AppStd/DigitalData.UserManager
8
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: AppStd:88cffc12a5a7408ef405b1e5a0b0363964046497
Branches Tags
AppStd:master AppStd:feat/authFlow-integration
..
compare: AppStd:2ee0f976fd645e0c675918077a405b37d88c6dbe
Branches Tags
AppStd:master AppStd:feat/authFlow-integration

5 Commits
88cffc12a5 ... 2ee0f976fd

Author SHA1 Message Date
TekH
2ee0f976fd refactor(cnnString): Remove user ID encryption 2025-08-11 12:59:00 +02:00
TekH
a3087a5e34 refactor(appsettings.Auth.json): change Audiance 2025-08-11 11:32:30 +02:00
TekH
525a30b541 refactor(DirectoryController): Ersetzen der Benutzersuche im Cache durch direkten DirectoryEntry aus Optionen 
- Hinzufügen der Abhängigkeitsinjektion `IOptions<DirSearchRoot>`, um den vorkonfigurierten DirectoryEntry-Stamm zu verwenden.
- Einführung des Feldes `_dirSearchRoot` für wiederverwendbare LDAP-Root-Bindung.
- Ersetzen der Aufrufe von `FindAllByUserCache` durch `FindAll` unter Verwendung von `DirectoryEntry` aus `_dirSearchRoot`.
- Entfernen der veralteten Endpunkte `GetRootOf` und `CreateSearchRoot`.
- Sicherstellen des Musters `using var sRoot` für die ordnungsgemäße Entsorgung von DirectoryEntry-Instanzen.
 2025-08-11 11:06:07 +02:00
TekH
f5471a8d01 feat(api): DirSearchRoot-Modell für die Konfiguration der LDAP-Verzeichnissuche und die Konvertierung zu DirectoryEntry hinzufügen 2025-08-11 10:51:58 +02:00
TekH
bcdcdd679a fix: version number 2025-08-08 13:38:43 +02:00
7 changed files with 46 additions and 48 deletions
Expand all files Collapse all files

2
src/DigitalData.UserManager.API/ClientApp/user_manager_ui/package.json
View File

@@ -1,6 +1,6 @@
{ {
"name": "user-manager-ui", "name": "user-manager-ui",
"version": "4.1.0", "version": "2.0.0",
"minApiVersion":"6.1.3", "minApiVersion":"6.1.3",
"scripts": { "scripts": {
"ng": "ng", "ng": "ng",

