API tools faq
paste
Guest User

Untitled

a guest
Nov 26th, 2018
144
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.07 KB | None | 0 0
raw download clone embed print report
  1. require 'omniauth'
  2.  
  3. module OmniAuth
  4. module Strategies
  5. class LDAP
  6. class MissingCredentialsError < StandardError; end
  7. include OmniAuth::Strategy
  8. @@config = {
  9. 'name' => 'cn',
  10. 'first_name' => 'givenName',
  11. 'last_name' => 'sn',
  12. 'email' => ['mail', "email", 'userPrincipalName'],
  13. 'phone' => ['telephoneNumber', 'homePhone', 'facsimileTelephoneNumber'],
  14. 'mobile' => ['mobile', 'mobileTelephoneNumber'],
  15. 'nickname' => ['uid', 'userid', 'sAMAccountName'],
  16. 'title' => 'title',
  17. 'location' => {"%0, %1, %2, %3 %4" => [['address', 'postalAddress', 'homePostalAddress', 'street', 'streetAddress'], ['l'], ['st'],['co'],['postOfficeBox']]},
  18. 'uid' => 'dn',
  19. 'url' => ['wwwhomepage'],
  20. 'image' => 'jpegPhoto',
  21. 'description' => 'description'
  22. }
  23. option :title, "LDAP Authentication" #default title for authentication form
  24. option :port, 389
  25. option :method, :plain
  26. option :uid, 'sAMAccountName'
  27. option :name_proc, lambda {|n| n}
  28. def initialize(app, *args, &block)
  29. super
  30. @adaptor = OmniAuth::LDAP::Adaptor.new @options
  31. end
  32. def request_phase
  33. f = OmniAuth::Form.new(:title => (options[:title] || "LDAP Authentication"), :url => callback_path)
  34. f.text_field 'Login', 'username'
  35. f.password_field 'Password', 'password'
  36. f.button "Sign In"
  37. f.to_response
  38. end
  39.  
  40. def callback_phase
  41. raise MissingCredentialsError.new("Missing login credentials") if request['username'].nil? || request['password'].nil?
  42. begin
  43. username = @options[:name_proc].call(request['username'])
  44. @ldap_user_info = @adaptor.bind_as(:filter => Net::LDAP::Filter.eq(@adaptor.uid, username),:size => 1, :username => username, :password => request['password'])
  45. return fail!(:invalid_credentials) if !@ldap_user_info
  46.  
  47. @user_info = self.class.map_user(@@config, @ldap_user_info)
  48. super
  49. rescue Exception => e
  50. return fail!(:ldap_error, e)
  51. end
  52. end
  53.  
  54. uid {
  55. @user_info["uid"]
  56. }
  57. info {
  58. @user_info
  59. }
  60. extra {
  61. { :raw_info => @ldap_user_info }
  62. }
  63.  
  64. def self.map_user(mapper, object)
  65. user = {}
  66. mapper.each do |key, value|
  67. case value
  68. when String
  69. user[key] = object[value.downcase.to_sym].first if object[value.downcase.to_sym]
  70. when Array
  71. value.each {|v| (user[key] = object[v.downcase.to_sym].first; break;) if object[v.downcase.to_sym]}
  72. when Hash
  73. value.map do |key1, value1|
  74. pattern = key1.dup
  75. value1.each_with_index do |v,i|
  76. part = ''; v.collect(&:downcase).collect(&:to_sym).each {|v1| (part = object[v1].first; break;) if object[v1]}
  77. pattern.gsub!("%#{i}",part||'')
  78. end
  79. user[key] = pattern
  80. end
  81. end
  82. end
  83. user
  84. end
  85. end
  86. end
  87. end
  88.  
  89. OmniAuth.config.add_camelization 'ldap', 'LDAP'
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!