Multiple LDAP Server Configurations Support #13
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Check arguments, set default options, and instantiate LdapAuth.
Added initial Express and ldapjs servers. Do not work yet.
First authentication implementation. LDAP test server does not work yet.
Simple LDAP server now allows everyone to access but only two users to bind, and can return only one user record. With these we are able to test that return values of ldapauth are handled somewhat correctly.
Always requiring applications to provide a verify callback does not really make sense for LDAP because users are authenticated (and authorized) from LDAP. Thus made it optional. Also added test for reading credentials from user defined keys.
As much as I hate it when rm -fr node_modules; npm install produces different outcome on different runs due to unfixed dependencies decided not to fix them. Since this module is just a wrapper it will likely work nicely even if ldapauth API changes, and passport developers have used ~0.1.0 in other modules as well so likely that will not break either.
Added test that verifies request is passed to verify callback if configured to do so.
Previous version was using a rather old version of ldapauth
There is an issue in ldapjs[1] which causes unhandled error when the underlying socket gets closed due to inactivity. Create a new ldapauth instance on every authentication request to address this issue. [1] ldapjs/node-ldapjs#127
CamelCasing adminDn so it is consistent with node-ldapauth's property.
Compilation of a dependency module fails now on 0.11, stop testing on it for now.
This is usefull for example if you want to reconfigure your application without having to restart your node server.
Pull request #8 did not contain any tests. Add some that verify it works now, and then get rid of regression caused by the pull request without breaking desired functionality.
With the possibility to pass a function as options we cannot assume the given parameter is a verify callback if it's a function, thus removed the test.
Finally changed to binding scope since the new pull request used binding as well. Now the scope is handled the same way in all code.
Add possibility give a function as options to LDAP strategy. Closes #8
addnab
changed the title
| @@ -158,7 +158,7 @@ Strategy.prototype.authenticate = function(req, options) { | |||
| return handleAuthentication.call(this, req, options); | |||
| } | |||
|
|
|||
| this.getOptions(function(err, configuration) { | |||
| this.getOptions(req, function(err, configuration) { | |||
There was a problem hiding this comment.
Please see if you could detect given function signature and if the given function only accepts the callback print a deprecated-message and call without the req. Also, please include tests for both one and two parameters. This way the change would not be a breaking one and we can then remove the callback only -branch when making a bigger version bump.
|
Terribly sorry for the delay, I didn't want to accept a breaking change and then this just slipped my mind. I added some comments to the commit if you're still interested in getting this accepted. |
|
I need something similar actually, i like the idea of just being able to change the name of the strategy, if not the leave it the default 'ldapauth', then I can load multiple instances of LdapStrategy with different names for different domains. That would be a simple solution. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is to help with scenarios where you'd want the user who is getting authenticated to decide which LDAP Server they'd like to authenticate with.
The Multiple LDAP Server configurations can be stored in a Database and the required configuration to authenticate with can be fetched based on the user's request.