diff --git a/package.json b/package.json index f39e63e8a..e37c95833 100644 --- a/package.json +++ b/package.json @@ -16,6 +16,7 @@ "start:app:debug:ssh": "cd app && cross-env DEBUG=ssh yarn start", "start:api:portal": "yarn workspace dbgate-api start:portal", "start:api:singledb": "yarn workspace dbgate-api start:singledb", + "start:api:auth": "yarn workspace dbgate-api start:auth", "start:web": "yarn workspace dbgate-web dev", "start:sqltree": "yarn workspace dbgate-sqltree start", "start:tools": "yarn workspace dbgate-tools start", diff --git a/packages/api/env/auth/.gitignore b/packages/api/env/auth/.gitignore new file mode 100644 index 000000000..2eea525d8 --- /dev/null +++ b/packages/api/env/auth/.gitignore @@ -0,0 +1 @@ +.env \ No newline at end of file diff --git a/packages/api/package.json b/packages/api/package.json index 8190e5805..236d4211c 100644 --- a/packages/api/package.json +++ b/packages/api/package.json @@ -17,6 +17,7 @@ "dbgate" ], "dependencies": { + "activedirectory2": "^2.1.0", "async-lock": "^1.2.4", "axios": "^0.21.1", "body-parser": "^1.19.0", @@ -42,6 +43,7 @@ "is-electron": "^2.2.1", "js-yaml": "^4.1.0", "json-stable-stringify": "^1.0.1", + "jsonwebtoken": "^8.5.1", "line-reader": "^0.4.0", "lodash": "^4.17.21", "ncp": "^2.0.0", @@ -57,6 +59,7 @@ "start": "env-cmd node src/index.js --listen-api", "start:portal": "env-cmd -f env/portal/.env node src/index.js --listen-api", "start:singledb": "env-cmd -f env/singledb/.env node src/index.js --listen-api", + "start:auth": "env-cmd -f env/auth/.env node src/index.js --listen-api", "start:filedb": "env-cmd node src/index.js /home/jena/test/chinook/Chinook.db --listen-api", "start:singleconn": "env-cmd node src/index.js --server localhost --user root --port 3307 --engine mysql@dbgate-plugin-mysql --password test --listen-api", "ts": "tsc", diff --git a/packages/api/src/controllers/auth.js b/packages/api/src/controllers/auth.js new file mode 100644 index 000000000..d3db8660c --- /dev/null +++ b/packages/api/src/controllers/auth.js @@ -0,0 +1,142 @@ +const axios = require('axios'); +const jwt = require('jsonwebtoken'); +const getExpressPath = require('../utility/getExpressPath'); +const uuidv1 = require('uuid/v1'); +const { getLogins } = require('../utility/hasPermission'); +const AD = require('activedirectory2').promiseWrapper; + +const tokenSecret = uuidv1(); + +function shouldAuthorizeApi() { + const logins = getLogins(); + return !!process.env.OAUTH_AUTH || !!process.env.AD_URL || (!!logins && !process.env.BASIC_AUTH); +} + +function getTokenLifetime() { + return process.env.TOKEN_LIFETIME || '1d'; +} + +function unauthorizedResponse(req, res, text) { + // if (req.path == getExpressPath('/config/get-settings')) { + // return res.json({}); + // } + // if (req.path == getExpressPath('/connections/list')) { + // return res.json([]); + // } + return res.sendStatus(401).send(text); +} + +function authMiddleware(req, res, next) { + const SKIP_AUTH_PATHS = ['/config/get', '/auth/oauth-token', '/auth/login', '/stream']; + + if (!shouldAuthorizeApi()) { + return next(); + } + let skipAuth = !!SKIP_AUTH_PATHS.find(x => req.path == getExpressPath(x)); + + const authHeader = req.headers.authorization; + if (!authHeader) { + if (skipAuth) { + return next(); + } + return unauthorizedResponse(req, res, 'missing authorization header'); + } + const token = authHeader.split(' ')[1]; + try { + const decoded = jwt.verify(token, tokenSecret); + req.user = decoded; + return next(); + } catch (err) { + if (skipAuth) { + return next(); + } + + console.log('Sending