sheffield_ldap_lookup 0.0.5 → 0.0.9

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +5 -5
  2. data/.ruby-version +1 -0
  3. data/lib/sheffield_ldap_lookup/ldap_finder.rb +27 -5
  4. data/lib/sheffield_ldap_lookup/version.rb +1 -1
  5. data/sheffield_ldap_lookup.gemspec +6 -6
  6. data/spec/lib/ldap_finder_spec.rb +118 -26
  7. metadata +19 -18
  8. data/.rvmrc +0 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 53101ae7dab529fac6ee8e5604ccf548fce20a75
4
- data.tar.gz: 593b21537e0c2024e2c000a5384b34ba225b2403
2
+ SHA256:
3
+ metadata.gz: 2a0dc52a5bd9f5aa8ec1401e62ca05c0d5f7062c0f382afb77d1f4d8595df0b5
4
+ data.tar.gz: f945bc9ded89ea4b1d9a047ae6b1c5a7b71786b2a7d98acdd426f5172c7720c4
5
5
  SHA512:
6
- metadata.gz: 3807d07547fc71d68186c9c8569a86a58fc3eaafd1247642d23c37042b425439967104fb72c33e10866d2ef8be851382e420757d0f4b8dc23c33e814ac50ac7b
7
- data.tar.gz: c3a998108c0c650e1af430541bc147a81d6dec782381336f2d4e3d042c45d3725db48f490a8086c2afa4d0b494be0862efca8751f54142c9a921e1e39f7b8be5
6
+ metadata.gz: 42ed11ed5b09a6a6b3b159fc4fee3757235802bfad7ce87420b3507751ba4f7561502195c03e51a44e373ee7069595f768d2b0234177a98f4ef99c7bac564ed6
7
+ data.tar.gz: 46017a6b493efd2d91b87f8669e9118ececac71a9190dea0782ca3958b480b8001849e632143fcc0b7d8a3b6c0183d83d07713480cb2011d59ee33a0b0ddff2e
data/.ruby-version ADDED
@@ -0,0 +1 @@
1
+ ruby-3.1
data/lib/sheffield_ldap_lookup/ldap_finder.rb CHANGED
@@ -12,13 +12,17 @@ module SheffieldLdapLookup
12
12
 
13
13
  class << self
14
14
  attr_accessor :ldap_config
15
+ attr_accessor :error_notification_proc
15
16
  end
16
17
 
17
18
  def lookup
18
19
  begin
19
20
  @lookup ||= connection.search(filter: ldap_filter)[0]
20
- rescue
21
- {}
21
+ rescue Exception => exception
22
+ if self.class.error_notification_proc.is_a?(Proc)
23
+ self.class.error_notification_proc.call(exception)
24
+ end
25
+ raise exception
22
26
  end
23
27
  end
24
28
 
@@ -28,7 +32,7 @@ module SheffieldLdapLookup
28
32
 
29
33
  def search_attribute
30
34
  return custom_search_attribute if custom_search_attribute
31
- keyword =~ /\A[^@]+@[^@]+\z/ ? 'mail' : 'uid'
35
+ keyword =~ /\A[^@]+@[^@]+\z/ ? 'mail' : 'sAMAccountName'
32
36
  end
33
37
 
34
38
  def ldap_config
@@ -41,7 +45,9 @@ module SheffieldLdapLookup
41
45
 
42
46
  def connection_settings
43
47
  base_settings = {
44
- host: ldap_config["#{@config_prefix}host"], port: ldap_config["#{@config_prefix}port"], base: ldap_config["#{@config_prefix}base"]
48
+ host: ldap_config["#{@config_prefix}host"],
49
+ port: ldap_config["#{@config_prefix}port"],
50
+ base: ldap_config["#{@config_prefix}base"]
45
51
  }
46
52
 
