Starship/node-radius-server
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat(cli): allow setting config vars via cli

Browse Source
This commit is contained in:
simon 2020-02-28 10:31:14 +01:00
parent e8b9462c58
commit d9ff95bbbb
4 changed files with 59 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
config.js
View File

@ -23,10 +23,10 @@ module.exports = {
authentication: 'GoogleLDAPAuth', authentication: 'GoogleLDAPAuth',
authenticationOptions: { authenticationOptions: {
base: 'dc=hokify,dc=com', base: 'dc=hokify,dc=com',
tlsOptions: {
// get your keys from http://admin.google.com/ -> Apps -> LDAP -> Client // get your keys from http://admin.google.com/ -> Apps -> LDAP -> Client
key: fs.readFileSync('ldap.gsuite.key'), tls: {
cert: fs.readFileSync('ldap.gsuite.crt') keyFile: 'ldap.gsuite.key',
certFile: 'ldap.gsuite.crt'
} }
} }
@ -35,9 +35,11 @@ module.exports = {
authenticationOptions: { authenticationOptions: {
url: 'ldaps://ldap.google.com', url: 'ldaps://ldap.google.com',
base: 'dc=hokify,dc=com', base: 'dc=hokify,dc=com',
tls: {
keyFile: 'ldap.gsuite.key',
certFile: 'ldap.gsuite.crt'
},
tlsOptions: { tlsOptions: {
key: fs.readFileSync('ldap.gsuite.key'),
cert: fs.readFileSync('ldap.gsuite.crt'),
servername: 'ldap.google.com' servername: 'ldap.google.com'
} }
} }

23
src/app.ts
View File

@ -1,3 +1,4 @@
import * as yargs from 'yargs';
import { UDPServer } from './server/UDPServer'; import { UDPServer } from './server/UDPServer';
import { RadiusService } from './radius/RadiusService'; import { RadiusService } from './radius/RadiusService';
@ -15,9 +16,25 @@ if (typeof (testSocket.tls as any).exportKeyingMaterial !== 'function') {
process.exit(-1); process.exit(-1);
} }
console.log(`Listener Port: ${config.port || 1812}`); const { argv } = yargs
console.log(`RADIUS Secret: ${config.secret}`); .usage('NODE RADIUS Server\nUsage: radius-server')
console.log(`Auth Mode: ${config.authentication}`); .example('radius-server --port 1812 -s radiussecret')
.default({
port: config.port || 1812,
s: config.secret || 'testing123',
authentication: config.authentication,
authenticationOptions: config.authenticationOptions
})
.describe('port', 'RADIUS server listener port')
.alias('s', 'secret')
.describe('secret', 'RADIUS secret')
.number('port')
.string(['secret', 'authentication']);
console.log(`Listener Port: ${argv.port || 1812}`);
console.log(`RADIUS Secret: ${argv.secret}`);
console.log(`Auth ${argv.authentication}`);
console.log(`Auth Config: ${JSON.stringify(argv.authenticationOptions, undefined, 3)}`);
(async () => { (async () => {
/* configure auth mechansim */ /* configure auth mechansim */

19
src/auth/GoogleLDAPAuth.ts
View File

@ -1,6 +1,7 @@
import { ClientOptions, createClient } from 'ldapjs'; import { ClientOptions, createClient } from 'ldapjs';
import debug from 'debug'; import debug from 'debug';
import * as tls from 'tls'; import * as tls from 'tls';
import * as fs from 'fs';
import { IAuthentication } from '../types/Authentication'; import { IAuthentication } from '../types/Authentication';
const usernameFields = ['posixUid', 'mail']; const usernameFields = ['posixUid', 'mail'];
@ -13,12 +14,16 @@ interface IGoogleLDAPAuthOptions {
/** base DN /** base DN
* e.g. 'dc=hokify,dc=com', */ * e.g. 'dc=hokify,dc=com', */
base: string; base: string;
tls: {
keyFile: string;
certFile: string;
};
/** tls options /** tls options
* e.g. { * e.g. {
key: fs.readFileSync('ldap.gsuite.key'), key: fs.readFileSync('ldap.gsuite.key'),
cert: fs.readFileSync('ldap.gsuite.crt') cert: fs.readFileSync('ldap.gsuite.crt')
} */ } */
tlsOptions: tls.TlsOptions; tlsOptions?: tls.TlsOptions;
} }
export class GoogleLDAPAuth implements IAuthentication { export class GoogleLDAPAuth implements IAuthentication {
@ -33,12 +38,16 @@ export class GoogleLDAPAuth implements IAuthentication {
constructor(config: IGoogleLDAPAuthOptions) { constructor(config: IGoogleLDAPAuthOptions) {
this.base = config.base; this.base = config.base;
const tlsOptions = {
key: fs.readFileSync(config.tls.keyFile),
cert: fs.readFileSync(config.tls.certFile),
servername: 'ldap.google.com',
...config.tlsOptions
};
this.config = { this.config = {
url: 'ldaps://ldap.google.com:636', url: 'ldaps://ldap.google.com:636',
tlsOptions: { tlsOptions
...config.tlsOptions,
servername: 'ldap.google.com'
}
}; };
this.fetchDNs(); this.fetchDNs();

24
src/auth/LDAPAuth.ts
View File

@ -1,4 +1,5 @@
import * as LdapAuth from 'ldapauth-fork'; import * as LdapAuth from 'ldapauth-fork';
import * as fs from 'fs';
import { IAuthentication } from '../types/Authentication'; import { IAuthentication } from '../types/Authentication';
interface ILDAPAuthOptions { interface ILDAPAuthOptions {
@ -9,10 +10,13 @@ interface ILDAPAuthOptions {
/** base DN /** base DN
* e.g. 'dc=hokify,dc=com', */ * e.g. 'dc=hokify,dc=com', */
base: string; base: string;
tls: {
keyFile: string;
certFile: string;
};
/** tls options /** tls options
* e.g. { * e.g. {
key: fs.readFileSync('ldap.gsuite.key'),
cert: fs.readFileSync('ldap.gsuite.crt'),
servername: 'ldap.google.com' servername: 'ldap.google.com'
} */ } */
tlsOptions?: any; tlsOptions?: any;
@ -25,12 +29,18 @@ interface ILDAPAuthOptions {
export class LDAPAuth implements IAuthentication { export class LDAPAuth implements IAuthentication {
private ldap: LdapAuth; private ldap: LdapAuth;
constructor(options: ILDAPAuthOptions) { constructor(config: ILDAPAuthOptions) {
const tlsOptions = {
key: fs.readFileSync(config.tls.keyFile),
cert: fs.readFileSync(config.tls.certFile),
...config.tlsOptions
};
this.ldap = new LdapAuth({ this.ldap = new LdapAuth({
url: options.url, url: config.url,
searchBase: options.base, searchBase: config.base,
tlsOptions: options.tlsOptions, tlsOptions,
searchFilter: options.searchFilter || '(uid={{username}})', searchFilter: config.searchFilter || '(uid={{username}})',
reconnect: true reconnect: true
}); });
this.ldap.on('error', function(err) { this.ldap.on('error', function(err) {