Module: ROM::LDAP::Client::Authentication Private
- Included in:
- ROM::LDAP::Client
- Defined in:
- lib/rom/ldap/client/authentication.rb
Overview
This module is part of a private API. You should avoid using this module if possible, as it may be removed or be changed in the future.
Adds authentication capability to the client.
Instance Method Summary collapse
-
#bind(username:, password:) ⇒ PDU
The Bind request is defined as follows:.
- #sasl_bind(mechanism:, credentials:, challenge:) ⇒ Object private
-
#start_tls ⇒ PDU
private
Result object.
Instance Method Details
#bind(username:, password:) ⇒ PDU
The Bind request is defined as follows:
BindRequest ::= [APPLICATION 0] SEQUENCE {
version INTEGER (1 .. 127),
name LDAPDN,
authentication AuthenticationChoice }
AuthenticationChoice ::= CHOICE {
simple [0] OCTET STRING,
-- 1 and 2 reserved
sasl [3] SaslCredentials,
... }
SaslCredentials ::= SEQUENCE {
mechanism LDAPString,
credentials OCTET STRING OPTIONAL }
55 56 57 58 59 60 61 62 63 64 65 66 67 68 |
# File 'lib/rom/ldap/client/authentication.rb', line 55 def bind(username:, password:) request_type = pdu_lookup(:bind_request) request = [ 3.to_ber, username.to_ber, password.to_ber_contextspecific(0) ].to_ber_appsequence(request_type) pdu = submit(:bind_result, request) raise(BindError, username) if pdu.failure? pdu end |
#sasl_bind(mechanism:, credentials:, challenge:) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 |
# File 'lib/rom/ldap/client/authentication.rb', line 91 def sasl_bind(mechanism:, credentials:, challenge:) request_type = pdu_lookup(:bind_request) n = 0 loop do sasl = [ mechanism.to_ber, credentials.to_ber ].to_ber_contextspecific(3) request = [ 3.to_ber, EMPTY_STRING.to_ber, sasl ].to_ber_appsequence(request_type) raise SecureBindError, 'sasl-challenge overflow' if (n += 1) > 10 pdu = submit(:bind_request, request) credentials = challenge.call(pdu.result_server_sasl_creds) end end |
#start_tls ⇒ PDU
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
Returns result object.
75 76 77 78 79 80 81 82 83 |
# File 'lib/rom/ldap/client/authentication.rb', line 75 def start_tls request_type = pdu_lookup(:extended_request) request = [ OID[:start_tls].to_ber_contextspecific(0) ].to_ber_appsequence(request_type) submit(:extended_response, request) end |