forked from trentm/node-ldapauth
-
Notifications
You must be signed in to change notification settings - Fork 79
/
ldapauth.d.ts
135 lines (121 loc) · 3.69 KB
/
ldapauth.d.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
// Type definitions for ldapauth-fork 4.0
// Project: https://github.com/vesse/node-ldapauth-fork
// Definitions by: Vesa Poikajärvi <https://github.com/vesse>
// TypeScript Version: 2.1
/// <reference types="node"/>
import { EventEmitter } from 'events';
import { ClientOptions, ErrorCallback } from 'ldapjs';
import { ConnectionOptions } from 'tls';
declare namespace LdapAuth {
type Scope = 'base' | 'one' | 'sub';
interface Callback {
(error: Error | string, result?: any): void;
}
interface GroupSearchFilterFunction {
/**
* Construct a group search filter from user object
*
* @param user The user retrieved and authenticated from LDAP
*/
(user: any): string;
}
interface Options extends ClientOptions {
/**
* Admin connection DN, e.g. uid=myapp,ou=users,dc=example,dc=org.
* If not given at all, admin client is not bound. Giving empty
* string may result in anonymous bind when allowed.
*
* Note: Not passed to ldapjs, it would bind automatically
*/
bindDN?: string;
/**
* Password for bindDN
*/
bindCredentials?: string;
/**
* The base DN from which to search for users by username.
* E.g. ou=users,dc=example,dc=org
*/
searchBase: string;
/**
* LDAP search filter with which to find a user by username, e.g.
* (uid={{username}}). Use the literal {{username}} to have the
* given username interpolated in for the LDAP search.
*/
searchFilter: string;
/**
* Scope of the search. Default: 'sub'
*/
searchScope?: Scope;
/**
* Array of attributes to fetch from LDAP server. Default: all
*/
searchAttributes?: string[];
/**
* The base DN from which to search for groups. If defined,
* also groupSearchFilter must be defined for the search to work.
*/
groupSearchBase?: string;
/**
* LDAP search filter for groups. Place literal {{dn}} in the filter
* to have it replaced by the property defined with `groupDnProperty`
* of the found user object. Optionally you can also assign a
* function instead. The found user is passed to the function and it
* should return a valid search filter for the group search.
*/
groupSearchFilter?: string | GroupSearchFilterFunction;
/**
* Scope of the search. Default: sub
*/
groupSearchScope?: Scope;
/**
* Array of attributes to fetch from LDAP server. Default: all
*/
groupSearchAttributes?: string[];
/**
* Property of the LDAP user object to use when binding to verify
* the password. E.g. name, email. Default: dn
*/
bindProperty?: string;
/**
* The property of user object to use in '{{dn}}' interpolation of
* groupSearchFilter. Default: 'dn'
*/
groupDnProperty?: string;
/**
* If true, then up to 100 credentials at a time will be cached for
* 5 minutes.
*/
cache?: boolean;
/**
* If true, then intialize TLS using the starttls mechanism.
*/
starttls?: boolean;
/**
* Provides the secure TLS options passed to tls.connect in ldapjs
*/
tlsOptions?: ConnectionOptions;
}
}
declare class LdapAuth extends EventEmitter {
/**
* @constructor
* @param opts
*/
constructor(opts: LdapAuth.Options);
/**
* Authenticate against LDAP server with given credentials
*
* @param username Username
* @param password Password
* @param callback Standard callback
*/
authenticate(username: string, password: string, callback: LdapAuth.Callback): void;
/**
* Unbind both admin and client connections
*
* @param callback Error callback
*/
close(callback?: ErrorCallback): void;
}
export = LdapAuth;