Module: Blueauth

Defined in:

lib/blueauth.rb,
lib/blueauth/error.rb,
lib/blueauth/version.rb

Defined Under Namespace

Classes: BlueError, Error

Constant Summary

BPHOST =

'bluepages.ibm.com'

BGHOST =

'bluegroups.ibm.com'

BPBASE =

'ou=bluepages,o=ibm.com'

BGBASE =

'ou=memberlist,ou=ibmgroups,o=ibm.com'

VERSION =

"0.0.9"

Class Method Summary

• .authenticate(id, password) ⇒ Object

  using this method a user can be authenticated Intraned ID, password are mandatory.

• .bluegroups(dn) ⇒ Object
• .search(id) ⇒ Object

  Tries to find the given user id in Enterprise Directory and the result will be an LDAP object user id can be - Intranet ID (must contain ‘@’ sign) - Notes ID (must contain ‘/’ sign) - Common name (none of the previous two) return object contains :name, :country, :intranetid, :dn.

Class Method Details

.authenticate(id, password) ⇒ Object

using this method a user can be authenticated Intraned ID, password are mandatory

# File 'lib/blueauth.rb', line 18

def self.authenticate(id, password)
  ldap = Net::LDAP.new host: BPHOST, port: 636, base: BPBASE, :encryption => :simple_tls
  user = search id.strip
  unless user.nil?
    ldap.auth user[:dn], password.strip
    begin
      auth = ldap.bind
    rescue => e
      raise Blueauth::BlueError, "BluePages Bind issue -> #{e.message}"
    end
    if auth
      groups = bluegroups user[:dn]
      return user.merge({groups: groups})
    else
      return nil
    end
  end
end

.bluegroups(dn) ⇒ Object

# File 'lib/blueauth.rb', line 84

def self.bluegroups(dn)
  result = []
  bg = Net::LDAP.new host: BPHOST, port: 636, base: BGBASE, :encryption => :simple_tls
  bgf = Net::LDAP::Filter.eq('uniquemember', dn)
  begin
    bgres = bg.search(base: BGBASE, filter: bgf, attributes: ['cn'])
    bgres.each {|g| result << g.cn.first}
  rescue => e
    raise Blueauth::BlueError, "BlueGroup Search issue -> #{e.message}"
  end
  return result
end

.search(id) ⇒ Object

Tries to find the given user id in Enterprise Directory and the result will be an LDAP object user id can be

- Intranet ID (must contain '@' sign)
- Notes ID (must contain '/' sign)
- Common name (none of the previous two)

return object contains :name, :country, :intranetid, :dn

# File 'lib/blueauth.rb', line 44

def self.search(id)
  ldap = Net::LDAP.new host: BPHOST, port: 636, base: BPBASE, :encryption => :simple_tls
  if id.include? '@'
    searchfield = 'mail'
  elsif id.include? '/'
    searchfield = 'notesid'
    email_parts = id.split('/')
    id = ''
    c = 1
    email_parts.each do |part|
      id =
        case c
          when 1
            'CN='+part
          when email_parts.count
            id + '/O='+part
          else
            id + '/OU='+part
        end
      c += 1
    end
  else
    searchfield = 'cn'
  end
  filter = Net::LDAP::Filter.eq(searchfield, id) & Net::LDAP::Filter.eq('objectclass', "ibmPerson")
  begin
    user_array = ldap.search(base: BPBASE, filter: filter, size: 1)
  rescue => e
    raise Blueauth::BlueError, "BluePages Search issue -> #{e.message}"
  end

  if user_array.count == 0
    result = nil
  else
    user = user_array.first
    result = {name: user.cn.first, country: user.co.first, intranetid: user.preferredidentity.first, dn: user.dn}
  end
  return result
end