-
Notifications
You must be signed in to change notification settings - Fork 5.5k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(Ldap Node): Add LDAP node (#4783)
- Loading branch information
Showing
7 changed files
with
1,010 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,91 @@ | ||
/* eslint-disable n8n-nodes-base/cred-class-name-unsuffixed,n8n-nodes-base/cred-class-field-name-unsuffixed,n8n-nodes-base/cred-class-field-display-name-missing-api */ | ||
import { ICredentialType, INodeProperties } from 'n8n-workflow'; | ||
|
||
export class Ldap implements ICredentialType { | ||
name = 'ldap'; | ||
|
||
displayName = 'LDAP'; | ||
|
||
properties: INodeProperties[] = [ | ||
{ | ||
displayName: 'LDAP Server Address', | ||
name: 'hostname', | ||
type: 'string', | ||
default: '', | ||
required: true, | ||
description: 'IP or domain of the LDAP server', | ||
}, | ||
{ | ||
displayName: 'LDAP Server Port', | ||
name: 'port', | ||
type: 'string', | ||
default: '389', | ||
description: 'Port used to connect to the LDAP server', | ||
}, | ||
{ | ||
displayName: 'Binding DN', | ||
name: 'bindDN', | ||
type: 'string', | ||
default: '', | ||
description: 'Distinguished Name of the user to connect as', | ||
required: true, | ||
}, | ||
{ | ||
displayName: 'Binding Password', | ||
name: 'bindPassword', | ||
type: 'string', | ||
typeOptions: { | ||
password: true, | ||
}, | ||
default: '', | ||
description: 'Password of the user provided in the Binding DN field above', | ||
required: true, | ||
}, | ||
{ | ||
displayName: 'Connection Security', | ||
name: 'connectionSecurity', | ||
type: 'options', | ||
default: 'none', | ||
options: [ | ||
{ | ||
name: 'None', | ||
value: 'none', | ||
}, | ||
{ | ||
name: 'TLS', | ||
value: 'tls', | ||
}, | ||
{ | ||
name: 'STARTTLS', | ||
value: 'startTls', | ||
}, | ||
], | ||
}, | ||
{ | ||
displayName: 'Ignore SSL/TLS Issues', | ||
name: 'allowUnauthorizedCerts', | ||
type: 'boolean', | ||
description: 'Whether to connect even if SSL/TLS certificate validation is not possible', | ||
default: false, | ||
displayOptions: { | ||
hide: { | ||
connectionSecurity: ['none'], | ||
}, | ||
}, | ||
}, | ||
{ | ||
displayName: 'CA Certificate', | ||
name: 'caCertificate', | ||
typeOptions: { | ||
alwaysOpenEditWindow: true, | ||
}, | ||
displayOptions: { | ||
hide: { | ||
connectionSecurity: ['none'], | ||
}, | ||
}, | ||
type: 'string', | ||
default: '', | ||
}, | ||
]; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
import { Client } from 'ldapts'; | ||
import type { ClientOptions, Entry } from 'ldapts'; | ||
import type { ICredentialDataDecryptedObject, IDataObject } from 'n8n-workflow'; | ||
import { LoggerProxy as Logger } from 'n8n-workflow'; | ||
export const BINARY_AD_ATTRIBUTES = ['objectGUID', 'objectSid']; | ||
|
||
const resolveEntryBinaryAttributes = (entry: Entry): Entry => { | ||
Object.entries(entry) | ||
.filter(([k]) => BINARY_AD_ATTRIBUTES.includes(k)) | ||
.forEach(([k]) => { | ||
entry[k] = (entry[k] as Buffer).toString('hex'); | ||
}); | ||
return entry; | ||
}; | ||
|
||
export const resolveBinaryAttributes = (entries: Entry[]): void => { | ||
entries.forEach((entry) => resolveEntryBinaryAttributes(entry)); | ||
}; | ||
|
||
export async function createLdapClient( | ||
credentials: ICredentialDataDecryptedObject, | ||
nodeDebug?: boolean, | ||
nodeType?: string, | ||
nodeName?: string, | ||
): Promise<Client> { | ||
const protocol = credentials.connectionSecurity === 'tls' ? 'ldaps' : 'ldap'; | ||
const url = `${protocol}://${credentials.hostname}:${credentials.port}`; | ||
|
||
const ldapOptions: ClientOptions = { url }; | ||
const tlsOptions: IDataObject = {}; | ||
|
||
if (credentials.connectionSecurity !== 'none') { | ||
tlsOptions.rejectUnauthorized = credentials.allowUnauthorizedCerts === false; | ||
if (credentials.caCertificate) { | ||
tlsOptions.ca = [credentials.caCertificate as string]; | ||
} | ||
if (credentials.connectionSecurity !== 'startTls') { | ||
ldapOptions.tlsOptions = tlsOptions; | ||
} | ||
} | ||
|
||
if (nodeDebug) { | ||
Logger.info( | ||
`[${nodeType} | ${nodeName}] - LDAP Options: ${JSON.stringify(ldapOptions, null, 2)}`, | ||
); | ||
} | ||
|
||
const client = new Client(ldapOptions); | ||
if (credentials.connectionSecurity === 'startTls') { | ||
await client.startTLS(tlsOptions); | ||
} | ||
return client; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
{ | ||
"node": "n8n-nodes-base.ldap", | ||
"nodeVersion": "1.0", | ||
"codexVersion": "1.0", | ||
"categories": ["Development", "Developer Tools"], | ||
"resources": { | ||
"credentialDocumentation": [ | ||
{ | ||
"url": "https://docs.n8n.io/credentials/ldap" | ||
} | ||
], | ||
"primaryDocumentation": [ | ||
{ | ||
"url": "https://docs.n8n.io/integrations/builtin/app-nodes/n8n-nodes-base.ldap/" | ||
} | ||
] | ||
}, | ||
"alias": ["ad", "active directory"] | ||
} |
Oops, something went wrong.