@mashroom/mashroom-security-provider-ldap - npm Package Compare versions

@mashroom/mashroom-security-provider-ldap

Package Overview

Dependencies

Maintainers

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 1.6.3 to 1.6.4

dist/login_failure_reason.js

dist/LdapClientImpl.js

		@@ -106,2 +106,4 @@ "use strict";
		} catch (error) {
		this.logger.warn(`Binding with user ${ldapEntry.dn} failed`, error);

		if (client) {
		@@ -111,3 +113,3 @@ await this.disconnect(client);

		throw new Error(error);
		throw error;
		}
		@@ -135,2 +137,3 @@ }
		} catch (error) {
		this.logger.error(`Binding with user ${this.bindDN} failed`, error);
		await this.disconnect(searchClient);
		@@ -212,3 +215,2 @@ this.searchClient = null;
		if (error) {
		this.logger.error(`Binding with user ${user} failed`, error);
		reject(error);
		@@ -215,0 +217,0 @@ } else {

dist/mashroom-bootstrap.js

		@@ -24,2 +24,3 @@ "use strict";
		groupToRoleMapping: groupToRoleMappingPath,
		userToRoleMapping: userToRoleMappingPath,
		serverUrl,
		@@ -46,3 +47,3 @@ ldapConnectTimeout,
		});
		return new _MashroomLdapSecurityProvider.default(loginPage, userSearchFilter, groupSearchFilter, extraDataMapping, secretsMapping, groupToRoleMappingPath, ldapClient, serverRootFolder, authenticationTimeoutSec, loggerFactory);
		return new _MashroomLdapSecurityProvider.default(loginPage, userSearchFilter, groupSearchFilter, extraDataMapping, secretsMapping, groupToRoleMappingPath, userToRoleMappingPath, ldapClient, serverRootFolder, authenticationTimeoutSec, loggerFactory);
		};
		@@ -49,0 +50,0 @@

dist/MashroomLdapSecurityProvider.js

		@@ -14,2 +14,4 @@ "use strict";

		var _login_failure_reason = _interopRequireDefault(require("./login_failure_reason"));

		function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
		@@ -21,3 +23,3 @@
		class MashroomLdapSecurityProvider {
		constructor(loginPage, userSearchFilter, groupSearchFilter, extraDataMapping, secretsMapping, groupToRoleMappingPath, ldapClient, serverRootFolder, authenticationTimeoutSec, loggerFactory) {
		constructor(loginPage, userSearchFilter, groupSearchFilter, extraDataMapping, secretsMapping, groupToRoleMappingPath, userToRoleMappingPath, ldapClient, serverRootFolder, authenticationTimeoutSec, loggerFactory) {
		this.loginPage = loginPage;
		@@ -31,7 +33,6 @@ this.userSearchFilter = userSearchFilter;
		this.authenticationTimeoutSec = authenticationTimeoutSec;
		this.logger = loggerFactory('mashroom.security.provider.ldap');
		this.groupToRoleMappingPath = groupToRoleMappingPath;
		const logger = loggerFactory('mashroom.security.provider.ldap');

		if (groupToRoleMappingPath) {
		const logger = loggerFactory('mashroom.security.provider.ldap');
		this.groupToRoleMappingPath = groupToRoleMappingPath;

		@@ -43,3 +44,3 @@ if (!_path.default.isAbsolute(groupToRoleMappingPath)) {
		if (this.groupToRoleMappingPath && _fs.default.existsSync(this.groupToRoleMappingPath)) {
		logger.info(`Using user to role mapping: ${this.groupToRoleMappingPath}`);
		logger.info(`Using group to role mapping: ${this.groupToRoleMappingPath}`);
		} else {
		@@ -51,3 +52,16 @@ logger.warn(`Group to role mapping file not found: ${groupToRoleMappingPath}`);

		this.groupToRoleMapping = null;
		if (userToRoleMappingPath) {
		this.userToRoleMappingPath = userToRoleMappingPath;

		if (!_path.default.isAbsolute(userToRoleMappingPath)) {
		this.userToRoleMappingPath = _path.default.resolve(serverRootFolder, userToRoleMappingPath);
		}

