CristianAFQ/Apigateway
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

se agrega LDap

Browse Source
This commit is contained in:
Jhonatan Pelaez 2023-10-25 09:05:37 -05:00
parent 0d370da04e
commit 25ca8289cd
6 changed files with 291 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
BackApiGateway.sln
View File

@ -17,6 +17,8 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "MSAdminUsuarios", "Microser
EndProject
Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "IntegradorBE", "Microservicios\IntegradorBE\IntegradorBE.csproj", "{E3B575F9-4A18-43E6-A542-7CC29B086752}"
EndProject
Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "LdapLoginLib", "LdapLoginLib\LdapLoginLib.csproj", "{6E864339-08B2-4C2F-909C-FCF0392E3F6D}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|Any CPU = Debug|Any CPU
@ -39,6 +41,10 @@ Global
{E3B575F9-4A18-43E6-A542-7CC29B086752}.Debug|Any CPU.Build.0 = Debug|Any CPU
{E3B575F9-4A18-43E6-A542-7CC29B086752}.Release|Any CPU.ActiveCfg = Release|Any CPU
{E3B575F9-4A18-43E6-A542-7CC29B086752}.Release|Any CPU.Build.0 = Release|Any CPU
{6E864339-08B2-4C2F-909C-FCF0392E3F6D}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{6E864339-08B2-4C2F-909C-FCF0392E3F6D}.Debug|Any CPU.Build.0 = Debug|Any CPU
{6E864339-08B2-4C2F-909C-FCF0392E3F6D}.Release|Any CPU.ActiveCfg = Release|Any CPU
{6E864339-08B2-4C2F-909C-FCF0392E3F6D}.Release|Any CPU.Build.0 = Release|Any CPU
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
@ -48,6 +54,7 @@ Global
{76522272-9D28-4168-8296-AFC933D22650} = {F491CF9B-9CF8-4F3B-BBD7-A282F7DC1D6D}
{D0B80363-4C96-413F-8C82-48FCF2CD7F57} = {A449A86B-39E4-4EEB-B7C6-B6B12A0CBD2E}
{E3B575F9-4A18-43E6-A542-7CC29B086752} = {A449A86B-39E4-4EEB-B7C6-B6B12A0CBD2E}
{6E864339-08B2-4C2F-909C-FCF0392E3F6D} = {F491CF9B-9CF8-4F3B-BBD7-A282F7DC1D6D}
EndGlobalSection
GlobalSection(ExtensibilityGlobals) = postSolution
SolutionGuid = {EC576D5A-ADE3-40CC-BF55-7E52E6F18AC4}

14
LdapLoginLib/LdapLoginLib.csproj Normal file
View File

@ -0,0 +1,14 @@
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<TargetFramework>net6.0</TargetFramework>
<ImplicitUsings>enable</ImplicitUsings>
<Nullable>enable</Nullable>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Serilog" Version="3.0.1" />
<PackageReference Include="System.DirectoryServices.Protocols" Version="6.0.1" />
</ItemGroup>
</Project>

103
LdapLoginLib/LdapUser.cs Normal file
View File

@ -0,0 +1,103 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace LdapLoginLib
{
public class LdapUser
{
/// <summary>
/// The unique identifier for the user (mandatory).
/// Example: "jdoe"
/// </summary>
public string Uid { get; set; }
/// <summary>
/// The common name of the user.
/// Example: "John Doe"
/// </summary>
public string? Cn { get; set; }
/// <summary>
/// The user's given name.
/// Example: "John"
/// </summary>
public string? GivenName { get; set; }
/// <summary>
/// The user's surname.
/// Example: "Doe"
/// </summary>
public string? Sn { get; set; }
/// <summary>
/// The user's email address.
/// Example: "jdoe@example.com"
/// </summary>
public string? Mail { get; set; }
/// <summary>
/// The status of the user's internet account.
/// Example: "Active"
/// </summary>
public string? InetUserStatus { get; set; }
/// <summary>
/// The organization the user belongs to.
/// Example: "Acme Inc.", currently "Sede"
/// </summary>
public string? O { get; set; }
/// <summary>
/// The status of the user's account as boolean.
/// Example: true or false
/// </summary>
public bool? IsActive { get; set; } = null;
}
/********************************************
* *
* Discared / not in used *
* *
********************************************
/// <summary>
/// The user's password.
/// Example: "P@ssw0rd"
/// </summary>
public string? UserPassword { get; set; }
/// <summary>
/// The type of employee (e.g., full-time, part-time).
/// Example: "Full-Time", currently numbers
/// </summary>
public string? EmployeeType { get; set; }
/// <summary>
/// The business category of the user.
/// Example: "Sales"
/// </summary>
public string? BusinessCategory { get; set; }
/// <summary>
/// The employee's unique identification number.
/// Example: "E12345"
/// </summary>
public string? EmployeeNumber { get; set; }
/// <summary>
/// The license information for the user.
/// Example: "Licensed for Software X, Y, and Z"
/// </summary>
public string? NsLicensedFor { get; set; }
********************************************
* *
********************************************/
}

