🐛 properly escape ldap string

package.json

@@ -9,13 +9,14 @@
     "start": "node ./out/src/app.js",
     "build": "tsc && shx cp ./src/openapi.yaml ./out/src/openapi.yaml",
     "openapi": "npx -y openapi-to-ts -i ./src/openapi.yaml -o ./src/types/sync-models.d.ts",
-    "play": "ts-node playground.ts"    
+    "play": "ts-node playground.ts"
   },
   "author": "",
   "license": "ISC",
   "devDependencies": {
     "@types/express": "^4.17.17",
     "@types/js-yaml": "^4.0.5",
+    "@types/ldap-escape": "^2.0.0",
     "@types/ldapjs": "^2.2.5",
     "@types/swagger-ui-express": "^4.1.3",
     "nodemon": "^2.0.21",
@@ -28,6 +29,7 @@
     "dotenv": "^16.0.3",
     "express": "^4.18.2",
     "js-yaml": "^4.1.0",
+    "ldap-escape": "^2.0.6",
     "ldapjs": "^3.0.1",
     "octokit": "^2.0.14",
     "openapi-backend": "^5.9.1",

src/services/ldapClient.ts

@@ -1,5 +1,6 @@
 import { Config } from "../config";
 import ldap from "ldapjs";
+import ldapEscape from "ldap-escape";
 
 const config = Config()
 
@@ -12,7 +13,7 @@ client.bind(config.LDAP.User, config.LDAP.Password, (err) => {
 });
 
 function SearchAsync(groupName: string): Promise<any> {
-    const component = encodeURIComponent(groupName);
+    const component = ldapEscape.filter`${groupName}`;    
     const ldapSearchString = `(&(objectCategory=user)(memberOf=CN=${component},CN=Users,${config.LDAP.GroupBaseDN}))`
 
     const opts: ldap.SearchOptions = {