47
53
  if ldap_config.key?("#{@config_prefix}username") && ldap_config.key?("#{@config_prefix}password")
@@ -51,8 +57,24 @@ module SheffieldLdapLookup
51
57
  password: ldap_config["#{@config_prefix}password"]
52
58
  }
53
59
  end
60
+
61
+ if ldap_config["#{@config_prefix}ssl"] == true
62
+ base_settings[:port] ||= 636
63
+ base_settings[:encryption] = {
64
+ method: :simple_tls,
65
+ tls_options: OpenSSL::SSL::SSLContext::DEFAULT_PARAMS.merge(
66
+ # Default min version (in Ruby 2.7) is TLS 1.0, but server always responds and says provide TLS 1.2
67
+ # (and, to be honest, we shouldn't use anything less than TLS 1.2 these days)
68
+ min_version: OpenSSL::SSL::TLS1_2_VERSION
69
+ )
70
+ }
71
+ end
72
+
73
+ # Avoid two LDAP queries per connection by forcing unpaged results
74
+ base_settings[:force_no_page] = true
75
+
54
76
  base_settings
55
77
  end
56
78
 
57
79
  end
58
- end
80
+ end
data/lib/sheffield_ldap_lookup/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module SheffieldLdapLookup
2
- VERSION = "0.0.5"
2
+ VERSION = "0.0.9"
3
3
  end
data/sheffield_ldap_lookup.gemspec CHANGED
@@ -6,20 +6,20 @@ require 'sheffield_ldap_lookup/version'
6
6
  Gem::Specification.new do |gem|
7
7
  gem.name = "sheffield_ldap_lookup"
8
8
  gem.version = SheffieldLdapLookup::VERSION
9
- gem.authors = ["Shuo Chen"]
10
- gem.email = ["s.chen@epigenesys.co.uk"]
9
+ gem.authors = ["James Gregory-Monk", "Shuo Chen"]
10
+ gem.email = ["james.gregory@epigenesys.org.uk", "shuo.chen@epigenesys.org.uk"]
11
11
  gem.description = "A gem to fetch information from University of Sheffield LDAP server based on username or email address."
12
12
  gem.summary = "LDAP lookup"
13
- gem.homepage = "http://www.epigenesys.org.uk"
13
+ gem.homepage = "https://www.epigenesys.org.uk"
14
14
 
15
15
  gem.files = `git ls-files`.split($/)
16
16
  gem.executables = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
17
17
  gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
18
18
  gem.require_paths = ["lib"]
19
-
19
+
20
20
  gem.add_dependency('net-ldap')
21
-
21
+
22
22
  gem.add_development_dependency('rake')
23
23
  gem.add_development_dependency('rails', '>= 3.2')
24
24
  gem.add_development_dependency('rspec')
25
- end
25
+ end
data/spec/lib/ldap_finder_spec.rb CHANGED
@@ -2,68 +2,160 @@ require 'spec_helper'
2
2
  require 'sheffield_ldap_lookup/ldap_finder.rb'
3
3
 
