fellow developpers,
I have deployed a docker image osixia/openldap and osixia/phpldapadmin. I am developing an application in NodeJS that uses "ldapjs".
What works:
- From the "phpldapadmin" web app, I can access the data from the "openldap" deployment; my tree is as follows:
+--> dc=example,dc=org (2)
+--> ou=Groups (2)
| ---> cn=groupe1
| ---> cn=groupe2
+--> ou=Users (3)
| ---> cn=user1
| ---> cn=user2
| ---> cn=user3
- From the "phpldapadmin" web app, I can correctly execute a search request on "BaseDN = dc=example,dc=org" and filter="(uniqueMember=cn=user1,ou=users,dc=example,dc=org)", the interface shows me the list of groups to which user1 belongs.
- From my NodeJS code, I perform a bind request to implement the authentication functionality; this works when I provide the correct credentials.
What doesn't work:
- From my NodeJS code, I make a search request to implement the authorization functionality (checking group membership). Here are the logs from my openLDAP instance:
LDAP-directory | 65148901 conn=1003 op=0 BIND dn="cn=admin,dc=example,dc=org" method=128
LDAP-directory | 65148901 conn=1003 op=0 BIND dn="cn=admin,dc=example,dc=org" mech=SIMPLE ssf=0
LDAP-directory | 65148901 conn=1003 op=0 RESULT tag=97 err=0 text=
LDAP-directory | 65148901 conn=1003 op=1 SRCH base="dc=example,dc=org" scope=2 deref=3 filter="(uniqueMember=cn=user1,ou=users,dc=example,dc=org)"
LDAP-directory | 65148901 conn=1003 op=1 SRCH attr=cn
LDAP-directory | 65148901 <= mdb_equality_candidates: (uniqueMember) not indexed
LDAP-directory | 65148901 conn=1003 op=1 SEARCH RESULT tag=101 err=0 nentries=2 text=
- An exception is thrown right after in my backend:
Cannot read properties of undefined (reading 'toLowerCase')
Please note I have no usage of toLowerCase function in my whole backend codebase
- Here's the error stack; it seems like the problem comes from the LDAP WS:
API | at /usr/src/app/main.api.js:2:762329
API | at I.<anonymous> (/usr/src/app/main.api.js:2:759311)
API | at I.emit (node:events:514:28)
API | at I.write (/usr/src/app/main.api.js:2:775328)
API | at Socket.<anonymous> (/usr/src/app/main.api.js:2:758828)
API | at Socket.emit (node:events:514:28)
API | at addChunk (node:internal/streams/readable:343:12)
API | at readableAddChunk (node:internal/streams/readable:316:9)
API | at Readable.push (node:internal/streams/readable:253:10)
API | at TCP.onStreamRead (node:internal/stream_base_commons:190:23)
- Here is my current code:
connection.bind(this.config.adminUsername, this.config.adminPassword, (err) => {
if(err) return reject(err)
const query: SearchOptions = {
scope: 'sub',
filter: 'uniqueMember=' + fullQualifiedName,
attributes: ['cn'],
}
connection.search(this.config.baseDN, query, (err, searchRes) => {
if(err) return reject(err)
const groups = []
searchRes.on('searchEntry', (group) => {
groups.push(group)
})
searchRes.on('error', (err) => {
reject(err)
})
searchRes.on('end', () => {
resolve({
// rights from groups
})
connection.destroy()
})
})
})
TLDR: Authentication works perfectly, I can bind to the server. I can perform searches from the "phpldapadmin" web app and obtain the expected results. However, when performing a search from my NodeJS code, the issue occurs. It seems that the search results are either not returned correctly or are undefined, causing the 'toLowerCase' error.
Versions involved:
- Nodejs:latest
- osixia/phpldapadmin:latest
- osixia/openldap:latest
- ldapjs: "^3.0.5",
Thank you, you're my last hope before mental hospital.
I've tried pretty everything the last 2 days, I hope someone got the same issue and figure it out something to solve the situation.