/// <summary>
/// Checks the given password agains the configured LDAP server.
/// </summary>
/// <param name="user"></param>
/// <param name="password"></param>
/// <returns></returns>
public override async Task <bool> CheckPasswordAsync(TUser user, string password)
{
using (var auth = new LdapAuthentication(_ldapOptions))
{
string dn;
// This gives a custom way to extract the DN from the user if it is different from the username.
// It seems more like this would be a feature of the user store, but we can't get user store from userManager
// and all the methods we really need for sign-in are on user manager.
if (this.Store is IUserLdapStore <TUser> )
{
dn = await((IUserLdapStore <TUser>) this.Store).GetDistinguishedNameAsync(user);
}
else
{
dn = await this.Store.GetNormalizedUserNameAsync(user, CancellationToken.None);
}
if (auth.ValidatePassword(dn, password))
{
return(true);
}
}
return(false);
}
/// <summary>
/// Throws a NotSupportedException.
/// </summary>
/// <param name="user"></param>
/// <param name="token"></param>
/// <param name="newPassword"></param>
/// <returns></returns>
public override Task <IdentityResult> ResetPasswordAsync(TUser user, string token, string newPassword)
{
using (var auth = new LdapAuthentication(_ldapOptions))
{
string dn = GetUserDn(user).Result;
if (auth.ResetPassword(dn, newPassword))
{
return(Task.FromResult(IdentityResult.Success));
}
}
return(Task.FromResult(IdentityResult.Failed()));
}
/// <summary>
/// Checks the given password agains the configured LDAP server.
/// </summary>
/// <param name="user"></param>
/// <param name="password"></param>
/// <returns></returns>
public override async Task <bool> CheckPasswordAsync(TUser user, string password)
{
using (var auth = new LdapAuthentication(_ldapOptions))
{
string dn = await GetUserDn(user);
if (auth.ValidatePassword(dn, password))
{
return(true);
}
}
return(false);
}