invalid token error', err.message); + + return unauthorizedResponse(req, res, 'invalid token'); + } +} + +module.exports = { + oauthToken_meta: true, + async oauthToken(params) { + const { redirectUri, code } = params; + + const resp = await axios.default.post( + `${process.env.OAUTH_TOKEN}`, + `grant_type=authorization_code&code=${encodeURIComponent(code)}&redirect_uri=${encodeURIComponent( + redirectUri + )}&client_id=${process.env.OAUTH_CLIENT_ID}&client_secret=${process.env.OAUTH_CLIENT_SECRET}` + ); + + const { access_token, refresh_token } = resp.data; + + const payload = jwt.decode(access_token); + + console.log('User payload returned from OAUTH:', payload); + + const login = process.env.OAUTH_LOGIN_FIELD ? payload[process.env.OAUTH_LOGIN_FIELD] : 'oauth'; + + if ( + process.env.OAUTH_ALLOWED_LOGINS && + !process.env.OAUTH_ALLOWED_LOGINS.split(',').find(x => x.toLowerCase().trim() == login.toLowerCase().trim()) + ) { + return { error: `Username ${login} not allowed to log in` }; + } + if (access_token) { + return { + accessToken: jwt.sign({ login }, tokenSecret, { expiresIn: getTokenLifetime() }), + }; + } + + return { error: 'Token not found' }; + }, + login_meta: true, + async login(params) { + const { login, password } = params; + + if (process.env.AD_URL) { + const adConfig = { + url: process.env.AD_URL, + baseDN: process.env.AD_BASEDN, + username: process.env.AD_USERNAME, + password: process.env.AD_PASSOWRD, + }; + const ad = new AD(adConfig); + try { + const res = await ad.authenticate(login, password); + if (!res) { + return { error: 'Login failed' }; + } + if ( + process.env.AD_ALLOWED_LOGINS && + !process.env.AD_ALLOWED_LOGINS.split(',').find(x => x.toLowerCase().trim() == login.toLowerCase().trim()) + ) { + return { error: `Username ${login} not allowed to log in` }; + } + return { + accessToken: jwt.sign({ login }, tokenSecret, { expiresIn: getTokenLifetime() }), + }; + } catch (err) { + console.log('Failed active directory authentization', err.message); + return { + error: err.message, + }; + } + } + + const logins = getLogins(); + if (!logins) { + return { error: 'Logins not configured' }; + } + if (logins.find(x => x.login == login)?.password == password) { + return { + accessToken: jwt.sign({ login }, tokenSecret, { expiresIn: getTokenLifetime() }), + }; + } + return { error: 'Invalid credentials' }; + }, + + authMiddleware, + shouldAuthorizeApi, +}; diff --git a/packages/api/src/controllers/config.js b/packages/api/src/controllers/config.js index 34e3e3c8b..dbfe6ef05 100644 --- a/packages/api/src/controllers/config.js +++ b/packages/api/src/controllers/config.js @@ -28,7 +28,7 @@ module.exports = { get_meta: true, async get(_params, req) { const logins = getLogins(); - const login = logins ? logins.find(x => x.login == (req.auth && req.auth.user)) : null; + const login = req.user ? req.user.login : logins ? logins.find(x => x.login == (req.auth && req.auth.user)) : null; const permissions = login ? login.permissions : process.env.PERMISSIONS; return { @@ -40,6 +40,9 @@ module.exports = { isDocker: platformInfo.isDocker, permissions, login, + oauth: process.env.OAUTH_AUTH, + oauthLogout: process.env.OAUTH_LOGOUT, + isLoginForm: !!process.env.AD_URL || (!!logins && !process.env.BASIC_AUTH), ...currentVersion, }; }, diff --git a/packages/api/src/main.js b/packages/api/src/main.js index eec93c02a..2edf4ca8b 100644 --- a/packages/api/src/main.js +++ b/packages/api/src/main.js @@ -20,6 +20,7 @@ const jsldata = require('./controllers/jsldata'); const config = require('./controllers/config'); const