passport-ldapauth - npm Package Compare versions

Comparing version 0.0.6 to 0.1.0

lib/passport-ldapauth/strategy.js

@@ -7,3 +7,3 @@ "use strict";
 var passport = require('passport'),
-    LdapAuth = require('ldapauth'),
+    LdapAuth = require('ldapauth-fork'),
     util     = require('util');
@@ -10,0 +10,0 @@

package.json

@@ -5,2 +5,5 @@ {
   "author": "Vesa Poikajärvi <vesa.poikajarvi@iki.fi>",
+  "contributors": [
+    "Simon Gaeremynck <gaeremyncks@gmail.com>"
+  ],
   "keywords": [
@@ -12,3 +15,3 @@ "ldap",
   ],
-  "version": "0.0.6",
+  "version": "0.1.0",
   "license": {
@@ -30,4 +33,4 @@ "type": "MIT",
   "dependencies": {
-    "ldapauth": ">=2.0.0",
-    "passport": "~0.1.1"
+    "ldapauth-fork": "~2.2.5",
+    "passport": "~0.1.17"
   },
@@ -42,4 +45,4 @@ "devDependencies": {
   "scripts": {
-    "test": "NODE_PATH=lib mocha test/*-test.js"
+    "test": "NODE_PATH=lib mocha --reporter spec test/*-test.js"
   }
 }

README.md

 # passport-ldapauth
 
-[Passport](http://passportjs.org/) authentication strategy against LDAP server. This module is a Passport strategy wrapper for [node-ldapauth](https://github.com/trentm/node-ldapauth)
+[Passport](http://passportjs.org/) authentication strategy against LDAP server. This module is a Passport strategy wrapper for [ldapauth-fork](https://github.com/vesse/node-ldapauth)
 
@@ -49,3 +49,3 @@ ## Usage
 
-* `server`: LDAP settings. These are passed directly to [node-ldapauth](https://github.com/trentm/node-ldapauth)
+* `server`: LDAP settings. These are passed directly to [ldapauth-fork](https://github.com/vesse/node-ldapauth). See its documentation for all available options.
     * `url`: e.g. `ldap://localhost:389`
@@ -56,2 +56,4 @@ * `adminDn`: e.g. `cn='root'`
     * `searchFilter`:  LDAP search filter, e.g. `(uid={{username}})`. Use literal `{{username}}` to have the given username used in the search.
+    * `searchAttributes`: Optional array of attributes to fetch from LDAP server, e.g. `['displayName', 'mail']`. Defaults to `undefined`, i.e. fetch all attributes
+    * `tlsOptions`: Optional object with options accepted by Node.js [tls](http://nodejs.org/api/tls.html#tls_tls_connect_options_callback) module.
 * `usernameField`: Field name where the username is found, defaults to _username_
@@ -86,6 +88,2 @@ * `passwordField`: Field name where the password is found, defaults to _password_
 
-passport.serializeUser(function(user, cb) {
-  return cb(null, user.dn.toString());
-});
-
 passport.use(new LdapStrategy(OPTS));
@@ -98,5 +96,7 @@
 
