Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

passport-ldapauth

Package Overview
Dependencies
Maintainers
1
Versions
31
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

passport-ldapauth - npm Package Compare versions

Comparing version 0.1.2 to 0.2.0

CHANGES.html

4

CHANGES.md
## Changes
* v0.2.0
* [#8](https://github.com/vesse/passport-ldapauth/issues/8) - Possibility to provide a callback function instead of options object to constructor (contributed by Linagora)
* Update Passport dependency to 0.2.0
* Get rid of `var self = this;`
* v0.1.1

@@ -4,0 +8,0 @@ * Documentation changes due to renaming git repository of `ldapauth-fork`

98

lib/passport-ldapauth/strategy.js

@@ -27,2 +27,6 @@ "use strict";

*
* Options can be also given as function that accepts a callback end calls it
* with error and options arguments. Notice that the callback is executed on
* every authenticate call.
*
* Example:

@@ -46,17 +50,22 @@ *

var Strategy = function(options, verify) {
if (typeof options === 'function') {
verify = options;
options = undefined;
// We now accept function as options as well so we cannot assume anymore
// that a call with a function parameter only would have skipped options
// and just provided a verify callback
if (!options) {
throw new Error('LDAP authentication strategy requires options');
}
if (!options) throw new Error('LDAP authentication strategy requires options');
this.options = null;
this.getOptions = null;
if (typeof options === 'object') {
this.options = setDefaults(options);
} else if (typeof options === 'function') {
this.getOptions = options;
}
passport.Strategy.call(this);
this.name = 'ldapauth';
this.options = options;
this.verify = verify;
this.options.usernameField || (this.options.usernameField = 'username');
this.options.passwordField || (this.options.passwordField = 'password');
this.name = 'ldapauth';
this.verify = verify;
};

@@ -67,4 +76,17 @@

/**
* Get value for given field from given object. Taken from passport-local
* Add default values to options
*
* @param options
* @returns {*}
*/
var setDefaults = function(options) {
options.usernameField || (options.usernameField = 'username');
options.passwordField || (options.passwordField = 'password');
return options;
};
/**
* Get value for given field from given object. Taken from passport-local,
* copyright 2011-2013 Jared Hanson
*/
var lookup = function (obj, field) {

@@ -89,16 +111,13 @@ var i, len, chain, prop;

*/
var verify = function(self) {
var verify = function() {
// Callback given to user given verify function.
return function(err, user, info) {
if (err) return self.error(err);
if (!user) return self.fail(info);
return self.success(user, info);
};
if (err) return this.error(err);
if (!user) return this.fail(info);
return this.success(user, info);
}.bind(this);
};
/**
* Authenticate the request coming from a form or such.
*/
Strategy.prototype.authenticate = function(req, options) {
var username, password, ldap, self;
var handleAuthentication = function(req, options) {
var username, password, ldap;
options || (options = {});

@@ -111,4 +130,3 @@

self = this;
ldap = new LdapAuth(self.options.server);
ldap = new LdapAuth(this.options.server);
ldap.authenticate(username, password, function(err, user) {

@@ -119,23 +137,39 @@ ldap.close(function(){}); // We don't care about the closing

if (err.name === 'InvalidCredentialsError' || err.name === 'NoSuchObjectError' || (typeof err === 'string' && err.match(/no such user/i))) {
return self.fail('Invalid username/password');
return this.fail('Invalid username/password');
}
// Other errors are (most likely) real errors
return self.error(err);
return this.error(err);
}
if (!user) return self.fail('User not found');
if (!user) return this.fail('User not found');
// Execute given verify function
if (self.verify) {
if (self.options.passReqToCallback) {
return self.verify(req, user, verify(self));
if (this.verify) {
if (this.options.passReqToCallback) {
return this.verify(req, user, verify.call(this));
} else {
return self.verify(user, verify(self));
return this.verify(user, verify.call(this));
}
} else {
return self.success(user);
return this.success(user);
}
});
}.bind(this));
};
/**
* Authenticate the request coming from a form or such.
*/
Strategy.prototype.authenticate = function(req, options) {
if ((typeof this.options === 'object') && (!this.getOptions)) {
return handleAuthentication.call(this, req, options);
}
this.getOptions(function(err, configuration) {
if (err) return this.fail(err);
this.options = setDefaults(configuration);
handleAuthentication.call(this, req, options);
}.bind(this));
};
module.exports = Strategy;

@@ -6,3 +6,4 @@ {

"contributors": [
"Simon Gaeremynck <gaeremyncks@gmail.com>"
"Simon Gaeremynck <gaeremyncks@gmail.com>",
"Michael Bailly <mbailly@linagora.com>"
],

@@ -15,3 +16,3 @@ "keywords": [

],
"version": "0.1.2",
"version": "0.2.0",
"license": {

@@ -34,10 +35,10 @@ "type": "MIT",

"ldapauth-fork": "~2.2.5",
"passport": "~0.1.17"
"passport": "~0.2.0"
},
"devDependencies": {
"mocha": "1.14.x",
"chai": "1.8.x",
"ldapjs": "0.6.x",
"mocha": "1.17.x",
"chai": "1.9.x",
"ldapjs": "0.7.x",
"express": "3.4.x",
"supertest": "0.8.x"
"supertest": "0.9.x"
},

@@ -44,0 +45,0 @@ "scripts": {

@@ -67,2 +67,4 @@ # passport-ldapauth

Note: you can pass a function instead of an object as `options`, see the [example below](#options-as-function)
## Express example

@@ -126,5 +128,37 @@

<a name="options-as-function"></a>
## Asynchronous configuration retrieval
Instead of providing a static configuration object, you can pass a function as `options` that will take care of fetching the configuration. It will be called with a callback function having the standard `(err, result)` signature. Notice that the provided function will be called on every authenticate request.
```javascript
var getLDAPConfiguration = function(callback) {
// Fetching things from database or whatever
process.nextTick(function() {
var opts = {
server: {
url: 'ldap://localhost:389',
adminDn: 'cn=root',
adminPassword: 'secret',
searchBase: 'ou=passport-ldapauth',
searchFilter: '(uid={{username}})'
}
};
callback(null, opts);
});
};
var LdapStrategy = require('passport-ldapauth').Strategy;
passport.use(new LdapStrategy(getLDAPConfiguration,
function(user, done) {
...
return done(null, user);
}
));
```
## License
MIT

@@ -55,9 +55,2 @@ var should = require('chai').Should(),

it("should throw an error if options are not provided", function(cb) {
(function() {
new LdapStrategy(function() {});
}).should.throw(Error);
cb();
});
it("should throw an error if options are not accepted by ldapauth", function(cb) {

@@ -188,2 +181,33 @@ var s = new LdapStrategy({}, function() {});

});
describe("with options as function", function() {
var OPTS = JSON.parse(JSON.stringify(BASE_OPTS));
OPTS.usernameField = 'cb_uname';
OPTS.passwordField = 'cb_pwd';
var opts = function(cb) {
process.nextTick(function() {
cb(null, OPTS);
});
};
before(start_servers(opts, BASE_TEST_OPTS));
after(stop_servers);
it("should use the options returned from the function", function(cb) {
request(expressapp)
.post('/login')
.send({cb_uname: 'valid', cb_pwd: 'valid'})
.expect(200)
.end(cb);
});
it("should not allow login if using wrong fields", function(cb) {
request(expressapp)
.post('/login')
.send({username: 'valid', password: 'valid'})
.expect(401)
.end(cb);
});
});
});
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc