public void GivenAddEntry(string dn, Table table)
{
var ldapEntryCommandStore = _serviceProvider.GetService <ILDAPEntryCommandStore>();
var ldapEntry = new LDAPEntry
{
DistinguishedName = dn,
Attributes = new List <LDAPEntryAttribute>()
};
foreach (var record in table.Rows)
{
var key = record["Key"];
var value = record["Value"];
ldapEntry.Attributes.Add(new LDAPEntryAttribute
{
Id = Guid.NewGuid().ToString(),
Name = key,
Values = new List <string>
{
value
}
});
}
ldapEntryCommandStore.Add(ldapEntry);
}
public bool Update(LDAPEntry entry)
{
var record = _entries.First(e => e.DistinguishedName == entry.DistinguishedName);
_entries.Remove(record);
_entries.Add(entry);
return(true);
}
private bool IsSingleValue(LDAPEntry entry)
{
var singleValueAttribute = entry.Attributes.FirstOrDefault(a => a.Name == _options.SingleValueAttributeName);
bool isSingleValue;
if (singleValueAttribute != null && bool.TryParse(singleValueAttribute.Values.First(), out isSingleValue))
{
return(isSingleValue);
}
return(false);
}
private void CheckSyntax(LDAPEntry entry, PartialAttribute attribute, string dn)
{
var syntax = entry.Attributes.FirstOrDefault(a => a.Name == _options.SyntaxAttributeName);
if (syntax != null)
{
var attributeSyntax = _attributeSyntaxLst.FirstOrDefault(a => a.OID == syntax.Values.First());
if (attributeSyntax != null && !attributeSyntax.Check(attribute.Vals.Values.Select(v => v.Value).ToList()))
{
throw new LdapException(string.Format(Global.AttributeSyntaxNotValid, attribute.Type.Value, attributeSyntax.OID), LDAPResultCodes.InvalidAttributeSyntax, dn);
}
}
}
public async Task Authenticate(LDAPEntry entry, BindRequest bindRequest)
{
var dn = bindRequest.Name.Value;
var simpleAuth = bindRequest.Authentication as SimpleAuthChoice;
var passwordAttribute = entry.Attributes.FirstOrDefault(a => a.Name == _options.UserPasswordAttributeName);
if (passwordAttribute == null)
{
throw new LdapException(Global.NoUserPassword, LDAPResultCodes.Other, dn);
}
var attributeType = await _ldapEntryQueryStore.GetByAttribute(_options.NameAttributeName, passwordAttribute.Name);
var equality = attributeType.Attributes.First(attr => attr.Name == _options.EqualityAttributeName).Values.First();
var matchingRuleHandler = _matchingRuleHandlerFactory.Build(equality);
var hashed = Build(simpleAuth.Value.Value, passwordAttribute.Values.First());
if (!matchingRuleHandler.Handle(passwordAttribute, new List <string> {
hashed
}))
{
throw new LdapException(Global.InvalidCredentials, LDAPResultCodes.InvalidCredentials, dn);
}
}
public bool Add(LDAPEntry representation)
{
representation.Level = representation.DistinguishedName.ComputeLevel();
_entries.Add((LDAPEntry)representation.Clone());
return(true);
}
public async Task <ICollection <LdapPacket> > Execute(AddRequestCommand addRequestCommand)
{
var addRequest = addRequestCommand.ProtocolOperation.Operation as AddRequest;
var dn = addRequest.Entry.Value;
var objectClassAttributes = addRequest.Attributes.Values.Where(v => v.Type.Value == _options.ObjectClassAttributeName);
if (!objectClassAttributes.Any())
{
throw new LdapException(string.Format(Global.AttributeIsMissing, _options.ObjectClassAttributeName), LDAPResultCodes.Other, dn);
}
var existingRepresentation = await _ldapQueryStore.Get(dn);
if (existingRepresentation != null)
{
throw new LdapException(string.Format(Global.EntryAlreadyExists, dn), LDAPResultCodes.EntryAlreadyExists, dn);
}
var parentDN = dn.ExtractParentDN();
var parentRepresentation = await _ldapQueryStore.Get(parentDN);
