jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

externalldap: add tests

Browse Source
This commit is contained in:
Girish Ramakrishnan
2024-01-07 22:01:57 +01:00
parent c842d02d6f
commit 053f81a53e
10 changed files with 93 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/externalldap.js
+5 -5
View File
@@ -278,23 +278,23 @@ async function maybeCreateUser(identifier) {
return await users.add(user.email, { username: user.username, password: null, displayName: user.displayName, source: 'ldap' }, AuditSource.EXTERNAL_LDAP);
}
async function verifyPassword(user, password, totpToken) {
assert.strictEqual(typeof user, 'object');
async function verifyPassword(username, password, totpToken) {
assert.strictEqual(typeof username, 'string');
assert.strictEqual(typeof password, 'string');
assert(totpToken === null || typeof totpToken === 'string');
const config = await getConfig();
if (config.provider === 'noop') throw new BoxError(BoxError.BAD_STATE, 'not enabled');
const ldapUsers = await ldapUserSearch(config, { filter: `${config.usernameField}=${user.username}` });
const ldapUsers = await ldapUserSearch(config, { filter: `${config.usernameField}=${username}` });
if (ldapUsers.length === 0) throw new BoxError(BoxError.NOT_FOUND);
if (ldapUsers.length > 1) throw new BoxError(BoxError.CONFLICT);
const client = await getClient(config, { bind: false });
let userAuthDn;
if (totpToken) {
// inject totptoken into first attribute
if (totpToken !== null) {
// inject totptoken into first attribute. in ldap, '+' is the attribute separator in a RDNS
const rdns = ldapUsers[0].dn.split(',');
userAuthDn = `${rdns[0]}+totptoken=${totpToken},` + rdns.slice(1).join(',');
} else {