using System.DirectoryServices.Protocols; namespace LdapLoginLib { public class LoginLib { private const string _ldapServer = "10.31.3.13"; private const int _ldapPort = 389; private const string _ldapDn = "ou=People,o=unal.edu.co"; //uid=pdocente, //string ldapPassword = "TJBjzn64"; public static bool Login(string uid, string password, string ldapDn = _ldapDn) { using (LdapConnection ldapConnection = new($"{_ldapServer}:{_ldapPort}")) { try { string ldapUserDn = $"uid={uid},{_ldapDn}"; // Set LDAP connection options ldapConnection.SessionOptions.SecureSocketLayer = false; ldapConnection.AuthType = AuthType.Basic; ldapConnection.Credential = new System.Net.NetworkCredential(ldapUserDn, password); // Attempt to bind (authenticate) the user ldapConnection.Bind(); return _userIsActive(ldapConnection, ldapUserDn); } catch (LdapException ldapEx) { //Console.WriteLine($"Authentication failed: {ldapEx.Message}"); throw new Exception(_getErrorMessage(ldapEx.ErrorCode, ldapEx.Message)); } catch (Exception ex) { //Console.WriteLine($"An error occurred: {ex.Message}"); throw new Exception($"Ocurrió un error: {ex.Message}"); } } } private static bool _userIsActive(LdapConnection ldapConnection, string ldapUserDn) { //ldapUserDn = $"uid=acbuitragoc,{_ldapDn}"; SearchRequest searchRequest = new( ldapUserDn, "(objectClass=*)", SearchScope.Base, "InetUserStatus" ); SearchResponse searchResponse = (SearchResponse)ldapConnection.SendRequest(searchRequest); if (searchResponse.Entries.Count > 0) { SearchResultEntry entry = searchResponse.Entries[0]; string? inetUserStatus = entry.Attributes["inetUserStatus"][0].ToString(); if (inetUserStatus != null) { return inetUserStatus.ToLower().Trim() == "active" ? true : false; } throw new Exception(); } else { throw new Exception($"Usuario o atributo no encontrado."); } } private static LdapUser _getUserData(LdapConnection ldapConnection, string ldapUserDn, string[] attributesToReturn) { return new LdapUser(); //SearchRequest searchRequest = new( // searchBase, // ldapFilter, // SearchScope.Subtree, // attributesToReturn //); //SearchResponse searchResponse = (SearchResponse)ldapConnection.SendRequest(searchRequest); //if (searchResponse != null && searchResponse.Entries.Count > 0) //{ // SearchResultEntry entry = searchResponse.Entries[0]; // // Access and process user attributes here // foreach (DirectoryAttribute attribute in entry.Attributes.Values) // { // string attributeName = attribute.Name; // string[] attributeValues = (string[])attribute.GetValues(typeof(string)); // // Process or display attribute values as needed // Console.WriteLine($"{attributeName}: {string.Join(", ", attributeValues)}"); // } //} //else //{ // throw new Exception($"Usuario o atributos no encontrados."); //} } private static string _getErrorMessage(int errorCode, string errorMessage) { // Map LDAP error codes to error messages switch (errorCode) { case 49: return "Error de credenciales: nombre de usuario o contraseña incorrectos"; case 52: return "Error de autenticación: cuenta está deshabilitada"; case 81: return "Error de servidor: no disponible"; default: return errorMessage; } } } }