4
4
  describe SheffieldLdapLookup::LdapFinder do
5
- LDAP_CONFIG = { 'host' => 'localhost', 'port' => '389', 'base' => 'ou=Users' }
5
+ let(:ldap_config) { { 'host' => 'localhost', 'port' => '389', 'base' => 'ou=Users' } }
6
+ let(:default_tls_options) { OpenSSL::SSL::SSLContext::DEFAULT_PARAMS.merge(min_version: OpenSSL::SSL::TLS1_2_VERSION) }
7
+
6
8
  describe "#connection" do
7
9
  it "should create a new LDAP connection" do
8
- subject.stub(ldap_config: LDAP_CONFIG)
10
+ allow(subject).to receive(:ldap_config).and_return(ldap_config)
9
11
  ldap_class = double
10
- ldap_class.should_receive(:new).with(host: LDAP_CONFIG['host'], port: LDAP_CONFIG['port'], base: LDAP_CONFIG['base'])
12
+ expect(ldap_class).to receive(:new).with({
13
+ host: ldap_config['host'],
14
+ port: ldap_config['port'],
15
+ base: ldap_config['base'],
16
+ force_no_page: true
17
+ })
11
18
  subject.connection(ldap_class)
12
19
  end
13
20
  end
14
-
21
+
15
22
  describe "#ldap_config" do
16
23
  it "should load the LDAP configuration" do
17
- SheffieldLdapLookup::LdapFinder.ldap_config = LDAP_CONFIG
18
- subject.ldap_config.should == LDAP_CONFIG
24
+ SheffieldLdapLookup::LdapFinder.ldap_config = ldap_config
25
+ expect(subject.ldap_config).to eq ldap_config
19
26
  end
20
27
  end
21
-
28
+
22
29
  describe "#search_attribute" do
23
30
  describe "determine to search against uid or email based on the format of the keyword" do
24
31
  it "should use 'uid' attribute for username" do
25
32
  finder = SheffieldLdapLookup::LdapFinder.new('username')
26
- finder.search_attribute.should == 'uid'
33
+ expect(finder.search_attribute).to eq 'sAMAccountName'
27
34
  end
28
-
35
+
29
36
  it "should use 'mail' attribute for email" do
30
37
  finder = SheffieldLdapLookup::LdapFinder.new('test@test.com')
31
- finder.search_attribute.should == 'mail'
38
+ expect(finder.search_attribute).to eq 'mail'
32
39
  end
33
40
  end
34
41
  end
35
-
42
+
36
43
  describe "#ldap_filter" do
37
44
  it "should create a LDAP filter for the attribute and keyword" do
38
45
  finder = SheffieldLdapLookup::LdapFinder.new('username')
39
- finder.stub(search_attribute: 'uid')
46
+ allow(finder).to receive(:search_attribute).and_return('uid')
40
47
  filter_class = double
41
- filter_class.should_receive(:eq).with('uid', 'username')
48
+ expect(filter_class).to receive(:eq).with('uid', 'username')
42
49
  finder.ldap_filter filter_class
43
50
  end
44
51
  end
45
-
52
+
53
+ context "load config prefix" do
54
+ let(:ldap_config) { { 'host' => 'localhost', 'port' => '389', 'base' => 'ou=Users',
55
+ 'prefix_host' => 'prefix_localhost', 'prefix_port' => '400', 'prefix_base' => 'ou=BigUsers' } }
56
+ subject { SheffieldLdapLookup::LdapFinder.new('123', 'prefix_') }
57
+
58
+ it "should create a new LDAP connection" do
59
+ allow(subject).to receive(:ldap_config).and_return(ldap_config)
60
+ ldap_class = double
61
+ expect(ldap_class).to receive(:new).with({
62
+ host: ldap_config['prefix_host'],
63
+ port: ldap_config['prefix_port'],
64
+ base: ldap_config['prefix_base'],
65
+ force_no_page: true
66
+ })
67
+ subject.connection(ldap_class)
68
+ end
69
+ end
70
+
71
+ context 'with an ssl config' do
72
+ let(:ldap_config) { { 'host' => 'localhost', 'port' => '389', 'base' => 'ou=Users', 'ssl' => true } }
73
+
74
+ it "should create a new secure LDAP connection" do
75
