-
Notifications
You must be signed in to change notification settings - Fork 94
Workaround for broken LDAP authentication
Jorge Alberto Díaz Orozco edited this page Mar 9, 2019
·
1 revision
by Klaws--
Yes, authentication over the REST API fails when Rocket.chat is configured to use LDAP. Link to the main issue:
Obviously, this is not an issue for this project, but since the bug fixing at Rocket.chat moves with glacial speed, a workaround would be nice.
To get REST API LDAP authentication to work, I subclasses RocketChat with a new subclass, RocketChatLDAP, which uses some undocumented parameters. Naturally, this RocketChatLDAP class can only be used when LDAP authentication is in use.
Here's the code which I used as a fix in my client:
import json
import requests
from rocketchat_API.rocketchat import RocketChat
from rocketchat_API.APIExceptions.RocketExceptions import RocketConnectionException, RocketAuthenticationException, RocketMissingParamException
class RocketChatLDAP(RocketChat):
def login(self, user, password):
login_request = requests.post(self.server_url + self.API_path + 'login',
data=json.dumps({'username': user,
#'password': password,
'ldap': True,
'ldapPass': password,
'ldapOptions': {}}),
verify=self.ssl_verify,
proxies=self.proxies)
if login_request.status_code == 401:
raise RocketAuthenticationException()
if login_request.status_code == 200:
if login_request.json().get('status') == "success":
self.headers['X-Auth-Token'] = login_request.json().get('data').get('authToken')
self.headers['X-User-Id'] = login_request.json().get('data').get('userId')
return login_request
else:
raise RocketAuthenticationException()
else:
raise RocketConnectionException()
rocket = RocketChatLDAP('username', 'password', server_url='https://my.rocket.chat.url', ssl_verify=True)