LdapProvider

flitter-auth/ldap/LdapProvider~ LdapProvider

LDAP authentication provider for flitter-auth.

Constructor

new LdapProvider()

Source:: auth/ldap/LdapProvider.js, line 16

Extends

module:flitter-auth/Provider~Provider

Members

(private) _di_allow_defer :boolean

If true, the injector will defer the class if the class requests any services that the container is missing. These services are filled in later and added to the prototype and any instances. True by default.

Type:

boolean

Overrides:: module:flitter-auth/Provider~Provider#_di_allow_defer
Source:: di/src/Injectable.js, line 15

(private) _di_deferred_instances :Array.<module:flitter-di/src/Injectable~Injectable>

Collection of instances of this class that need to have the deferred service instances injected into them when the deferred services are finally provided.

Type:

Array.<module:flitter-di/src/Injectable~Injectable>

Overrides:: module:flitter-auth/Provider~Provider#_di_deferred_instances
Source:: di/src/Injectable.js, line 30

(private) _di_deferred_services :Array.<string>

List of services that were deferred and not provided at the time of injection.

Type:

Array.<string>

Overrides:: module:flitter-auth/Provider~Provider#_di_deferred_services
Source:: di/src/Injectable.js, line 22

app :module:libflitter/app/FlitterApp~FlitterApp

The Flitter app.

Type:

module:libflitter/app/FlitterApp~FlitterApp

Overrides:: module:flitter-auth/Provider~Provider#app
Source:: auth/Provider.js, line 34

config :Object

The provider's config.

Type:

Object

Overrides:: module:flitter-auth/Provider~Provider#config
Source:: auth/Provider.js, line 40

connect_string :string

The LDAP connection string in the format 'ldap://...'.

Type:

string

Source:: auth/ldap/LdapProvider.js, line 24

connection :module:flitter-auth/ldap/AsyncLdapConnection~AsyncLdapConnection

The async LDAP connection.

Type:

module:flitter-auth/ldap/AsyncLdapConnection~AsyncLdapConnection

Source:: auth/ldap/LdapProvider.js, line 32

User :module:flitter-auth/model/User~User

The User model's class.

Type:

module:flitter-auth/model/User~User

Overrides:: module:flitter-auth/Provider~Provider#User
Source:: auth/Provider.js, line 46

Methods

(async) check_user_auth(user, password) → {Promise.<boolean>}

Check the validity of the provided credentials.

Parameters:

Name	Type	Description
`user`	string
`password`	string

Overrides:: module:flitter-auth/Provider~Provider#check_user_auth
Source:: auth/ldap/LdapProvider.js, line 258

Returns:

true if the credentials succeed, false otherwise

Type: Promise.<boolean>

(async) cleanup(app) → {Promise.<void>}

Clean up resources used by this provider. Unbinds all open LDAP connections.

Parameters:

Name	Type	Description
`app`	module:libflitter/app/FlitterApp~FlitterApp	the current app

Overrides:: module:flitter-auth/Provider~Provider#cleanup
Source:: auth/ldap/LdapProvider.js, line 269

Returns:

Type: Promise.<void>

(async) get_login_args(form_data) → {Promise.<Array.<string>>}

From the form data, get the formatted arguments to be passed into the login function. Should create the username and password params.

Parameters:

Name	Type	Description
`form_data`	Object

Overrides:: module:flitter-auth/Provider~Provider#get_login_args
Source:: auth/Provider.js, line 169

Returns:

Type: Promise.<Array.<string>>

(async) get_registration_args(form_data) → {Promise.<Array.<*>>}

From the form data, get the formatted arguments to be passed into the registration function. Should create the username and {password} objects.

Parameters:

Name	Type	Description
`form_data`	object

Overrides:: module:flitter-auth/Provider~Provider#get_registration_args
Source:: auth/ldap/LdapProvider.js, line 221

Returns:

Type: Promise.<Array.<*>>

(async) get_user(uid) → {Promise.<(Object|undefined)>}

Get the user data record for the specified user uid matched by the configured filter from the LDAP server.