59
src/DigitalData.UserManager.API/Controllers/DirectoryController.cs
View File

@@ -9,6 +9,8 @@ using Microsoft.Extensions.Localization;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using DigitalData.Core.Abstraction.Application; using DigitalData.Core.Abstraction.Application;
using DigitalData.Core.Abstraction.Application.DTO; using DigitalData.Core.Abstraction.Application.DTO;
using Microsoft.Extensions.Options;
using DigitalData.UserManager.API.Models;
namespace DigitalData.UserManager.API.Controllers; namespace DigitalData.UserManager.API.Controllers;
@@ -23,8 +25,9 @@ public class DirectoryController : ControllerBase
private readonly Dictionary<string, string> _customSearchFilters; private readonly Dictionary<string, string> _customSearchFilters;
private readonly IStringLocalizer<Resource> _localizer; private readonly IStringLocalizer<Resource> _localizer;
private readonly ILogger<DirectoryController> _logger; private readonly ILogger<DirectoryController> _logger;
private readonly DirSearchRoot _dirSearchRoot;
public DirectoryController(IConfiguration configuration, IStringLocalizer<Resource> localizer, IUserService userService, IDirectorySearchService directorySearchService, ILogger<DirectoryController> logger) public DirectoryController(IConfiguration configuration, IStringLocalizer<Resource> localizer, IUserService userService, IDirectorySearchService directorySearchService, ILogger<DirectoryController> logger, IOptions<DirSearchRoot> dirSearchRootOptions)
{ {
_localizer = localizer; _localizer = localizer;
_userService = userService; _userService = userService;
@@ -33,23 +36,7 @@ public class DirectoryController : ControllerBase
var customSearchFiltersSection = configuration.GetSection("DirectorySearch:CustomSearchFilters"); var customSearchFiltersSection = configuration.GetSection("DirectorySearch:CustomSearchFilters");
_customSearchFilters = customSearchFiltersSection.Get<Dictionary<string, string>>() ?? new(); _customSearchFilters = customSearchFiltersSection.Get<Dictionary<string, string>>() ?? new();
_logger = logger; _logger = logger;
} _dirSearchRoot = dirSearchRootOptions.Value;
[HttpGet("Root/{username}")]
public IActionResult GetRootOf(string username)
{
var root = _dirSearchService.GetSearchRootCache(username);
return root is null ? NotFound() : Ok(new
{
guid = root.Guid,
nativeGuid = root.NativeGuid,
name = root.Name,
path = root.Path,
parentPath = root.Parent?.Path,
username = root.Username,
schemaClassName = root.SchemaClassName
});
} }
[HttpGet("CustomSearchFilter")] [HttpGet("CustomSearchFilter")]
@@ -66,26 +53,6 @@ public class DirectoryController : ControllerBase
} }
} }
[HttpPost]
public async Task<IActionResult> CreateSearchRoot([FromBody] SearchRootCreateDto searchRootCreateDto)
{
var dirEntryUsername = searchRootCreateDto.Username ?? CurrentUser;
if (dirEntryUsername is null)
return Unauthorized();
bool isValid = _dirSearchService.ValidateCredentials(dirEntryUsername, searchRootCreateDto.Password);
if (!isValid)
return Unauthorized(Result.Fail().Message(_localizer[Key.UserNotFound]));
var userResult = await _userService.ReadByUsernameAsync(dirEntryUsername);
if (!userResult.IsSuccess || userResult.Data is null)
return Unauthorized(Result.Fail().Message(_localizer[Key.UserNotFoundInLocalDB]));
_dirSearchService.SetSearchRootCache(userResult.Data.Username, searchRootCreateDto.Password);
return Ok();
}
[HttpGet("SearchByFilter/{filter}")] [HttpGet("SearchByFilter/{filter}")]
public IActionResult SearchByFilter([FromRoute] string filter, string? dirEntryUsername, params string[] propName) public IActionResult SearchByFilter([FromRoute] string filter, string? dirEntryUsername, params string[] propName)
{ {
@@ -94,7 +61,9 @@ public class DirectoryController : ControllerBase
if (dirEntryUsername is null) if (dirEntryUsername is null)
return Unauthorized(); return Unauthorized();
return _dirSearchService.FindAllByUserCache(dirEntryUsername, filter, properties: propName).Then(Ok, IActionResult (m, n) => using var sRoot = _dirSearchRoot.ToDirectoryEntry;
return _dirSearchService.FindAll(sRoot, filter, properties: propName).Then(Ok, IActionResult (m, n) =>
{ {
_logger.LogNotice(n); _logger.LogNotice(n);
return StatusCode(StatusCodes.Status424FailedDependency); return StatusCode(StatusCodes.Status424FailedDependency);
@@ -114,7 +83,9 @@ public class DirectoryController : ControllerBase
if (filter is null) if (filter is null)
return NotFound($"The filter named {filterName} does not exist."); return NotFound($"The filter named {filterName} does not exist.");
return _dirSearchService.FindAllByUserCache(dirEntryUsername, filter, properties: propName).Then(Ok, IActionResult (m, n) => using var sRoot = _dirSearchRoot.ToDirectoryEntry;
return _dirSearchService.FindAll(sRoot, filter, properties: propName).Then(Ok, IActionResult (m, n) =>
{ {
_logger.LogNotice(n); _logger.LogNotice(n);
return StatusCode(StatusCodes.Status424FailedDependency); return StatusCode(StatusCodes.Status424FailedDependency);
@@ -135,7 +106,9 @@ public class DirectoryController : ControllerBase
if (filter is null) if (filter is null)
throw new InvalidOperationException("The LDAP Group Search filter configuration is missing in your appsettings. Please ensure it's added under DirectorySearch:CustomSearchFilters:Group to enable group searches."); throw new InvalidOperationException("The LDAP Group Search filter configuration is missing in your appsettings. Please ensure it's added under DirectorySearch:CustomSearchFilters:Group to enable group searches.");
return _dirSearchService.FindAllByUserCache(username: dirEntryUsername, filter, properties: propName).Then(Ok, IActionResult (m, n) => using var sRoot = _dirSearchRoot.ToDirectoryEntry;
return _dirSearchService.FindAll(_dirSearchRoot.ToDirectoryEntry, filter, properties: propName).Then(Ok, IActionResult (m, n) =>
{ {
_logger.LogNotice(n); _logger.LogNotice(n);
return StatusCode(StatusCodes.Status424FailedDependency); return StatusCode(StatusCodes.Status424FailedDependency);
@@ -156,7 +129,9 @@ public class DirectoryController : ControllerBase
if (filter is null) if (filter is null)
throw new InvalidOperationException("The LDAP User Search filter configuration is missing in your appsettings. Please ensure it's added under DirectorySearch:CustomSearchFilters:User to enable group searches."); throw new InvalidOperationException("The LDAP User Search filter configuration is missing in your appsettings. Please ensure it's added under DirectorySearch:CustomSearchFilters:User to enable group searches.");
return _dirSearchService.FindAllByUserCache(username: dirEntryUsername, filter, properties: propName).Then( using var sRoot = _dirSearchRoot.ToDirectoryEntry;
return _dirSearchService.FindAll(sRoot, filter, properties: propName).Then(
Success: data => Success: data =>
{ {
if (groupName is not null) if (groupName is not null)

2
src/DigitalData.UserManager.API/Models/AuthTokenKeys.cs
View File

@@ -8,5 +8,5 @@ public class AuthTokenKeys
public string Issuer { get; init; } = "auth.digitaldata.works"; public string Issuer { get; init; } = "auth.digitaldata.works";
public string Audience { get; init; } = "user-manager.digitaldata.works"; public string Audience { get; init; } = "usermanager.digitaldata.works";
} }

