Flesh out users OU (works with Gitea simple LDAP now!!)

2020-04-20 22:46:19 -05:00
parent 68cc90899c
commit 175c335542
16 changed files with 1988 additions and 231 deletions
--- a/app/unit/LDAPRoutingUnit.js
+++ b/app/unit/LDAPRoutingUnit.js
@@ -92,7 +92,9 @@ class LDAPRoutingUnit extends CanonicalUnit {
                    this.ldap_server.server[type]([route_prefix, suffix].join(','), ...route_functions)
                }
            } else {
-                this.output.warn(`Missing or invalid LDAP protocol definition ${type} in router ${name}. The protocol will be skipped.`)
+                // Unbind has a default handler, so don't warn about that.
+                if ( type !== 'unbind' )
+                    this.output.warn(`Missing or invalid LDAP protocol definition ${type} in router ${name}. The protocol will be skipped.`)
            }
        }
    }
--- a/app/unit/LDAPServerUnit.js
+++ b/app/unit/LDAPServerUnit.js
@@ -10,22 +10,64 @@ class LDAPServerUnit extends Unit {
        return [...super.services, 'configs', 'express', 'output']
    }

+    /**
+     * Get the standard format for LDAP DNs. Can be passed into
+     * ldapjs/DN.format().
+     * @returns {object}
+     */
+    standard_format() {
+        return {
+            skipSpace: true,
+        }
+    }
+
+    /**
+     * Get the LDAP.js DN for the user auth base.
+     * @returns {ldap/DN}
+     */
    auth_dn() {
        return this.build_dn(this.config.schema.authentication_base)
    }

+    /**
+     * Get the anonymous DN.
+     * @returns {ldap/DN}
+     */
    anonymous() {
        return LDAP.parseDN('cn=anonymous')
    }

+    /**
+     * Returns true if the string is a valid e-mail address.
+     *
+     * @see https://stackoverflow.com/questions/46155/how-to-validate-an-email-address-in-javascript
+     * @param {string} email
+     * @returns {boolean}
+     */
+    validate_email(email) {
+        const re = /^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;
+        return re.test(String(email).toLowerCase())
+    }
+
+    /**
+     * Build an LDAP.js DN object from a set of string RDNs.
+     * @param {...string} parts
+     * @returns {ldap/DN}
+     */
    build_dn(...parts) {
        parts = parts.flat()
        parts.push(this.config.schema.base_dc)
        return LDAP.parseDN(parts.join(','))
    }

+    /**
+     * Starts the LDAP server.
+     * @param {module:libflitter/app/FlitterApp~FlitterApp} app
+     * @returns {Promise<void>}
+     */
    async go(app) {
        this.config = this.configs.get('ldap:server')
+        this.app.di().container.register_singleton('ldap_dn_format', this.standard_format())
        const server_config = {}

        // If Flitter is configured to use an SSL certificate,
@@ -51,6 +93,11 @@ class LDAPServerUnit extends Unit {
        })
    }

+    /**
+     * Stops the LDAP server.
+     * @param {module:libflitter/app/FlitterApp~FlitterApp} app
+     * @returns {Promise<void>}
+     */
    async cleanup(app) {
        this.server.close()
    }