1 | // Type definitions for ldapauth-fork 4.0
|
2 | // Project: https://github.com/vesse/node-ldapauth-fork
|
3 | // Definitions by: Vesa Poikajärvi <https://github.com/vesse>
|
4 | // TypeScript Version: 2.1
|
5 |
|
6 | /// <reference types="node"/>
|
7 |
|
8 | import { EventEmitter } from "events";
|
9 | import { ClientOptions, ErrorCallback } from 'ldapjs';
|
10 |
|
11 | declare namespace LdapAuth {
|
12 | type Scope = 'base' | 'one' | 'sub';
|
13 |
|
14 | interface Callback {
|
15 | (error: Error|string, result?: any): void;
|
16 | }
|
17 |
|
18 | interface GroupSearchFilterFunction {
|
19 | /**
|
20 | * Construct a group search filter from user object
|
21 | *
|
22 | * @param user The user retrieved and authenticated from LDAP
|
23 | */
|
24 | (user: any): string;
|
25 | }
|
26 |
|
27 | interface Options extends ClientOptions {
|
28 | /**
|
29 | * Admin connection DN, e.g. uid=myapp,ou=users,dc=example,dc=org.
|
30 | * If not given at all, admin client is not bound. Giving empty
|
31 | * string may result in anonymous bind when allowed.
|
32 | *
|
33 | * Note: Not passed to ldapjs, it would bind automatically
|
34 | */
|
35 | bindDN?: string;
|
36 | /**
|
37 | * Password for bindDN
|
38 | */
|
39 | bindCredentials?: string;
|
40 | /**
|
41 | * The base DN from which to search for users by username.
|
42 | * E.g. ou=users,dc=example,dc=org
|
43 | */
|
44 | searchBase: string;
|
45 | /**
|
46 | * LDAP search filter with which to find a user by username, e.g.
|
47 | * (uid={{username}}). Use the literal {{username}} to have the
|
48 | * given username interpolated in for the LDAP search.
|
49 | */
|
50 | searchFilter: string;
|
51 | /**
|
52 | * Scope of the search. Default: 'sub'
|
53 | */
|
54 | searchScope?: Scope;
|
55 | /**
|
56 | * Array of attributes to fetch from LDAP server. Default: all
|
57 | */
|
58 | searchAttributes?: string[];
|
59 |
|
60 | /**
|
61 | * The base DN from which to search for groups. If defined,
|
62 | * also groupSearchFilter must be defined for the search to work.
|
63 | */
|
64 | groupSearchBase?: string;
|
65 | /**
|
66 | * LDAP search filter for groups. Place literal {{dn}} in the filter
|
67 | * to have it replaced by the property defined with `groupDnProperty`
|
68 | * of the found user object. Optionally you can also assign a
|
69 | * function instead. The found user is passed to the function and it
|
70 | * should return a valid search filter for the group search.
|
71 | */
|
72 | groupSearchFilter?: string | GroupSearchFilterFunction;
|
73 | /**
|
74 | * Scope of the search. Default: sub
|
75 | */
|
76 | groupSearchScope?: Scope;
|
77 | /**
|
78 | * Array of attributes to fetch from LDAP server. Default: all
|
79 | */
|
80 | groupSearchAttributes?: string[];
|
81 |
|
82 | /**
|
83 | * Property of the LDAP user object to use when binding to verify
|
84 | * the password. E.g. name, email. Default: dn
|
85 | */
|
86 | bindProperty?: string;
|
87 | /**
|
88 | * The property of user object to use in '{{dn}}' interpolation of
|
89 | * groupSearchFilter. Default: 'dn'
|
90 | */
|
91 | groupDnProperty?: string;
|
92 |
|
93 | /**
|
94 | * Set to true to add property '_raw' containing the original buffers
|
95 | * to the returned user object. Useful when you need to handle binary
|
96 | * attributes
|
97 | */
|
98 | includeRaw?: boolean;
|
99 |
|
100 | /**
|
101 | * If true, then up to 100 credentials at a time will be cached for
|
102 | * 5 minutes.
|
103 | */
|
104 | cache?: boolean;
|
105 | }
|
106 | }
|
107 |
|
108 | declare class LdapAuth extends EventEmitter {
|
109 | /**
|
110 | * @constructor
|
111 | * @param opts
|
112 | */
|
113 | constructor(opts: LdapAuth.Options);
|
114 |
|
115 | /**
|
116 | * Authenticate against LDAP server with given credentials
|
117 | *
|
118 | * @param username Username
|
119 | * @param password Password
|
120 | * @param callback Standard callback
|
121 | */
|
122 | authenticate(username: string, password: string, callback: LdapAuth.Callback): void;
|
123 |
|
124 | /**
|
125 | * Unbind both admin and client connections
|
126 | *
|
127 | * @param callback Error callback
|
128 | */
|
129 | close(callback?: ErrorCallback): void;
|
130 | }
|
131 |
|
132 | export = LdapAuth;
|