search

ldapjs / node-ldapjs

LDAP Client and Server API for node.js
http://ldapjs.org
MIT License
1.61k stars 448 forks source link

Unable to match DN in ldapjs@3.0.0 version #947

Open reena-obc opened 1 year ago

reena-obc commented 1 year ago

I want to match subject and get output "true" but getting "false" in ldapjs version 3.0.0, it was "true" in ldapjs version 2.3.3. import ldapjs from 'ldapjs';

function subjectMatches(actual, expected) { try { const actualDN = ldapjs.parseDN(actual); const expectedDN = ldapjs.parseDN(expected); const actualRDNs = actualDN.rdns.map(rdn => rdn.toString()); const expectedRDNs = expectedDN.rdns.map(rdn => rdn.toString()); const checker = (arr, target) => target.every(v => arr.includes(v)); if (actualRDNs.length != expectedRDNs.length || !checker(expectedRDNs, actualRDNs)) { throw new Error('invalid tls_client_auth_subject_dn claim'); } } catch (err) { return false; } return true; } // Certificate, eidas, subject DN, RDNs console.log( subjectMatches( 'CN=875HGJHJHJ,organizationIdentifier=xyz-abc-123,O=ABC,C=GB', 'CN=875HGJHJHJ,organizationIdentifier=xyz-abc-123,O=ABC,C=GB', ), );

reena-obc commented 1 year ago

How to Extract RDNs

jsumners commented 1 year ago

Please provide a minimal reproducible example (MRE). Doing so will help us diagnose your issue. It should be the bare minimum code needed to trigger the issue, and easily runnable without any changes or extra code. Please review the integration tests, e.g. issue-940.test.js, for examples of good MREs.

You may use a GitHub repository to host the code if it is too much to fit in a code block (or two).

axkibe commented 11 months ago

They did provide a MRE, albeit terribly formated and obviously a coding error, a catch all that returns false and an error before.

rdns is now considered private and you cannot call map on it.

I suggest to look at https://github.com/ldapjs/node-ldapjs/blob/master/docs/dn.md how to compare DNs

Note that dns a few more public function than mentioned in the docs (but I think not needed here) https://github.com/ldapjs/dn/blob/master/lib/dn.js

IMO with this this can be closed.

craigify commented 11 months ago

if rdns is an array of rdn objects, why make rdns private? There are useful functions in the rdn object to use, but you can't get at them...

I'm not following now to use a dn object, similar to this guy's question. And, the docs say to reference the rdns object in dn.rdns, so.....I'm guessing it's just outdated docs.