@mashroom/mashroom-security-provider-ldap
Advanced tools
Comparing version 1.9.0 to 1.9.1
@@ -227,3 +227,5 @@ "use strict"; | ||
const groupSearchFilter = `(&${this._groupSearchFilter}(member=${user.dn}))`; | ||
const distinguishedName = this._escapeSpecialCharactersInDistinguishedName(user.dn); | ||
const groupSearchFilter = `(&${this._groupSearchFilter}(member=${distinguishedName}))`; | ||
logger.debug(`Search for user groups: ${groupSearchFilter}`); | ||
@@ -333,2 +335,12 @@ const groupEntries = await this._ldapClient.search(groupSearchFilter); | ||
} | ||
} // Escape special characters in the distinguished name. | ||
// See RFC 2253: https://datatracker.ietf.org/doc/html/rfc2253 | ||
_escapeSpecialCharactersInDistinguishedName(dn) { | ||
let escapedDn = dn; | ||
[',', '=', '+', '<', '>', '#', ';'].forEach(specialChar => { | ||
escapedDn = escapedDn.replace(specialChar, `\\${specialChar}`); | ||
}); | ||
return escapedDn; | ||
} | ||
@@ -335,0 +347,0 @@ |
@@ -7,3 +7,3 @@ { | ||
"license": "MIT", | ||
"version": "1.9.0", | ||
"version": "1.9.1", | ||
"files": [ | ||
@@ -17,5 +17,5 @@ "dist/**" | ||
"@babel/cli": "^7.15.7", | ||
"@mashroom/mashroom": "1.9.0", | ||
"@mashroom/mashroom-security": "1.9.0", | ||
"@mashroom/mashroom-utils": "1.9.0", | ||
"@mashroom/mashroom": "1.9.1", | ||
"@mashroom/mashroom-security": "1.9.1", | ||
"@mashroom/mashroom-utils": "1.9.1", | ||
"@types/express": "^4.17.13", | ||
@@ -22,0 +22,0 @@ "@types/jest": "^27.0.1", |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
28710
566