protected virtual async Task <LdapConnection> CreateLdapConnection(Tenant tenant) { var ldapConnection = new LdapConnection(); ldapConnection.Connect(await _settings.GetDomain(tenant?.Id), await _settings.GetPort(tenant?.Id)); ldapConnection.Bind(await _settings.GetUserName(tenant?.Id), await _settings.GetPassword(tenant?.Id)); return(ldapConnection); }
/// <inheritdoc/> public override async Task <bool> TryAuthenticateAsync(string userNameOrEmailAddress, string plainPassword, TTenant tenant) { if (!_ldapModuleConfig.IsEnabled || !(await _settings.GetIsEnabled(tenant?.Id))) { return(false); } try { var server = await _settings.GetServer(tenant?.Id); var port = await _settings.GetPort(tenant?.Id); var useSsl = await _settings.GetUseSsl(tenant?.Id); string domain = await _settings.GetDomain(tenant?.Id); var fullUserName = userNameOrEmailAddress.Contains("@") || string.IsNullOrWhiteSpace(domain) ? userNameOrEmailAddress : userNameOrEmailAddress + "@" + domain; using (var ldapConnection = new LdapConnection(new LdapDirectoryIdentifier(server, port))) { var networkCredential = new NetworkCredential(fullUserName, plainPassword, null); if (useSsl) { ldapConnection.SessionOptions.SecureSocketLayer = true; ldapConnection.SessionOptions.VerifyServerCertificate = new VerifyServerCertificateCallback(ServerCallBack); } ldapConnection.AuthType = AuthType.Basic; ldapConnection.Bind(networkCredential); } // if the bind succeeds, the credentials are OK return(true); } catch (LdapException ldapException) { // Unfortunately, invalid credentials fall into this block with a specific error code if (ldapException.ErrorCode.Equals(LDAPError_InvalidCredentials)) { return(false); } throw; } }