import { Client } from "ldapts"; import { TotpChecker } from "./totpChecker.js"; export class LdapAuthenticationHandler { configuration; constructor(configuration) { this.configuration = configuration; } fieldToString(data) { if (typeof data === "string") return data; if (Array.isArray(data)) return this.fieldToString(data[0]); return data.toString("utf8"); } async tryBind(username, password) { if (!username || !password) return null; const client = new Client({ url: this.configuration.ldapUrl, timeout: 0, connectTimeout: 0, tlsOptions: { minVersion: 'TLSv1.2', }, strictDN: true, }); const bindDn = `${this.configuration.bindDnField}=${username},${this.configuration.bindBase}`; let totp = null; let finalUsername = null; try { await client.bind(bindDn, password); if (this.configuration.totpField) { const data = await client.search(bindDn); totp = this.fieldToString(data.searchEntries[0]?.[this.configuration.totpField]); finalUsername = this.fieldToString(data.searchEntries[0]?.[this.configuration.usernameField]); } } catch (ex) { console.error(ex); return null; } finally { client.unbind(); } return { username: finalUsername, totp: totp }; } async tryLogin(username, password, totp) { const account = await this.tryBind(username, password); if (!account) return null; return TotpChecker.ValidateTotp(account.totp, totp); } async needTotp(username, password) { const account = await this.tryBind(username, password); if (!account) return null; return !!account.totp; } } //# sourceMappingURL=ldapAuthenticationHandler.js.map