public virtual void Bind(SaslRequest saslRequest)
{
if (saslRequest == null)
{
throw new ArgumentNullException(nameof(saslRequest));
}
Hashtable saslBindProperties = null;
using (var saslClient = CreateClient(saslRequest.SaslMechanism, saslRequest.AuthorizationId,
DefaultSaslClientFactory.ProtocolLdap, Host,
saslRequest.Credentials, saslBindProperties))
{
if (saslClient == null)
{
throw new ArgumentException("Unsupported Sasl Authentication mechanism: " + saslRequest.SaslMechanism);
}
var constraints = saslRequest.Constraints ?? _defSearchCons;
try
{
var bindProps = new BindProperties(LdapV3, saslRequest.AuthorizationId, "sasl", anonymous: false, bindProperties: saslBindProperties);
var bindSemId = Connection.AcquireWriteSemaphore();
Connection.SetBindSemId(bindSemId);
byte[] clientResponse = null;
if (saslClient.HasInitialResponse)
{
clientResponse = saslClient.EvaluateChallenge(Array.Empty <byte>());
}
while (!saslClient.IsComplete)
{
try
{
var replyBuf = SendLdapSaslBindRequest(clientResponse, saslClient.MechanismName, bindProps, constraints);
if (replyBuf != null)
{
clientResponse = saslClient.EvaluateChallenge(replyBuf);
}
else
{
clientResponse = saslClient.EvaluateChallenge(Array.Empty <byte>());
}
}
catch (Exception ex)
{
throw new LdapException("Unexpected SASL error.", LdapException.Other, null, ex);
}
}
}
catch (Exception e)
{
throw new LdapException(e);
}
}
}
protected BaseSaslClient(SaslRequest saslRequest)
{
if (saslRequest == null)
{
throw new ArgumentNullException(nameof(saslRequest));
}
QualityOfProtection = saslRequest.QualityOfProtection;
ProtectionStrength = saslRequest.ProtectionStrength;
Props = saslRequest.SaslBindProperties; // Clone?
}
public CramMD5Client(SaslRequest saslRequest)
: base(saslRequest)
{
if (string.IsNullOrEmpty(saslRequest.AuthorizationId) || saslRequest.Credentials.IsEmpty())
{
throw new SaslException("Authorization ID and password must be specified");
}
_username = saslRequest.AuthorizationId;
_password = saslRequest.Credentials; // Clone?
}
/// <summary>
/// Internal for Unit-Test purposes only
/// </summary>
internal ISaslClient CreateClient(SaslRequest saslRequest)
{
if (saslRequest == null)
{
throw new ArgumentNullException(nameof(saslRequest));
}
if (_saslClientFactories.TryGetValue(saslRequest.SaslMechanism, out var factory))
{
return(factory.CreateClient(saslRequest));
}
return(DefaultSaslClientFactory.CreateClient(saslRequest));
}
public DigestMD5Client(SaslRequest saslRequest)
: base(saslRequest)
{
if (saslRequest == null)
{
throw new ArgumentNullException(nameof(saslRequest));
}
if (!(saslRequest is SaslDigestMd5Request dr))
{
throw new ArgumentException($"{nameof(saslRequest)} must be of type {nameof(SaslDigestMd5Request)}, but was of type {saslRequest.GetType().Name}");
}
if (string.IsNullOrEmpty(dr.AuthorizationId) || dr.Credentials.IsEmpty())
{
throw new SaslException("Authorization ID and password must be specified");
}
_username = dr.AuthorizationId;
_password = dr.Credentials;
_realm = dr.RealmName;
_host = dr.Host;
}
public PlainClient(SaslRequest saslRequest)
: base(saslRequest)
{
_username = saslRequest.AuthorizationId.ToUtf8Bytes();
_password = saslRequest.Credentials;
}
public ExternalClient(SaslRequest saslRequest)
: base(saslRequest)
{
}
public ISaslClient CreateClient(SaslRequest saslRequest)
{
return(new TestSaslClient(saslRequest?.SaslMechanism));
}