22
src/DigitalData.UserManager.API/Models/DirSearchRoot.cs Normal file
View File

@@ -0,0 +1,22 @@
using DigitalData.Core.Application;
using System.DirectoryServices;
namespace DigitalData.UserManager.API.Models;
[Obsolete("Use ActiveDirectory.API")]
public class DirSearchRoot : DirectorySearchOptions
{
public string Path => $"LDAP://{ServerName}/{Root}";
public string? Username { get; set; }
public string? Password { get; set; }
[System.Diagnostics.CodeAnalysis.SuppressMessage("Interoperability", "CA1416:Validate platform compatibility", Justification = "<Pending>")]
public DirectoryEntry ToDirectoryEntry => new ()
{
Path = Path,
Username = Username,
Password = Password
};
}

2
src/DigitalData.UserManager.API/Program.cs
View File

@@ -82,6 +82,7 @@ try {
builder.ConfigureBySection<DirectorySearchOptions>(); builder.ConfigureBySection<DirectorySearchOptions>();
builder.Services.AddDirectorySearchService(config.GetSection("DirectorySearchOptions")); builder.Services.AddDirectorySearchService(config.GetSection("DirectorySearchOptions"));
builder.Services.Configure<DirSearchRoot>(config.GetSection("DirectorySearchOptions"));
builder.Services.AddJWTService<UserReadDto>(user => new SecurityTokenDescriptor() builder.Services.AddJWTService<UserReadDto>(user => new SecurityTokenDescriptor()
{ {
Claims = user.ToClaimList().ToDictionary(claim => claim.Type, claim => claim.Value as object) Claims = user.ToClaimList().ToDictionary(claim => claim.Type, claim => claim.Value as object)
@@ -171,7 +172,6 @@ try {
var eCnnStr = config.GetConnectionString("UM_DEF") ?? throw new InvalidOperationException("Connection string 'DD_ECM_Connection' is missing from the configuration."); var eCnnStr = config.GetConnectionString("UM_DEF") ?? throw new InvalidOperationException("Connection string 'DD_ECM_Connection' is missing from the configuration.");
SqlConnectionStringBuilder cnnStrBuilder = new(eCnnStr); SqlConnectionStringBuilder cnnStrBuilder = new(eCnnStr);
cnnStrBuilder.UserID = encryptor.Decrypt(cnnStrBuilder.UserID);
cnnStrBuilder.Password = encryptor.Decrypt(cnnStrBuilder.Password); cnnStrBuilder.Password = encryptor.Decrypt(cnnStrBuilder.Password);
var dCnnStr = cnnStrBuilder.ConnectionString; var dCnnStr = cnnStrBuilder.ConnectionString;
return dCnnStr; return dCnnStr;

2
src/DigitalData.UserManager.API/appsettings.Auth.json
View File

@@ -4,7 +4,7 @@
"PublicKeys": [ "PublicKeys": [
{ {
"Issuer": "auth.digitaldata.works", "Issuer": "auth.digitaldata.works",
"Audience": "user-manager.digitaldata.works" "Audience": "usermanager.digitaldata.works"
} }
], ],
"RetryDelay": "00:00:05" "RetryDelay": "00:00:05"

5
src/DigitalData.UserManager.API/appsettings.json
View File

@@ -6,14 +6,15 @@
} }
}, },
"ConnectionStrings": { "ConnectionStrings": {
"UM_DEF": "Server=SDD-VMP04-SQL17\\DD_DEVELOP01;Database=DD_ECM;User Id=g+2edXEbMbujCUjh7INZRQ==;Password=Bz/n9pu8EyzlVqicaMRQGQ==;Encrypt=false;TrustServerCertificate=True;" "UM_DEF": "Server=SDD-VMP04-SQL17\\DD_DEVELOP01;Database=DD_ECM;User Id=sa;Password=Bz/n9pu8EyzlVqicaMRQGQ==;Encrypt=false;TrustServerCertificate=True;"
}, },
"AllowedOrigins": [ "https://localhost:7103", "http://172.24.12.39:85", "http://localhost:85", "http://localhost:4200", "http://localhost:5500", "https://localhost:7202" ], "AllowedOrigins": [ "https://localhost:7103", "http://172.24.12.39:85", "http://localhost:85", "http://localhost:4200", "http://localhost:5500", "https://localhost:7202" ],
"RunAsWindowsService": false, "RunAsWindowsService": false,
"DirectorySearchOptions": { "DirectorySearchOptions": {
"ServerName": "DD-VMP01-DC01", "ServerName": "DD-VMP01-DC01",
"Root": "DC=dd-gan,DC=local,DC=digitaldata,DC=works", "Root": "DC=dd-gan,DC=local,DC=digitaldata,DC=works",
"UserCacheExpirationDays": 1, "Username": "FABRIK19-User01",
"Password": "9bWOr0UGuHn_7VkC",
"CustomSearchFilters": { "CustomSearchFilters": {
"User": "(&(objectClass=user)(sAMAccountName=*))", "User": "(&(objectClass=user)(sAMAccountName=*))",
"Group": "(&(objectClass=group) (samAccountName=*))" "Group": "(&(objectClass=group) (samAccountName=*))"