feat: add rejectUnauthorized option

eufebius · eufebius · commit 48d795583829 · 2026-04-01T18:34:32.000+02:00
diff --git a/README.md b/README.md
@@ -19,6 +19,7 @@ auth:
     baseDN: 'dc=sample,dc=local'
     domainSuffix: 'sample.local'
     groupName: 'npmWriters' # optional
+    rejectUnauthorized: true
 ```
 
 Alternatively, if your config.yaml uses multiple security groups, you can provide a yaml sequence:
diff --git a/index.js b/index.js
@@ -14,8 +14,10 @@ function Plugin(config, stuff) {
 Plugin.prototype.authenticate = function(user, password, callback) {
 	var self = this;
 	var username = user + '@' + this._config.domainSuffix;
-	
-	var connection = new ActiveDirectory(_.extend(this._config, { username: username, password: password }));
+
+	var rejectUnauthorized = (typeof self._config.rejectUnauthorized !== 'undefined') ? self._config.rejectUnauthorized : true;
+
+	var connection = new ActiveDirectory(_.extend(this._config, { username: username, password: password, tlsOptions: { rejectUnauthorized: rejectUnauthorized } }));
 	connection.on('error', function(error) {
 		self._logger.warn('Active Directory connection error. Error:', error);
 	});
