search

ldapjs / node-ldapjs

LDAP Client and Server API for node.js
http://ldapjs.org
MIT License
1.61k stars 445 forks source link

Bug in source code in ldapjs npm package #899

Closed Cleo-s closed 1 year ago

Cleo-s commented 1 year ago

Hey-hey! Sorry to bother you with such problems, but couldn't find a solution, so to contact you - the only way I have.

I have tried to create request to AC using ldap, source code below, and here some issues:

  1. Used npm to instal the package, installed version of package was 2.2.5. I actually didn't find it on your updates website. Trying to update it by npm didn't change nothing.

  2. Tried to install manually by downloading the source zip-file from your update site. And external and intrernal attemps failed. With such mistake:

image

Ater following the link, I found this:

image

  1. I'm using Vite and TypeScript to code and to run my packages. I'm running them LOCALLY, because the project is green, and it's not even ready to be hosted on local-docker-server.

  2. The main mistake. After running the script, on my site should appear the login-window form, when I just created it and have been setting it up - I used the default object with static parameters to login, after that, I created the ldap request source code below. And everytime when I was running the project, I had the same mistake in a package:

image image image

After following all the code parts I found out this:

  1. node_modules/assert-plus/assert.js

image

  1. __require

image

  1. node_modules/ldapjs/lib/errors/index.js

image

  1. __require

image

  1. node_modules/ldapjs/lib/client/request-queue/purge.js

image

  1. __require

image

  1. node_modules/ldapjs/lib/client/request-queue/index.js

image

  1. __require

image

  1. node_modules/ldapjs/lib/client/client.js

image

  1. __require

image

<--------------------------------------------------- SOURCE CODE SETCION --------------------------------------------------------->

'use strict';

import ldap from 'ldapjs';
import CustomStorage from '../../services/Storage/Local-Storage.js';

const Storage = new CustomStorage();

const passwordInput: HTMLInputElement | null = document.querySelector('#password-input');
const loginInput: HTMLInputElement | null = document.querySelector('#login-input');
const logInBtn: HTMLButtonElement | null = document.querySelector('#login-button');
const loginModal = document.querySelector('#login-modal');
const loginOverlay = document.querySelector('#login-overlay');
const passwordWrapper: HTMLDivElement | null = document.querySelector('#password-wrapper');
const savePasswordCheckboxInput: HTMLInputElement | null = document.querySelector('#save-password-checkbox-input');

const ldapServerURL = 'ldap://example.server.url';
const ldapBaseDN = 'cn=Mykhailo Syrota,ou=EXAMPLEasure,dc=exa,dc=mple';

export default function LoginWindow() {
    console.log('Login Window works');

    loginOverlay?.setAttribute('style', 'display: flex');

    logInBtn?.addEventListener('click', () => {
        console.log('Login window works');
        Storage.setItem('login', loginInput?.value);
        Storage.setItem('password', passwordInput?.value);

        const client = ldap.createClient({
            url: ldapServerURL,
        });

        const password: string | undefined = passwordInput?.value;

        if (password) {
            client.bind(ldapBaseDN, password, (error) => {
                if (error && loginModal && loginOverlay) {
                    const throwErr = document.createElement('p');

                    passwordWrapper?.setAttribute('style', 'border: 1px solid red;');

                    passwordWrapper?.classList.add('shake-animation');

                    throwErr.setAttribute('id', 'error-msg');
                    throwErr.textContent = 'Typed password is incorrect';

                    setTimeout(() => {
                        passwordWrapper?.style.removeProperty('border');
                        throwErr.remove();
                    }, 2500);

                    setTimeout(() => {
                        passwordWrapper?.classList.remove('shake-animation');
                    }, 350);

                    loginModal?.appendChild(throwErr);
                    loginOverlay?.appendChild(loginModal);
                    document.body.appendChild(loginOverlay);
                } else {
                    if (savePasswordCheckboxInput?.checked) {
                        sessionStorage.setItem('login', Storage.items.login);
                        sessionStorage.setItem('password', Storage.items.password);
                    }

                    loginOverlay?.remove();
                }
            });
        }

        client.unbind((error) => {
            if (error) {
                console.error('Error unbinding from LDAP server:', error);
            }
        });
    });
}

<---------------------------------------------------------- END OF CODE SECTION -------------------------------------------------->

So, if I'm not mistaken, that's all for now. TY for your time, and rewiev of the problem. I will be really glad if you will help me figure out with this. Have a nice day!

