Class: Identizer::Ldap::Server

Inherits:

Object

• Object
• Identizer::Ldap::Server

Defined in:

lib/identizer/ldap/server.rb

Overview

A minimal LDAP v3 listener so apps that authenticate via LDAP can bind and search against the directory. Speaks BER over a plain TCP socket using Net::LDAP’s codec. Supports simple bind, search (with the filters in Identizer::Ldap::Filter) and unbind — enough to develop LDAP auth locally.

Constant Summary

BIND_REQUEST =

protocolOp application tags (request side).

0x60

SEARCH_REQUEST =

0x63

UNBIND_REQUEST =

0x42

EXTENDED_REQUEST =

0x77

BIND_RESPONSE =

protocolOp application tags (response side).

1

SEARCH_ENTRY =

4

SEARCH_DONE =

5

EXTENDED_RESPONSE =

24

PROTOCOL_ERROR =

2

STARTTLS_OID =

"1.3.6.1.4.1.1466.20037"

SYNTAX =

Net::LDAP’s client syntax doesn’t map the ExtendedRequest tag, so add it (as an array) — otherwise read_ber raises on a StartTLS request.

Net::LDAP::AsnSyntax.dup.tap { |syntax| syntax[EXTENDED_REQUEST] = :array }.freeze

Instance Attribute Summary

• #host ⇒ Object readonly

  Returns the value of attribute host.

• #port ⇒ Object readonly

  Returns the value of attribute port.

Instance Method Summary

• #initialize(config, host: nil, port: nil, tls: false) ⇒ Server constructor

  A new instance of Server.

• #start ⇒ Object
• #stop ⇒ Object

Constructor Details

#initialize(config, host: nil, port: nil, tls: false) ⇒ Server

Returns a new instance of Server.

# File 'lib/identizer/ldap/server.rb', line 29

def initialize(config, host: nil, port: nil, tls: false)
  @config = config
  @host = host || config.ldap_host || config.host
  @port = port || config.ldap_port || 1389
  @tls = tls
  @handler = Handler.new(config)
end

Instance Attribute Details

#host ⇒ Object (readonly)

Returns the value of attribute host.

# File 'lib/identizer/ldap/server.rb', line 37

def host
  @host
end

#port ⇒ Object (readonly)

Returns the value of attribute port.

# File 'lib/identizer/ldap/server.rb', line 37

def port
  @port
end

Instance Method Details

#start ⇒ Object

# File 'lib/identizer/ldap/server.rb', line 39

def start
  @socket = TCPServer.new(@host, @port)
  @ssl_context = build_ssl_context if @tls
  @running = true
  accept_loop
end

#stop ⇒ Object

# File 'lib/identizer/ldap/server.rb', line 46

def stop
  @running = false
  @socket&.close
rescue IOError
  nil
end