bitwarden/directory-connector
1
0
Fork 0
mirror of https://github.com/bitwarden/directory-connector synced 2025-12-15 15:53:41 +00:00
Code Issues Releases Wiki Activity

[PM-13007] Fix Active Directory externalId parsing (#693)

Browse Source 
Return AD ObjectGuid attribute as buffer so it can be parsed properly
This commit is contained in:
Thomas Rittson
2024-12-19 07:43:47 +10:00
committed by GitHub
parent 69156677ac
commit 37c992f16b
1 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/services/ldap-directory.service.ts
View File

@@ -18,6 +18,11 @@ import { IDirectoryService } from "./directory.service";
const UserControlAccountDisabled = 2;
/**
* The attribute name for the unique identifier used by Active Directory.
*/
const ActiveDirectoryExternalId = "objectGUID";
export class LdapDirectoryService implements IDirectoryService {
private client: ldapts.Client;
private dirConfig: LdapConfiguration;
@@ -240,7 +245,7 @@ export class LdapDirectoryService implements IDirectoryService {
* otherwise it falls back to the provided referenceId.
*/
private getExternalId(searchEntry: ldapts.Entry, referenceId: string) {
const attr = this.getAttr<Buffer>(searchEntry, "objectGUID");
const attr = this.getAttr<Buffer>(searchEntry, ActiveDirectoryExternalId);
if (attr != null) {
return this.bufToGuid(attr);
} else {
@@ -358,6 +363,9 @@ export class LdapDirectoryService implements IDirectoryService {
filter: filter,
scope: "sub",
paged: this.dirConfig.pagedSearch,
// We need to expressly tell ldapts what attributes to return as Buffer objects,
// otherwise they are returned as strings
explicitBufferAttributes: [ActiveDirectoryExternalId],
};
const { searchEntries } = await this.client.search(path, options, controls);
return searchEntries.map((e) => processEntry(e)).filter((e) => e != null);