async findAccount()

in resources/oidc-provider/account/ldap_auth/index.js [62:127]

• 54 lines of code
• 3 McCabe index (conditional complexity)

  async findAccount(ctx, id) {
    Log.debug(`ldapaccount: about to find user ${id} in ldap ${this.tenantconfig.ldapurl}`, ctx)
    return Promise.resolve()
      .then(() => new Promise(async (resolve, reject) => {

        const client = ldap.createClient({
          url: this.tenantconfig.ldapurl
        })

        const opts = {
          filter: `(&(cn=${id})(objectClass=user))`,
          scope: 'sub'
        }

        const tenantLdapUserPassword = await getSecret(this.tenantconfig.ldapuserpassword)

        Log.debug(`ldapaccount: going to bind with user:${this.tenantconfig.ldapuser} and password:${tenantLdapUserPassword}`)

        client.bind(this.tenantconfig.ldapuser, tenantLdapUserPassword, err => {
          if (err) {
            Log.error(err.message)
            client.unbind(error => { if (error) { Log.debug(error.message) } else { Log.debug('ldap client disconnected') } reject(err) })
          } else {
            Log.debug("Bind successfull, going to search now")
            var user
            client.search(this.tenantconfig.ldapsuffix, opts, (err, res) => {
              res.on('searchEntry', entry => {
                user = entry.object
                Log.debug('ldap user found', entry.object)
                
              })
              res.on('searchReference', referral => {
                Log.debug('ldap referral: ' + referral.uris.join());
              });
              res.on('error', err => {
                Log.error('ldap error: ' + err.message);
                reject(err)
              });
              res.on('end', result => {
                Log.debug('ldap search ended: ',result);
                resolve([{ "Name":"sub","Value": user.sAMAccountName },{"Name":"email","Value": user.sAMAccountName+'@'+this.tenantconfig.domain},{"Name":"tenantid","Value":this.tenantconfig.tenant_id}])
              });
            })
          }
        })



        
      }))
      .then(data => {
        // Return the value of Cognito's UserAttributes as climes.
        const claims = async (use, scope, claims, rejected) => {
          Log.debug(`ldapaccount: claims was called with use: ${use}, scope: ${scope}, claims: ${claims}, rejected: ${rejected}, data: ${data}`)
          
          const clms = data.reduce((acc, current) => {
            acc[current.Name] = current.Value
            return acc
          }, {})
          clms.tenantid=this.tenantconfig.tenant_id
          Log.debug('ldapaccount: claims will return!', clms)
          return clms
        }
        return new LDAPAccount(id, claims, this.tenantconfig.ldapurl, this.tenantconfig.ldapsuffix, this.tenantconfig.domain, this.tenantconfig.tenant_id)
      })
  }