With all the best,

Mykhailo Syrota

cleo.mics@gmail.com +49 151 525 254 14 +38 068 559 52 92

jsumners commented 1 year ago

Hey-hey! Sorry to bother you with such problems, but couldn't find a solution, so to contact you - the only way I have.

This is the appropriate place to ask questions.

  1. Used npm to instal the package, installed version of package was 2.2.5. I actually didn't find it on your updates website. Trying to update it by npm didn't change nothing.

The latest package available is 3.0.2. We no longer support v2.

❯ npm view ldapjs

ldapjs@3.0.2 | MIT | deps: 14 | versions: 74
LDAP client and server APIs
http://ldapjs.org

dist
.tarball: https://registry.npmjs.org/ldapjs/-/ldapjs-3.0.2.tgz
.shasum: 1f21fd4ae6e77b78ef3b56d0643a656553761f13
.integrity: sha512-EBxQaBmgXk1DEaYYJWkp5i5PtSLRI2CWtm1gzxG5buOt40Q7j3zY6MbpRDkach/Cnxr3qSyLHiyXvvkLCOXw+Q==
.unpackedSize: 318.8 kB

dependencies:
@ldapjs/asn1: 2.0.0      @ldapjs/controls: 2.0.0  @ldapjs/messages: 1.0.2  assert-plus: ^1.0.0      vasync: ^2.2.1
@ldapjs/attribute: 1.0.0 @ldapjs/dn: 1.0.0        @ldapjs/protocol: ^1.2.1 backoff: ^2.5.0          verror: ^1.10.1
@ldapjs/change: 1.0.0    @ldapjs/filter: 2.0.0    abstract-logging: ^2.0.1 once: ^1.4.0

maintainers:
- melloc <melloc@writev.io>
- jsumners <james.sumners@gmail.com>
- jgeurts <jim@biacreations.com>
- tonybrix <tony@brix.ninja>
- pfmooney <pmooney@pfmooney.com>
- mcavage <mcavage@gmail.com>

dist-tags:
latest: 3.0.2

3. I'm using Vite and TypeScript to code and to run my packages.

Okay.

4. The main mistake. After running the script, on my site should appear the login-window form, when I just created it and have been setting it up - I used the default object with static parameters to login, after that, I created the ldap request source code below. And everytime when I was running the project, I had the same mistake in a package:

I don't understand. ldapjs does not provide any "login-window form". ldapjs is a library usable by application written against the Node.js runtime to provide an API for accessing LDAP servers, or to provide an API for writing and LDAP server.

Cleo-s commented 1 year ago
  1. Used npm to instal the package, installed version of package was 2.2.5. I actually didn't find it on your updates website. Trying to update it by npm didn't change nothing.

Thank you for the answer, yeah, I know that v2.0 is no longer supported. Lets leave this problem now.

The latest package available is 3.0.2. We no longer support v2.

  1. The main mistake. After running the script, on my site should appear the login-window form, when I just created it and have been setting it up - I used the default object with static parameters to login, after that, I created the ldap request source code below. And everytime when I was running the project, I had the same mistake in a package:

I don't understand. ldapjs does not provide any "login-window form". ldapjs is a library usable by application written against the Node.js runtime to provide an API for accessing LDAP servers, or to provide an API for writing and LDAP server.

About the login-window. It is default-vanila javascript, with integrated in ldap library to access Active Directory server. That's what I meant. Sorry for missunderstanding

jsumners commented 1 year ago

Is your application being run in the Node.js runtime environment?

Cleo-s commented 1 year ago

Is your application being run in the Node.js runtime environment?

Ofc it is, to apply using npm packages I'm using Vite. But running this all with npm, or in node.js env.

jsumners commented 1 year ago

Please provide a minimal reproduction that I can run with node index.js.

Cleo-s commented 1 year ago

Please provide a minimal reproduction that I can run with node index.js.

mostly - it's not possible. Its a huge project as site, so sent only one file from it, does not make any sense.

I could give you an acces to my private repo, so you could clone the project. But still the problem is that you need to configure your Active Directory and your mysql DataBase to run the site. It's too complicated.

Is there any how you could avoid it, and how could I help you with avoiding it?

jsumners commented 1 year ago

A minimal reproduction is not a full project. See https://stackoverflow.com/help/minimal-reproducible-example.

I think that if you attempt to create one, you will find that you are not running your code within the Node.js runtime. Your screenshots show web browser consoles, and your provided code snippet is using web browser DOM APIs.

If you can provide a reproduction that solely uses Node.js, you are welcome to reopen the issue. Otherwise, all evidence provided points to an unsupported environment.