Parameters:

Name	Type	Description
`uid`	string	the user's username

Source:: auth/ldap/LdapProvider.js, line 70

Returns:

undefined if no user is found with uid

Type: Promise.<(Object|undefined)>

(async) get_user_object(data) → {Promise.<module:flitter-auth/model/User~User>}

Given the user data record from the LDAP server, either look up or create an instance of this.User. Store the raw LDAP data in User.data.ldap (as JSON), and update roles where necessary.

Parameters:

Name	Type	Description
`data`	object	the data from the LDAP server

Source:: auth/ldap/LdapProvider.js, line 82

Returns:

Type: Promise.<module:flitter-auth/model/User~User>

(async) get_users() → {Promise.<Array.<Object>>}

Get an array of user data records matched by the configured filter from the LDAP server.

Source:: auth/ldap/LdapProvider.js, line 60

Returns:

Type: Promise.<Array.<Object>>

handle_login_get(req, res, next) → {Promise.<*>}

Handle a request to get the login view. By default, shows the view specified by this.registration_view(), passing it title, heading_text, provider_name

Parameters:

Name	Type	Description
`req`	express/Request
`res`	express/Response
`next`	function

Overrides:: module:flitter-auth/Provider~Provider#handle_login_get
Source:: auth/Provider.js, line 115

Returns:

Type: Promise.<*>

handle_register_get(req, res, next) → {Promise.<*>}

Handle a request to get the registration view. By default, shows the view specified by this.registration_view(), passing it title, heading_text, provider_name

Parameters:

Name	Type	Description
`req`	express/Request
`res`	express/Response
`next`	function

Overrides:: module:flitter-auth/Provider~Provider#handle_register_get
Source:: auth/Provider.js, line 132

Returns:

Type: Promise.<*>

(async) ldap() → {Promise.<ldap/Client>}

Get an LDAP connection bound to the configured DN.

Source:: auth/ldap/LdapProvider.js, line 39

Returns:

Type: Promise.<ldap/Client>

Attempt to authenticate a user with the provided credentials. If it succeeds, return their User object.

Parameters:

Name	Type	Attributes	Description
`username`	string
`password`	string
`args`		<optional>	not required

Overrides:: module:flitter-auth/Provider~Provider#login
Source:: auth/ldap/LdapProvider.js, line 237

Returns:

false if the auth is unsuccessful, a User instance if it is

Type: Promise.<(boolean|module:flitter-auth/model/User~User)>

login_view() → {string}

Get the Flitter canonical name of the login view.

Overrides:: module:flitter-auth/Provider~Provider#login_view
Source:: auth/Provider.js, line 103

Returns:

Type: string

(async) logout(request) → {Promise.<object>}

Log out the current user, if there is one, and clean the auth session.

Parameters:

Name	Type	Description
`request`	express/Request

Overrides:: module:flitter-auth/Provider~Provider#logout
Source:: auth/Provider.js, line 216

Returns:

the clean session

Type: Promise.<object>

logout_view() → {string}

Get the Flitter canonical name of the logout view.

Overrides:: module:flitter-auth/Provider~Provider#logout_view
Source:: auth/Provider.js, line 144

Returns:

Type: string

(async) register(username, attrs, dataopt) → {Promise.<module:flitter-auth/model/User~User>}

Register a new user with the specified username and attributes. Attributes object should contain a 'password' key, which will be removed and used to set the user's LDAP password.

Parameters:

Name	Type	Attributes	Description
`username`	string		uid of the new user
`attrs`	object		additional attributes of the user
`data`	object	<optional>	additional data to be stored in the user's JSON

Overrides:: module:flitter-auth/Provider~Provider#register
Source:: auth/ldap/LdapProvider.js, line 165

Returns:

Type: Promise.<module:flitter-auth/model/User~User>

registration_view() → {string}

Get the Flitter canonical name of the registration view.

Overrides:: module:flitter-auth/Provider~Provider#registration_view
Source:: auth/Provider.js, line 95

Returns:

Type: string

(async) session(request, user) → {Promise.<void>}

Bootstrap the session. Sets auth.user and auth.user_id.