-app.post('/login', passport.authenticate('ldapauth'), function(req, res) {
+app.post('/login', passport.authenticate('ldapauth', {session: false}), function(req, res) {
   res.send({status: 'ok'});
 });
+
+app.listen(8080);
 ```
@@ -103,0 +103,0 @@

test/ldapserver.js

@@ -54,3 +54,2 @@ var ldap = require('ldapjs');
   server.listen(port, function() {
-    console.log("LDAP server up at %s", server.url);
     if (typeof cb === 'function') return cb();
@@ -57,0 +56,0 @@ });

test/strategy-test.js

@@ -9,3 +9,6 @@ var should       = require('chai').Should(),
 
-var OPTS = {
+var expressapp = null;
+
+// Base options that are cloned where needed to edit
+var BASE_OPTS = {
   server: {
@@ -19,12 +22,10 @@ url: 'ldap://localhost:' +  LDAP_PORT.toString(),
 },
-TEST_OPTS = {
+BASE_TEST_OPTS = {
   no_callback: false
 };
 
-describe("LDAP authentication strategy", function() {
-  var expressapp = null;
-
-  before(function(cb) {
+var start_servers = function(opts, test_opts) {
+  return function(cb) {
     ldapserver.start(LDAP_PORT, function() {
-      appserver.start(OPTS, TEST_OPTS, function(app) {
+      appserver.start(opts, test_opts, function(app) {
         expressapp = app;
@@ -34,79 +35,65 @@ cb();
     });
-  });
+  }
+}
 
-  after(function(cb) {
-    appserver.close(function() {
-      ldapserver.close(function() {
-        cb();
-      });
+var stop_servers = function(cb) {
+  appserver.close(function() {
+    ldapserver.close(function() {
+      cb();
     });
   });
+};
 
-  it("should throw an error if no arguments not provided", function(cb) {
-    (function() {
-      new LdapStrategy();
-    }).should.throw(Error);
-    cb();
-  });
+describe("LDAP authentication strategy", function() {
 
-  it("should throw an error if options are not provided", function(cb) {
-    (function() {
-      new LdapStrategy(function() {});
-    }).should.throw(Error);
-    cb();
-  });
+  describe("by itself", function() {
 
-  it("should throw an error if options are not accepted by ldapauth", function(cb) {
-    var s = new LdapStrategy({}, function() {});
-    (function() {
-      s.authenticate({body: {username: 'valid', password: 'valid'}});
-    }).should.throw(Error);
-    cb();
-  });
+    it("should throw an error if no arguments are provided", function(cb) {
+      (function() {
+        new LdapStrategy();
+      }).should.throw(Error);
+      cb();
+    });
 
-  it("should initialize without a verify callback", function(cb) {
-    (function() {
-      new LdapStrategy(OPTS)
-    }).should.not.throw(Error);
-    cb();
-  });
+    it("should throw an error if options are not provided", function(cb) {
+      (function() {
+        new LdapStrategy(function() {});
+      }).should.throw(Error);
+      cb();
+    });
 
-  it("should return unauthorized if credentials are not given", function(cb) {
-    request(expressapp)
-      .post('/login')
-      .send({})
-      .expect(401)
-      .end(cb);
-  });
+    it("should throw an error if options are not accepted by ldapauth", function(cb) {
+      var s = new LdapStrategy({}, function() {});
+      (function() {
+        s.authenticate({body: {username: 'valid', password: 'valid'}});
+      }).should.throw(Error);
+      cb();
+    });
 
-  it("should allow access with valid credentials", function(cb) {
-    request(expressapp)
-      .post('/login')
-      .send({username: 'valid', password: 'valid'})
-      .expect(200)
-      .end(cb);
-  });
+    it("should initialize without a verify callback", function(cb) {
+      (function() {
+        new LdapStrategy({server: {}})
+      }).should.not.throw(Error);
+      cb();
+    });
 
-  it("should return unauthorized with invalid credentials", function(cb) {
-    request(expressapp)
-      .post('/login')
-      .send({username: 'valid', password: 'invvalid'})
-      .expect(401)
-      .end(cb);
   });
 
-  it("should return unauthorized with non-existing user", function(cb) {
-    request(expressapp)
-      .post('/login')
-      .send({username: 'nonexisting', password: 'invvalid'})
-      .expect(401)
-      .end(cb);
-  });
+  describe("with basic settings", function() {
 
-  it("should authenticate without a verify callback", function(cb) {
-    TEST_OPTS.no_callback = true;
-    appserver.start(OPTS, TEST_OPTS, function(app) {
-      TEST_OPTS.no_callback = false
+    before(start_servers(BASE_OPTS, BASE_TEST_OPTS));
+
+    after(stop_servers);
+
+    it("should return unauthorized if credentials are not given", function(cb) {
       request(expressapp)
         .post('/login')
+        .send({})
+        .expect(401)
+        .end(cb);
+    });
+
+    it("should allow access with valid credentials", function(cb) {
+      request(expressapp)
