fix: ldap auth failed auth and added test scripts

This commit is contained in:
simon 2020-02-23 01:09:28 +01:00
parent 9fe25a8b49
commit 5e5005cf6b
5 changed files with 29 additions and 8 deletions

View File

@ -7,7 +7,8 @@
"start": "../node/node dist/app.js",
"build": "tsc",
"dev": "ts-node src/app.ts",
"test-ttls-pap": "eapol_test -c ./ttls-pap.conf -s testing123",
"test-ttls-pap": "tests/eapol_test -c tests/ttls-pap.conf -s testing123",
"test-radtest": "radtest -x user pwd localhost 1812 testing123",
"create-certificate": "sh ./ssl/create.sh && sh ./ssl/sign.sh"
},
"dependencies": {

View File

@ -76,7 +76,7 @@ export class GoogleLDAPAuth implements IAuthentication {
async authenticate(username: string, password: string, count = 0, forceFetching = false) {
const cacheKey = `usr:${username}|pwd:${password}`;
const fromCache = this.cache.get(cacheKey);
if (fromCache) {
if (fromCache !== undefined) {
return fromCache;
}
@ -100,10 +100,11 @@ export class GoogleLDAPAuth implements IAuthentication {
if (!dnsFetched && !forceFetching) {
return this.authenticate(username, password, count, true);
}
throw new Error(`invalid username, not found in DN: ${username}`);
console.error(`invalid username, not found in DN: ${username}`);
return false;
}
await new Promise((resolve, reject) => {
const authResult: boolean = await new Promise((resolve, reject) => {
this.ldap.bind(dn, password, (err, res) => {
if (err) {
if (err && (err as any).stack && (err as any).stack.includes(`${this.url} closed`)) {
@ -112,16 +113,18 @@ export class GoogleLDAPAuth implements IAuthentication {
setTimeout(() => resolve(this.authenticate(dn, password)), 2000);
return;
}
console.error('ldap error', err);
reject(err);
resolve(false);
// console.error('ldap error', err);
// reject(err);
}
if (res) resolve(res);
else reject();
});
});
this.cache.set(cacheKey, true, 86400);
this.cache.set(cacheKey, authResult, 86400);
return username;
return authResult;
}
}

1
tests/.gitignore vendored Normal file
View File

@ -0,0 +1 @@
*hokify*

16
tests/ttls-pap.conf Normal file
View File

@ -0,0 +1,16 @@
#
# eapol_test -c ttls-pap.conf -s testing123
#
network={
ssid="example"
key_mgmt=WPA-EAP
eap=TTLS
identity="user"
anonymous_identity="anonymous"
password="pwd"
phase2="auth=PAP"
#
# Uncomment the following to perform server certificate validation.
ca_cert="./ssl/cert/ca.pem"
}