hubot-ldap-auth
Advanced tools
This module is derived from the hubot-auth module and it delegates the main functions of authorization to an LDAP server using the ldapjs LDAP client. In the implementation, it is meant to be a drop in replacement for the existing module so that the other integrations that exist around hubot-auth can continue to function properly. All modifying actions have been removed from the auth client so that the LDAP server can act as a service providing authorization details to Hubot, rather than providing Hubot ability to do such modifications. Theoretically, this would be a separate script to do such an integration, but it is not in the scope of this module.
HUBOT_LDAP_AUTH_LDAP_URL - the URL to the LDAP serverHUBOT_LDAP_AUTH_BIND_DN - the bind DN to authenticate withHUBOT_LDAP_AUTH_BIND_PASSWORD - the bind password to authenticate withHUBOT_LDAP_AUTH_USER_SEARCH_FILTER - the ldap filter search for a specific user - e.g. 'cn={0}' where '{0}' will be replaced by the hubot user attributeHUBOT_LDAP_AUTH_GROUP_MEMBERSHIP_ATTRIBUTE - the member attribute within the user objectHUBOT_LDAP_AUTH_GROUP_MEMBERSHIP_FILTER - the membership filter to find groups based on user DN - e.g. 'member={0}' where '{0}' will be replaced by user DNHUBOT_LDAP_AUTH_GROUP_MEMBERSHIP_SEARCH_METHOD - (filter | attribute) - how to find groups belong to usersHUBOT_LDAP_AUTH_ROLES_TO_INCLUDE - comma separated group names that will be used as roles, all the rest of the groups will be filtered outHUBOT_LDAP_AUTH_USE_ONLY_LISTENER_ROLES - if true, groups will be filtered by all listener options, all the rest of the groups will be filtered outHUBOT_LDAP_AUTH_SEARCH_BASE_DN - search DN to start finding users and groups within the ldap directoryHUBOT_LDAP_AUTH_USER_LDAP_ATTRIBUTE - the ldap attribute to match hubot users within the ldap directoryHUBOT_LDAP_AUTH_HUBOT_USER_ATTRIBUTE - the hubot user attribute to search for a user within the ldap directoryHUBOT_LDAP_AUTH_GROUP_LDAP_ATTRIBUTE - the ldap attribute of a group that will be used as role nameHUBOT_LDAP_AUTH_LDAP_REFRESH_TIME - time in millisecods to refresh the roles and usersHUBOT_LDAP_AUTH_DN_ATTRIBUTE_NAME - the dn attribute name, used for queries by DN. In ActiveDirectory should be distinguishedNameThis script is meant to be used with the hubot-auth-middleware project which uses the auth plugin in Hubot to determine whether a user can take a particular action. See the README.md of that project for more details on configuring roles for user actions.
In order to set up this plugin, first install it in the project:
npm install hubot-ldap-auth --save
Then, add the script to the external-scripts.json file:
[
"hubot-ldap-auth"
]
FAQs
An auth module for Hubot that delegates to an LDAP server
The npm package hubot-ldap-auth receives a total of 0 weekly downloads. As such, hubot-ldap-auth popularity was classified as not popular.
We found that hubot-ldap-auth demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.