
19
20
|
@lookup ||= connection.search(filter: ldap_filter)[0]
|
20
|
-
rescue
|
21
|
-
|
21
|
+
rescue Exception => exception
|
22
|
+
if self.class.error_notification_proc.is_a?(Proc)
|
23
|
+
self.class.error_notification_proc.call(exception)
|
24
|
+
end
|
25
|
+
raise exception
|
22
26
|
end
|
23
27
|
end
|
24
28
|
|
@@ -28,7 +32,7 @@ module SheffieldLdapLookup
|
|
28
32
|
|
29
33
|
def search_attribute
|
30
34
|
return custom_search_attribute if custom_search_attribute
|
31
|
-
keyword =~ /\A[^@]+@[^@]+\z/ ? 'mail' : '
|
35
|
+
keyword =~ /\A[^@]+@[^@]+\z/ ? 'mail' : 'sAMAccountName'
|
32
36
|
end
|
33
37
|
|
34
38
|
def ldap_config
|
@@ -41,7 +45,9 @@ module SheffieldLdapLookup
|
|
41
45
|
|
42
46
|
def connection_settings
|
43
47
|
base_settings = {
|
44
|
-
host: ldap_config["#{@config_prefix}host"],
|
48
|
+
host: ldap_config["#{@config_prefix}host"],
|
49
|
+
port: ldap_config["#{@config_prefix}port"],
|
50
|
+
base: ldap_config["#{@config_prefix}base"]
|
45
51
|
}
|
46
52
|
|
47
53
|
if ldap_config.key?("#{@config_prefix}username") && ldap_config.key?("#{@config_prefix}password")
|
@@ -51,8 +57,24 @@ module SheffieldLdapLookup
|
|
51
57
|
password: ldap_config["#{@config_prefix}password"]
|
52
58
|
}
|
53
59
|
end
|
60
|
+
|
61
|
+
if ldap_config["#{@config_prefix}ssl"] == true
|
62
|
+
base_settings[:port] ||= 636
|
63
|
+
base_settings[:encryption] = {
|
64
|
+
method: :simple_tls,
|
65
|
+
tls_options: OpenSSL::SSL::SSLContext::DEFAULT_PARAMS.merge(
|
66
|
+
# Default min version (in Ruby 2.7) is TLS 1.0, but server always responds and says provide TLS 1.2
|
67
|
+
# (and, to be honest, we shouldn't use anything less than TLS 1.2 these days)
|
68
|
+
min_version: OpenSSL::SSL::TLS1_2_VERSION
|
69
|
+
)
|
70
|
+
}
|
71
|
+
end
|
72
|
+
|
73
|
+
# Avoid two LDAP queries per connection by forcing unpaged results
|
74
|
+
base_settings[:force_no_page] = true
|
75
|
+
|
54
76
|
base_settings
|
55
77
|
end
|
56
78
|
|
57
79
|
end
|
58
|
-
end
|
80
|
+
end
|
@@ -6,20 +6,20 @@ require 'sheffield_ldap_lookup/version'
|
|
6
6
|
Gem::Specification.new do |gem|
|
7
7
|
gem.name = "sheffield_ldap_lookup"
|
8
8
|
gem.version = SheffieldLdapLookup::VERSION
|
9
|
-
gem.authors = ["Shuo Chen"]
|
10
|
-
gem.email = ["
|
9
|
+
gem.authors = ["James Gregory-Monk", "Shuo Chen"]
|
10
|
+
gem.email = ["james.gregory@epigenesys.org.uk", "shuo.chen@epigenesys.org.uk"]
|
11
11
|
gem.description = "A gem to fetch information from University of Sheffield LDAP server based on username or email address."
|
12
12
|
gem.summary = "LDAP lookup"
|
13
|
-
gem.homepage = "
|
13
|
+
gem.homepage = "https://www.epigenesys.org.uk"
|
14
14
|
|
15
15
|
gem.files = `git ls-files`.split($/)
|
16
16
|
gem.executables = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
|
17
17
|
gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
|
18
18
|
gem.require_paths = ["lib"]
|
19
|
-
|
19
|
+
|
20
20
|
gem.add_dependency('net-ldap')
|
21
|
-
|
21
|
+
|
22
22
|
gem.add_development_dependency('rake')
|
23
23
|
gem.add_development_dependency('rails', '>= 3.2')
|
24
24
|
gem.add_development_dependency('rspec')
|
25
|
-
end
|
25
|
+
end
|
@@ -2,68 +2,160 @@ require 'spec_helper'
|
|
2
2
|
require 'sheffield_ldap_lookup/ldap_finder.rb'
|
3
3
|
|
4
4
|
describe SheffieldLdapLookup::LdapFinder do
|
5
|
-
|
5
|
+
let(:ldap_config) { { 'host' => 'localhost', 'port' => '389', 'base' => 'ou=Users' } }
|
6
|
+
let(:default_tls_options) { OpenSSL::SSL::SSLContext::DEFAULT_PARAMS.merge(min_version: OpenSSL::SSL::TLS1_2_VERSION) }
|
7
|
+
|
6
8
|
describe "#connection" do
|
7
9
|
it "should create a new LDAP connection" do
|
8
|
-
subject.