		if (this.userToRoleMappingPath && _fs.default.existsSync(this.userToRoleMappingPath)) {
		logger.info(`Using user to role mapping: ${this.userToRoleMappingPath}`);
		} else {
		logger.warn(`Using to role mapping file not found: ${userToRoleMappingPath}`);
		this.userToRoleMappingPath = null;
		}
		}
		}
		@@ -99,3 +113,4 @@
		return {
		success: false
		success: false,
		failureReason: 'User not found'
		};
		@@ -106,3 +121,4 @@ }
		return {
		success: false
		success: false,
		failureReason: 'User not found'
		};
		@@ -116,3 +132,5 @@ }
		return {
		success: false
		success: false,
		failureReason: (0, _login_failure_reason.default)(e.message),
		failureReasonDetails: e.message
		};
		@@ -154,3 +172,3 @@ }
		const groups = await this.getUserGroups(user, logger);
		const roles = this.getRolesForUserGroups(groups, logger);
		const roles = this.getRoles(username, groups, logger);
		const mashroomUser = {
		@@ -175,3 +193,4 @@ username,
		return {
		success: false
		success: false,
		failureReason: 'User not found'
		};
		@@ -206,23 +225,32 @@ }

		getRolesForUserGroups(groups, logger) {
		if (!groups \|\| groups.length === 0) {
		return [];
		}

		getRoles(username, groups, logger) {
		const roles = [];
		const groupToRoles = this.getGroupToRoleMapping(logger);

		if (groupToRoles) {
		groups.forEach(group => {
		if (groupToRoles.hasOwnProperty(group)) {
		const groupRoles = groupToRoles[group];
		if (groups && groups.length > 0) {
		const groupToRoles = this.getGroupToRoleMapping(logger);

		if (groupRoles && Array.isArray(groupRoles)) {
		groupToRoles[group].forEach(role => roles.push(role));
		if (groupToRoles) {
		groups.forEach(group => {
		if (groupToRoles.hasOwnProperty(group)) {
		const groupRoles = groupToRoles[group];

		if (groupRoles && Array.isArray(groupRoles)) {
		groupToRoles[group].forEach(role => roles.push(role));
		}
		}
		});
		} else {
		// If no mapping defined treat groups as roles
		groups.forEach(g => roles.push(g));
		}
		}

		const userToRoles = this.getUserToRoleMapping(logger);

		if (userToRoles && userToRoles.hasOwnProperty(username)) {
		userToRoles[username].forEach(role => {
		if (roles.indexOf(role) === -1) {
		roles.push(role);
		}
		});
		} else {
		// If no mapping defined treat groups as roles
		groups.forEach(g => roles.push(g));
		}
		@@ -252,4 +280,23 @@

		getUserToRoleMapping(logger) {
		if (!this.userToRoleMappingPath) {
		return null;
		}

		if (this.userToRoleMapping) {
		return this.userToRoleMapping;
		}

		if (_fs.default.existsSync(this.userToRoleMappingPath)) {
		this.userToRoleMapping = require(this.userToRoleMappingPath);
		} else {
		logger.warn(`No user to roles definition found: ${this.userToRoleMappingPath \|\| '-'}.`);
		this.userToRoleMapping = null;
		}

		return this.userToRoleMapping;
		}

		}

		exports.default = MashroomLdapSecurityProvider;

package.json

		@@ -7,3 +7,3 @@ {
		"license": "MIT",
		"version": "1.6.3",
		"version": "1.6.4",
		"files": [
		@@ -17,5 +17,5 @@ "dist/**"
		"@babel/cli": "^7.12.1",
		"@mashroom/mashroom": "1.6.3",
		"@mashroom/mashroom-security": "1.6.3",
		"@mashroom/mashroom-utils": "1.6.3",
		"@mashroom/mashroom": "1.6.4",
		"@mashroom/mashroom-security": "1.6.4",
		"@mashroom/mashroom-utils": "1.6.4",
		"@types/express": "^4.17.8",
		@@ -68,2 +68,3 @@ "@types/jest": "^26.0.15",
		"groupToRoleMapping": "./groupToRoleMapping.json",
		"userToRoleMapping": "./userToRoleMapping.json",
		"authenticationTimeoutSec": 1200
		@@ -70,0 +71,0 @@ }

README.md

		@@ -47,2 +47,3 @@
		"groupToRoleMapping": "./groupToRoleMapping.json",
		"userToRoleMapping": "./userToRoleMapping.json",
		"authenticationTimeoutSec": 1200
		@@ -68,2 +69,3 @@ }
		* _groupToRoleMapping_: An optional JSON file that contains a user group to roles mapping
		* _userToRoleMapping_: An optional JSON file that contains a user name to roles mapping
		* _authenticationTimeoutSec_: The inactivity time after that the authentication expires. Since this plugin uses the session to store make sure the session _cookie.maxAge_ is greater than this value.
		@@ -104,1 +106,11 @@

		And the _userToRoleMapping_ file:

		```json
		{
		"username": [
		"ROLE1",
		"ROLE2"
		]
		}
		```

New alerts

Improved metrics

Worsened metrics