public override async Task <bool> TryAuthenticateAsync(string userNameOrEmailAddress, string plainPassword, Tenant tenant) { if (!(await _settings.GetIsEnabled(tenant?.Id))) { return(false); } return(await ValidateCredentials(userNameOrEmailAddress.ToLower(), plainPassword, tenant)); }
/// <inheritdoc/> public override async Task <bool> TryAuthenticateAsync(string userNameOrEmailAddress, string plainPassword, TTenant tenant) { if (!_ldapModuleConfig.IsEnabled || !(await _settings.GetIsEnabled(tenant?.Id))) { return(false); } using (var principalContext = await CreatePrincipalContext(tenant, userNameOrEmailAddress)) { return(ValidateCredentials(principalContext, userNameOrEmailAddress, plainPassword)); } }
/// <inheritdoc/> public override async Task <bool> TryAuthenticateAsync(string userNameOrEmailAddress, string plainPassword, TTenant tenant) { if (!_ldapModuleConfig.IsEnabled || !(await _settings.GetIsEnabled(tenant?.Id))) { return(false); } try { var server = await _settings.GetServer(tenant?.Id); var port = await _settings.GetPort(tenant?.Id); var useSsl = await _settings.GetUseSsl(tenant?.Id); string domain = await _settings.GetDomain(tenant?.Id); var fullUserName = userNameOrEmailAddress.Contains("@") || string.IsNullOrWhiteSpace(domain) ? userNameOrEmailAddress : userNameOrEmailAddress + "@" + domain; using (var ldapConnection = new LdapConnection(new LdapDirectoryIdentifier(server, port))) { var networkCredential = new NetworkCredential(fullUserName, plainPassword, null); if (useSsl) { ldapConnection.SessionOptions.SecureSocketLayer = true; ldapConnection.SessionOptions.VerifyServerCertificate = new VerifyServerCertificateCallback(ServerCallBack); } ldapConnection.AuthType = AuthType.Basic; ldapConnection.Bind(networkCredential); } // if the bind succeeds, the credentials are OK return(true); } catch (LdapException ldapException) { // Unfortunately, invalid credentials fall into this block with a specific error code if (ldapException.ErrorCode.Equals(LDAPError_InvalidCredentials)) { return(false); } throw; } }
private async Task CheckIsEnabled(Tenant tenant) { if (!_ldapModuleConfig.IsEnabled) { throw new AbpException("Ldap Authentication module is disabled globally!"); } var tenantId = GetIdOrNull(tenant); if (!await _settings.GetIsEnabled(tenantId)) { throw new AbpException("Ldap Authentication is disabled for given tenant (id:" + tenantId + ")! You can enable it by setting '" + LdapSettingNames.IsEnabled + "' to true"); } }