feat: ldap module + deps upgrade

server/modules/authentication/ldap/authentication.js

@@ -6,10 +6,11 @@
 
 const LdapStrategy = require('passport-ldapauth').Strategy
 const fs = require('fs')
+const _ = require('lodash')
 
 module.exports = {
   init (passport, conf) {
-    passport.use('ldapauth',
+    passport.use('ldap',
       new LdapStrategy({
         server: {
           url: conf.url,
@@ -17,7 +18,6 @@ module.exports = {
           bindCredentials: conf.bindCredentials,
           searchBase: conf.searchBase,
           searchFilter: conf.searchFilter,
-          searchAttributes: ['displayName', 'name', 'cn', 'mail'],
           tlsOptions: (conf.tlsEnabled) ? {
             ca: [
               fs.readFileSync(conf.tlsCertPath)
@@ -25,15 +25,28 @@ module.exports = {
           } : {}
         },
         usernameField: 'email',
+        passwordField: 'password',
         passReqToCallback: false
-      }, (profile, cb) => {
-        profile.provider = 'ldap'
-        profile.id = profile.dn
-        WIKI.models.users.processProfile(profile).then((user) => {
-          return cb(null, user) || true
-        }).catch((err) => {
-          return cb(err, null) || true
-        })
+      }, async (profile, cb) => {
+        try {
+          const userId = _.get(profile, conf.mappingUID, null)
+          if (!userId) {
+            throw new Error('Invalid Unique ID field mapping!')
+          }
+
+          const user = await WIKI.models.users.processProfile({
+            profile: {
+              id: userId,
+              email: _.get(profile, conf.mappingEmail, ''),
+              displayName: _.get(profile, conf.mappingDisplayName, '???'),
+              picture: _.get(profile, conf.mappingPicture, '')
+            },
+            providerKey: 'ldap'
+          })
+          cb(null, user)
+        } catch (err) {
+          cb(err, null)
+        }
       }
       ))
   }

server/modules/authentication/ldap/definition.yml

@@ -5,33 +5,69 @@ author: requarks.io
 logo: https://static.requarks.io/logo/active-directory.svg
 color: blue darken-3
 website: https://www.microsoft.com/windowsserver
+isAvailable: true
 useForm: true
 props:
   url:
-    title: URL
+    title: LDAP URL
     type: String
     default: 'ldap://serverhost:389'
-    hint: (e.g. ldap://serverhost:389)
+    hint: (e.g. ldap://serverhost:389 or ldaps://serverhost:636)
+    order: 1
   bindDn:
-    title: Bind DN
+    title: Admin Bind DN
     type: String
     default: cn='root'
     hint: The dstinguished name (dn) of the account used for binding.
+    order: 2
   bindCredentials:
+    title: Admin Bind Credentials
     type: String
-    hint: The password of the account used for binding.
+    hint: The password of the account used above for binding.
+    order: 3
   searchBase:
+    title: Search Base
     type: String
     default: 'o=users,o=example.com'
+    hint: The base DN from which to search for users.
+    order: 4
   searchFilter:
+    title: Search Filter
     type: String
     default: '(uid={{username}})'
-    hint: The query to use to match username. {{username}} must be present.
+    hint: The query to use to match username. {{username}} must be present and will be interpolated with the user provided username when performing the LDAP search.
+    order: 5
   tlsEnabled:
     title: Use TLS
     type: Boolean
     default: false
+    order: 6
   tlsCertPath:
     title: TLS Certificate Path
     type: String
     hint: Absolute path to the TLS certificate on the server.
+    order: 7
+  mappingUID:
+    title: Unique ID Field Mapping
+    type: String
+    default: 'uid'
+    hint: The field storing the user unique identifier. Usually "uid" or "sAMAccountName".
+    order: 8
+  mappingEmail:
+    title: Email Field Mapping
+    type: String
+    default: 'mail'
+    hint: The field storing the user email. Usually "mail".
+    order: 9
+  mappingDisplayName:
+    title: Display Name Field Mapping
+    type: String
+    default: 'displayName'
+    hint: The field storing the user display name. Usually "displayName" or "cn".
+    order: 10
+  mappingPicture:
+    title: Avatar Picture Field Mapping
+    type: String
+    default: 'jpegPhoto'
+    hint: The field storing the user avatar picture. Usually "jpegPhoto" or "thumbnailPhoto".
+    order: 11

server/modules/authentication/microsoft/authentication.js

@@ -4,7 +4,8 @@
 // Microsoft Account
 // ------------------------------------
 
-const WindowsLiveStrategy = require('passport-windowslive').Strategy
+const WindowsLiveStrategy = require('passport-microsoft').Strategy
+const _ = require('lodash')
 
 module.exports = {
   init (passport, conf) {
@@ -12,7 +13,8 @@ module.exports = {
       new WindowsLiveStrategy({
         clientID: conf.clientId,
         clientSecret: conf.clientSecret,
-        callbackURL: conf.callbackURL
+        callbackURL: conf.callbackURL,
+        scope: ['User.Read', 'email', 'openid', 'profile']
       }, async (accessToken, refreshToken, profile, cb) => {
         console.info(profile)
         try {