module ROM::LDAP::Client::Authentication
Adds authentication capability to the client.
@api private
Public Instance Methods
bind(username:, password:)
click to toggle source
The Bind request is defined as follows:
BindRequest ::= [APPLICATION 0] SEQUENCE { version INTEGER (1 .. 127), name LDAPDN, authentication AuthenticationChoice } AuthenticationChoice ::= CHOICE { simple [0] OCTET STRING, -- 1 and 2 reserved sasl [3] SaslCredentials, ... } SaslCredentials ::= SEQUENCE { mechanism LDAPString, credentials OCTET STRING OPTIONAL }
@see tools.ietf.org/html/rfc4511#section-4.2 @see tools.ietf.org/html/rfc4513
@option :username [String]
@option :password [String]
@return [PDU] result object
@raise [BindError]
@api public
# File lib/rom/ldap/client/authentication.rb, line 52 def bind(username:, password:) request_type = pdu_lookup(:bind_request) request = [ 3.to_ber, username.to_ber, password.to_ber_contextspecific(0) ].to_ber_appsequence(request_type) pdu = submit(:bind_result, request) raise(BindError, username) if pdu.failure? pdu end
sasl_bind(mechanism:, credentials:, challenge:)
click to toggle source
@return
@raise [SecureBindError]
@api private
# File lib/rom/ldap/client/authentication.rb, line 88 def sasl_bind(mechanism:, credentials:, challenge:) request_type = pdu_lookup(:bind_request) n = 0 loop do sasl = [ mechanism.to_ber, credentials.to_ber ].to_ber_contextspecific(3) request = [ 3.to_ber, EMPTY_STRING.to_ber, sasl ].to_ber_appsequence(request_type) raise SecureBindError, 'sasl-challenge overflow' if (n += 1) > 10 pdu = submit(:bind_request, request) credentials = challenge.call(pdu.result_server_sasl_creds) end end
start_tls()
click to toggle source
@return [PDU] result object
@api private
# File lib/rom/ldap/client/authentication.rb, line 72 def start_tls request_type = pdu_lookup(:extended_request) request = [ OID[:start_tls].to_ber_contextspecific(0) ].to_ber_appsequence(request_type) submit(:extended_response, request) end