UNPKG

@cdklabs/cdk-amazonmq

Version:

<!--BEGIN STABILITY BANNER-->

github.com/cdklabs/cdk-amazonmq

cdklabs/cdk-amazonmq

51 lines 8.09 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.ActiveMqLdapValidation = void 0; /* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. SPDX-License-Identifier: Apache-2.0 */ const url_1 = require("url"); /** * Validates if provided string is in form required by [Active MQ](https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/security-authentication-authorization.html). */ class ActiveMqLdapValidation { // constructor that accepts the string and property name constructor(props) { this.ActiveMqLdapAuthorization = props.config; this.errors = []; this.ditRegex = /^((CN=([^,]*)),)?((((?:CN|OU)=[^,]+,?)+),)?((DC=[^,]+,?)+)$/im; } validateDit(propertyValue, propertyName) { if (this.ditRegex && !this.ditRegex.test(propertyValue)) { this.errors.push(`Incorrect LDAP directory information tree: '${propertyValue}' at '${propertyName}'. Should match regular expression: ${this.ditRegex}`); } } validateHosts(hosts) { try { // add URI parts (protocol and port) that will be added by the ActiveMQ. hosts.forEach((v) => { const url = new url_1.URL(`ldap://${v}:389`); if (url.hostname !== v || !url.protocol.startsWith("ldap") || url.port !== "389") { this.errors.push(`Invalid host: '${hosts}'. ActiveMQ requires host name without protocol and port. Check https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/security-authentication-authorization.html`); } }); } catch (e) { this.errors.push("Invalid host. ActiveMQ requires host name without protocol and port. Check https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/security-authentication-authorization.html"); } } validate() { this.errors = []; this.validateDit(this.ActiveMqLdapAuthorization.roleBase, "roleBase"); this.validateDit(this.ActiveMqLdapAuthorization.userBase, "userBase"); this.validateDit(this.ActiveMqLdapAuthorization.serviceAccountUsername, "serviceAccountUsername"); this.validateHosts(this.ActiveMqLdapAuthorization.hosts); return this.errors; } } exports.ActiveMqLdapValidation = ActiveMqLdapValidation; //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibGRhcC1tZXRhZGF0YS12YWxpZGF0b3IuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvYWN0aXZlbXEvdmFsaWRhdG9ycy9sZGFwLW1ldGFkYXRhLXZhbGlkYXRvci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQTs7O0VBR0U7QUFDRiw2QkFBMEI7QUFRMUI7O0dBRUc7QUFDSCxNQUFhLHNCQUFzQjtJQUtqQyx3REFBd0Q7SUFDeEQsWUFBWSxLQUFxQztRQUMvQyxJQUFJLENBQUMseUJBQXlCLEdBQUcsS0FBSyxDQUFDLE1BQU0sQ0FBQztRQUM5QyxJQUFJLENBQUMsTUFBTSxHQUFHLEVBQUUsQ0FBQztRQUVqQixJQUFJLENBQUMsUUFBUTtZQUNYLCtEQUErRCxDQUFDO0lBQ3BFLENBQUM7SUFFTyxXQUFXLENBQUMsYUFBcUIsRUFBRSxZQUFvQjtRQUM3RCxJQUFJLElBQUksQ0FBQyxRQUFRLElBQUksQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsRUFBRSxDQUFDO1lBQ3hELElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUNkLCtDQUErQyxhQUFhLFNBQVMsWUFBWSx1Q0FBdUMsSUFBSSxDQUFDLFFBQVEsRUFBRSxDQUN4SSxDQUFDO1FBQ0osQ0FBQztJQUNILENBQUM7SUFFTyxhQUFhLENBQUMsS0FBZTtRQUNuQyxJQUFJLENBQUM7WUFDSCx3RUFBd0U7WUFDeEUsS0FBSyxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsRUFBRSxFQUFFO2dCQUNsQixNQUFNLEdBQUcsR0FBRyxJQUFJLFNBQUcsQ0FBQyxVQUFVLENBQUMsTUFBTSxDQUFDLENBQUM7Z0JBQ3ZDLElBQ0UsR0FBRyxDQUFDLFFBQVEsS0FBSyxDQUFDO29CQUNsQixDQUFDLEdBQUcsQ0FBQyxRQUFRLENBQUMsVUFBVSxDQUFDLE1BQU0sQ0FBQztvQkFDaEMsR0FBRyxDQUFDLElBQUksS0FBSyxLQUFLLEVBQ2xCLENBQUM7b0JBQ0QsSUFBSSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQ2Qsa0JBQWtCLEtBQUsseUtBQXlLLENBQ2pNLENBQUM7Z0JBQ0osQ0FBQztZQUNILENBQUMsQ0FBQyxDQUFDO1FBQ0wsQ0FBQztRQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7WUFDWCxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FDZCxvTEFBb0wsQ0FDckwsQ0FBQztRQUNKLENBQUM7SUFDSCxDQUFDO0lBRU0sUUFBUTtRQUNiLElBQUksQ0FBQyxNQUFNLEdBQUcsRUFBRSxDQUFDO1FBRWpCLElBQUksQ0FBQyxXQUFXLENBQUMsSUFBSSxDQUFDLHlCQUF5QixDQUFDLFFBQVEsRUFBRSxVQUFVLENBQUMsQ0FBQztRQUN0RSxJQUFJLENBQUMsV0FBVyxDQUFDLElBQUksQ0FBQyx5QkFBeUIsQ0FBQyxRQUFRLEVBQUUsVUFBVSxDQUFDLENBQUM7UUFDdEUsSUFBSSxDQUFDLFdBQVcsQ0FDZCxJQUFJLENBQUMseUJBQXlCLENBQUMsc0JBQXNCLEVBQ3JELHdCQUF3QixDQUN6QixDQUFDO1FBRUYsSUFBSSxDQUFDLGFBQWEsQ0FBQyxJQUFJLENBQUMseUJBQXlCLENBQUMsS0FBSyxDQUFDLENBQUM7UUFFekQsT0FBTyxJQUFJLENBQUMsTUFBTSxDQUFDO0lBQ3JCLENBQUM7Q0FDRjtBQTFERCx3REEwREMiLCJzb3VyY2VzQ29udGVudCI6WyIvKlxuQ29weXJpZ2h0IEFtYXpvbi5jb20sIEluYy4gb3IgaXRzIGFmZmlsaWF0ZXMuIEFsbCBSaWdodHMgUmVzZXJ2ZWQuXG5TUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQXBhY2hlLTIuMFxuKi9cbmltcG9ydCB7IFVSTCB9IGZyb20gXCJ1cmxcIjtcbmltcG9ydCB7IENmbkJyb2tlciB9IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtYW1hem9ubXFcIjtcbmltcG9ydCB7IElWYWxpZGF0aW9uIH0gZnJvbSBcImNvbnN0cnVjdHNcIjtcblxuZXhwb3J0IGludGVyZmFjZSBBY3RpdmVNcUxkYXBBdXRob3JpemF0aW9uUHJvcHMge1xuICByZWFkb25seSBjb25maWc6IENmbkJyb2tlci5MZGFwU2VydmVyTWV0YWRhdGFQcm9wZXJ0eTtcbn1cblxuLyoqXG4gKiBWYWxpZGF0ZXMgaWYgcHJvdmlkZWQgc3RyaW5nIGlzIGluIGZvcm0gcmVxdWlyZWQgYnkgW0FjdGl2ZSBNUV0oaHR0cHM6Ly9kb2NzLmF3cy5hbWF6b24uY29tL2FtYXpvbi1tcS9sYXRlc3QvZGV2ZWxvcGVyLWd1aWRlL3NlY3VyaXR5LWF1dGhlbnRpY2F0aW9uLWF1dGhvcml6YXRpb24uaHRtbCkuXG4gKi9cbmV4cG9ydCBjbGFzcyBBY3RpdmVNcUxkYXBWYWxpZGF0aW9uIGltcGxlbWVudHMgSVZhbGlkYXRpb24ge1xuICByZWFkb25seSBBY3RpdmVNcUxkYXBBdXRob3JpemF0aW9uOiBDZm5Ccm9rZXIuTGRhcFNlcnZlck1ldGFkYXRhUHJvcGVydHk7XG4gIHByaXZhdGUgcmVhZG9ubHkgZGl0UmVnZXg/OiBSZWdFeHA7XG4gIGVycm9yczogc3RyaW5nW107XG5cbiAgLy8gY29uc3RydWN0b3IgdGhhdCBhY2NlcHRzIHRoZSBzdHJpbmcgYW5kIHByb3BlcnR5IG5hbWVcbiAgY29uc3RydWN0b3IocHJvcHM6IEFjdGl2ZU1xTGRhcEF1dGhvcml6YXRpb25Qcm9wcykge1xuICAgIHRoaXMuQWN0aXZlTXFMZGFwQXV0aG9yaXphdGlvbiA9IHByb3BzLmNvbmZpZztcbiAgICB0aGlzLmVycm9ycyA9IFtdO1xuXG4gICAgdGhpcy5kaXRSZWdleCA9XG4gICAgICAvXigoQ049KFteLF0qKSksKT8oKCgoPzpDTnxPVSk9W14sXSssPykrKSwpPygoREM9W14sXSssPykrKSQvaW07XG4gIH1cblxuICBwcml2YXRlIHZhbGlkYXRlRGl0KHByb3BlcnR5VmFsdWU6IHN0cmluZywgcHJvcGVydHlOYW1lOiBzdHJpbmcpOiB2b2lkIHtcbiAgICBpZiAodGhpcy5kaXRSZWdleCAmJiAhdGhpcy5kaXRSZWdleC50ZXN0KHByb3BlcnR5VmFsdWUpKSB7XG4gICAgICB0aGlzLmVycm9ycy5wdXNoKFxuICAgICAgICBgSW5jb3JyZWN0IExEQVAgZGlyZWN0b3J5IGluZm9ybWF0aW9uIHRyZWU6ICcke3Byb3BlcnR5VmFsdWV9JyBhdCAnJHtwcm9wZXJ0eU5hbWV9Jy4gU2hvdWxkIG1hdGNoIHJlZ3VsYXIgZXhwcmVzc2lvbjogJHt0aGlzLmRpdFJlZ2V4fWAsXG4gICAgICApO1xuICAgIH1cbiAgfVxuXG4gIHByaXZhdGUgdmFsaWRhdGVIb3N0cyhob3N0czogc3RyaW5nW10pOiB2b2lkIHtcbiAgICB0cnkge1xuICAgICAgLy8gYWRkIFVSSSBwYXJ0cyAocHJvdG9jb2wgYW5kIHBvcnQpIHRoYXQgd2lsbCBiZSBhZGRlZCBieSB0aGUgQWN0aXZlTVEuXG4gICAgICBob3N0cy5mb3JFYWNoKCh2KSA9PiB7XG4gICAgICAgIGNvbnN0IHVybCA9IG5ldyBVUkwoYGxkYXA6Ly8ke3Z9OjM4OWApO1xuICAgICAgICBpZiAoXG4gICAgICAgICAgdXJsLmhvc3RuYW1lICE9PSB2IHx8XG4gICAgICAgICAgIXVybC5wcm90b2NvbC5zdGFydHNXaXRoKFwibGRhcFwiKSB8fFxuICAgICAgICAgIHVybC5wb3J0ICE9PSBcIjM4OVwiXG4gICAgICAgICkge1xuICAgICAgICAgIHRoaXMuZXJyb3JzLnB1c2goXG4gICAgICAgICAgICBgSW52YWxpZCBob3N0OiAnJHtob3N0c30nLiBBY3RpdmVNUSByZXF1aXJlcyBob3N0IG5hbWUgd2l0aG91dCBwcm90b2NvbCBhbmQgcG9ydC4gQ2hlY2sgaHR0cHM6Ly9kb2NzLmF3cy5hbWF6b24uY29tL2FtYXpvbi1tcS9sYXRlc3QvZGV2ZWxvcGVyLWd1aWRlL3NlY3VyaXR5LWF1dGhlbnRpY2F0aW9uLWF1dGhvcml6YXRpb24uaHRtbGAsXG4gICAgICAgICAgKTtcbiAgICAgICAgfVxuICAgICAgfSk7XG4gICAgfSBjYXRjaCAoZSkge1xuICAgICAgdGhpcy5lcnJvcnMucHVzaChcbiAgICAgICAgXCJJbnZhbGlkIGhvc3QuIEFjdGl2ZU1RIHJlcXVpcmVzIGhvc3QgbmFtZSB3aXRob3V0IHByb3RvY29sIGFuZCBwb3J0LiBDaGVjayBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vYW1hem9uLW1xL2xhdGVzdC9kZXZlbG9wZXItZ3VpZGUvc2VjdXJpdHktYXV0aGVudGljYXRpb24tYXV0aG9yaXphdGlvbi5odG1sXCIsXG4gICAgICApO1xuICAgIH1cbiAgfVxuXG4gIHB1YmxpYyB2YWxpZGF0ZSgpOiBzdHJpbmdbXSB7XG4gICAgdGhpcy5lcnJvcnMgPSBbXTtcblxuICAgIHRoaXMudmFsaWRhdGVEaXQodGhpcy5BY3RpdmVNcUxkYXBBdXRob3JpemF0aW9uLnJvbGVCYXNlLCBcInJvbGVCYXNlXCIpO1xuICAgIHRoaXMudmFsaWRhdGVEaXQodGhpcy5BY3RpdmVNcUxkYXBBdXRob3JpemF0aW9uLnVzZXJCYXNlLCBcInVzZXJCYXNlXCIpO1xuICAgIHRoaXMudmFsaWRhdGVEaXQoXG4gICAgICB0aGlzLkFjdGl2ZU1xTGRhcEF1dGhvcml6YXRpb24uc2VydmljZUFjY291bnRVc2VybmFtZSxcbiAgICAgIFwic2VydmljZUFjY291bnRVc2VybmFtZVwiLFxuICAgICk7XG5cbiAgICB0aGlzLnZhbGlkYXRlSG9zdHModGhpcy5BY3RpdmVNcUxkYXBBdXRob3JpemF0aW9uLmhvc3RzKTtcblxuICAgIHJldHVybiB0aGlzLmVycm9ycztcbiAgfVxufVxuIl19