if (parentRepresentation == null)
{
throw new LdapException(string.Format(Global.ParentDoesntExist, parentDN), LDAPResultCodes.NoSuchObject, parentDN);
}
var existingObjectClasses = await _ldapQueryStore.GetByAttributes(objectClassAttributes.Select(attr => new KeyValuePair <string, string>(_options.NameAttributeName, attr.Vals.Values.First().Value)).ToList());
var mustAttributeTypes = existingObjectClasses.SelectMany(obj => obj.Attributes.Where(attr => attr.Name == _options.MustAttributeName));
var mayAttributeTypes = existingObjectClasses.SelectMany(obj => obj.Attributes.Where(attr => attr.Name == _options.MayAttributeName));
var attributeTypes = new List <string>();
attributeTypes.AddRange(mustAttributeTypes.SelectMany(m => m.Values));
attributeTypes.AddRange(mayAttributeTypes.SelectMany(m => m.Values));
var existingObjectClassNames = existingObjectClasses.Select(entry => entry.Attributes.First(attr => attr.Name == _options.NameAttributeName).Values.First());
var unknownObjectClasses = objectClassAttributes.Where(obj => !existingObjectClassNames.Contains(obj.Vals.Values.First().Value)).Select(kvp => kvp.Vals.Values.First().Value);
if (unknownObjectClasses.Any())
{
throw new LdapException(string.Format(Global.UnknownObjectClasses, string.Join(",", unknownObjectClasses)), LDAPResultCodes.Other, dn);
}
var missingRequiredAttributes = mustAttributeTypes.Where(attr => !addRequest.Attributes.Values.Any(a => attr.Values.Contains(a.Type.Value)));
if (missingRequiredAttributes.Any())
{
throw new LdapException(string.Format(Global.RequiredAttributeMissing, string.Join(",", missingRequiredAttributes.SelectMany(m => m.Values))), LDAPResultCodes.Other, dn);
}
var undefinedAttributes = addRequest.Attributes.Values.Where(attr => !attributeTypes.Any(d => d.Equals(attr.Type.Value, StringComparison.InvariantCultureIgnoreCase)));
if (undefinedAttributes.Any())
{
throw new LdapException(string.Format(Global.AttributesUndefined, string.Join(",", undefinedAttributes.Select(a => a.Type.Value))), LDAPResultCodes.Other, dn);
}
var record = new LDAPEntry
{
DistinguishedName = dn,
Attributes = new List <LDAPEntryAttribute>()
};
var attributes = await _ldapQueryStore.GetByAttributes(attributeTypes.Select(attr => new KeyValuePair <string, string>(_options.NameAttributeName, attr)).ToList());
foreach (var attr in addRequest.Attributes.Values)
{
var attribute = attributes.First(a => a.Attributes.Any(at => at.Name == _options.NameAttributeName && at.Values.Contains(attr.Type.Value)));
CheckSyntax(attribute, attr, dn);
var existingAttributes = addRequest.Attributes.Values.Where(a => a.Type.Value == attr.Type.Value);
if (IsSingleValue(attribute) && existingAttributes.Count() > 1)
{
throw new LdapException(string.Format(Global.SingleValue, attr.Type.Value), LDAPResultCodes.AttributeOrValueExists, dn);
}
record.Attributes.Add(new LDAPEntryAttribute
{
Id = Guid.NewGuid().ToString(),
Name = attr.Type.Value,
Values = attr.Vals.Values.Select(v => v.Value).ToList()
});
}
_ldapCommandStore.Add(record);
await _ldapCommandStore.SaveChanges();
var donePacket = new LdapPacket
{
MessageId = addRequestCommand.MessageId,
ProtocolOperation = new DERProtocolOperation
{
Operation = new AddResponse
{
Result = new LDAPResult
{
MatchedDN = addRequest.Entry,
ResultCode = new DEREnumerated <LDAPResultCodes>
{
Value = LDAPResultCodes.Success
},
DiagnosticMessage = new DEROctetString(string.Empty)
}
}
}
};
return(new List <LdapPacket>
{
donePacket
});
}
