CristianAFQ/Apigateway
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Ldap login v1

Browse Source
This commit is contained in:
Luis Martinez 2023-12-22 16:08:50 -05:00
parent 326e052100
commit f1777c7d96
4 changed files with 262 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
Auth/Properties/launchSettings.json Normal file
View File

@ -0,0 +1,12 @@
{
"profiles": {
"Auth": {
"commandName": "Project",
"launchBrowser": true,
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
},
"applicationUrl": "https://localhost:58174;http://localhost:58175"
}
}
}

14
LdapLoginLib/LdapLoginLib.csproj Normal file
View File

@ -0,0 +1,14 @@
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<TargetFramework>net6.0</TargetFramework>
<ImplicitUsings>enable</ImplicitUsings>
<Nullable>enable</Nullable>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Serilog" Version="3.0.1" />
<PackageReference Include="System.DirectoryServices.Protocols" Version="6.0.1" />
</ItemGroup>
</Project>

103
LdapLoginLib/LdapUser.cs Normal file
View File

@ -0,0 +1,103 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace LdapLoginLib
{
public class LdapUser
{
/// <summary>
/// The unique identifier for the user (mandatory).
/// Example: "jdoe"
/// </summary>
public string Uid { get; set; }
/// <summary>
/// The common name of the user.
/// Example: "John Doe"
/// </summary>
public string? Cn { get; set; }
/// <summary>
/// The user's given name.
/// Example: "John"
/// </summary>
public string? GivenName { get; set; }
/// <summary>
/// The user's surname.
/// Example: "Doe"
/// </summary>
public string? Sn { get; set; }
/// <summary>
/// The user's email address.
/// Example: "jdoe@example.com"
/// </summary>
public string? Mail { get; set; }
/// <summary>
/// The status of the user's internet account.
/// Example: "Active"
/// </summary>
public string? InetUserStatus { get; set; }
/// <summary>
/// The organization the user belongs to.
/// Example: "Acme Inc.", currently "Sede"
/// </summary>
public string? O { get; set; }
/// <summary>
/// The status of the user's account as boolean.
/// Example: true or false
/// </summary>
public bool? IsActive { get; set; } = null;
}
/********************************************
* *
* Discared / not in used *
* *
********************************************
/// <summary>
/// The user's password.
/// Example: "P@ssw0rd"
/// </summary>
public string? UserPassword { get; set; }
/// <summary>
/// The type of employee (e.g., full-time, part-time).
/// Example: "Full-Time", currently numbers
/// </summary>
public string? EmployeeType { get; set; }
/// <summary>
/// The business category of the user.
/// Example: "Sales"
/// </summary>
public string? BusinessCategory { get; set; }
/// <summary>
/// The employee's unique identification number.
/// Example: "E12345"
/// </summary>
public string? EmployeeNumber { get; set; }
/// <summary>
/// The license information for the user.
/// Example: "Licensed for Software X, Y, and Z"
/// </summary>
public string? NsLicensedFor { get; set; }
********************************************
* *
********************************************/
}

133
LdapLoginLib/LoginLib.cs Normal file
View File

@ -0,0 +1,133 @@
using System.DirectoryServices.Protocols;
namespace LdapLoginLib
{
public class LoginLib
{
private const string _ldapServer = "10.31.3.13";
private const int _ldapPort = 389;
private const string _ldapDn = "ou=People,o=unal.edu.co"; //uid=pdocente,
//string ldapPassword = "TJBjzn64";
public static bool Login(string uid, string password, string ldapDn = _ldapDn)
{
using (LdapConnection ldapConnection = new($"{_ldapServer}:{_ldapPort}"))
{
try
{
string ldapUserDn = $"uid={uid},{_ldapDn}";
// Set LDAP connection options
ldapConnection.SessionOptions.SecureSocketLayer = false;
ldapConnection.AuthType = AuthType.Basic;
ldapConnection.Credential = new System.Net.NetworkCredential(ldapUserDn, password);
// Attempt to bind (authenticate) the user
ldapConnection.Bind();
return _userIsActive(ldapConnection, ldapUserDn);
}
catch (LdapException ldapEx)
{
//Console.WriteLine($"Authentication failed: {ldapEx.Message}");
throw new Exception(_getErrorMessage(ldapEx.ErrorCode, ldapEx.Message));
}
catch (Exception ex)
{
//Console.WriteLine($"An error occurred: {ex.Message}");
throw new Exception($"Ocurrió un error: {ex.Message}");
}
}
}
private static bool _userIsActive(LdapConnection ldapConnection, string ldapUserDn)
{
//ldapUserDn = $"uid=acbuitragoc,{_ldapDn}";
SearchRequest searchRequest = new(
ldapUserDn,
"(objectClass=*)",
SearchScope.Base,
"InetUserStatus"
);
SearchResponse searchResponse = (SearchResponse)ldapConnection.SendRequest(searchRequest);
if (searchResponse.Entries.Count > 0)
{
SearchResultEntry entry = searchResponse.Entries[0];
string? inetUserStatus = entry.Attributes["inetUserStatus"][0].ToString();
if (inetUserStatus != null)
{
return inetUserStatus.ToLower().Trim() == "active" ? true : false;
}
throw new Exception();
}
else
{
throw new Exception($"Usuario o atributo no encontrado.");
}
}
private static LdapUser _getUserData(LdapConnection ldapConnection, string ldapUserDn, string[] attributesToReturn)
{
return new LdapUser();
//SearchRequest searchRequest = new(
// searchBase,
// ldapFilter,
// SearchScope.Subtree,
// attributesToReturn
//);
//SearchResponse searchResponse = (SearchResponse)ldapConnection.SendRequest(searchRequest);
//if (searchResponse != null && searchResponse.Entries.Count > 0)
//{
// SearchResultEntry entry = searchResponse.Entries[0];
// // Access and process user attributes here
// foreach (DirectoryAttribute attribute in entry.Attributes.Values)
// {
// string attributeName = attribute.Name;
// string[] attributeValues = (string[])attribute.GetValues(typeof(string));
// // Process or display attribute values as needed
// Console.WriteLine($"{attributeName}: {string.Join(", ", attributeValues)}");
// }
//}
//else
//{
// throw new Exception($"Usuario o atributos no encontrados.");
//}
}
private static string _getErrorMessage(int errorCode, string errorMessage)
{
// Map LDAP error codes to error messages
switch (errorCode)
{
case 49:
return "Error de credenciales: nombre de usuario o contraseña incorrectos";
case 52:
return "Error de autenticación: cuenta está deshabilitada";
case 81:
return "Error de servidor: no disponible";
default:
return errorMessage;
}
}
}
}