Class: SheffieldLdapLookup::LdapFinder

Inherits:
Object
  • Object
show all
Defined in:
lib/sheffield_ldap_lookup/ldap_finder.rb

Class Attribute Summary collapse

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(keyword = nil, config_prefix = nil, custom_search_attribute = nil) ⇒ LdapFinder

Returns a new instance of LdapFinder.



7
8
9
10
11
 
# File 'lib/sheffield_ldap_lookup/ldap_finder.rb', line 7

def initialize(keyword = nil, config_prefix = nil, custom_search_attribute = nil)
  self.keyword   = keyword
  @config_prefix = config_prefix
  self.custom_search_attribute = custom_search_attribute
end

Class Attribute Details

.error_notification_procObject

Returns the value of attribute error_notification_proc.



15
16
17
 
# File 'lib/sheffield_ldap_lookup/ldap_finder.rb', line 15

def error_notification_proc
  @error_notification_proc
end

.ldap_configObject

Returns the value of attribute ldap_config.



14
15
16
 
# File 'lib/sheffield_ldap_lookup/ldap_finder.rb', line 14

def ldap_config
  @ldap_config
end

Instance Attribute Details

#custom_search_attributeObject

Returns the value of attribute custom_search_attribute.



5
6
7
 
# File 'lib/sheffield_ldap_lookup/ldap_finder.rb', line 5

def custom_search_attribute
  @custom_search_attribute
end

#keywordObject

Returns the value of attribute keyword.



4
5
6
 
# File 'lib/sheffield_ldap_lookup/ldap_finder.rb', line 4

def keyword
  @keyword
end

Instance Method Details

#all_resultsObject 



22
23
24
25
26
27
28
29
30
31
 
# File 'lib/sheffield_ldap_lookup/ldap_finder.rb', line 22

def all_results
  begin
    @all_results ||= connection.search(filter: ldap_filter)
  rescue Exception => exception
    if self.class.error_notification_proc.is_a?(Proc)
      self.class.error_notification_proc.call(exception)
    end
    raise exception
  end
end

#connection(ldap_class = Net::LDAP) ⇒ Object 



46
47
48
 
# File 'lib/sheffield_ldap_lookup/ldap_finder.rb', line 46

def connection(ldap_class = Net::LDAP)
  @connection ||= ldap_class.new(connection_settings)
end

#connection_settingsObject 



50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
 
# File 'lib/sheffield_ldap_lookup/ldap_finder.rb', line 50

def connection_settings
  base_settings = {
    host: ldap_config["#{@config_prefix}host"],
    port: ldap_config["#{@config_prefix}port"],
    base: ldap_config["#{@config_prefix}base"]
  }

  if ldap_config.key?("#{@config_prefix}username") && ldap_config.key?("#{@config_prefix}password")
    base_settings[:auth] = {
      method: :simple,
      username: ldap_config["#{@config_prefix}username"],
      password: ldap_config["#{@config_prefix}password"]
    }
  end

  if ldap_config["#{@config_prefix}ssl"] == true
    base_settings[:port] ||= 636
    base_settings[:encryption] = {
      method: :simple_tls,
      tls_options: OpenSSL::SSL::SSLContext::DEFAULT_PARAMS.merge(
        # Default min version (in Ruby 2.7) is TLS 1.0, but server always responds and says provide TLS 1.2
        # (and, to be honest, we shouldn't use anything less than TLS 1.2 these days)
        min_version: OpenSSL::SSL::TLS1_2_VERSION
      )
    }
  end

  # Avoid two LDAP queries per connection by forcing unpaged results
  base_settings[:force_no_page] = true

  base_settings
end

#ldap_configObject 



42
43
44
 
# File 'lib/sheffield_ldap_lookup/ldap_finder.rb', line 42

def ldap_config
  self.class.ldap_config
end

#ldap_filter(filter_class = Net::LDAP::Filter) ⇒ Object 



33
34
35
 
# File 'lib/sheffield_ldap_lookup/ldap_finder.rb', line 33

def ldap_filter(filter_class = Net::LDAP::Filter)
  filter_class.eq(search_attribute, keyword)
end

#lookupObject 



18
19
20
 
# File 'lib/sheffield_ldap_lookup/ldap_finder.rb', line 18

def lookup
  all_results[0]
end

#search_attributeObject 



37
38
39
40
 
# File 'lib/sheffield_ldap_lookup/ldap_finder.rb', line 37

def search_attribute
  return custom_search_attribute if custom_search_attribute
  keyword =~ /\A[^@]+@[^@]+\z/ ? 'mail' : 'sAMAccountName'
end