+ allow(subject).to receive(:ldap_config).and_return(ldap_config)
76
+ ldap_class = double
77
+ expect(ldap_class).to receive(:new).with({
78
+ host: ldap_config['host'],
79
+ port: ldap_config['port'],
80
+ base: ldap_config['base'],
81
+ encryption: {
82
+ method: :simple_tls,
83
+ tls_options: default_tls_options
84
+ },
85
+ force_no_page: true
86
+ })
87
+ subject.connection(ldap_class)
88
+ end
89
+ end
90
+
91
+ context 'with a username and password config' do
92
+ let(:ldap_config) { { 'host' => 'localhost', 'port' => '389', 'base' => 'ou=Users',
93
+ 'username' => 'ldapusername', 'password' => 'ldappassword' } }
94
+
95
+ it "should create a new secure LDAP connection" do
96
+ allow(subject).to receive(:ldap_config).and_return(ldap_config)
97
+ ldap_class = double
98
+ expect(ldap_class).to receive(:new).with({
99
+ host: ldap_config['host'],
100
+ port: ldap_config['port'],
101
+ base: ldap_config['base'],
102
+ force_no_page: true,
103
+ auth: {
104
+ method: :simple,
105
+ username: 'ldapusername',
106
+ password: 'ldappassword'
107
+ }
108
+ })
109
+ subject.connection(ldap_class)
110
+ end
111
+ end
112
+
113
+ context 'with a username, password and ssl config' do
114
+ let(:ldap_config) { { 'host' => 'localhost', 'port' => '389', 'base' => 'ou=Users',
115
+ 'username' => 'ldapusername', 'password' => 'ldappassword', 'ssl' => true } }
116
+
117
+ it "should create a new secure LDAP connection" do
118
+ allow(subject).to receive(:ldap_config).and_return(ldap_config)
119
+ ldap_class = double
120
+ expect(ldap_class).to receive(:new).with({
121
+ host: ldap_config['host'],
122
+ port: ldap_config['port'],
123
+ base: ldap_config['base'],
124
+ force_no_page: true,
125
+ encryption: {
126
+ method: :simple_tls,
127
+ tls_options: default_tls_options
128
+ },
129
+ auth: {
130
+ method: :simple,
131
+ username: 'ldapusername',
132
+ password: 'ldappassword'
133
+ }
134
+ })
135
+ subject.connection(ldap_class)
136
+ end
137
+ end
138
+
46
139
  describe "#lookup" do
47
140
  describe "use the LDAP filter to search for the entity and return the first result" do
48
141
  let(:ldap_filter) { double }
49
142
  let(:connection) { double }
50
- before { subject.stub(ldap_filter: ldap_filter, connection: connection) }
51
-
143
+
144
+ before do
145
+ allow(subject).to receive(:ldap_filter).and_return(ldap_filter)
146
+ allow(subject).to receive(:connection).and_return(connection)
147
+ end
148
+
52
149
  it "should search the LDAP connection using the filter" do
53
- connection.should_receive(:search).with(filter: ldap_filter).and_return([])
150
+ expect(connection).to receive(:search).with(filter: ldap_filter).and_return([])
54
151
  subject.lookup
55
152
  end
56
-
153
+
57
154
  it "should return the first result" do
58
155
  result = double
59
- connection.stub(search: [result])
60
- subject.lookup.should == result
61
- end
62
-
63
- it "should return an empty hash if cannot connect to LDAP" do
64
- connection.stub(search: ->{raise})
65
- subject.lookup.should == {}
156
+ allow(connection).to receive(:search).and_return([result])
157
+ expect(subject.lookup).to eq result
66
158
  end
67
159
  end
68
160
  end
69
- end
161
+ end
metadata CHANGED
@@ -1,81 +1,83 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sheffield_ldap_lookup
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.5
4
+ version: 0.0.9
5
5
  platform: ruby
6
6
  authors:
7
+ - James Gregory-Monk
