import { Client } from "ldapts"; import { TotpChecker } from "./totpChecker.js"; export class LdapAuthenticationHandler { configuration; constructor(configuration) { this.configuration = configuration; } fieldToString(data) { if (typeof data === "string") return data; if (Array.isArray(data)) return this.fieldToString(data[0]); return data.toString("utf8"); } async tryBind(username, password) { if (!username || !password) return null; const client = new Client({ url: this.configuration.ldapUrl, timeout: 0, connectTimeout: 0, tlsOptions: { minVersion: 'TLSv1.2', }, strictDN: true, }); const bindDn = `${this.configuration.bindDnField}=${username},${this.configuration.bindBase}`; let totp = null; let finalUsername = null; let success = false; try { await client.bind(bindDn, password); const data = await client.search(bindDn, { filter: this.configuration.ldapFilter || undefined, attributes: [this.configuration.totpField, this.configuration.usernameField, this.configuration.bindDnField].filter(x => !!x) }); if (data.searchEntries[0]) { success = true; totp = this.configuration.totpField ? this.fieldToString(data.searchEntries[0]?.[this.configuration.totpField]) : null; finalUsername = this.configuration.usernameField ? this.fieldToString(data.searchEntries[0]?.[this.configuration.usernameField]) : username; } } catch (ex) { console.error(ex); return null; } finally { client.unbind(); } return success ? { username: finalUsername, totp: totp } : null; } async tryLogin(username, password, totp) { const account = await this.tryBind(username, password); console.log(account); if (!account) return null; return TotpChecker.ValidateTotp(account.totp, totp); } async needTotp(username, password) { const account = await this.tryBind(username, password); if (!account) return null; return !!account.totp; } } //# sourceMappingURL=ldapAuthenticationHandler.js.map