Class: OmniAuth::Strategies::LDAP::Adaptor

Inherits:
Object
  • Object
show all
Defined in:
lib/omniauth/strategies/ldap/adaptor.rb

Defined Under Namespace

Classes: AuthenticationError, ConfigurationError, ConnectionError, LdapError

Constant Summary collapse

VALID_ADAPTER_CONFIGURATION_KEYS = 
[:host, :port, :method, :bind_dn, :password,
:try_sasl, :sasl_mechanisms, :uid, :base, :allow_anonymous]
MUST_HAVE_KEYS = 
[:host, :port, :method, :uid, :base]
METHOD = 
{
  :ssl => :simple_tls,
  :tls => :start_tls,
  :plain => nil
}

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(configuration = {}) ⇒ Adaptor

Returns a new instance of Adaptor.

Raises:

  • (ArgumentError) 


31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
 
# File 'lib/omniauth/strategies/ldap/adaptor.rb', line 31

def initialize(configuration={})
  @connection = nil
  @disconnected = false
  @bound = false
  @configuration = configuration.dup
   @configuration[:allow_anonymous] ||= false          
   @logger = @configuration.delete(:logger)
   message = []
   MUST_HAVE_KEYS.each do |name|
       message << name if configuration[name].nil? 
   end
   raise ArgumentError.new(message.join(",") +" MUST be provided") unless message.empty?
     VALID_ADAPTER_CONFIGURATION_KEYS.each do |name|
       instance_variable_set("@#{name}", configuration[name])
     end

end

Instance Attribute Details

#baseObject (readonly)

Returns the value of attribute base.



29
30
31
 
# File 'lib/omniauth/strategies/ldap/adaptor.rb', line 29

def base
  @base
end

#bind_dnObject

Returns the value of attribute bind_dn.



28
29
30
 
# File 'lib/omniauth/strategies/ldap/adaptor.rb', line 28

def bind_dn
  @bind_dn
end

#connectionObject (readonly)

Returns the value of attribute connection.



29
30
31
 
# File 'lib/omniauth/strategies/ldap/adaptor.rb', line 29

def connection
  @connection
end

#passwordObject

Returns the value of attribute password.



28
29
30
 
# File 'lib/omniauth/strategies/ldap/adaptor.rb', line 28

def password
  @password
end

#uidObject (readonly)

Returns the value of attribute uid.



29
30
31
 
# File 'lib/omniauth/strategies/ldap/adaptor.rb', line 29

def uid
  @uid
end

Instance Method Details

#bind(options = {}) ⇒ Object 



79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
 
# File 'lib/omniauth/strategies/ldap/adaptor.rb', line 79

def bind(options={})
  connect(options) unless connecting?
  begin
 @bind_tried = true

 bind_dn = (options[:bind_dn] || @bind_dn).to_s
 try_sasl = options.has_key?(:try_sasl) ? options[:try_sasl] : @try_sasl
 if options.has_key?(:allow_anonymous)
     allow_anonymous = options[:allow_anonymous]
   else
     allow_anonymous = @allow_anonymous
   end
       # Rough bind loop:
       # Attempt 1: SASL if available
       # Attempt 2: SIMPLE with credentials if password block
   		# Attempt 3: SIMPLE ANONYMOUS if 1 and 2 fail and allow anonymous is set to true            
       if try_sasl and sasl_bind(bind_dn, options)
           puts "bound with sasl"
       elsif simple_bind(bind_dn, options)
           puts "bound with simple"
	elsif allow_anonymous and bind_as_anonymous(options)
		puts "bound as anonymous"
       else
         message = yield if block_given?
         message ||= ('All authentication methods for %s exhausted.') % target
         raise AuthenticationError, message
       end
    
       @bound = true
  rescue Net::LDAP::LdapError
    raise AuthenticationError, $!.message
  end
end

#bound?Boolean

Returns:

  • (Boolean) 


128
129
130
 
# File 'lib/omniauth/strategies/ldap/adaptor.rb', line 128

def bound?
  connecting? and @bound
end

#connect(options = {}) ⇒ Object 



49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
 
# File 'lib/omniauth/strategies/ldap/adaptor.rb', line 49

def connect(options={})
  host = options[:host] || @host
  method = ensure_method(options[:method] || @method || :plain)
  port = options[:port] || @port || ensure_port(method)
  @disconnected = false
  @bound = false
  @bind_tried = false

     config = {
       :host => host,
       :port => port,
     }

     config[:encryption] = {:method => method} if method
     
     @connection, @uri, @with_start_tls = begin
       uri = construct_uri(host, port, method == :simple_tls)
       with_start_tls = method == :start_tls
       puts ({:uri => uri, :with_start_tls => with_start_tls}).inspect
       [Net::LDAP::Connection.new(config), uri, with_start_tls]
     rescue Net::LDAP::LdapError
       raise ConnectionError, $!.message
     end

end

#connecting?Boolean

Returns:

  • (Boolean) 


124
125
126
 
# File 'lib/omniauth/strategies/ldap/adaptor.rb', line 124

def connecting?
  !@connection.nil? and !@disconnected
end

#disconnect!(options = {}) ⇒ Object 



113
114
115
116
117
 
# File 'lib/omniauth/strategies/ldap/adaptor.rb', line 113

def disconnect!(options={})
  unbind(options)
  @connection = @uri = @with_start_tls = nil
  @disconnected = true
end

#rebind(options = {}) ⇒ Object 



119
120
121
122
 
# File 'lib/omniauth/strategies/ldap/adaptor.rb', line 119

def rebind(options={})
  unbind(options) if bound?
  connect(options)
end

#search(options = {}, &block) ⇒ Object 



132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
 
# File 'lib/omniauth/strategies/ldap/adaptor.rb', line 132

def search(options={}, &block)
	      base = options[:base]
	      filter = options[:filter]
	      limit = options[:limit]
	
	      args = {
 :base => @base,
 :filter => filter,
 :size => limit
	      }
		  
  puts args.inspect

  attributes = {}
  execute(:search, args) do |entry|
    entry.attribute_names.each do |name|
      attributes[name] = entry[name]
    end
  end
  attributes
end

#unbind(options = {}) ⇒ Object 



75
76
77
 
# File 'lib/omniauth/strategies/ldap/adaptor.rb', line 75

def unbind(options={})
  @connection.close # Net::LDAP doesn't implement unbind.
end