public override async Task <bool> TryAuthenticateAsync(string userNameOrEmailAddress, string plainPassword, Tenant tenant)
{
if (!(await _settings.GetIsEnabled(tenant?.Id)))
{
return(false);
}
return(await ValidateCredentials(userNameOrEmailAddress.ToLower(), plainPassword, tenant));
}
/// <inheritdoc/>
public override async Task <bool> TryAuthenticateAsync(string userNameOrEmailAddress, string plainPassword, TTenant tenant)
{
if (!_ldapModuleConfig.IsEnabled || !(await _settings.GetIsEnabled(tenant?.Id)))
{
return(false);
}
using (var principalContext = await CreatePrincipalContext(tenant, userNameOrEmailAddress))
{
return(ValidateCredentials(principalContext, userNameOrEmailAddress, plainPassword));
}
}
/// <inheritdoc/>
public override async Task <bool> TryAuthenticateAsync(string userNameOrEmailAddress, string plainPassword, TTenant tenant)
{
if (!_ldapModuleConfig.IsEnabled || !(await _settings.GetIsEnabled(tenant?.Id)))
{
return(false);
}
try
{
var server = await _settings.GetServer(tenant?.Id);
var port = await _settings.GetPort(tenant?.Id);
var useSsl = await _settings.GetUseSsl(tenant?.Id);
string domain = await _settings.GetDomain(tenant?.Id);
var fullUserName = userNameOrEmailAddress.Contains("@") || string.IsNullOrWhiteSpace(domain)
? userNameOrEmailAddress
: userNameOrEmailAddress + "@" + domain;
using (var ldapConnection = new LdapConnection(new LdapDirectoryIdentifier(server, port)))
{
var networkCredential = new NetworkCredential(fullUserName, plainPassword, null);
if (useSsl)
{
ldapConnection.SessionOptions.SecureSocketLayer = true;
ldapConnection.SessionOptions.VerifyServerCertificate = new VerifyServerCertificateCallback(ServerCallBack);
}
ldapConnection.AuthType = AuthType.Basic;
ldapConnection.Bind(networkCredential);
}
// if the bind succeeds, the credentials are OK
return(true);
}
catch (LdapException ldapException)
{
// Unfortunately, invalid credentials fall into this block with a specific error code
if (ldapException.ErrorCode.Equals(LDAPError_InvalidCredentials))
{
return(false);
}
throw;
}
}
private async Task CheckIsEnabled(Tenant tenant)
{
if (!_ldapModuleConfig.IsEnabled)
{
throw new AbpException("Ldap Authentication module is disabled globally!");
}
var tenantId = GetIdOrNull(tenant);
if (!await _settings.GetIsEnabled(tenantId))
{
throw new AbpException("Ldap Authentication is disabled for given tenant (id:" + tenantId + ")! You can enable it by setting '" + LdapSettingNames.IsEnabled + "' to true");
}
}
