summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristoph (Sheogorath) Kern2017-12-12 10:27:22 +0100
committerGitHub2017-12-12 10:27:22 +0100
commit17e3b8b5cdd7286899df0c5a36ec818aee3812ce (patch)
tree9f4eff2b4d704db6a131c54a13a1fa3195b50bf0
parent612b2d181145597257c082aa24456112bcc2aee3 (diff)
parent74758723f9deed8218a6dec588724d722656f6fd (diff)
Merge branch 'master' into ldap-username-field
Diffstat (limited to '')
-rw-r--r--README.md4
-rw-r--r--config.json.example2
-rw-r--r--lib/config/environment.js10
-rw-r--r--lib/config/utils.js7
4 files changed, 15 insertions, 8 deletions
diff --git a/README.md b/README.md
index a79c506d..798e17e7 100644
--- a/README.md
+++ b/README.md
@@ -169,7 +169,7 @@ There are some configs you need to change in the files below
| HMD_LDAP_TOKENSECRET | `supersecretkey` | secret used for generating access/refresh tokens |
| HMD_LDAP_SEARCHBASE | `o=users,dc=example,dc=com` | LDAP directory to begin search from |
| HMD_LDAP_SEARCHFILTER | `(uid={{username}})` | LDAP filter to search with |
-| HMD_LDAP_SEARCHATTRIBUTES | no example | LDAP attributes to search with |
+| HMD_LDAP_SEARCHATTRIBUTES | `displayName, mail` | LDAP attributes to search with (use comma to separate) |
| HMD_LDAP_USERNAMEFIELD | `uid` | The LDAP field which is used as the username on HackMD |
| HMD_LDAP_TLS_CA | `server-cert.pem, root.pem` | Root CA for LDAP TLS in PEM format (use comma to separate) |
| HMD_LDAP_PROVIDERNAME | `My institution` | Optional name to be displayed at login form indicating the LDAP provider |
@@ -289,7 +289,7 @@ See more at [http://operational-transformation.github.io/](http://operational-tr
# License
-**License under MIT.**
+**License under AGPL.**
[gitter-image]: https://badges.gitter.im/Join%20Chat.svg
[gitter-url]: https://gitter.im/hackmdio/hackmd?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge
diff --git a/config.json.example b/config.json.example
index 401de381..b243bf8d 100644
--- a/config.json.example
+++ b/config.json.example
@@ -70,7 +70,7 @@
"tokenSecret": "change this",
"searchBase": "change this",
"searchFilter": "change this",
- "searchAttributes": "change this",
+ "searchAttributes": ["change this"],
"usernameField": "change this e.g. uid"
"tlsOptions": {
"changeme": "See https://nodejs.org/api/tls.html#tls_tls_connect_options_callback"
diff --git a/lib/config/environment.js b/lib/config/environment.js
index d1b26843..27e63591 100644
--- a/lib/config/environment.js
+++ b/lib/config/environment.js
@@ -1,6 +1,6 @@
'use strict'
-const {toBooleanConfig} = require('./utils')
+const {toBooleanConfig, toArrayConfig} = require('./utils')
module.exports = {
domain: process.env.HMD_DOMAIN,
@@ -15,7 +15,7 @@ module.exports = {
preload: toBooleanConfig(process.env.HMD_HSTS_PRELOAD)
},
protocolusessl: toBooleanConfig(process.env.HMD_PROTOCOL_USESSL),
- alloworigin: process.env.HMD_ALLOW_ORIGIN ? process.env.HMD_ALLOW_ORIGIN.split(',') : undefined,
+ alloworigin: toArrayConfig(process.env.HMD_ALLOW_ORIGIN),
usecdn: toBooleanConfig(process.env.HMD_USECDN),
allowanonymous: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS),
allowfreeurl: toBooleanConfig(process.env.HMD_ALLOW_FREEURL),
@@ -70,7 +70,7 @@ module.exports = {
tokenSecret: process.env.HMD_LDAP_TOKENSECRET,
searchBase: process.env.HMD_LDAP_SEARCHBASE,
searchFilter: process.env.HMD_LDAP_SEARCHFILTER,
- searchAttributes: process.env.HMD_LDAP_SEARCHATTRIBUTES,
+ searchAttributes: toArrayConfig(process.env.HMD_LDAP_SEARCHATTRIBUTES),
usernameField: process.env.HMD_LDAP_USERNAMEFIELD,
tlsca: process.env.HMD_LDAP_TLS_CA
},
@@ -80,8 +80,8 @@ module.exports = {
issuer: process.env.HMD_SAML_ISSUER,
identifierFormat: process.env.HMD_SAML_IDENTIFIERFORMAT,
groupAttribute: process.env.HMD_SAML_GROUPATTRIBUTE,
- externalGroups: process.env.HMD_SAML_EXTERNALGROUPS ? process.env.HMD_SAML_EXTERNALGROUPS.split('|') : [],
- requiredGroups: process.env.HMD_SAML_REQUIREDGROUPS ? process.env.HMD_SAML_REQUIREDGROUPS.split('|') : [],
+ externalGroups: toArrayConfig(process.env.HMD_SAML_EXTERNALGROUPS, '|', []),
+ requiredGroups: toArrayConfig(process.env.HMD_SAML_REQUIREDGROUPS, '|', []),
attribute: {
id: process.env.HMD_SAML_ATTRIBUTE_ID,
username: process.env.HMD_SAML_ATTRIBUTE_USERNAME,
diff --git a/lib/config/utils.js b/lib/config/utils.js
index 11bbd8cb..9ff2f96d 100644
--- a/lib/config/utils.js
+++ b/lib/config/utils.js
@@ -6,3 +6,10 @@ exports.toBooleanConfig = function toBooleanConfig (configValue) {
}
return configValue
}
+
+exports.toArrayConfig = function toArrayConfig (configValue, separator = ',', fallback) {
+ if (configValue && typeof configValue === 'string') {
+ return (configValue.split(separator).map(arrayItem => arrayItem.trim()))
+ }
+ return fallback
+}