diff --git a/DAL/DIExtensions.cs b/DAL/DIExtensions.cs index 6488c8f..d05f023 100644 --- a/DAL/DIExtensions.cs +++ b/DAL/DIExtensions.cs @@ -1,7 +1,5 @@ -using DAL._Shared.SharedModels; -using DAL._Shared.SharedRepositories; +using DAL._Shared.SharedRepositories; using DAL.Repositories; -using HRD.WebApi.Repositories; using Microsoft.Extensions.DependencyInjection; namespace DAL diff --git a/HRD.LDAPService/DIExtensions.cs b/HRD.LDAPService/DIExtensions.cs new file mode 100644 index 0000000..3988be9 --- /dev/null +++ b/HRD.LDAPService/DIExtensions.cs @@ -0,0 +1,30 @@ +using HRD.LDAPService.JWT; +using HRD.LDAPService.Ldap; +using Microsoft.Extensions.Configuration; +using Microsoft.Extensions.DependencyInjection; +using System; + +namespace HRD.LDAPService +{ + public static class DIExtensions + { + private static IServiceCollection AddJwtManagerWithLdap(this IServiceCollection services) + { + services + .AddSingleton() + .AddSingleton(); + + return services; + } + + public static IServiceCollection AddJwtManagerWithLdap(this IServiceCollection services, Action configureOptions) + => services + .Configure(configureOptions) + .AddJwtManagerWithLdap(); + + public static IServiceCollection AddJwtManagerWithLdap(this IServiceCollection services, IConfiguration configuration) + => services + .Configure(configuration) + .AddJwtManagerWithLdap(); + } +} \ No newline at end of file diff --git a/HRD.LDAPService/JWT/JwtManager.cs b/HRD.LDAPService/JWT/JwtManager.cs index 473b0c5..c6cad04 100644 --- a/HRD.LDAPService/JWT/JwtManager.cs +++ b/HRD.LDAPService/JWT/JwtManager.cs @@ -8,11 +8,18 @@ using System.Text; namespace HRD.LDAPService.JWT { - public static class JwtManager + public class JwtManager { private const string GlbExtendedAttributes = "ExtendedAttributes_"; + private readonly LdapAuthenticationService _ldapAuthService; + + public JwtManager(LdapAuthenticationService ldapAuthService) + { + _ldapAuthService = ldapAuthService; + } + public static LdapUser DecryptTokenAsLdapUser(string token) { if (string.IsNullOrEmpty(token)) { return default; } @@ -67,7 +74,7 @@ namespace HRD.LDAPService.JWT } } - public static LdapUser RenewLdapUserWithJwtToken(string token) + public LdapUser RenewLdapUserWithJwtToken(string token) { LdapUser renewLdapUser = null; try @@ -77,7 +84,7 @@ namespace HRD.LDAPService.JWT throw new ArgumentNullException($"Token is missing!"); } - renewLdapUser = LdapAuthenticationService.RenewIdentity(token); + renewLdapUser = _ldapAuthService.RenewIdentity(token); if (renewLdapUser is null) { throw new Exception($"Can't renew from token!"); @@ -110,7 +117,7 @@ namespace HRD.LDAPService.JWT } } - public static LdapUser RenewLdapUserWithJwtToken(LdapUser ldapUser) + public LdapUser RenewLdapUserWithJwtToken(LdapUser ldapUser) { LdapUser renewLdapUser = null; try @@ -120,7 +127,7 @@ namespace HRD.LDAPService.JWT throw new Exception($"Token is missing (Login:{ldapUser.LoginName})"); } - renewLdapUser = LdapAuthenticationService.RenewIdentity(ldapUser); + renewLdapUser = _ldapAuthService.RenewIdentity(ldapUser); if (renewLdapUser is null) { return default; @@ -164,11 +171,11 @@ namespace HRD.LDAPService.JWT } } - public static bool GenerateLdapUserWithJwtToken(LdapUser ldapUser) + public bool GenerateLdapUserWithJwtToken(LdapUser ldapUser) { try { - if (!LdapAuthenticationService.CheckAndUpdateIdentityWithPassword(ldapUser)) + if (!