fix: ldap auth failed auth and added test scripts
This commit is contained in:
simon
parent
9fe25a8b49
commit
5e5005cf6b
@ -7,7 +7,8 @@
|
|||||||
"start": "../node/node dist/app.js",
|
"start": "../node/node dist/app.js",
|
||||||
"build": "tsc",
|
"build": "tsc",
|
||||||
"dev": "ts-node src/app.ts",
|
"dev": "ts-node src/app.ts",
|
||||||
"test-ttls-pap": "eapol_test -c ./ttls-pap.conf -s testing123",
|
"test-ttls-pap": "tests/eapol_test -c tests/ttls-pap.conf -s testing123",
|
||||||
|
"test-radtest": "radtest -x user pwd localhost 1812 testing123",
|
||||||
"create-certificate": "sh ./ssl/create.sh && sh ./ssl/sign.sh"
|
"create-certificate": "sh ./ssl/create.sh && sh ./ssl/sign.sh"
|
||||||
},
|
},
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
|
|||||||
@ -76,7 +76,7 @@ export class GoogleLDAPAuth implements IAuthentication {
|
|||||||
async authenticate(username: string, password: string, count = 0, forceFetching = false) {
|
async authenticate(username: string, password: string, count = 0, forceFetching = false) {
|
||||||
const cacheKey = `usr:${username}|pwd:${password}`;
|
const cacheKey = `usr:${username}|pwd:${password}`;
|
||||||
const fromCache = this.cache.get(cacheKey);
|
const fromCache = this.cache.get(cacheKey);
|
||||||
if (fromCache) {
|
if (fromCache !== undefined) {
|
||||||
return fromCache;
|
return fromCache;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -100,10 +100,11 @@ export class GoogleLDAPAuth implements IAuthentication {
|
|||||||
if (!dnsFetched && !forceFetching) {
|
if (!dnsFetched && !forceFetching) {
|
||||||
return this.authenticate(username, password, count, true);
|
return this.authenticate(username, password, count, true);
|
||||||
}
|
}
|
||||||
throw new Error(`invalid username, not found in DN: ${username}`);
|
console.error(`invalid username, not found in DN: ${username}`);
|
||||||
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
await new Promise((resolve, reject) => {
|
const authResult: boolean = await new Promise((resolve, reject) => {
|
||||||
this.ldap.bind(dn, password, (err, res) => {
|
this.ldap.bind(dn, password, (err, res) => {
|
||||||
if (err) {
|
if (err) {
|
||||||
if (err && (err as any).stack && (err as any).stack.includes(`${this.url} closed`)) {
|
if (err && (err as any).stack && (err as any).stack.includes(`${this.url} closed`)) {
|
||||||
@ -112,16 +113,18 @@ export class GoogleLDAPAuth implements IAuthentication {
|
|||||||
setTimeout(() => resolve(this.authenticate(dn, password)), 2000);
|
setTimeout(() => resolve(this.authenticate(dn, password)), 2000);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
console.error('ldap error', err);
|
|
||||||
reject(err);
|
resolve(false);
|
||||||
|
// console.error('ldap error', err);
|
||||||
|
// reject(err);
|
||||||
}
|
}
|
||||||
if (res) resolve(res);
|
if (res) resolve(res);
|
||||||
else reject();
|
else reject();
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
this.cache.set(cacheKey, true, 86400);
|
this.cache.set(cacheKey, authResult, 86400);
|
||||||
|
|
||||||
return username;
|
return authResult;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
1
tests/.gitignore
vendored
Normal file
1
tests/.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
|||||||
|
*hokify*
|
||||||
16
tests/ttls-pap.conf
Normal file
16
tests/ttls-pap.conf
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
#
|
||||||
|
# eapol_test -c ttls-pap.conf -s testing123
|
||||||
|
#
|
||||||
|
network={
|
||||||
|
ssid="example"
|
||||||
|
key_mgmt=WPA-EAP
|
||||||
|
eap=TTLS
|
||||||
|
identity="user"
|
||||||
|
anonymous_identity="anonymous"
|
||||||
|
password="pwd"
|
||||||
|
phase2="auth=PAP"
|
||||||
|
|
||||||
|
#
|
||||||
|
# Uncomment the following to perform server certificate validation.
|
||||||
|
ca_cert="./ssl/cert/ca.pem"
|
||||||
|
}
|
||||||
Loading…
Reference in New Issue
Block a user