7
8
  - Shuo Chen
8
9
  autorequire:
9
10
  bindir: bin
10
11
  cert_chain: []
11
- date: 2015-04-09 00:00:00.000000000 Z
12
+ date: 2023-09-22 00:00:00.000000000 Z
12
13
  dependencies:
13
14
  - !ruby/object:Gem::Dependency
14
15
  name: net-ldap
15
16
  requirement: !ruby/object:Gem::Requirement
16
17
  requirements:
17
- - - '>='
18
+ - - ">="
18
19
  - !ruby/object:Gem::Version
19
20
  version: '0'
20
21
  type: :runtime
21
22
  prerelease: false
22
23
  version_requirements: !ruby/object:Gem::Requirement
23
24
  requirements:
24
- - - '>='
25
+ - - ">="
25
26
  - !ruby/object:Gem::Version
26
27
  version: '0'
27
28
  - !ruby/object:Gem::Dependency
28
29
  name: rake
29
30
  requirement: !ruby/object:Gem::Requirement
30
31
  requirements:
31
- - - '>='
32
+ - - ">="
32
33
  - !ruby/object:Gem::Version
33
34
  version: '0'
34
35
  type: :development
35
36
  prerelease: false
36
37
  version_requirements: !ruby/object:Gem::Requirement
37
38
  requirements:
38
- - - '>='
39
+ - - ">="
39
40
  - !ruby/object:Gem::Version
40
41
  version: '0'
41
42
  - !ruby/object:Gem::Dependency
42
43
  name: rails
43
44
  requirement: !ruby/object:Gem::Requirement
44
45
  requirements:
45
- - - '>='
46
+ - - ">="
46
47
  - !ruby/object:Gem::Version
47
48
  version: '3.2'
48
49
  type: :development
49
50
  prerelease: false
50
51
  version_requirements: !ruby/object:Gem::Requirement
51
52
  requirements:
52
- - - '>='
53
+ - - ">="
53
54
  - !ruby/object:Gem::Version
54
55
  version: '3.2'
55
56
  - !ruby/object:Gem::Dependency
56
57
  name: rspec
57
58
  requirement: !ruby/object:Gem::Requirement
58
59
  requirements:
59
- - - '>='
60
+ - - ">="
60
61
  - !ruby/object:Gem::Version
61
62
  version: '0'
62
63
  type: :development
63
64
  prerelease: false
64
65
  version_requirements: !ruby/object:Gem::Requirement
65
66
  requirements:
66
- - - '>='
67
+ - - ">="
67
68
  - !ruby/object:Gem::Version
68
69
  version: '0'
69
70
  description: A gem to fetch information from University of Sheffield LDAP server based
70
71
  on username or email address.
71
72
  email:
72
- - s.chen@epigenesys.co.uk
73
+ - james.gregory@epigenesys.org.uk
74
+ - shuo.chen@epigenesys.org.uk
73
75
  executables: []
74
76
  extensions: []
75
77
  extra_rdoc_files: []
76
78
  files:
77
- - .gitignore
78
- - .rvmrc
79
+ - ".gitignore"
80
+ - ".ruby-version"
79
81
  - Gemfile
80
82
  - LICENSE.txt
81
83
  - README.md
@@ -88,7 +90,7 @@ files:
88
90
  - sheffield_ldap_lookup.gemspec
89
91
  - spec/lib/ldap_finder_spec.rb
90
92
  - spec/spec_helper.rb
91
- homepage: http://www.epigenesys.org.uk
93
+ homepage: https://www.epigenesys.org.uk
92
94
  licenses: []
93
95
  metadata: {}
94
96
  post_install_message:
@@ -97,17 +99,16 @@ require_paths:
97
99
  - lib
98
100
  required_ruby_version: !ruby/object:Gem::Requirement
99
101
  requirements:
100
- - - '>='
102
+ - - ">="
101
103
  - !ruby/object:Gem::Version
102
104
  version: '0'
103
105
  required_rubygems_version: !ruby/object:Gem::Requirement
104
106
  requirements:
105
- - - '>='
107
+ - - ">="
106
108
  - !ruby/object:Gem::Version
107
109
  version: '0'
108
110
  requirements: []
109
- rubyforge_project:
110
- rubygems_version: 2.4.6
111
+ rubygems_version: 3.3.7
111
112
  signing_key:
112
113
  specification_version: 4
113
114
  summary: LDAP lookup
data/.rvmrc DELETED
@@ -1 +0,0 @@
1
- rvm use --create @sheffield_ldap_lookup