archive = require('./controllers/archive'); const apps = require('./controllers/apps'); +const auth = require('./controllers/auth'); const uploads = require('./controllers/uploads'); const plugins = require('./controllers/plugins'); const files = require('./controllers/files'); @@ -41,7 +42,7 @@ function start() { const server = http.createServer(app); const logins = getLogins(); - if (logins) { + if (logins && process.env.BASIC_AUTH) { app.use( basicAuth({ users: _.fromPairs(logins.map(x => [x.login, x.password])), @@ -53,6 +54,10 @@ function start() { app.use(cors()); + if (auth.shouldAuthorizeApi()) { + app.use(auth.authMiddleware); + } + app.get(getExpressPath('/stream'), async function (req, res) { res.set({ 'Cache-Control': 'no-cache', @@ -157,6 +162,7 @@ function useAllControllers(app, electron) { useController(app, electron, '/scheduler', scheduler); useController(app, electron, '/query-history', queryHistory); useController(app, electron, '/apps', apps); + useController(app, electron, '/auth', auth); } function setElectronSender(electronSender) { diff --git a/packages/web/src/App.svelte b/packages/web/src/App.svelte index 6938737e8..c8fd1ad07 100644 --- a/packages/web/src/App.svelte +++ b/packages/web/src/App.svelte @@ -20,6 +20,7 @@ import getElectron from './utility/getElectron'; import AppStartInfo from './widgets/AppStartInfo.svelte'; import SettingsListener from './utility/SettingsListener.svelte'; + import { handleAuthOnStartup, handleOauthCallback } from './clientAuth'; let loadedApi = false; let loadedPlugins = false; @@ -33,9 +34,11 @@ try { // console.log('************** LOADING API'); + const config = await getConfig(); + await handleAuthOnStartup(config); + const connections = await apiCall('connections/list'); const settings = await getSettings(); - const config = await getConfig(); const apps = await getUsedApps(); loadedApi = settings && connections && config && apps; diff --git a/packages/web/src/LoginPage.svelte b/packages/web/src/LoginPage.svelte new file mode 100644 index 000000000..689441750 --- /dev/null +++ b/packages/web/src/LoginPage.svelte @@ -0,0 +1,115 @@ + + +
+
DbGate
+
+ +
+
Log In
+ + + + +
+ { + enableApi(); + const resp = await apiCall('auth/login', e.detail); + if (resp.error) { + internalRedirectTo(`/?page=not-logged&error=${encodeURIComponent(resp.error)}`); + return; + } + const { accessToken } = resp; + if (accessToken) { + localStorage.setItem('accessToken', accessToken); + internalRedirectTo('/'); + return; + } + internalRedirectTo(`/?page=not-logged`); + }} + /> +
+ +
+
+
+ + diff --git a/packages/web/src/NotLoggedPage.svelte b/packages/web/src/NotLoggedPage.svelte new file mode 100644 index 000000000..0dad204f0 --- /dev/null +++ b/packages/web/src/NotLoggedPage.svelte @@ -0,0 +1,52 @@ + + +
+
Sorry, you are not authorized to run DbGate
+ {#if error} +
{error}
+ {/if} + +
+ + +
+
+ + diff --git a/packages/web/src/clientAuth.ts b/packages/web/src/clientAuth.ts new file mode 100644 index 000000000..8d72a697a --- /dev/null +++ b/packages/web/src/clientAuth.ts @@ -0,0 +1,107 @@ +import { apiCall, enableApi } from './utility/api'; +import { getConfig } from './utility/metadataLoaders'; + +export function isOauthCallback() { + const params = new URLSearchParams(location.search); + const sentCode = params.get('code'); + const sentState = params.get('state'); + + return ( + sentCode && sentState && sentState.startsWith('dbg-oauth:') && sentState == sessionStorage.getItem('oauthState') + ); +} + +export function handleOauthCallback() { + const params = new