In diagnosing a problem where a user reported trouble logging in with an alias, I wanted to be able to excercise all of the authentication logic that is in play from the command line. So I updated test-auth.js and it looks like this now. Usage:
Test authentication against LDAP.
Usage: node ./scripts/test-auth.js
Options:
-h, --help display this usage message
-u, --url LDAP server url [default: "ldaps://addressbook.mozilla.com:636"]
-a, --address email address to authenticate (may be an alias) [required]
-p, --password LDAP account password [required]
-c, --canonical canonical LDAP password (required when email is an alias)
execution:
$ scripts/test-auth.js -a lloyd@mozilla.com -c lhilaiel@mozilla.com -p <REDACTED>
canonical address for lloyd@mozilla.com is lhilaiel@mozilla.com
{ email: 'lhilaiel@mozilla.com',
zimbraAlias: 'lloyd@mozilla.com',
pwdChangedTime: '20130618163347Z' }
In order to make this work I needed to be able to pass in arguments to auth.canonicalAddress and auth.authUser, so I added symmetry to all of the auth functions.
Finally, while I was in there, the addition of getUserData had caused a performance regression. Three distinct LDAP connections are now established while logging a user in, I reduced this to two by modifying getUserData to optionally accept a bound LDAP connection so re-establishment is not neccesary.
All automated and manual tests pass, I can massage this commit into two if it makes anyone uncomfortable
In diagnosing a problem where a user reported trouble logging in with an alias, I wanted to be able to excercise all of the authentication logic that is in play from the command line. So I updated test-auth.js and it looks like this now. Usage:
execution:
In order to make this work I needed to be able to pass in arguments to
auth.canonicalAddress
andauth.authUser
, so I added symmetry to all of the auth functions.Finally, while I was in there, the addition of getUserData had caused a performance regression. Three distinct LDAP connections are now established while logging a user in, I reduced this to two by modifying
getUserData
to optionally accept a bound LDAP connection so re-establishment is not neccesary.All automated and manual tests pass, I can massage this commit into two if it makes anyone uncomfortable