//public void authenticateUser2()
//{
// var ADHost = "ad01.devfasah.sa";
// var saslRequest = new SaslDigestMd5Request("user1", "P@ssw0rd", "devfasah.sa", ADHost);
// using (var conn = new LdapConnection())
// {
// try
// {
// conn.Connect(ADHost, 389);
// conn.StartTls();
// conn.Bind(saslRequest);
// Console.WriteLine($"[{conn.AuthenticationMethod}] {conn.AuthenticationDn}");
// }
// finally
// {
// if (conn.Tls)
// {
// conn.StopTls();
// }
// }
// }
//}
public Loginresult ValidateUserWithDefaultObject(string username, string password)
{
Loginresult loginresult = new Loginresult();
string userDn = $"{username}@{"devfasah.sa"}";
using (var connection = new LdapConnection {
SecureSocketLayer = false
})
{
connection.Connect("ad01.devfasah.sa", 389);
connection.Bind(userDn, password);
if (connection.Bound)
{
//we need to creat default identity user
//var user = new ClaimsPrincipal(new ClaimsIdentity(new Claim[] {
// new Claim(ClaimTypes.NameIdentifier, username),
// new Claim(ClaimTypes.Name, userDn)
// // other required and custom claims
// }, "DefaulAuthenticationUser"));
var identity = new ClaimsIdentity(MyAuthentication.ApplicationCookie, ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultRoleClaimType);
List <string> memberships = new List <string>();
var claims = new List <Claim>();
//Anonymous
ADGroups.Add(new Group {
Name = "Everyone"
});
ADGroups.Add(new Group {
Name = "Anonymous"
});
foreach (Group item in ADGroups)
{
claims.Add(new Claim(ClaimTypes.Role, item.Name.ToString()));
memberships.Add(item.Name.ToString());
}
if (claims.Count > 0)
{
identity.AddClaims(claims);
}
CMS.User._memberships = memberships;
loginresult.claimsid = identity;
return(loginresult);
}
}
return(loginresult);
}
public Loginresult ValidateUserWithDefaultObjectForSerach(string username, string password)
{
Loginresult loginresult = new Loginresult();
string userDn = $"{"user1"}@{"devfasah.sa"}";
using (var connection = new LdapConnection {
SecureSocketLayer = false
})
{
connection.Connect("ad01.devfasah.sa", 389);
connection.Bind(userDn, password);
if (connection.Bound)
{
string searchFilter = string.Empty; //"(cn=" + username + ")";
var queue = connection.Search(string.Empty,
LdapConnection.ScopeSub, searchFilter, null, false, (LdapSearchQueue)
null, (LdapSearchConstraints)null);
LdapMessage message;
while ((message = queue.GetResponse()) != null)
{
if (message is LdapSearchResult)
{
// LdapEntry entry = (LdapSearchResult)message.Entry;
// // Get the attribute set of the entry
// LdapAttributeSet attributeSet = entry.GetAttributeSet();
// System.Collections.IEnumerator ienum =
// attributeSet.GetEnumerator();
// // Parse through the attribute set to get the attributes and
// /// the corresponding values
// while (ienum.MoveNext())
// {
// LdapAttribute attribute = (LdapAttribute)ienum.Current;
// string attributeName = attribute.Name;
// string attributeVal = attribute.StringValue;
// Console.WriteLine(attributeName + "value:" +
//attributeVal);
// }
}
}
//Procced
//While all the required entries are parsed, disconnect
connection.Disconnect();
return(loginresult);
}
}
return(loginresult);
}
public async Task <Loginresult> ValidateUserUsinLdapApi(string username, string password)
{
Loginresult loginresult = new Loginresult();
AuthorizationLdap _LdapApiAuthenticationService = new AuthorizationLdap();
string json = await _LdapApiAuthenticationService.getUserRoles(username, password);
if (!string.IsNullOrEmpty(json))
{
string Roles = json.Replace("[", "").Replace("]", ""); // now you have an array of 3 strings
var RolesArray = Roles.Split(','); // now you have the same as in the first line
foreach (string role in RolesArray)
{
ADGroups.Add(new Group {
Name = role.Replace("\r\n", string.Empty).Replace("\"", string.Empty).Trim()
});
}
var identity = new ClaimsIdentity(MyAuthentication.ApplicationCookie, ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultRoleClaimType);
List <string> memberships = new List <string>();
var claims = new List <Claim>();
//Anonymous
ADGroups.Add(new Group {
Name = "Everyone"
});
ADGroups.Add(new Group {
Name = "Anonymous"
});
foreach (Group item in ADGroups)
{
claims.Add(new Claim(ClaimTypes.Role, item.Name.ToString()));
memberships.Add(item.Name.ToString());
}
if (claims.Count > 0)
{
identity.AddClaims(claims);
}
CMS.User._memberships = memberships;
CMS.User.username = username;
loginresult.claimsid = identity;
