public async Task PostLoginShouldLogInRemoteUser()
{
var user = new ApplicationUser {
Id = Guid.NewGuid(), UserName = "******"
};
_ldapService.Authenticate("user", "pass").Returns(user);
var result = await _controller.Login(new LoginViewModel { Username = "******", Password = "******", IsLocal = false });
Assert.IsInstanceOfType(result, typeof(RedirectToActionResult));
await _signInManager.Received().SignInAsync(user, false, null);
}
public void AuthenticateShouldReturnApplicationUserWhenSuccessful()
{
SetUpLdapSettings();
_ldap.Authenticate("host.example.com", 1234, true, "format1myuserA", "mypass", "somebasedn", "format2myuserB", "somenameattr", Arg.Any <RemoteCertificateValidationCallback>())
.Returns(new LdapAuthWrapper.LdapUser
{
DisplayName = "the user"
});
var result = _service.Authenticate("myuser", "mypass");
Assert.IsNotNull(result);
Assert.IsTrue(result.IsRemote);
Assert.AreEqual("the user", result.UserName);
var userId = result.Id.ToByteArray();
Assert.AreEqual(0, userId[0]);
Assert.AreEqual(0, userId[1]);
Assert.AreEqual(0, userId[2]);
Assert.AreEqual(0, userId[3]);
}
public async Task <IActionResult> Login(LoginViewModel vm, string returnUrl = null)
{
ViewData["ReturnUrl"] = returnUrl;
ViewData["LdapEnabled"] = _ldapService.IsLdapEnabled();
if (ModelState.IsValid)
{
if (vm.IsLocal)
{
var user = await _userService.FindUserByUsername(vm.Username);
if (user != null && _userService.ValidateCredentials(user, vm.Password))
{
await _signInManager.SignInAsync(user, false);
return(string.IsNullOrWhiteSpace(returnUrl) ? RedirectToAction(nameof(EndpointsController.List), "Endpoints") : RedirectToLocal(returnUrl));
}
}
else
{
try
{
var user = _ldapService.Authenticate(vm.Username, vm.Password);
if (user != null)
{
await _signInManager.SignInAsync(user, false);
return(string.IsNullOrWhiteSpace(returnUrl) ? RedirectToAction(nameof(EndpointsController.List), "Endpoints") : RedirectToLocal(returnUrl));
}
}
catch (SslException sslEx)
{
ModelState.AddModelError(string.Empty, sslEx.Message);
ModelState.AddModelError(string.Empty, "Details: " + sslEx.Details);
return(View(vm));
}
catch (Exception)
{
// Fall through
}
}
}
// If we got this far, something failed, redisplay form
ModelState.AddModelError(string.Empty, "Invalid login attempt.");
return(View(vm));
}
/// <summary>
/// Checks the given password agains the configured LDAP server.
/// </summary>
/// <param name="user"></param>
/// <param name="password"></param>
/// <returns></returns>
public bool CheckPasswordAsync(LdapUser user, string password)
{
return(_ldapService.Authenticate(user.DistinguishedName, password));
}