_ldapAuthService.CheckAndUpdateIdentityWithPassword(ldapUser)) { return false; } diff --git a/HRD.LDAPService/Ldap/LdapAuthenticationService.cs b/HRD.LDAPService/Ldap/LdapAuthenticationService.cs index e160c34..57aa8cc 100644 --- a/HRD.LDAPService/Ldap/LdapAuthenticationService.cs +++ b/HRD.LDAPService/Ldap/LdapAuthenticationService.cs @@ -1,15 +1,22 @@ using HRD.LDAPService.JWT; +using HRD.LDAPService.Ldap; +using Microsoft.Extensions.Options; using System; using System.DirectoryServices.AccountManagement; using System.Linq; namespace HRD.LDAPService { - public static class LdapAuthenticationService + public class LdapAuthenticationService { - private const string LDAP_DOMAIN = "dhr.local"; + private readonly string LDAP_DOMAIN; - private static UserPrincipal GetUserPrincipal(string loginName, PrincipalContext principalContext) + public LdapAuthenticationService(IOptions options) + { + LDAP_DOMAIN = options.Value.LDAP_DOMAIN; + } + + private UserPrincipal GetUserPrincipal(string loginName, PrincipalContext principalContext) { try { @@ -36,7 +43,7 @@ namespace HRD.LDAPService /// /// /// - public static LdapUser RenewIdentity(string token) + public LdapUser RenewIdentity(string token) { if (string.IsNullOrEmpty(token)) { throw new ArgumentNullException("Token is empty!"); } @@ -64,7 +71,7 @@ namespace HRD.LDAPService /// /// /// - public static LdapUser RenewIdentity(LdapUser ldapUser) + public LdapUser RenewIdentity(LdapUser ldapUser) { if (ldapUser == default) { return default; } try @@ -127,7 +134,7 @@ namespace HRD.LDAPService /// /// /// - public static bool CheckAndUpdateIdentityWithPassword(LdapUser ldapUser) + public bool CheckAndUpdateIdentityWithPassword(LdapUser ldapUser) { if (ldapUser == default) { return false; } try @@ -184,7 +191,7 @@ namespace HRD.LDAPService } } - private static void UpdateLdapUserFromPrincipalContext(ref LdapUser ldapUser, PrincipalContext principalContext) + private void UpdateLdapUserFromPrincipalContext(ref LdapUser ldapUser, PrincipalContext principalContext) { UserPrincipal userPrincipal = GetUserPrincipal(ldapUser.LoginName, principalContext); if (userPrincipal == default) diff --git a/HRD.LDAPService/Ldap/LdapOptions.cs b/HRD.LDAPService/Ldap/LdapOptions.cs new file mode 100644 index 0000000..78249cd --- /dev/null +++ b/HRD.LDAPService/Ldap/LdapOptions.cs @@ -0,0 +1,25 @@ +namespace HRD.LDAPService.Ldap +{ + public class LdapOptions + { + public bool LDAP_WebAppGroup_Is_Live { get; init; } + + public string LDAP_WINDREAM { get; init; } + + public string LDAP_DOMAIN { get; init; } + + public string LDAP_PATH_EDM { get; init; } + + public string LDAP_PATH_WEBAPPS { get; init; } + + public string LDAP_EDMUser_Prefix { get; init; } + + public string LDAP_EDMAdmin_Prefix { get; init; } + + public string LDAP_EDM_Prefix { get; init; } + + public string LDAP_WebAppp_Prefix { get; init; } + + public string LDAP_Prefix_Test { get; init; } + } +} \ No newline at end of file diff --git a/StaffDBServer/Program.cs b/StaffDBServer/Program.cs