+        .post('/login')
         .send({username: 'valid', password: 'valid'})
@@ -116,53 +103,89 @@ .expect(200)
     });
-  });
 
-  it("should reject invalid event without a verify callback", function(cb) {
-    TEST_OPTS.no_callback = true;
-    appserver.start(OPTS, TEST_OPTS, function(app) {
-      TEST_OPTS.no_callback = false;
+    it("should allow access with valid credentials in query string", function(cb) {
       request(expressapp)
+        .post('/login?username=valid&password=valid')
+        .expect(200)
+        .end(cb);
+    });
+
+    it("should return unauthorized with invalid credentials", function(cb) {
+      request(expressapp)
         .post('/login')
-        .send({username: 'valid', password: 'invalid'})
+        .send({username: 'valid', password: 'invvalid'})
         .expect(401)
         .end(cb);
     });
+
+    it("should return unauthorized with non-existing user", function(cb) {
+      request(expressapp)
+        .post('/login')
+        .send({username: 'nonexisting', password: 'invvalid'})
+        .expect(401)
+        .end(cb);
+    });
   });
 
-  it("should read given fields instead of defaults", function(cb) {
-    OPTS.usernameField = 'ldapuname';
-    OPTS.passwordField = 'ldappwd';
-    OPTS.no_callback   = true;
-    appserver.start(OPTS, TEST_OPTS, function(app) {
-      OPTS.no_callback = false;
+  describe("without a verify callback", function() {
+    before(start_servers(BASE_OPTS, {no_callback: true}));
+
+    after(stop_servers);
+
+    it("should still authenticate", function(cb) {
       request(expressapp)
         .post('/login')
-        .send({ldapuname: 'valid', ldappwd: 'valid'})
+        .send({username: 'valid', password: 'valid'})
         .expect(200)
-        .end(function() {
-          delete OPTS.usernameField;
-          delete OPTS.passwordField;
-          cb();
-        });
+        .end(cb);
     });
+
+    it("should reject invalid event", function(cb) {
+      request(expressapp)
+        .post('/login')
+        .send({username: 'valid', password: 'invalid'})
+        .expect(401)
+        .end(cb);
+    });
   });
 
-  it("should pass request to verify callback if defined so", function(cb) {
-    OPTS.passReqToCallback = true;
-    var req = {body: {username: 'valid', password: 'valid', testkey: 1}},
-        s   = new LdapStrategy(OPTS, function(req, user, done) {
-          req.should.have.keys('body');
-          req.body.should.have.keys(['username', 'password', 'testkey']);
-          done(null, user);
-        });
+  describe("with optional options", function() {
 
-    s.success = function(user) {
-      should.exist(user);
-      user.uid.should.equal('valid');
-      delete OPTS.passReqToCallback;
-      cb();
-    };
+    afterEach(stop_servers);
 
-    s.authenticate(req);
+    it("should read given fields instead of defaults", function(cb) {
+      var OPTS = JSON.parse(JSON.stringify(BASE_OPTS));
+      OPTS.usernameField = 'ldapuname';
+      OPTS.passwordField = 'ldappwd';
+
+      start_servers(OPTS, BASE_TEST_OPTS)(function() {
+        request(expressapp)
+          .post('/login')
+          .send({ldapuname: 'valid', ldappwd: 'valid'})
+          .expect(200)
+          .end(cb);
+      });
+    });
+
+    it("should pass request to verify callback if defined so", function(cb) {
+      var OPTS = JSON.parse(JSON.stringify(BASE_OPTS));
+      OPTS.passReqToCallback = true;
+
+      start_servers(OPTS, BASE_TEST_OPTS)(function() {
+        var req = {body: {username: 'valid', password: 'valid', testkey: 1}},
+            s   = new LdapStrategy(OPTS, function(req, user, done) {
+              req.should.have.keys('body');
+              req.body.should.have.keys(['username', 'password', 'testkey']);
+              done(null, user);
+            });
+
+        s.success = function(user) {
+          should.exist(user);
+          user.uid.should.equal('valid');
+          cb();
+        };
+
+        s.authenticate(req);
+      });
+    });
   });
-
 });

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

17705

increased by9.71%

Number of package files

11

increased by10%

Lines of code

364

increased by2.82%

Dependency changes

• + Addedldapauth-fork@~2.2.5

• + Addedbcrypt@0.7.8(transitive)

• + Addedbindings@1.0.0(transitive)

• + Addedldapauth-fork@2.2.19(transitive)

• + Addedlru-cache@2.5.0(transitive)

• - Removedldapauth@>=2.0.0

• - Removedassert-plus@0.1.4(transitive)

• - Removedbackoff@2.3.0(transitive)

• - Removedbcrypt@0.8.7(transitive)

• - Removedbindings@1.2.1(transitive)

• - Removedldapauth@2.3.1(transitive)

• - Removedlru-cache@2.0.4(transitive)

• - Removednan@2.3.5(transitive)

• Updatedpassport@~0.1.17