Ldap login v1

2023-12-22 16:08:50 -05:00 · 2023-12-22 16:08:50 -05:00 · f1777c7d96
commit f1777c7d96
parent 326e052100
4 changed files with 262 additions and 0 deletions
--- a/Auth/Properties/launchSettings.json
+++ b/Auth/Properties/launchSettings.json
@ -0,0 +1,12 @@
+{
+  "profiles": {
+    "Auth": {
+      "commandName": "Project",
+      "launchBrowser": true,
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      },
+      "applicationUrl": "https://localhost:58174;http://localhost:58175"
+    }
+  }
+}
--- a/LdapLoginLib/LdapLoginLib.csproj
+++ b/LdapLoginLib/LdapLoginLib.csproj
@ -0,0 +1,14 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <TargetFramework>net6.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="Serilog" Version="3.0.1" />
+    <PackageReference Include="System.DirectoryServices.Protocols" Version="6.0.1" />
+  </ItemGroup>
+
+</Project>
--- a/LdapLoginLib/LdapUser.cs
+++ b/LdapLoginLib/LdapUser.cs
@ -0,0 +1,103 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace LdapLoginLib
+{
+    public class LdapUser
+    {
+        /// <summary>
+        /// The unique identifier for the user (mandatory).
+        /// Example: "jdoe"
+        /// </summary>
+        public string Uid { get; set; }
+
+        /// <summary>
+        /// The common name of the user.
+        /// Example: "John Doe"
+        /// </summary> 
+        public string? Cn { get; set; }
+
+        /// <summary>
+        /// The user's given name.
+        /// Example: "John"
+        /// </summary>
+        public string? GivenName { get; set; }
+
+        /// <summary>
+        /// The user's surname.
+        /// Example: "Doe"
+        /// </summary>
+        public string? Sn { get; set; }
+
+        /// <summary>
+        /// The user's email address.
+        /// Example: "jdoe@example.com"
+        /// </summary>
+        public string? Mail { get; set; }        
+
+        /// <summary>
+        /// The status of the user's internet account.
+        /// Example: "Active"
+        /// </summary>
+        public string? InetUserStatus { get; set; }
+        
+        /// <summary>
+        /// The organization the user belongs to.
+        /// Example: "Acme Inc.", currently "Sede"
+        /// </summary>
+        public string? O { get; set; }
+
+        /// <summary>
+        /// The status of the user's account as boolean.
+        /// Example: true or false
+        /// </summary>
+        public bool? IsActive { get; set; } = null;
+
+    }
+
+
+    /********************************************
+     *                                          * 
+     *          Discared / not in used          *
+     *                                          *
+     ********************************************
+        
+        /// <summary>
+        /// The user's password.
+        /// Example: "P@ssw0rd"
+        /// </summary>
+        public string? UserPassword { get; set; }
+
+        /// <summary>
+        /// The type of employee (e.g., full-time, part-time).
+        /// Example: "Full-Time", currently numbers 
+        /// </summary>
+        public string? EmployeeType { get; set; }
+
+        /// <summary>
+        /// The business category of the user.
+        /// Example: "Sales"
+        /// </summary>
+        public string? BusinessCategory { get; set; }
+
+        /// <summary>
+        /// The employee's unique identification number.
+        /// Example: "E12345"
+        /// </summary>
+        public string? EmployeeNumber { get; set; }        
+
+        /// <summary>
+        /// The license information for the user.