URLSearchParams(location.search); + const sentCode = params.get('code'); + + if (isOauthCallback()) { + sessionStorage.removeItem('oauthState'); + apiCall('auth/oauth-token', { + code: sentCode, + redirectUri: location.origin + location.pathname, + }).then(authResp => { + const { accessToken, error, errorMessage } = authResp; + + if (accessToken) { + console.log('Settings access token from OAUTH'); + localStorage.setItem('accessToken', accessToken); + internalRedirectTo('/'); + } else { + console.log('Error when processing OAUTH callback', error || errorMessage); + internalRedirectTo(`/?page=not-logged&error=${error || errorMessage}`); + } + }); + + return true; + } + + return false; +} + +export async function handleAuthOnStartup(config) { + if (config.oauth) { + console.log('OAUTH callback URL:', location.origin + location.pathname); + } + if (config.oauth || config.isLoginForm) { + if (localStorage.getItem('accessToken')) { + return; + } + + redirectToLogin(config); + } +} + +export async function redirectToLogin(config = null, force = false) { + if (!config) { + enableApi(); + config = await getConfig(); + } + + if (config.isLoginForm) { + if (!force) { + const params = new URLSearchParams(location.search); + if (params.get('page') == 'login' || params.get('page') == 'not-logged') { + return; + } + } + internalRedirectTo('/?page=login'); + return; + } + + if (config.oauth) { + const state = `dbg-oauth:${Math.random().toString().substr(2)}`; + sessionStorage.setItem('oauthState', state); + console.log('Redirecting to OAUTH provider'); + location.replace( + `${config.oauth}?client_id=dbgate&response_type=code&redirect_uri=${encodeURIComponent( + location.origin + location.pathname + )}&state=${encodeURIComponent(state)}` + ); + return; + } +} + +export function internalRedirectTo(path) { + const index = location.pathname.lastIndexOf('/'); + const newPath = index >= 0 ? location.pathname.substring(0, index) + path : path; + location.replace(newPath); +} + +export async function doLogout() { + enableApi(); + const config = await getConfig(); + if (config.oauth) { + localStorage.removeItem('accessToken'); + if (config.oauthLogout) { + window.location.href = config.oauthLogout; + } else { + internalRedirectTo('/?page=not-logged'); + } + } else if (config.isLoginForm) { + localStorage.removeItem('accessToken'); + internalRedirectTo('/?page=not-logged'); + } else { + window.location.href = 'config/logout'; + } +} diff --git a/packages/web/src/commands/stdCommands.ts b/packages/web/src/commands/stdCommands.ts index b0260cce5..6a0b7f054 100644 --- a/packages/web/src/commands/stdCommands.ts +++ b/packages/web/src/commands/stdCommands.ts @@ -36,6 +36,7 @@ import runCommand from './runCommand'; import { openWebLink } from '../utility/exportFileTools'; import { getSettings } from '../utility/metadataLoaders'; import { isMac } from '../utility/common'; +import { doLogout, internalRedirectTo } from '../clientAuth'; // function themeCommand(theme: ThemeDefinition) { // return { @@ -548,9 +549,7 @@ registerCommand({ category: 'App', name: 'Logout', testEnabled: () => getCurrentConfig()?.login != null, - onClick: () => { - window.location.href = 'config/logout'; - }, + onClick: doLogout, }); export function registerFileCommands({ diff --git a/packages/web/src/forms/TextField.svelte b/packages/web/src/forms/TextField.svelte index 55f9a3506..e373dce94 100644 --- a/packages/web/src/forms/TextField.svelte +++ b/packages/web/src/forms/TextField.svelte @@ -4,6 +4,7 @@ export let value; export let focused = false; export let domEditor = undefined; + export let autocomplete = 'new-password'; if (focused) onMount(() => domEditor.focus()); @@ -17,5 +18,5 @@ on:click bind:this={domEditor} on:keydown - autocomplete="new-password" + {autocomplete} /> diff --git a/packages/web/src/main.ts b/packages/web/src/main.ts index 2a72600c5..2bfcb4749 100644 --- a/packages/web/src/main.ts +++ b/packages/web/src/main.ts @@ -3,14 +3,41 @@ import './utility/connectionsPinger'; import './utility/changeCurrentDbByTab'; import './commands/stdCommands'; import localStorageGarbageCollector from './utility/localStorageGarbageCollector'; +import { handleOauthCallback } from './clientAuth'; +import LoginPage from './LoginPage.svelte'; +import NotLoggedPage from './NotLoggedPage.svelte'; + +const isOauthCallback = handleOauthCallback(); + +const params = new URLSearchParams(location.search); +const page = params.get('page'); localStorageGarbageCollector(); -const app = new App({ - target: document.body, - props: {}, -}); +function createApp() { + if (isOauthCallback) { + return null; + } -// const app = null; + switch (page) { + case 'login': + return new LoginPage({ + target: document.body, + props: {}, + }); + case 'not-logged': + return new NotLoggedPage({ + target: document.body, + props: {}, + }); + } + + return new App({ + target: document.body, + props: {}, + }); +} + +const app = createApp(); export default app; diff --git a/packages/web/src/utility/api.ts b/packages/web/src/utility/api.ts index c4f6694b1..e55c839c5 100644 --- a/packages/web/src/utility/api.ts +++ b/packages/web/src/utility/api.ts @@ -4,10 +4,21 @@ import { writable } from 'svelte/store'; import getElectron from './getElectron'; // import socket from './socket'; import { showSnackbarError } from '../utility/snackbar'; +import { isOauthCallback, redirectToLogin } from '../clientAuth'; let eventSource; let apiLogging = false; // let cacheCleanerRegistered; +let apiDisabled = false; +const disabledOnOauth = isOauthCallback(); + +export function disableApi() { + apiDisabled = true; +} + +export function enableApi() { + apiDisabled = false; +} function wantEventSource() { if (!eventSource) { @@ -17,9 +28,9 @@ function wantEventSource() { } function processApiResponse(route, args, resp) { - if (apiLogging) { - console.log('<<< API RESPONSE', route, args, resp); - } + // if (apiLogging) { + // console.log('<<< API RESPONSE', route, args, resp); + // } if (resp?.apiErrorMessage) { showSnackbarError('API error:' + resp?.apiErrorMessage); @@ -35,6 +46,14 @@ export async function apiCall(route: string, args: {} = undefined) { if (apiLogging) { console.log('>>> API CALL', route, args); } + if (apiDisabled) { + console.log('API disabled!!', route); + return; + } + if (disabledOnOauth && route != 'auth/oauth-token') { + console.log('API disabled because oauth callback!!', route); + return; + } const electron = getElectron(); if (electron) { @@ -51,6 +70,18 @@ export async function apiCall(route: string, args: {} = undefined) { body: JSON.stringify(args), }); + if (resp.status == 401 && !apiDisabled) { + const params = new URLSearchParams(location.search); + + disableApi(); + console.log('Disabling API', route); + if (params.get('page') != 'login' && params.get('page') != 'not-logged') { + // unauthorized + redirectToLogin(); + } + return; + } + const json = await resp.json(); return processApiResponse(route, args, json); } diff --git a/packages/web/src/utility/resolveApi.ts b/packages/web/src/utility/resolveApi.ts index e15506e6b..f2c00b555 100644 --- a/packages/web/src/utility/resolveApi.ts +++ b/packages/web/src/utility/resolveApi.ts @@ -15,5 +15,10 @@ export default function resolveApi() { export function resolveApiHeaders() { const electron = getElectron(); - return {}; + const res = {}; + const accessToken = localStorage.getItem('accessToken'); + if (accessToken) { + res['Authorization'] = `Bearer ${accessToken}`; + } + return res; } diff --git a/yarn.lock b/yarn.lock index f5a01b77e..ccb5e7f07 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1701,6 +1701,11 @@ abbrev@1: resolved "https://registry.yarnpkg.com/abbrev/-/abbrev-1.1.1.tgz#f8f2c887ad10bf67f634f005b6987fed3179aac8" integrity sha512-nne9/IiQ/hzIhY6pdDnbBtz7DjPTKrY00P/zvPSm5pOFkl6xuGrGnXn/VtTNNfNtAfZ9/1RtehkszU9qcTii0Q== +abstract-logging@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/abstract-logging/-/abstract-logging-2.0.1.tgz#6b0c371df212db7129b57d2e7fcf282b8bf1c839" + integrity sha512-2BjRTZxTPvheOvGbBslFSYOUkr+SjPtOnrLP33f+VIWLzezQpZcqVg7ja3L4dBXmzzgwT+a029jRx5PCi3JuiA== + accepts@~1.3.8: version "1.3.8" resolved "https://registry.yarnpkg.com/accepts/-/accepts-1.3.8.tgz#0bf0be125b67014adcb0b0921e62db7bffe16b2e" @@ -1765,6 +1770,16 @@ acorn@^8.2.4, acorn@^8.5.0: resolved "https://registry.yarnpkg.com/acorn/-/acorn-8.8.0.tgz#88c0187620435c7f6015803f5539dae05a9dbea8" integrity sha512-QOxyigPVrpZ2GXT+PFyZTl6TtOFc5egxHIP9IlQ+RbupQuX4RkT/Bee4/kQuC02Xkzg84JcT7oLYtDIQxp+v7w== +activedirectory2@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/activedirectory2/-/activedirectory2-2.1.0.tgz#4293f72ade8ff36e9199cf5fa5cae3818bdb947a" + integrity sha512-HaccG+/mf5NpHL1mAcLzXed4+gGlO6l7mkBi8vNIo6sTJvLoJjHgvJg12F4cy5CNcRqvPS48++s5tfdSiafn4Q== + dependencies: + abstract-logging "^2.0.0" + async "^3.1.0" + ldapjs "^2.1.0" + merge-options "^2.0.0" + adler-32@~1.2.0: version "1.2.0" resolved "https://registry.yarnpkg.com/adler-32/-/adler-32-1.2.0.tgz#6a3e6bf0a63900ba15652808cb15c6813d1a5f25" @@ -2058,7 +2073,7 @@ async@^2.6.2: dependencies: lodash "^4.17.14" -async@^3.2.0, async@^3.2.3: +async@^3.1.0, async@^3.2.0, async@^3.2.3: version "3.2.4" resolved "https://registry.yarnpkg.com/async/-/async-3.2.4.tgz#2d22e00f8cddeb5fde5dd33522b56d1cf569a81c" integrity sha512-iAB+JbDEGXhyIUavoDl9WP/Jj106Kz9DEn1DPgYw5ruDn0e3Wgi3sKFm55sASdGBNOQB8F59d9qQ7deqrHA8wQ== @@ -2225,6 +2240,13 @@ babel-preset-jest@^28.1.3: babel-plugin-jest-hoist "^28.1.3" babel-preset-current-node-syntax "^1.0.0" +backoff@^2.5.0: + version "2.5.0" + resolved "https://registry.yarnpkg.com/backoff/-/backoff-2.5.0.tgz#f616eda9d3e4b66b8ca7fca79f695722c5f8e26f" + integrity sha512-wC5ihrnUXmR2douXmXLCe5O3zg3GKIyvRi/hi58a/XyRxVI+3/yM0PYueQOZXPXQ9pxBislYkw+sF9b7C/RuMA== + dependencies: + precond "0.2" + balanced-match@^1.0.0: version "1.0.2" resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.2.tgz#e83e3a7e3f300b34cb9d87f615fa0cbf357690ee" @@ -5416,6 +5438,11 @@ is-plain-obj@^1.1.0: resolved "https://registry.yarnpkg.com/is-plain-obj/-/is-plain-obj-1.1.0.tgz#71a50c8429dfca773c92a390a4a03b39fcd51d3e" integrity sha512-yvkRyxmFKEOQ4pNXCmJG5AEQNlXJS5LaONXo5/cLdTZdWvsZ1ioJEonLGAosKlMWE8lwUy/bJzMjcw8az73+Fg== +is-plain-obj@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/is-plain-obj/-/is-plain-obj-2.1.0.tgz#45e42e37fccf1f40da8e5f76ee21515840c09287" + integrity sha512-YWnfyRwxL/+SsrWYfOpUtz5b3YD+nyfkHvjbcanzk8zgyO4ASD67uVMRt8k5bM4lLMDnXfriRhOpemw+NfT1eA== + is-plain-object@^2.0.3, is-plain-object@^2.0.4: version "2.0.4" resolved "https://registry.yarnpkg.com/is-plain-object/-/is-plain-object-2.0.4.tgz#2c163b3fafb1b606d9d17928f05c2a1c38e07677" @@ -7044,6 +7071,27 @@ kleur@^3.0.0, kleur@^3.0.3: resolved "https://registry.yarnpkg.com/kleur/-/kleur-3.0.3.tgz#a79c9ecc86ee1ce3fa6206d1216c501f147fc07e" integrity sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w== +ldap-filter@^0.3.3: + version "0.3.3" + resolved "https://registry.yarnpkg.com/ldap-filter/-/ldap-filter-0.3.3.tgz#2b14c68a2a9d4104dbdbc910a1ca85fd189e9797" + integrity sha512-/tFkx5WIn4HuO+6w9lsfxq4FN3O+fDZeO9Mek8dCD8rTUpqzRa766BOBO7BcGkn3X86m5+cBm1/2S/Shzz7gMg== + dependencies: + assert-plus "^1.0.0" + +ldapjs@^2.1.0: + version "2.3.3" + resolved "https://registry.yarnpkg.com/ldapjs/-/ldapjs-2.3.3.tgz#06c317d3cbb5ac42fbba741e1a8b130ffcf997ab" + integrity sha512-75QiiLJV/PQqtpH+HGls44dXweviFwQ6SiIK27EqzKQ5jU/7UFrl2E5nLdQ3IYRBzJ/AVFJI66u0MZ0uofKYwg== + dependencies: + abstract-logging "^2.0.0" + asn1 "^0.2.4" + assert-plus "^1.0.0" + backoff "^2.5.0" + ldap-filter "^0.3.3" + once "^1.4.0" + vasync "^2.2.0" + verror "^1.8.1" + leaflet@^1.8.0: version "1.8.0" resolved "https://registry.yarnpkg.com/leaflet/-/leaflet-1.8.0.tgz#4615db4a22a304e8e692cae9270b983b38a2055e" @@ -7398,6 +7446,13 @@ merge-descriptors@1.0.1: resolved "https://registry.yarnpkg.com/merge-descriptors/-/merge-descriptors-1.0.1.tgz#b00aaa556dd8b44568150ec9d1b953f3f90cbb61" integrity sha512-cCi6g3/Zr1iqQi6ySbseM1Xvooa98N0w31jzUYrXPX2xqObmFGHJ0tQ5u74H3mVh7wLouTseZyYIq39g8cNp1w== +merge-options@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/merge-options/-/merge-options-2.0.0.tgz#36ca5038badfc3974dbde5e58ba89d3df80882c3" + integrity sha512-S7xYIeWHl2ZUKF7SDeBhGg6rfv5bKxVBdk95s/I7wVF8d+hjLSztJ/B271cnUiF6CAFduEQ5Zn3HYwAjT16DlQ== + dependencies: + is-plain-obj "^2.0.0" + merge-stream@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/merge-stream/-/merge-stream-2.0.0.tgz#52823629a14dd00c9770fb6ad47dc6310f2c1f60" @@ -8623,6 +8678,11 @@ prebuild-install@^7.0.1, prebuild-install@^7.1.0, prebuild-install@^7.1.1: tar-fs "^2.0.0" tunnel-agent "^0.6.0" +precond@0.2: + version "0.2.3" + resolved "https://registry.yarnpkg.com/precond/-/precond-0.2.3.tgz#aa9591bcaa24923f1e0f4849d240f47efc1075ac" + integrity sha512-QCYG84SgGyGzqJ/vlMsxeXd/pgL/I94ixdNFyh1PusWmTCyVfPJjZ1K1jvHtsbfnXQs2TSkEP2fR7QiMZAnKFQ== + prelude-ls@~1.1.2: version "1.1.2" resolved "https://registry.yarnpkg.com/prelude-ls/-/prelude-ls-1.1.2.tgz#21932a549f5e52ffd9a827f570e04be62a97da54" @@ -10864,6 +10924,13 @@ vary@^1, vary@~1.1.2: resolved "https://registry.yarnpkg.com/vary/-/vary-1.1.2.tgz#2299f02c6ded30d4a5961b0b9f74524a18f634fc" integrity sha512-BNGbWLfd0eUPabhkXUVm0j8uuvREyTh5ovRa/dyow/BqAbZJyC+5fU+IzQOzmAKzYqYRAISoRhdQr3eIZ/PXqg== +vasync@^2.2.0: + version "2.2.1" + resolved "https://registry.yarnpkg.com/vasync/-/vasync-2.2.1.tgz#d881379ff3685e4affa8e775cf0fd369262a201b" + integrity sha512-Hq72JaTpcTFdWiNA4Y22Amej2GH3BFmBaKPPlDZ4/oC8HNn2ISHLkFrJU4Ds8R3jcUi7oo5Y9jcMHKjES+N9wQ== + dependencies: + verror "1.10.0" + verror@1.10.0: version "1.10.0" resolved "https://registry.yarnpkg.com/verror/-/verror-1.10.0.tgz#3a105ca17053af55d6e270c1f8288682e18da400" @@ -10873,6 +10940,15 @@ verror@1.10.0: core-util-is "1.0.2" extsprintf "^1.2.0" +verror@^1.8.1: + version "1.10.1" + resolved "https://registry.yarnpkg.com/verror/-/verror-1.10.1.tgz#4bf09eeccf4563b109ed4b3d458380c972b0cdeb" + integrity sha512-veufcmxri4e3XSrT0xwfUR7kguIkaxBeosDg00yDWhk49wdwkSUrvvsm7nc75e1PUyvIeZj6nS8VQRYz2/S4Xg== + dependencies: + assert-plus "^1.0.0" + core-util-is "1.0.2" + extsprintf "^1.2.0" + vm-browserify@^1.0.1: version "1.1.2" resolved "https://registry.yarnpkg.com/vm-browserify/-/vm-browserify-1.1.2.tgz#78641c488b8e6ca91a75f511e7a3b32a86e5dda0"