Permalink
Browse files

Before gem build

  • Loading branch information...
1 parent b9996a3 commit 284f0b3029a9e838626466bd9eed2d33affa212e @madAle madAle committed Jun 22, 2011
View
0 README
No changes.
View
@@ -1,21 +1,22 @@
-= AvdtLdap
+= AvdtLdapLegacy
+
+avdt_ldap version for Ruby 1.8.6
This gem supports LDAP authentication both on sigle and multiple LDAP servers with a minimal configuration.
-It requires 'net-ldap' gem (automatically installed)
+It requires 'ruby-net-ldap' gem (automatically installed)
== Installation
=== Rails 3
-Add this to your +Gemfile+ and run the +bundle+ command:
-
- gem "avdt_ldap"
+This gem doesn't work with Rails 3 because it requires Ruby >= 1.8.7
+If you use Rails 3 you have to install avdt_ldap. Documentation[https://github.com/davide-targa/avdt_ldap] RubyGem[https://rubygems.org/gems/avdt_ldap]
=== Rails 2
Add this to your environment.rb file:
- config.gem "avdt_ldap"
+ config.gem "avdt_ldap_legacy"
== Usage
@@ -24,7 +25,7 @@ Just add a config file named ldap.yml in config/ directory.
You can change default file name by setting +ldap_config_file+ configuration parameter.
For example, inside the avdt_ldap initializer:
- AvdtLdap.configure do |c|
+ AvdtLdapLegacy.configure do |c|
c.ldap_config_file = "#{Rails.root}/config/foobar.yml"
end
View
@@ -5,16 +5,18 @@ require "avdt_ldap_legacy/version"
Gem::Specification.new do |s|
s.name = "avdt_ldap_legacy"
s.version = AvdtLdapLegacy::VERSION
- s.authors = ["Alessandro Verlato"]
- s.email = ["averlato@gmail.com"]
- s.homepage = ""
- s.summary = %q{TODO: Write a gem summary}
- s.description = %q{TODO: Write a gem description}
+ s.authors = ["Alessandro Verlato","Davide Targa"]
+ s.email = ["averlato@gmail.com","davide.targa@gmail.com"]
+ s.homepage = "https://rubygems.org/gems/avdt_ldap_legacy"
+ s.summary = %q{avdt_ldap for Ruby 1.8.6}
+ s.description = %q{avdt_ldap is a simple LDAP authentication library for user authentication on multiple LDAP directories}
+ s.required_ruby_version = "1.8.6"
s.rubyforge_project = "avdt_ldap_legacy"
s.files = `git ls-files`.split("\n")
s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
s.require_paths = ["lib"]
+ s.add_dependency "ruby-net-ldap"
end
View
@@ -0,0 +1,34 @@
+# All the directory attributes (except "base") are optional. Defaults are specified in the example below.
+
+development:
+ dir1:
+ host: ldap.foobar.com # defaults to "127.0.0.1"
+ base: ou=People,dc=foobar,dc=com # REQUIRED
+ port: 123 # defaults to 389
+ ssl: true # defaults to false
+ attribute: cn # defaults to "uid"
+
+
+ dir2:
+ host: ldap.goofy.foobar.com
+ base: ou=People,dc=goofy,dc=foobar,dc=com
+
+test:
+ dir1:
+ host: ldap.test.foobar.com
+ base: ou=People,dc=foobar,dc=com
+
+ dir2:
+ host: ldap.goofy.foobar.com
+ base: ou=People,dc=goofy,dc=foobar,dc=com
+
+production:
+ dir2:
+ host: ldap.live.foobar.com
+ base: ou=People,dc=foobar,dc=com
+ attribute: cn
+
+ new_dir:
+ host: donald.duck.com
+ attribute: foo
+ base: ou=Ducks,dc=foobar,dc=com
View
@@ -1,5 +1,4 @@
-require "avdt_ldap_legacy/version"
-
-module AvdtLdapLegacy
- # Your code goes here...
-end
+# avdt init file
+require 'avdt_ldap_legacy/hash'
+require 'avdt_ldap_legacy/avdt_ldap_legacy'
+require 'avdt_ldap_legacy/configuration'
@@ -0,0 +1,155 @@
+# AvdtLdapLegacy
+
+# This gem supports LDAP authentication both on sigle and multiple LDAP servers
+# with a minimal configuration.
+# It requires 'ruby-net-ldap' gem.
+#
+# USAGE
+# Authentication
+
+# To verify user's credentials on ALL the specified directories (default) simply do this:
+#
+# AvdtLdapLegacy.new.valid?(login, password)
+#
+# As mentioned this will try to authenticate the user on all the directories specified on ldap.yml and will return true or false.
+# If authentication fails an error message, containing directory response (error message and code), will be displayed on server's logs.
+#
+# Authentication only on specified directories
+#
+# If you have to check user's credentials only on some specific directories, you can pass an hash to AvdtLdapLegacy.new(), specifying on which to do the check.
+#
+# a = AvdtLdapLegacy.new(:directories => [:dir1,dir3])
+# a.valid?(login,password)
+# => true (false)
+#
+# NOTE: The authentication process stops as soon as one positive match is found, so it's possible that not all the directories are queried.
+#
+# User's attributes access:
+# If you have to access (read) user's attributes from the directory you can
+# use the handy methods provided by the gem. Let's suppose we need two attributes,
+# the user's name and surname ("givenName" and "sn" attributes on the directory).