133
LdapLoginLib/LoginLib.cs Normal file
View File

@ -0,0 +1,133 @@
using System.DirectoryServices.Protocols;
namespace LdapLoginLib
{
public class LoginLib
{
private const string _ldapServer = "10.31.3.13";
private const int _ldapPort = 389;
private const string _ldapDn = "ou=People,o=unal.edu.co"; //uid=pdocente,
//string ldapPassword = "TJBjzn64";
public static bool Login(string uid, string password, string ldapDn = _ldapDn)
{
using (LdapConnection ldapConnection = new($"{_ldapServer}:{_ldapPort}"))
{
try
{
string ldapUserDn = $"uid={uid},{_ldapDn}";
// Set LDAP connection options
ldapConnection.SessionOptions.SecureSocketLayer = false;
ldapConnection.AuthType = AuthType.Basic;
ldapConnection.Credential = new System.Net.NetworkCredential(ldapUserDn, password);
// Attempt to bind (authenticate) the user
ldapConnection.Bind();
return _userIsActive(ldapConnection, ldapUserDn);
}
catch (LdapException ldapEx)
{
//Console.WriteLine($"Authentication failed: {ldapEx.Message}");
throw new Exception(_getErrorMessage(ldapEx.ErrorCode, ldapEx.Message));
}
catch (Exception ex)
{
//Console.WriteLine($"An error occurred: {ex.Message}");
throw new Exception($"Ocurrió un error: {ex.Message}");
}
}
}
private static bool _userIsActive(LdapConnection ldapConnection, string ldapUserDn)
{
//ldapUserDn = $"uid=acbuitragoc,{_ldapDn}";
SearchRequest searchRequest = new(
ldapUserDn,
"(objectClass=*)",
SearchScope.Base,
"InetUserStatus"
);
SearchResponse searchResponse = (SearchResponse)ldapConnection.SendRequest(searchRequest);
if (searchResponse.Entries.Count > 0)
{
SearchResultEntry entry = searchResponse.Entries[0];
string? inetUserStatus = entry.Attributes["inetUserStatus"][0].ToString();
if (inetUserStatus != null)
{
return inetUserStatus.ToLower().Trim() == "active" ? true : false;
}
throw new Exception();
}
else
{
throw new Exception($"Usuario o atributo no encontrado.");
}
}
private static LdapUser _getUserData(LdapConnection ldapConnection, string ldapUserDn, string[] attributesToReturn)
{
return new LdapUser();
//SearchRequest searchRequest = new(
// searchBase,
// ldapFilter,
// SearchScope.Subtree,
// attributesToReturn
//);
//SearchResponse searchResponse = (SearchResponse)ldapConnection.SendRequest(searchRequest);
//if (searchResponse != null && searchResponse.Entries.Count > 0)
//{
// SearchResultEntry entry = searchResponse.Entries[0];
// // Access and process user attributes here
// foreach (DirectoryAttribute attribute in entry.Attributes.Values)
// {
// string attributeName = attribute.Name;
// string[] attributeValues = (string[])attribute.GetValues(typeof(string));
// // Process or display attribute values as needed
// Console.WriteLine($"{attributeName}: {string.Join(", ", attributeValues)}");
// }
//}
//else
//{
// throw new Exception($"Usuario o atributos no encontrados.");
//}
}
private static string _getErrorMessage(int errorCode, string errorMessage)
{
// Map LDAP error codes to error messages
switch (errorCode)
{
case 49:
return "Error de credenciales: nombre de usuario o contraseña incorrectos";
case 52:
return "Error de autenticación: cuenta está deshabilitada";
case 81:
return "Error de servidor: no disponible";
default:
return errorMessage;
}
}
}
}

40
Microservicios/MsUsuarios/Controllers/AuthController.cs
View File

@ -1,6 +1,8 @@
using LdapLoginLib;
using Microsoft.AspNetCore.Mvc;
using Microsoft.IdentityModel.Tokens;
using MSAdminUsuarios.Context;
using Newtonsoft.Json.Linq;
using Security;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
@ -29,16 +31,40 @@ namespace MSAdminUsuarios.Controllers
if (login.TX_LOGINNAME_USUMS == null) return BadRequest("Es necesario ingresar un correo");
if (login.TX_PASSWORD_USUMS == null) return BadRequest("Es necesario ingresar una contrase<73>a");
USUARIO? user = _context.USUARIOSMs.FirstOrDefault(u => u.TX_LOGINNAME_USUMS == login.TX_LOGINNAME_USUMS && u.TX_PASSWORD_USUMS == _encript.EncryptPwd(login.TX_PASSWORD_USUMS));
USUARIO? userldap = _context.USUARIOSMs.FirstOrDefault(u => u.TX_LOGINNAME_USUMS == login.TX_LOGINNAME_USUMS);
if(userldap.BL_VIENELDAP_USUMS == 1)
{
bool boolldap = LoginLib.Login(login.TX_LOGINNAME_USUMS, login.TX_PASSWORD_USUMS);
if( boolldap == true) {
string token = Token(userldap);
return Ok(new
{
token = token,
user = userldap.TX_PKDOC_USUMS
});
}
else
{
return BadRequest();
}
}else if(userldap.BL_VIENELDAP_USUMS != 1)
{
USUARIO? user = _context.USUARIOSMs.FirstOrDefault(u => u.TX_LOGINNAME_USUMS == login.TX_LOGINNAME_USUMS && u.TX_PASSWORD_USUMS == _encript.EncryptPwd(login.TX_PASSWORD_USUMS));
if (user == null) return BadRequest("Usuario o contrase<73>a incorrectos");
if (user == null) return BadRequest("Usuario o contrase<73>a incorrectos");
string token = Token(user);
string token = Token(user);
return Ok(new
{
token = token,
user = user.TX_PKDOC_USUMS
});
}else
{
return BadRequest("Error");
}
return Ok(new {
token = token,
user = user.TX_PKDOC_USUMS
});
} catch (Exception e)
{

1
Microservicios/MsUsuarios/MSAdminUsuarios.csproj
View File

@ -22,6 +22,7 @@
<ItemGroup>
<ProjectReference Include="..\..\Auth\Auth.csproj" />
<ProjectReference Include="..\..\LdapLoginLib\LdapLoginLib.csproj" />
</ItemGroup>
<ItemGroup>