|
10
|
+
allow(subject).to receive(:ldap_config).and_return(ldap_config)
|
9
11
|
ldap_class = double
|
10
|
-
ldap_class.
|
12
|
+
expect(ldap_class).to receive(:new).with({
|
13
|
+
host: ldap_config['host'],
|
14
|
+
port: ldap_config['port'],
|
15
|
+
base: ldap_config['base'],
|
16
|
+
force_no_page: true
|
17
|
+
})
|
11
18
|
subject.connection(ldap_class)
|
12
19
|
end
|
13
20
|
end
|
14
|
-
|
21
|
+
|
15
22
|
describe "#ldap_config" do
|
16
23
|
it "should load the LDAP configuration" do
|
17
|
-
SheffieldLdapLookup::LdapFinder.ldap_config =
|
18
|
-
subject.ldap_config.
|
24
|
+
SheffieldLdapLookup::LdapFinder.ldap_config = ldap_config
|
25
|
+
expect(subject.ldap_config).to eq ldap_config
|
19
26
|
end
|
20
27
|
end
|
21
|
-
|
28
|
+
|
22
29
|
describe "#search_attribute" do
|
23
30
|
describe "determine to search against uid or email based on the format of the keyword" do
|
24
31
|
it "should use 'uid' attribute for username" do
|
25
32
|
finder = SheffieldLdapLookup::LdapFinder.new('username')
|
26
|
-
finder.search_attribute.
|
33
|
+
expect(finder.search_attribute).to eq 'sAMAccountName'
|
27
34
|
end
|
28
|
-
|
35
|
+
|
29
36
|
it "should use 'mail' attribute for email" do
|
30
37
|
finder = SheffieldLdapLookup::LdapFinder.new('test@test.com')
|
31
|
-
finder.search_attribute.
|
38
|
+
expect(finder.search_attribute).to eq 'mail'
|
32
39
|
end
|
33
40
|
end
|
34
41
|
end
|
35
|
-
|
42
|
+
|
36
43
|
describe "#ldap_filter" do
|
37
44
|
it "should create a LDAP filter for the attribute and keyword" do
|
38
45
|
finder = SheffieldLdapLookup::LdapFinder.new('username')
|
39
|
-
finder.
|
46
|
+
allow(finder).to receive(:search_attribute).and_return('uid')
|
40
47
|
filter_class = double
|
41
|
-
filter_class.
|
48
|
+
expect(filter_class).to receive(:eq).with('uid', 'username')
|
42
49
|
finder.ldap_filter filter_class
|
43
50
|
end
|
44
51
|
end
|
45
|
-
|
52
|
+
|
53
|
+
context "load config prefix" do
|
54
|
+
let(:ldap_config) { { 'host' => 'localhost', 'port' => '389', 'base' => 'ou=Users',
|
55
|
+
'prefix_host' => 'prefix_localhost', 'prefix_port' => '400', 'prefix_base' => 'ou=BigUsers' } }
|
56
|
+
subject { SheffieldLdapLookup::LdapFinder.new('123', 'prefix_') }
|
57
|
+
|
58
|
+
it "should create a new LDAP connection" do
|
59
|
+
allow(subject).to receive(:ldap_config).and_return(ldap_config)
|
60
|
+
ldap_class = double
|
61
|
+
expect(ldap_class).to receive(:new).with({
|
62
|
+
host: ldap_config['prefix_host'],
|
63
|
+
port: ldap_config['prefix_port'],
|
64
|
+
base: ldap_config['prefix_base'],
|
65
|
+
force_no_page: true
|
66
|
+
})
|
67
|
+
subject.connection(ldap_class)
|
68
|
+
end
|
69
|
+
end
|
70
|
+
|
71
|
+
context 'with an ssl config' do
|
72
|
+
let(:ldap_config) { { 'host' => 'localhost', 'port' => '389', 'base' => 'ou=Users', 'ssl' => true } }
|
73
|
+
|
74
|
+
it "should create a new secure LDAP connection" do
|
75
|
+
allow(subject).to receive(:ldap_config).and_return(ldap_config)
|
76
|
+
ldap_class = double
|
77
|
+
expect(ldap_class).to receive(:new).with({
|
78
|
+
host: ldap_config['host'],
|
79
|
+
port: ldap_config['port'],
|
80
|
+
base: ldap_config['base'],
|
81
|
+
encryption: {
|
82
|
+
method: :simple_tls,
|
83
|
+
tls_options: default_tls_options
|
84
|
+
},
|
85
|
+
force_no_page: true
|
86
|
+
})
|
87
|
+
subject.connection(ldap_class)
|
88
|
+
end
|
89
|
+
end
|
90
|
+
|
91
|
+
context 'with a username and password config' do
|
92
|
+
let(:ldap_config) { { 'host' => 'localhost', 'port' => '389', 'base' => 'ou=Users',
|
93
|
+
'username' => 'ldapusername', 'password' => 'ldappassword' } }
|
94
|
+
|
95
|
+
it "should create a new secure LDAP connection" do
|
96
|
+
allow(subject).to receive(:ldap_config).and_return(ldap_config)
|
97
|
+
ldap_class = double
|
98
|
+
expect(ldap_class).to receive(:new).with({
|
99
|
+
host: ldap_config['host'],
|
100
|
+
port: ldap_config['port'],
|
101
|
+
base: ldap_config['base'],
|
102
|
+
force_no_page: true,
|
103
|
+
auth: {
|
104
|
+
method: :simple,
|
105
|
+
username: 'ldapusername',
|
106
|
+
password: 'ldappassword'
|
107
|
+
}
|
108
|
+
})
|
109
|
+
subject.connection(ldap_class)
|
110
|
+
end
|
111
|
+
end
|
112
|
+
|
113
|
+
context 'with a username, password and ssl config' do
|
114
|
+
let(:ldap_config) { { 'host' => 'localhost', 'port' => '389', 'base' => 'ou=Users',
|
115
|
+
'username' => 'ldapusername', 'password' => 'ldappassword', 'ssl' => true } }
|
116
|
+
|
117
|
+
it "should create a new secure LDAP connection" do
|
118
|
+
allow(subject).to receive(:ldap_config).and_return(ldap_config)
|
119
|
+
ldap_class = double
|
120
|
+
expect(ldap_class).to receive(:new).with({
|
121
|
+
host: ldap_config['host'],
|
122
|
+
port: ldap_config['port'],
|
123
|
+
base: ldap_config['base'],
|
124
|
+
force_no_page: true,
|
125
|
+
encryption: {
|
126
|
+
method: :simple_tls,
|
127
|
+
tls_options: default_tls_options
|
128
|
+
},
|
129
|
+
auth: {
|
130
|
+
method: :simple,
|
131
|
+
username: 'ldapusername',
|
132
|
+
password: 'ldappassword'
|
133
|
+
}
|
134
|
+
})
|
135
|
+
subject.connection(ldap_class)
|
136
|
+
end
|
137
|
+
end
|
138
|
+
|
46
139
|
describe "#lookup" do
|
47
140
|
describe "use the LDAP filter to search for the entity and return the first result" do
|
48
141
|
let(:ldap_filter) { double }
|
49
142
|
let(:connection) { double }
|
50
|
-
|
51
|
-
|
143
|
+
|
144
|
+
before do
|
145
|
+
allow(subject).to receive(:ldap_filter).and_return(ldap_filter)
|
146
|
+
allow(subject).to receive(:connection).and_return(connection)
|
147
|
+
end
|
148
|
+
|
52
149
|
it "should search the LDAP connection using the filter" do
|
53
|
-
connection.
|
150
|
+
expect(connection).to receive(:search).with(filter: ldap_filter).and_return([])
|
54
151
|
subject.lookup
|
55
152
|
end
|
56
|
-
|
153
|
+
|
57
154
|
it "should return the first result" do
|
58
155
|
result = double
|
59
|
-
connection.
|
60
|
-
subject.lookup.