+# Simply access attributes as in the example below:
+#
+# a = AvdtLdapLegacy.new.valid?(login, password)
+# name = a.givenname
+# surname = a.cn
+#
+# As you can see methods names reflects attribute's name (but always in downcase).
+# You can also access the whole attributes hash by calling:
+
+# a.user_attributes
+#
+# On which directory is located the user ?
+# You can know it by calling the +user_location+ method on your AvdtLdapLegacy object:
+#
+# location = a.user_location
+
+require 'net/ldap'
+
+class AvdtLdapLegacy
+
+ # Used to simplify configuration from rails initializers.
+ # Works with the methods configuration and configure defined below.
+ class << self
+ attr_accessor :configuration
+ end
+
+ attr_accessor :directories, :include_default, :user_attributes, :user_location
+
+ # Loads ldap configuration file and sets up the object's parameters
+ def initialize(args = {})
+ if File.exist?(AvdtLdapLegacy.configuration.ldap_config_file)
+ @LDAP = YAML.load_file(AvdtLdapLegacy.configuration.ldap_config_file).symbolize_keys!
+ else
+ raise "AvdtLdapLegacy: File #{AvdtLdapLegacy.configuration.ldap_config_file} not found, maybe you forgot to define it ?"
+ end
+ @directories = args[:directories] || @LDAP[env].keys
+ end
+
+ # Checks for user's existance on specified directories. Just pass "login" and
+ # "password" parameters to chech if a user resides on one of the directories.
+ # After this method calling, if the user is authenticated, his (directory)
+ # attributes are availaible.
+ def valid? login, password
+ @directories.each do |ldap|
+ ldap = ldap.to_sym
+ unless @LDAP[env][ldap].nil?
+ conn = connection(ldap)
+ conn.authenticate("#{attribute(ldap)}=#{login.to_s},#{base(ldap)}", password.to_s)
+ begin
+ # if bind => OK
+ if conn.bind
+ logger.info("Authenticated #{login.to_s} by #{host(ldap)}") if logger
+ @user_attributes = conn.search(:base => base(ldap),:filter => Net::LDAP::Filter.eq(attribute(ldap),login.to_s)).first.each do |k,v|
+ class_eval "attr_reader :#{k}"
+ self.instance_variable_set "@#{k}".to_sym, v
+ end
+ @user_location = ldap
+ return true
+ else
+ logger.info("Error attempting to authenticate #{login.to_s} by #{host(ldap)}: #{conn.get_operation_result.code} #{conn.get_operation_result.message}") if logger
+ end
+ rescue Net::LDAP::LdapError => error
+ logger.info("Error attempting to authenticate #{login.to_s} by #{host(ldap)}: #{error.message}") if logger
+ return false
+ end
+ else
+ logger.info "ERROR ! \"#{ldap}\" directory data are missing in ldap.yml" if logger
+ raise Net::LDAP::LdapError, "\"#{ldap}\" directory data are missing in ldap.yml"
+ end
+ end
+ false
+ end
+
+ # Adds configuration ability to the gem
+ def self.configuration
+ @configuration ||= Configuration.new
+ end
+
+ def self.configure
+ yield(configuration)
+ end
+
+ private
+
+ # Given a directory name returns a connection to that server using parameters
+ # specified in ldap.yml
+ def connection(which_ldap)
+ Net::LDAP.new(:host => host(which_ldap), :port => port(which_ldap), :encryption => (:simple_tls if ssl?(which_ldap)))
+ end
+
+ # Given a directory return it's host name
+ def host(which_ldap)
+ @LDAP[env][which_ldap][:host] || "127.0.0.1"
+ end
+
+ # Given a directory returns it's host port
+ def port(which_ldap)
+ ssl?(which_ldap) ? (@LDAP[env][which_ldap][:port] || 636) : (@LDAP[env][which_ldap][:port] || 389)
+ end
+
+ # Given a directory returns it's attribute (example: uid)
+ def attribute(which_ldap)
+ @LDAP[env][which_ldap][:attribute] || "uid"
+ end
+
+ # Given a directory returns it's base path (example ou=People,dc=foo,dc=bar)
+ def base(which_ldap)
+ @LDAP[env][which_ldap][:base] || "%s"
+ end
+
+ # Given a directory returns if connection should use ssl
+ def ssl?(which_ldap)
+ @LDAP[env][which_ldap][:ssl] ? true : false
+ end
+
+ # Returns Rails Default logger
+ def logger
+ Rails.logger
+ end
+
+ def env
+ Rails.env.to_sym
+ end
+
+end
@@ -0,0 +1,7 @@
+class Configuration
+ attr_accessor :ldap_config_file
+
+ def initialize
+ @ldap_config_file = "#{Rails.root}/config/ldap.yml"
+ end
+end
@@ -0,0 +1,20 @@
+class Hash
+
+ # Transforms all the hash keys from strings to symbols.
+ # Example:
+ # {"one" => "two", "three" => "four"}.symbolize_keys
+ # => {:one=>"two", :three=>"four"}
+ #
+ def symbolize_keys!
+ t = self.dup
+ self.clear
+ t.each_pair do |k,v|
+ self[k.to_sym] = v
+ if v.kind_of?(Hash)
+ v.symbolize_keys!
+ end
+ self
+ end
+ self
+ end
+end
@@ -1,3 +1,3 @@
module AvdtLdapLegacy
- VERSION = "0.0.1"
+ VERSION = "0.1.0"
end

0 comments on commit 284f0b3

Please sign in to comment.