+        /// Example: "Licensed for Software X, Y, and Z"
+        /// </summary>
+        public string? NsLicensedFor { get; set; }
+
+
+    ********************************************
+    *                                          * 
+    ********************************************/
+
+}
--- a/LdapLoginLib/LoginLib.cs
+++ b/LdapLoginLib/LoginLib.cs
@ -0,0 +1,133 @@
+using System.DirectoryServices.Protocols;
+
+namespace LdapLoginLib
+{
+    public class LoginLib
+    {
+        private const string _ldapServer = "10.31.3.13";
+        private const int _ldapPort = 389;
+
+        private const string _ldapDn = "ou=People,o=unal.edu.co"; //uid=pdocente,
+        //string ldapPassword = "TJBjzn64";
+
+        
+
+        public static bool Login(string uid, string password, string ldapDn = _ldapDn)
+        {
+
+            using (LdapConnection ldapConnection = new($"{_ldapServer}:{_ldapPort}"))
+            {
+                try
+                {
+                    string ldapUserDn = $"uid={uid},{_ldapDn}";
+
+                    // Set LDAP connection options
+                    ldapConnection.SessionOptions.SecureSocketLayer = false;
+                    ldapConnection.AuthType = AuthType.Basic;
+                    ldapConnection.Credential = new System.Net.NetworkCredential(ldapUserDn, password);
+
+                    // Attempt to bind (authenticate) the user
+                    ldapConnection.Bind();
+
+                    return _userIsActive(ldapConnection, ldapUserDn);
+                }
+                catch (LdapException ldapEx)
+                {
+                    //Console.WriteLine($"Authentication failed: {ldapEx.Message}");
+                    throw new Exception(_getErrorMessage(ldapEx.ErrorCode, ldapEx.Message));
+                }
+                catch (Exception ex)
+                {
+                    //Console.WriteLine($"An error occurred: {ex.Message}");
+                    throw new Exception($"Ocurrió un error: {ex.Message}");
+                }
+
+            }
+        }
+
+        private static bool _userIsActive(LdapConnection ldapConnection, string ldapUserDn)
+        {
+            //ldapUserDn = $"uid=acbuitragoc,{_ldapDn}";
+            SearchRequest searchRequest = new(
+                        ldapUserDn,
+                        "(objectClass=*)",
+                        SearchScope.Base,
+                        "InetUserStatus"
+                    );
+
+            SearchResponse searchResponse = (SearchResponse)ldapConnection.SendRequest(searchRequest);
+
+            if (searchResponse.Entries.Count > 0)
+            {
+                SearchResultEntry entry = searchResponse.Entries[0];
+
+                string? inetUserStatus = entry.Attributes["inetUserStatus"][0].ToString();
+
+                if (inetUserStatus != null)
+                {
+                    return inetUserStatus.ToLower().Trim() == "active" ? true : false;
+                }
+                throw new Exception();
+            }
+            else
+            {
+                throw new Exception($"Usuario o atributo no encontrado.");
+            }
+        }
+
+
+        private static LdapUser _getUserData(LdapConnection ldapConnection, string ldapUserDn, string[] attributesToReturn)
+        {
+
+            return new LdapUser();
+
+
+            //SearchRequest searchRequest = new(
+            //    searchBase,
+            //    ldapFilter,
+            //    SearchScope.Subtree,
+            //    attributesToReturn
+            //);
+
+            //SearchResponse searchResponse = (SearchResponse)ldapConnection.SendRequest(searchRequest);
+
+
+            //if (searchResponse != null && searchResponse.Entries.Count > 0)
+            //{
+            //    SearchResultEntry entry = searchResponse.Entries[0];
+
+            //    // Access and process user attributes here
+            //    foreach (DirectoryAttribute attribute in entry.Attributes.Values)
+            //    {
+            //        string attributeName = attribute.Name;
+            //        string[] attributeValues = (string[])attribute.GetValues(typeof(string));
+
+            //        // Process or display attribute values as needed
+            //        Console.WriteLine($"{attributeName}: {string.Join(", ", attributeValues)}");
+            //    }
+            //}
+            //else
+            //{
+            //    throw new Exception($"Usuario o atributos no encontrados.");
+            //}
+        }
+
+
+        private static string _getErrorMessage(int errorCode, string errorMessage)
+        {
+            // Map LDAP error codes to error messages
+
+            switch (errorCode)
+            {
+                case 49:
+                    return "Error de credenciales: nombre de usuario o contraseña incorrectos";
+                case 52:
+                    return "Error de autenticación: cuenta está deshabilitada";
+                case 81:
+                    return "Error de servidor: no disponible";
+                default:
+                    return errorMessage;
+            }
+        }
+    }
+}