|
61
|
-
end
|
62
|
-
|
63
|
-
it "should return an empty hash if cannot connect to LDAP" do
|
64
|
-
connection.stub(search: ->{raise})
|
65
|
-
subject.lookup.should == {}
|
156
|
+
allow(connection).to receive(:search).and_return([result])
|
157
|
+
expect(subject.lookup).to eq result
|
66
158
|
end
|
67
159
|
end
|
68
160
|
end
|
69
|
-
end
|
161
|
+
end
|
metadata
CHANGED
@@ -1,81 +1,83 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sheffield_ldap_lookup
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.9
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
|
+
- James Gregory-Monk
|
7
8
|
- Shuo Chen
|
8
9
|
autorequire:
|
9
10
|
bindir: bin
|
10
11
|
cert_chain: []
|
11
|
-
date:
|
12
|
+
date: 2023-09-22 00:00:00.000000000 Z
|
12
13
|
dependencies:
|
13
14
|
- !ruby/object:Gem::Dependency
|
14
15
|
name: net-ldap
|
15
16
|
requirement: !ruby/object:Gem::Requirement
|
16
17
|
requirements:
|
17
|
-
- -
|
18
|
+
- - ">="
|
18
19
|
- !ruby/object:Gem::Version
|
19
20
|
version: '0'
|
20
21
|
type: :runtime
|
21
22
|
prerelease: false
|
22
23
|
version_requirements: !ruby/object:Gem::Requirement
|
23
24
|
requirements:
|
24
|
-
- -
|
25
|
+
- - ">="
|
25
26
|
- !ruby/object:Gem::Version
|
26
27
|
version: '0'
|
27
28
|
- !ruby/object:Gem::Dependency
|
28
29
|
name: rake
|
29
30
|
requirement: !ruby/object:Gem::Requirement
|
30
31
|
requirements:
|
31
|
-
- -
|
32
|
+
- - ">="
|
32
33
|
- !ruby/object:Gem::Version
|
33
34
|
version: '0'
|
34
35
|
type: :development
|
35
36
|
prerelease: false
|
36
37
|
version_requirements: !ruby/object:Gem::Requirement
|
37
38
|
requirements:
|
38
|
-
- -
|
39
|
+
- - ">="
|
39
40
|
- !ruby/object:Gem::Version
|
40
41
|
version: '0'
|
41
42
|
- !ruby/object:Gem::Dependency
|
42
43
|
name: rails
|
43
44
|
requirement: !ruby/object:Gem::Requirement
|
44
45
|
requirements:
|
45
|
-
- -
|
46
|
+
- - ">="
|
46
47
|
- !ruby/object:Gem::Version
|
47
48
|
version: '3.2'
|
48
49
|
type: :development
|
49
50
|
prerelease: false
|
50
51
|
version_requirements: !ruby/object:Gem::Requirement
|
51
52
|
requirements:
|
52
|
-
- -
|
53
|
+
- - ">="
|
53
54
|
- !ruby/object:Gem::Version
|
54
55
|
version: '3.2'
|
55
56
|
- !ruby/object:Gem::Dependency
|
56
57
|
name: rspec
|
57
58
|
requirement: !ruby/object:Gem::Requirement
|
58
59
|
requirements:
|
59
|
-
- -
|
60
|
+
- - ">="
|
60
61
|
- !ruby/object:Gem::Version
|
61
62
|
version: '0'
|
62
63
|
type: :development
|
63
64
|
prerelease: false
|
64
65
|
version_requirements: !ruby/object:Gem::Requirement
|
65
66
|
requirements:
|
66
|
-
- -
|
67
|
+
- - ">="
|
67
68
|
- !ruby/object:Gem::Version
|
68
69
|
version: '0'
|
69
70
|
description: A gem to fetch information from University of Sheffield LDAP server based
|
70
71
|
on username or email address.
|
71
72
|
email:
|
72
|
-
-
|
73
|
+
- james.gregory@epigenesys.org.uk
|
74
|
+
- shuo.chen@epigenesys.org.uk
|
73
75
|
executables: []
|
74
76
|
extensions: []
|
75
77
|
extra_rdoc_files: []
|
76
78
|
files:
|
77
|
-
- .gitignore
|
78
|
-
- .
|
79
|
+
- ".gitignore"
|
80
|
+
- ".ruby-version"
|
79
81
|
- Gemfile
|
80
82
|
- LICENSE.txt
|
81
83
|
- README.md
|
@@ -88,7 +90,7 @@ files:
|
|
88
90
|
- sheffield_ldap_lookup.gemspec
|
89
91
|
- spec/lib/ldap_finder_spec.rb
|
90
92
|
- spec/spec_helper.rb
|
91
|
-
homepage:
|
93
|
+
homepage: https://www.epigenesys.org.uk
|
92
94
|
licenses: []
|
93
95
|
metadata: {}
|
94
96
|
post_install_message:
|
@@ -97,17 +99,16 @@ require_paths:
|
|
97
99
|
- lib
|
98
100
|
required_ruby_version: !ruby/object:Gem::Requirement
|
99
101
|
requirements:
|
100
|
-
- -
|
102
|
+
- - ">="
|
101
103
|
- !ruby/object:Gem::Version
|
102
104
|
version: '0'
|
103
105
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
104
106
|
requirements:
|
105
|
-
- -
|
107
|
+
- - ">="
|
106
108
|
- !ruby/object:Gem::Version
|
107
109
|
version: '0'
|
108
110
|
requirements: []
|
109
|
-
|
110
|
-
rubygems_version: 2.4.6
|
111
|
+
rubygems_version: 3.3.7
|
111
112
|
signing_key:
|
112
113
|
specification_version: 4
|
113
114
|
summary: LDAP lookup
|
data/.rvmrc
DELETED
@@ -1 +0,0 @@
|
|
1
|
-
rvm use --create @sheffield_ldap_lookup
|