index 2694ceb..85909b6 100644 --- a/StaffDBServer/Program.cs +++ b/StaffDBServer/Program.cs @@ -17,6 +17,7 @@ using HRD.LDAPService.JWT; using HRD.WebApi.DAL.Middleware; using HRD.WebApi.Helpers; using StaffDBServer.SharedControllers; +using HRD.LDAPService; AppDomain.CurrentDomain.UnhandledException += (object sender, UnhandledExceptionEventArgs unhandledExceptionEventArgs) => { @@ -56,6 +57,7 @@ try builder.Services.AddStaffDBRepositories(); builder.Services.AddScoped(); + builder.Services.AddJwtManagerWithLdap(configuration.GetSection("LdapOptions")); builder.Services.ConfigureWebApiExtensionsEnd(); // should come last diff --git a/StaffDBServer/_Shared/SharedControllers/WebAppUserHelper.cs b/StaffDBServer/_Shared/SharedControllers/WebAppUserHelper.cs index 3f9b89e..7ef6451 100644 --- a/StaffDBServer/_Shared/SharedControllers/WebAppUserHelper.cs +++ b/StaffDBServer/_Shared/SharedControllers/WebAppUserHelper.cs @@ -18,10 +18,13 @@ namespace StaffDBServer.SharedControllers WebAppEmployeeInfoRepository webAppEmployeeInfoRepository; - public WebAppUserHelper(WebAppUserRepository webAppUserRepository, WebAppEmployeeInfoRepository webAppEmployeeInfoRepository) + private readonly JwtManager _jwtManager; + + public WebAppUserHelper(WebAppUserRepository webAppUserRepository, WebAppEmployeeInfoRepository webAppEmployeeInfoRepository, JwtManager jwtManager) { this.webAppUserRepository = webAppUserRepository; this.webAppEmployeeInfoRepository = webAppEmployeeInfoRepository; + _jwtManager = jwtManager; } public async Task CheckLoginWithJWTAsync(StringValues accessToken, string clientVersion) @@ -96,7 +99,7 @@ namespace StaffDBServer.SharedControllers } } - private static async Task DoCheckLoginWithNameAndPasswordAsync(WebAppUser userFromClient, WebAppUserRepository webAppUserRepository, WebAppEmployeeInfoRepository webAppEmployeeInfoRepository) + private async Task DoCheckLoginWithNameAndPasswordAsync(WebAppUser userFromClient, WebAppUserRepository webAppUserRepository, WebAppEmployeeInfoRepository webAppEmployeeInfoRepository) { try { @@ -114,7 +117,7 @@ namespace StaffDBServer.SharedControllers } LdapUser ldapUser = new LdapUser(userFromClient.LoginName, webAppEmployeeInfo.EmployeeId, userFromClient.Password, webAppEmployeeInfo.DepartmentId, webAppEmployeeInfo.ExtendedDepartmentIdList); - if (!JwtManager.GenerateLdapUserWithJwtToken(ldapUser)) + if (!_jwtManager.GenerateLdapUserWithJwtToken(ldapUser)) { if (ldapUser == default) { diff --git a/StaffDBServer/appsettings.json b/StaffDBServer/appsettings.json index e40e88e..cd20c85 100644 --- a/StaffDBServer/appsettings.json +++ b/StaffDBServer/appsettings.json @@ -25,5 +25,17 @@ "CustomConfig": { }, - "AllowedHosts": "*" + "AllowedHosts": "*", + "LdapOptions": { + "LDAP_WebAppGroup_Is_Live": false, + "LDAP_WINDREAM": "Windream_", + "LDAP_DOMAIN": "dhr.local", + "LDAP_PATH_EDM": "OU=DMS,OU=Gruppen,OU=DHDEAB,DC=dhr,DC=local", + "LDAP_PATH_WEBAPPS": "OU=Web-Apps,OU=Gruppen,OU=DHDEAB,DC=dhr,DC=local", + "LDAP_EDMUser_Prefix": "GG_EDMUser_Group", + "LDAP_EDMAdmin_Prefix": "GG_EDMAdmin_Group", + "LDAP_EDM_Prefix": "GG_EDM", + "LDAP_WebAppp_Prefix": "GG_WebApp", + "LDAP_Prefix_Test": "__Test" + } } \ No newline at end of file