forked from UniStuttgart-VISUS/Visus.LdapAuthentication
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathILdapSearchService.cs
299 lines (275 loc) · 15 KB
/
ILdapSearchService.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
// <copyright file="ILdapSearchService.cs" company="Visualisierungsinstitut der Universität Stuttgart">
// Copyright © 2021 - 2024 Visualisierungsinstitut der Universität Stuttgart.
// Licensed under the MIT licence. See LICENCE file for details.
// </copyright>
// <author>Christoph Müller</author>
using System;
using System.Collections.Generic;
using System.DirectoryServices.Protocols;
using System.Threading.Tasks;
namespace Visus.DirectoryAuthentication {
/// <summary>
/// Interface for a service allowing applications to search for users.
/// </summary>
/// <remarks>
/// The search service allows an application to retrieve user information
/// without binding as an end user. In order to perform the search, the
/// credentials specified in <see cref="ILdapOptions"/> are used.
/// </remarks>
public interface ILdapSearchService : IDisposable {
/// <summary>
/// Gets the distinguished names of the entries matching the specified
/// LDAP <paramref name="filter"/>.
/// </summary>
/// <remarks>
/// This method can be used if your directory requires users to bind
/// using a distinguished name, but you do not want them to input this
/// name, but a value of another LDAP attribute that is easier to
/// remember.
/// </remarks>
/// <param name="filter">An LDAP filter expression.</param>
/// <returns>The distinguished names of all entries in the directory
/// matching the given search criteria.</returns>
IEnumerable<string> GetDistinguishedNames(string filter);
/// <summary>
/// Asynchronously gets the distinguished names of the entries matching
/// the specified LDAP <paramref name="filter"/>.
/// </summary>
/// <remarks>
/// This method can be used if your directory requires users to bind
/// using a distinguished name, but you do not want them to input this
/// name, but a value of another LDAP attribute that is easier to
/// remember.
/// </remarks>
/// <param name="filter">An LDAP filter expression.</param>
/// <returns>The distinguished names of all entries in the directory
/// matching the given search criteria.</returns>
Task<IEnumerable<string>> GetDistinguishedNamesAsync(string filter);
/// <summary>
/// Gets a user with the specified value for the identity attribute.
/// </summary>
/// <param name="identity">The value of the identity attribute to
/// be searched.</param>
/// <returns>The user or <c>null</c> if no user matching the query
/// exists.</returns>
/// <exception cref="System.ArgumentNullException">If
/// <paramref name="identity"/> is <c>null</c>.</exception>
ILdapUser GetUserByIdentity(string identity);
/// <summary>
/// Asynchronously gets a user with the specified value for the identity
/// attribute.
/// </summary>
/// <param name="identity">The value of the identity attribute to
/// be searched.</param>
/// <returns>The user or <c>null</c> if no user matching the query
/// exists.</returns>
/// <exception cref="System.ArgumentNullException">If
/// <paramref name="identity"/> is <c>null</c>.</exception>
Task<ILdapUser> GetUserByIdentityAsync(string identity);
/// <summary>
/// Gets all users from the directory that are in matching the search
/// criteria configured in the <see cref="ILdapOptions"/> used by the
/// application.
/// </summary>
/// <remarks>
/// <para>This method creates <see cref="ILdapUser"/> object for all
/// users matching the global search configuration, which might not only
/// be a large results set, but also trigger a lot of additional LDAP
/// searched in order to fill the group claims configured in the
/// user object. Therefore, you should carefully design your LDAP user
/// object in order to restrict the data that must be retrieved to the
/// absolute minimum for the application case.</para>
/// </remarks>
/// <returns>All users in the directory matching the global search
/// criteria.</returns>
IEnumerable<ILdapUser> GetUsers();
/// <summary>
/// Asynchronously gets all users from the directory that are in
/// matching the search criteria configured in the
/// <see cref="ILdapOptions"/> used by the application.
