feat(cli): allow setting config vars via cli
This commit is contained in:
parent
e8b9462c58
commit
d9ff95bbbb
14
config.js
14
config.js
@ -23,10 +23,10 @@ module.exports = {
|
||||
authentication: 'GoogleLDAPAuth',
|
||||
authenticationOptions: {
|
||||
base: 'dc=hokify,dc=com',
|
||||
tlsOptions: {
|
||||
// get your keys from http://admin.google.com/ -> Apps -> LDAP -> Client
|
||||
key: fs.readFileSync('ldap.gsuite.key'),
|
||||
cert: fs.readFileSync('ldap.gsuite.crt')
|
||||
// get your keys from http://admin.google.com/ -> Apps -> LDAP -> Client
|
||||
tls: {
|
||||
keyFile: 'ldap.gsuite.key',
|
||||
certFile: 'ldap.gsuite.crt'
|
||||
}
|
||||
}
|
||||
|
||||
@ -35,9 +35,11 @@ module.exports = {
|
||||
authenticationOptions: {
|
||||
url: 'ldaps://ldap.google.com',
|
||||
base: 'dc=hokify,dc=com',
|
||||
tls: {
|
||||
keyFile: 'ldap.gsuite.key',
|
||||
certFile: 'ldap.gsuite.crt'
|
||||
},
|
||||
tlsOptions: {
|
||||
key: fs.readFileSync('ldap.gsuite.key'),
|
||||
cert: fs.readFileSync('ldap.gsuite.crt'),
|
||||
servername: 'ldap.google.com'
|
||||
}
|
||||
}
|
||||
|
23
src/app.ts
23
src/app.ts
@ -1,3 +1,4 @@
|
||||
import * as yargs from 'yargs';
|
||||
import { UDPServer } from './server/UDPServer';
|
||||
import { RadiusService } from './radius/RadiusService';
|
||||
|
||||
@ -15,9 +16,25 @@ if (typeof (testSocket.tls as any).exportKeyingMaterial !== 'function') {
|
||||
process.exit(-1);
|
||||
}
|
||||
|
||||
console.log(`Listener Port: ${config.port || 1812}`);
|
||||
console.log(`RADIUS Secret: ${config.secret}`);
|
||||
console.log(`Auth Mode: ${config.authentication}`);
|
||||
const { argv } = yargs
|
||||
.usage('NODE RADIUS Server\nUsage: radius-server')
|
||||
.example('radius-server --port 1812 -s radiussecret')
|
||||
.default({
|
||||
port: config.port || 1812,
|
||||
s: config.secret || 'testing123',
|
||||
authentication: config.authentication,
|
||||
authenticationOptions: config.authenticationOptions
|
||||
})
|
||||
.describe('port', 'RADIUS server listener port')
|
||||
.alias('s', 'secret')
|
||||
.describe('secret', 'RADIUS secret')
|
||||
.number('port')
|
||||
.string(['secret', 'authentication']);
|
||||
|
||||
console.log(`Listener Port: ${argv.port || 1812}`);
|
||||
console.log(`RADIUS Secret: ${argv.secret}`);
|
||||
console.log(`Auth ${argv.authentication}`);
|
||||
console.log(`Auth Config: ${JSON.stringify(argv.authenticationOptions, undefined, 3)}`);
|
||||
|
||||
(async () => {
|
||||
/* configure auth mechansim */
|
||||
|
@ -1,6 +1,7 @@
|
||||
import { ClientOptions, createClient } from 'ldapjs';
|
||||
import debug from 'debug';
|
||||
import * as tls from 'tls';
|
||||
import * as fs from 'fs';
|
||||
import { IAuthentication } from '../types/Authentication';
|
||||
|
||||
const usernameFields = ['posixUid', 'mail'];
|
||||
@ -13,12 +14,16 @@ interface IGoogleLDAPAuthOptions {
|
||||
/** base DN
|
||||
* e.g. 'dc=hokify,dc=com', */
|
||||
base: string;
|
||||
tls: {
|
||||
keyFile: string;
|
||||
certFile: string;
|
||||
};
|
||||
/** tls options
|
||||
* e.g. {
|
||||
key: fs.readFileSync('ldap.gsuite.key'),
|
||||
cert: fs.readFileSync('ldap.gsuite.crt')
|
||||
} */
|
||||
tlsOptions: tls.TlsOptions;
|
||||
tlsOptions?: tls.TlsOptions;
|
||||
}
|
||||
|
||||
export class GoogleLDAPAuth implements IAuthentication {
|
||||
@ -33,12 +38,16 @@ export class GoogleLDAPAuth implements IAuthentication {
|
||||
constructor(config: IGoogleLDAPAuthOptions) {
|
||||
this.base = config.base;
|
||||
|
||||
const tlsOptions = {
|
||||
key: fs.readFileSync(config.tls.keyFile),
|
||||
cert: fs.readFileSync(config.tls.certFile),
|
||||
servername: 'ldap.google.com',
|
||||
...config.tlsOptions
|
||||
};
|
||||
|
||||
this.config = {
|
||||
url: 'ldaps://ldap.google.com:636',
|
||||
tlsOptions: {
|
||||
...config.tlsOptions,
|
||||
servername: 'ldap.google.com'
|
||||
}
|
||||
tlsOptions
|
||||
};
|
||||
|
||||
this.fetchDNs();
|
||||
|
@ -1,4 +1,5 @@
|
||||
import * as LdapAuth from 'ldapauth-fork';
|
||||
import * as fs from 'fs';
|
||||
import { IAuthentication } from '../types/Authentication';
|
||||
|
||||
interface ILDAPAuthOptions {
|
||||
@ -9,10 +10,13 @@ interface ILDAPAuthOptions {
|
||||
/** base DN
|
||||
* e.g. 'dc=hokify,dc=com', */
|
||||
base: string;
|
||||
|
||||
tls: {
|
||||
keyFile: string;
|
||||
certFile: string;
|
||||
};
|
||||
/** tls options
|
||||
* e.g. {
|
||||
key: fs.readFileSync('ldap.gsuite.key'),
|
||||
cert: fs.readFileSync('ldap.gsuite.crt'),
|
||||
servername: 'ldap.google.com'
|
||||
} */
|
||||
tlsOptions?: any;
|
||||
@ -25,12 +29,18 @@ interface ILDAPAuthOptions {
|
||||
export class LDAPAuth implements IAuthentication {
|
||||
private ldap: LdapAuth;
|
||||
|
||||
constructor(options: ILDAPAuthOptions) {
|
||||
constructor(config: ILDAPAuthOptions) {
|
||||
const tlsOptions = {
|
||||
key: fs.readFileSync(config.tls.keyFile),
|
||||
cert: fs.readFileSync(config.tls.certFile),
|
||||
...config.tlsOptions
|
||||
};
|
||||
|
||||
this.ldap = new LdapAuth({
|
||||
url: options.url,
|
||||
searchBase: options.base,
|
||||
tlsOptions: options.tlsOptions,
|
||||
searchFilter: options.searchFilter || '(uid={{username}})',
|
||||
url: config.url,
|
||||
searchBase: config.base,
|
||||
tlsOptions,
|
||||
searchFilter: config.searchFilter || '(uid={{username}})',
|
||||
reconnect: true
|
||||
});
|
||||
this.ldap.on('error', function(err) {
|
||||
|
Loading…
Reference in New Issue
Block a user