Parameters:

Name	Type	Description
`request`	express/Request
`user`	module:flitter-auth/model/User~User	the authenticated user

Overrides:: module:flitter-auth/Provider~Provider#session
Source:: auth/Provider.js, line 203

Returns:

Type: Promise.<void>

(async) set_user_data(data, user) → {Promise.<void>}

Update user data from the LDAP record based on model-attribute to ldap-attribute mappings in the config (config key: attributes).

Parameters:

Name	Type	Description
`data`	object	the user's LDAP data
`user`	module:flitter-auth/model/User~User	the user to be updated

Source:: auth/ldap/LdapProvider.js, line 116

Returns:

Type: Promise.<void>

(async) set_user_roles(data, user) → {Promise.<void>}

Update the user's auth roles based on the role/group mappings from config. Uses the configured group_membership attribute.

Parameters:

Name	Type	Description
`data`	object	user's data record from the LDAP server
`user`	module:flitter-auth/model/User~User	the user to be updated

Source:: auth/ldap/LdapProvider.js, line 134

Returns:

Type: Promise.<void>

uid_to_dn(uid) → {string}

Convert a uid string to a fully qualified DN based on the configured user search base.

Parameters:

Name	Type	Description
`uid`	string

Source:: auth/ldap/LdapProvider.js, line 153

Returns:

fully qualified DN of the user

Type: string

user_filter(uid) → {string}

Build the user search filter string. Replaces all instances of '%u' with uid.

Parameters:

Name	Type	Description
`uid`	string	uid to be interpolated

Source:: auth/ldap/LdapProvider.js, line 48

Returns:

Type: string

(async) validate_login(form_data) → {Promise.<Array.<string>>}

Ensure that login form_data is valid. Checks for username.

Parameters:

Name	Type	Description
`form_data`	object

Overrides:: module:flitter-auth/Provider~Provider#validate_login
Source:: auth/Provider.js, line 153

Returns:

array of string errors. If empty array, no errors.

Type: Promise.<Array.<string>>

(async) validate_registration(form_data) → {Promise.<Array.<string>>}

Ensure that registration form_data is valid. Checks for password and unique username.

Parameters:

Name	Type	Description
`form_data`	object

Overrides:: module:flitter-auth/Provider~Provider#validate_registration
Source:: auth/ldap/LdapProvider.js, line 196

Returns:

array of string errors. If empty array, no errors.

Type: Promise.<Array.<string>>

LdapProvider

Constructor

new LdapProvider()

Extends

Members

(private) _di_allow_defer :boolean

(private) _di_deferred_instances :Array.<module:flitter-di/src/Injectable~Injectable>

(private) _di_deferred_services :Array.<string>

app :module:libflitter/app/FlitterApp~FlitterApp

config :Object

connect_string :string

connection :module:flitter-auth/ldap/AsyncLdapConnection~AsyncLdapConnection

User :module:flitter-auth/model/User~User

Methods

(async) check_user_auth(user, password) → {Promise.<boolean>}

(async) cleanup(app) → {Promise.<void>}

(async) get_login_args(form_data) → {Promise.<Array.<string>>}

(async) get_registration_args(form_data) → {Promise.<Array.<*>>}

(async) get_user(uid) → {Promise.<(Object|undefined)>}

(async) get_user_object(data) → {Promise.<module:flitter-auth/model/User~User>}

(async) get_users() → {Promise.<Array.<Object>>}

handle_login_get(req, res, next) → {Promise.<*>}

handle_register_get(req, res, next) → {Promise.<*>}

(async) ldap() → {Promise.<ldap/Client>}

(async) login(username, password, argsopt) → {Promise.<(boolean|module:flitter-auth/model/User~User)>}

login_view() → {string}

(async) logout(request) → {Promise.<object>}

logout_view() → {string}

(async) register(username, attrs, dataopt) → {Promise.<module:flitter-auth/model/User~User>}

registration_view() → {string}

(async) session(request, user) → {Promise.<void>}

(async) set_user_data(data, user) → {Promise.<void>}

(async) set_user_roles(data, user) → {Promise.<void>}

uid_to_dn(uid) → {string}

user_filter(uid) → {string}

(async) validate_login(form_data) → {Promise.<Array.<string>>}

(async) validate_registration(form_data) → {Promise.<Array.<string>>}