return(loginresult);
}
else
{
return(loginresult);
}
}
public void UnValidateUser()
{
Loginresult loginresult = new Loginresult();
AuthorizationLdap _LdapApiAuthenticationService = new AuthorizationLdap();
var identity = new ClaimsIdentity();
List <string> memberships = new List <string>();
var claims = new List <Claim>();
//Anonymous
ADGroups = new List <Group>();
ADGroups.Add(new Group {
Name = "Everyone"
});
ADGroups.Add(new Group {
Name = "Anonymous"
});
foreach (Group item in ADGroups)
{
claims.Add(new Claim(ClaimTypes.Role, item.Name.ToString()));
memberships.Add(item.Name.ToString());
}
if (claims.Count > 0)
{
identity.AddClaims(claims);
}
CMS.User._memberships = null;
CMS.User.username = "";
}
public Loginresult ValidateCredentials(string userName, string password)
{
//userName = "******";
//password = "******";
Loginresult loginresult = new Loginresult();
loginresult.claimsid = null;
loginresult.message = string.Empty;
try
{
using (var adContext = new PrincipalContext(ContextType.Domain, "ad01.devfasah.sa:389", "user1", "P@ssw0rd"))
// using (var adContext = new PrincipalContext(ContextType.Domain, "devfasah.sa", "system_test_7", "P@ssw0rd7"))
{
bool isAuthenticated = false;
UserPrincipal userPrincipal = null;
try
{
bool isvalid = adContext.ValidateCredentials(userName, password);
if (!isvalid)
{
loginresult.claimsid = null;
loginresult.message = "Invalid Credentials";
return(loginresult);
}
userPrincipal = UserPrincipal.FindByIdentity(adContext, IdentityType.SamAccountName, userName);
if (userPrincipal != null)
{
//in dev test let this be true.
isAuthenticated = true;
}
//foreach (GroupPrincipal group in userPrincipal.GetGroups())
//{
// Console.Out.WriteLine(group);
//}
}
catch (Exception ex)
{
string e1 = ex.Message;
isAuthenticated = false;
userPrincipal = null;
loginresult.claimsid = null;
loginresult.message = "An error occurred. Please contact Administrator :Error" + ex.Message;
}
if (!isAuthenticated || userPrincipal == null)
{
loginresult.claimsid = null;
loginresult.message = "Invalid Credentials";
}
if (userPrincipal.IsAccountLockedOut())
{
// here can be a security related discussion weather it is worth
// revealing this information
loginresult.claimsid = null;
loginresult.message = "Account is locked";
}
if (userPrincipal.Enabled.HasValue && userPrincipal.Enabled.Value == false)
{
// here can be a security related discussion weather it is worth
// revealing this information
return(loginresult);
}
var ISMappUser = GetallADGroups(userPrincipal);
if (ISMappUser.Count == 0 || ISMappUser == null)
{
// not mapp user in HRM system roles
loginresult.claimsid = null;
loginresult.message = "No Groups associated with this Account";
return(loginresult);
}
var identity = CreateIdentity(userPrincipal);
loginresult.claimsid = identity;
User.username = userName;
loginresult.message = "Success";
return(loginresult);
}
}
catch (Exception ex)
{
loginresult.claimsid = null;
string err = ex.Message;
loginresult.message = "An error occurred. Please contact Administrator :Error" + ex.Message;
return(loginresult);
}
}
public Loginresult ValidateUser(string username, string password)
{
Loginresult loginresult = new Loginresult();
string userDn = $"{username}@{"devfasah.sa"}";
using (var connection = new LdapConnection {
SecureSocketLayer = false
})
{
connection.Connect("ad01.devfasah.sa", 389);
connection.Bind(userDn, password);
if (connection.Bound)
{
var groups = new HashSet <string>();
var searchBase = string.Empty;
var filter = "(objectCategory=person)(objectClass=user)";
var atr = new string[1];
atr[0] = "memberOf";
var search = connection.Search(searchBase, LdapConnection.ScopeSub, filter, atr, false);
while (search.HasMore())
{
var nextEntry = search.Next();
groups.Add(nextEntry.Dn);
var childGroups = GetChildren(string.Empty, nextEntry.Dn);
foreach (var child in childGroups)
{
groups.Add(child);
}
}
return(loginresult);
// string searchBase = "ou=users,o=Company";
/// string searchFilter = "objectClass=inetOrgPerson";
//string[] requiredAttributes = { "cn", "sn", "uid" };
//ILdapSearchResults lsc = connection.Search(string.Empty,
// LdapConnection.ScopeSub,
// string.Empty,
// null,
// false);
//while (lsc.HasMore())
//{
// LdapEntry nextEntry = null;
// try
// {
// nextEntry = lsc.Next();
// }
// catch (LdapException e)
// {
// Console.WriteLine("Error : " + e.LdapErrorMessage);
// continue;
// }
//}
}
}
return(loginresult);
}
