public override async Task ValidateAsync(ResourceOwnerPasswordValidationContext context) { var user = await _userManager.FindByNameAsync(context.UserName); if (user == default(TUser) && _ldapService.Authenticate(context.UserName, context.Password)) { var ldapUser = _ldapService.GetUserByUserName(context.UserName); if (ldapUser != null) { var newUser = new TUser() { UserName = ldapUser.UserName, Email = ldapUser.Email, EmailConfirmed = true, PhoneNumber = ldapUser.Phone, PhoneNumberConfirmed = true }; var createResult = await _userManager.CreateAsync(newUser, context.Password); if (!createResult.Succeeded) { await _events.RaiseAsync(new UserLoginFailureEvent(context.UserName, string.Join(';', createResult.Errors.SelectMany(r => r.Description)))); } } } await base.ValidateAsync(context); }
public async Task <IActionResult> Signin([FromForm] SignInViewModel model, string returnUrl = null) { this.ViewData["ReturnUrl"] = returnUrl; if (this.ModelState.IsValid) { try { var user = _ldapService.Authenticate(model.UserName, model.Password); if (user != null) { var userClaims = new List <Claim> { new Claim("displayName", user.DisplayName), new Claim("userName", user.UserName) }; var principal = new ClaimsPrincipal(new ClaimsIdentity(userClaims, _ldapService.GetType().Name)); await HttpContext.SignInAsync("app", principal); return(View("HomePage")); } // I added the exclamation mark to make it more dramatic this.TempData["ErrorMessage"] = "The username and/or password are incorrect!"; return(View("ErrorPage")); } catch (Exception ex) { this.TempData["ErrorMessage"] = ex.Message; return(View("ErrorPage")); } } return(View("Views/ErrorPage")); }
public async Task <IActionResult> Login(LoginInputModel model, string button) { // check if we are in the context of an authorization request var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl); // the user clicked the "cancel" button if (button != "login") { if (context != null) { // if the user cancels, send a result back into IdentityServer as if they // denied the consent (even if this client does not require consent). // this will send back an access denied OIDC error response to the client. await _interaction.GrantConsentAsync(context, ConsentResponse.Denied); // we can trust model.ReturnUrl since GetAuthorizationContextAsync returned non-null if (await _clientStore.IsPkceClientAsync(context.ClientId)) { // if the client is PKCE then we assume it's native, so this change in how to // return the response is for better UX for the end user. return(View("Redirect", new RedirectViewModel { RedirectUrl = model.ReturnUrl })); } return(Redirect(model.ReturnUrl)); } // since we don't have a valid context, then we just go back to the home page return(Redirect("~/")); } if (ModelState.IsValid) { var user = await _userResolver.GetUserAsync(model.Username); if (user == default(TUser)) { if (_ldapService.Authenticate(model.Username, model.Password)) { var ldapUser = _ldapService.GetUserByUserName(model.Username); if (ldapUser != null) { var newUser = new TUser() { UserName = ldapUser.UserName, Email = ldapUser.Email, EmailConfirmed = true, PhoneNumber = ldapUser.Phone, PhoneNumberConfirmed = true }; var createResult = await _userManager.CreateAsync(newUser, model.Password); if (createResult.Succeeded) { user = newUser; } else { await _events.RaiseAsync(new UserLoginFailureEvent(model.Username, string.Join(';', createResult.Errors.SelectMany(r => r.Description)))); } } } } if (user != default(TUser)) { var result = await _signInManager.PasswordSignInAsync(user.UserName, model.Password, model.RememberLogin, lockoutOnFailure : true); if (result.Succeeded) { await _events.RaiseAsync(new UserLoginSuccessEvent(user.UserName, user.Id.ToString(), user.UserName)); if (context != null) { if (await _clientStore.IsPkceClientAsync(context.ClientId)) { // if the client is PKCE then we assume it's native, so this change in how to // return the response is for better UX for the end user. return(View("Redirect", new RedirectViewModel { RedirectUrl = model.ReturnUrl })); } // we can trust model.ReturnUrl since GetAuthorizationContextAsync returned non-null return(Redirect(model.ReturnUrl)); } // request for a local page if (Url.IsLocalUrl(model.ReturnUrl)) { return(Redirect(model.ReturnUrl)); } if (string.IsNullOrEmpty(model.ReturnUrl)) { return(Redirect("~/")); } // user might have clicked on a malicious link - should be logged throw new Exception("invalid return URL"); } if (result.RequiresTwoFactor) { return(RedirectToAction(nameof(LoginWith2fa), new { model.ReturnUrl, RememberMe = model.RememberLogin })); } if (result.IsLockedOut) { return(View("Lockout")); } } await _events.RaiseAsync(new UserLoginFailureEvent(model.Username, "invalid credentials")); ModelState.AddModelError(string.Empty, AccountOptions.InvalidCredentialsErrorMessage); } // something went wrong, show form with error var vm = await BuildLoginViewModelAsync(model); return(View(vm)); }
public IActionResult SignIn(SignInViewModel model, string returnUrl) { if (!_authenticationPluginManager .IsPluginActive("ExternalAuth.NovellActiveDirectory", _workContext.CurrentCustomer, _storeContext.CurrentStore.Id)) { throw new NopException("Novell Active Directory authentication module cannot be loaded"); } if (string.IsNullOrEmpty(_novellActiveDirectoryExternalAuthSettings.LdapPath)) { throw new NopException("Novell Active Directory authentication module not configured"); } IActionResult result; if (string.IsNullOrEmpty(model.AdUserName)) { ExternalAuthorizerHelper.AddErrorsToDisplay(_localizationService.GetResource("Plugins.ExternalAuth.NovellActiveDirectory.WindowsUserNotAvailable")); result = new RedirectToActionResult("Login", "Customer", (!string.IsNullOrEmpty(returnUrl)) ? new { ReturnUrl = returnUrl } : null); } else { LdapUser ldapUser; try { ldapUser = _ldapService.GetUserByUserName(model.AdUserName); if (null == ldapUser) { ExternalAuthorizerHelper.AddErrorsToDisplay(_localizationService.GetResource("Plugins.ExternalAuth.NovellActiveDirectory.UserNotFound")); return(new RedirectToActionResult("Login", "Customer", (!string.IsNullOrEmpty(returnUrl)) ? new { ReturnUrl = returnUrl } : null)); } } catch (Exception e) { ExternalAuthorizerHelper.AddErrorsToDisplay(_localizationService.GetResource("Plugins.ExternalAuth.NovellActiveDirectory.LdapError : " + e)); return(new RedirectToActionResult("Login", "Customer", (!string.IsNullOrEmpty(returnUrl)) ? new { ReturnUrl = returnUrl } : null)); } try { bool flag6 = _ldapService.Authenticate(ldapUser.DistinguishedName, model.AdPassword); if (flag6) { ExternalAuthenticationParameters authenticationParameters = new ExternalAuthenticationParameters { ProviderSystemName = "ExternalAuth.NovellActiveDirectory", AccessToken = Guid.NewGuid().ToString(), Email = ldapUser.Email, ExternalIdentifier = ldapUser.Email, ExternalDisplayIdentifier = ldapUser.Email }; return(_externalAuthenticationService.Authenticate(authenticationParameters, returnUrl)); } } catch (Exception e) { ExternalAuthorizerHelper.AddErrorsToDisplay(_localizationService.GetResource("Plugins.ExternalAuth.NovellActiveDirectory.LdapError : " + "auth " + e)); return(new RedirectToActionResult("Login", "Customer", (!string.IsNullOrEmpty(returnUrl)) ? new { ReturnUrl = returnUrl } : null)); } } ExternalAuthorizerHelper.AddErrorsToDisplay( _localizationService.GetResource("Plugins.ExternalAuth.NovellActiveDirectory.LdapError")); result = new RedirectToActionResult("Login", "Customer", (!string.IsNullOrEmpty(returnUrl)) ? new { ReturnUrl = returnUrl } : null); return(result); }
bool AuthenticateWith(ILdapService ldapService, string userName, string password) { try { return ldapService.Authenticate(userName, password); } catch (Exception ex) { Logger.Error("An error occurred during authentication. Details: {0}", ex); return false; } }
public async Task <bool> Handle(Query request, CancellationToken cancellationToken) { return(await Task.Run(() => ldapService.Authenticate(request.Username, request.Password))); }