/// </summary>
/// <remarks>
/// <para>This method creates <see cref="ILdapUser"/> object for all
/// users matching the global search configuration, which might not only
/// be a large results set, but also trigger a lot of additional LDAP
/// searched in order to fill the group claims configured in the
/// user object. Therefore, you should carefully design your LDAP user
/// object in order to restrict the data that must be retrieved to the
/// absolute minimum for the application case.</para>
/// </remarks>
/// <returns>All users in the directory matching the global search
/// criteria.</returns>
Task<IEnumerable<ILdapUser>> GetUsersAsync();
/// <summary>
/// Gets all users from the directory that are matching the search
/// criteria configured in the <see cref="ILdapOptions"/> used by the
/// application <i>and</i> the specified LDAP <paramref name="filter"/>.
/// </summary>
/// <param name="filter">An LDAP filter expression that is combined
/// with the global search criteria for users.</param>
/// <returns>All users in the directory matching the given search
/// criteria.</returns>
IEnumerable<ILdapUser> GetUsers(string filter);
/// <summary>
/// Asynchronously gets all users from the directory that are matching
/// the search criteria configured in the <see cref="ILdapOptions"/>
/// used by the application <i>and</i> the specified LDAP
/// <paramref name="filter"/>.</summary>
/// <param name="filter">An LDAP filter expression that is combined
/// with the global search criteria for users.</param>
/// <returns>All users in the directory matching the given search
/// criteria.</returns>
Task<IEnumerable<ILdapUser>> GetUsersAsync(string filter);
/// <summary>
/// Gets all users from the directory that are matching the search
/// critiera configured in the <see cref="ILdapOptions"/> used by the
/// application <i>and</i> the specified LDAP <paramref cref="filter"/>
/// while overriding the search base from the <see cref="ILdapOptions"/>
/// with the given one.
/// </summary>
/// <param name="searchBases">The search bases to look in. It is safe
/// to pass <c>null</c>, in which case the search bases from the
/// <see cref="ILdapOptions"/> will be used.</param>
/// <param name="filter">An LDAP filter expression that is combined
/// with the global search criteria for users.</param>
/// <returns>All users in the directory matching the given search
/// criteria.</returns>
IEnumerable<ILdapUser> GetUsers(
IDictionary<string, SearchScope> searchBases,
string filter);
/// <summary>
/// Asynchronously gets all users from the directory that are matching
/// the search critiera configured in the <see cref="ILdapOptions"/>
/// used by the application <i>and</i> the specified LDAP
/// <paramref cref="filter"/> while overriding the search base from the
/// <see cref="ILdapOptions"/> with the given one.
/// </summary>
/// <param name="searchBases">The search bases to look in. It is safe
/// to pass <c>null</c>, in which case the search bases from the
/// <see cref="ILdapOptions"/> will be used.</param>
/// <param name="filter">An LDAP filter expression that is combined
/// with the global search criteria for users.</param>
/// <returns>All users in the directory matching the given search
/// criteria.</returns>
Task<IEnumerable<ILdapUser>> GetUsersAsync(
IDictionary<string, SearchScope> searchBases,
string filter);
}
/// <summary>
/// A strongly typed variant of <see cref="ILdapSearchService"/>.
/// </summary>
/// <typeparam name="TUser">The type of user that is to be retrieved from
/// the directory.</typeparam>
public interface ILdapSearchService<TUser> : ILdapSearchService
where TUser : class, ILdapUser {
/// <summary>
/// Gets a user with the specified value for the identity attribute.
/// </summary>
/// <param name="identity">The value of the identity attribute to
/// be searched.</param>
/// <returns>The user or <c>null</c> if no user matching the query
/// exists.</returns>
/// <exception cref="System.ArgumentNullException">If
/// <paramref name="identity"/> is <c>null</c>.</exception>
new TUser GetUserByIdentity(string identity);
/// <summary>
/// Asynchronously gets a user with the specified value for the identity
/// attribute.
/// </summary>
/// <param name="identity">The value of the identity attribute to
/// be searched.</param>
/// <returns>The user or <c>null</c> if no user matching the query
/// exists.</returns>
/// <exception cref="System.ArgumentNullException">If
/// <paramref name="identity"/> is <c>null</c>.</exception>
new Task<TUser> GetUserByIdentityAsync(string identity);
/// <summary>
/// Gets all users from the directory that are in matching the search
/// criteria configured in the <see cref="ILdapOptions"/> used by the
/// application.
