Class: Another::Ldap::Proxy::Backend::Ldap

Inherits:

Object

• Object
• Another::Ldap::Proxy::Backend::Ldap

Defined in:

lib/another/ldap/proxy/backend/ldap.rb

Constant Summary

TYPE =

'ldap'

CONNECT_TIMEOUT =

15

Instance Attribute Summary

• #auth_method ⇒ Object readonly

  Returns the value of attribute auth_method.

• #base ⇒ Object readonly

  Returns the value of attribute base.

• #ca_file ⇒ Object readonly

  Returns the value of attribute ca_file.

• #logger ⇒ Object readonly

  Returns the value of attribute logger.

• #parsed_url ⇒ Object readonly

  Returns the value of attribute parsed_url.

• #password ⇒ Object readonly

  Returns the value of attribute password.

• #type ⇒ Object readonly

  Returns the value of attribute type.

• #url ⇒ Object readonly

  Returns the value of attribute url.

• #username ⇒ Object readonly

  Returns the value of attribute username.

Instance Method Summary

• #auth(username: self.username, password: self.password) ⇒ Object
• #bind(_version, dn, password) ⇒ Object
• #client ⇒ Object
• #encryption ⇒ Object
• #host ⇒ Object
• #initialize(url:, base:, auth_method:, username:, password:, type:, ca_file: nil, logger: nil, **unused) ⇒ Ldap constructor

  A new instance of Ldap.

• #new_client(host: self.host, port: self.port, base: self.base, auth: self.auth, encryption: self.encryption, connect_timeout: CONNECT_TIMEOUT) ⇒ Object
• #port ⇒ Object
• #search(basedn, scope, _deref, filter) ⇒ Object
• #search_base(basedn) ⇒ Object

Constructor Details

#initialize(url:, base:, auth_method:, username:, password:, type:, ca_file: nil, logger: nil, **unused) ⇒ Ldap

Returns a new instance of Ldap.

# File 'lib/another/ldap/proxy/backend/ldap.rb', line 17

def initialize(url:, base:, auth_method:, username:, password:, type:, ca_file: nil, logger: nil,
               **unused)
  @url = url
  @base = base
  @auth_method = auth_method
  @username = username
  @password = password
  @type = type
  @ca_file = ca_file
  @logger = logger
  @unused = unused

  @parsed_url = URI.parse(url)

  raise "backend type is expected to be #{TYPE} not '#{type}'" unless type == TYPE
end

Instance Attribute Details

#auth_method ⇒ Object (readonly)

Returns the value of attribute auth_method.

# File 'lib/another/ldap/proxy/backend/ldap.rb', line 14

def auth_method
  @auth_method
end

#base ⇒ Object (readonly)

Returns the value of attribute base.

# File 'lib/another/ldap/proxy/backend/ldap.rb', line 14

def base
  @base
end

#ca_file ⇒ Object (readonly)

Returns the value of attribute ca_file.

# File 'lib/another/ldap/proxy/backend/ldap.rb', line 14

def ca_file
  @ca_file
end

#logger ⇒ Object (readonly)

Returns the value of attribute logger.

# File 'lib/another/ldap/proxy/backend/ldap.rb', line 14

def logger
  @logger
end

#parsed_url ⇒ Object (readonly)

Returns the value of attribute parsed_url.

# File 'lib/another/ldap/proxy/backend/ldap.rb', line 14

def parsed_url
  @parsed_url
end

#password ⇒ Object (readonly)

Returns the value of attribute password.

# File 'lib/another/ldap/proxy/backend/ldap.rb', line 14

def password
  @password
end

#type ⇒ Object (readonly)

Returns the value of attribute type.

# File 'lib/another/ldap/proxy/backend/ldap.rb', line 14

def type
  @type
end

#url ⇒ Object (readonly)

Returns the value of attribute url.

# File 'lib/another/ldap/proxy/backend/ldap.rb', line 14

def url
  @url
end

#username ⇒ Object (readonly)

Returns the value of attribute username.

# File 'lib/another/ldap/proxy/backend/ldap.rb', line 14

def username
  @username
end

Instance Method Details

#auth(username: self.username, password: self.password) ⇒ Object

# File 'lib/another/ldap/proxy/backend/ldap.rb', line 58

def auth(username: self.username, password: self.password)
  return unless auth_method && username && password

  { method: auth_method.to_sym,
    username: username,
    password: password }
end

#bind(_version, dn, password) ⇒ Object

# File 'lib/another/ldap/proxy/backend/ldap.rb', line 73

def bind(_version, dn, password)
  logger&.info "Ldap#bind : dn:#{dn}"
  logger&.debug "Ldap#bind : dn:#{dn} password:#{password}"
  bind_ldap = new_client(auth: auth(username: dn, password: password))
  status = bind_ldap.bind ? true : false
  logger&.info "Ldap#bind : #{dn} => #{status}"

  status
end

#client ⇒ Object

# File 'lib/another/ldap/proxy/backend/ldap.rb', line 46

def client
  @client ||= new_client
end

#encryption ⇒ Object

# File 'lib/another/ldap/proxy/backend/ldap.rb', line 66

def encryption
  return unless parsed_url.scheme == 'ldaps'

  { method: :simple_tls,
    tls_options: { ca_file: ca_file } }
end

#host ⇒ Object

# File 'lib/another/ldap/proxy/backend/ldap.rb', line 50

def host
  parsed_url.host
end

#new_client(host: self.host, port: self.port, base: self.base, auth: self.auth, encryption: self.encryption, connect_timeout: CONNECT_TIMEOUT) ⇒ Object

# File 'lib/another/ldap/proxy/backend/ldap.rb', line 34

def new_client(host: self.host, port: self.port, base: self.base, auth: self.auth,
               encryption: self.encryption, connect_timeout: CONNECT_TIMEOUT)
  Net::LDAP.new(
    host: host,
    port: port,
    base: base,
    auth: auth,
    encryption: encryption,
    connect_timeout: connect_timeout
  )
end

#port ⇒ Object

# File 'lib/another/ldap/proxy/backend/ldap.rb', line 54

def port
  parsed_url.port
end

#search(basedn, scope, _deref, filter) ⇒ Object

# File 'lib/another/ldap/proxy/backend/ldap.rb', line 83

def search(basedn, scope, _deref, filter)
  logger&.debug "Ldap#search : filter:#{filter}"
  results = []
  client.search(base: search_base(basedn), scope: scope, filter: filter, return_results: true) do |entry|
    results << entry
  end
  logger&.info "Ldap#search : results => #{results.size}"
  results
rescue Net::LDAP::Error => e
  logger&.warn "Ldap#search : Error querying LDAP server: #{e.message}"
  []
end

#search_base(basedn) ⇒ Object

# File 'lib/another/ldap/proxy/backend/ldap.rb', line 96

def search_base(basedn)
  return base unless basedn
  return basedn if basedn.include?(base)

  base
end