/// </summary>
/// <remarks>
/// <para>This method creates <see cref="TUser"/> object for all
/// users matching the global search configuration, which might not only
/// be a large results set, but also trigger a lot of additional LDAP
/// searched in order to fill the group claims configured in the
/// user object. Therefore, you should carefully design your LDAP user
/// object in order to restrict the data that must be retrieved to the
/// absolute minimum for the application case.</para>
/// </remarks>
/// <returns>All users in the directory matching the global search
/// criteria.</returns>
new IEnumerable<TUser> GetUsers();
/// <summary>
/// Asynchronously gets all users from the directory that are in
/// matching the search criteria configured in the
/// <see cref="ILdapOptions"/> used by the application.
/// </summary>
/// <remarks>
/// <para>This method creates <see cref="ILdapUser"/> object for all
/// users matching the global search configuration, which might not only
/// be a large results set, but also trigger a lot of additional LDAP
/// searched in order to fill the group claims configured in the
/// user object. Therefore, you should carefully design your LDAP user
/// object in order to restrict the data that must be retrieved to the
/// absolute minimum for the application case.</para>
/// </remarks>
/// <returns>All users in the directory matching the global search
/// criteria.</returns>
new Task<IEnumerable<TUser>> GetUsersAsync();
/// <summary>
/// Gets all users from the directory that are matching the search
/// criteria configured in the <see cref="ILdapOptions"/> used by the
/// application <i>and</i> the specified LDAP <paramref name="filter"/>.
/// </summary>
/// <param name="filter">An LDAP filter expression that is combined
/// with the global search criteria for users.</param>
/// <returns>All users in the directory matching the given search
/// criteria.</returns>
new IEnumerable<TUser> GetUsers(string filter);
/// <summary>
/// Asynchronously gets all users from the directory that are matching
/// the search criteria configured in the <see cref="ILdapOptions"/>
/// used by the application <i>and</i> the specified LDAP
/// <paramref name="filter"/>.</summary>
/// <param name="filter">An LDAP filter expression that is combined
/// with the global search criteria for users.</param>
/// <returns>All users in the directory matching the given search
/// criteria.</returns>
new Task<IEnumerable<TUser>> GetUsersAsync(string filter);
/// <summary>
/// Gets all users from the directory that are matching the search
/// critiera configured in the <see cref="ILdapOptions"/> used by the
/// application <i>and</i> the specified LDAP <paramref cref="filter"/>
/// while overriding the search base from the <see cref="ILdapOptions"/>
/// with the given one.
/// </summary>
/// <param name="searchBases">The search bases to look in. It is safe
/// to pass <c>null</c>, in which case the search bases from the
/// <see cref="ILdapOptions"/> will be used.</param>
/// <param name="filter">An LDAP filter expression that is combined
/// with the global search criteria for users.</param>
/// <returns>All users in the directory matching the given search
/// criteria.</returns>
new IEnumerable<TUser> GetUsers(
IDictionary<string, SearchScope> searchBases,
string filter);
/// <summary>
/// Asynchronously gets all users from the directory that are matching
/// the search critiera configured in the <see cref="ILdapOptions"/>
/// used by the application <i>and</i> the specified LDAP
/// <paramref cref="filter"/> while overriding the search base from the
/// <see cref="ILdapOptions"/> with the given one.
/// </summary>
/// <param name="searchBases">The search bases to look in. It is safe
/// to pass <c>null</c>, in which case the search bases from the
/// <see cref="ILdapOptions"/> will be used.</param>
/// <param name="filter">An LDAP filter expression that is combined
/// with the global search criteria for users.</param>
/// <returns>All users in the directory matching the given search
/// criteria.</returns>
new Task<IEnumerable<TUser>> GetUsersAsync(
IDictionary<string, SearchScope> searchBases,
string filter);
}
}