forked from UniStuttgart-VISUS/Visus.LdapAuthentication
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathLdapOptions.cs
155 lines (130 loc) · 5.22 KB
/
LdapOptions.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
// <copyright file="LdapOptions.cs" company="Visualisierungsinstitut der Universität Stuttgart">
// Copyright © 2021 - 2024 Visualisierungsinstitut der Universität Stuttgart.
// Licensed under the MIT licence. See LICENCE file for details.
// </copyright>
// <author>Christoph Müller</author>
using System;
using System.Collections.Generic;
using System.DirectoryServices.Protocols;
using System.Runtime.InteropServices;
namespace Visus.DirectoryAuthentication {
/// <summary>
/// Stores the configuration options for the LDAP server.
/// </summary>
public sealed class LdapOptions : ILdapOptions {
#region Public constructors
/// <summary>
/// Initialises a new instance.
/// </summary>
public LdapOptions() {
this.AuthenticationType =
RuntimeInformation.IsOSPlatform(OSPlatform.Windows)
? AuthType.Negotiate
: AuthType.Basic;
this.PageSize = 1000; // Reasonable default for AD.
}
#endregion
#region Public properties
/// <inheritdoc />
public AuthType AuthenticationType { get; set; }
/// <inheritdoc />
public string DefaultDomain { get; set; }
/// <inheritdoc />
public bool IsNoCertificateCheck { get; set; }
/// <inheritdoc />
public bool IsRecursiveGroupMembership { get; set; }
/// <inheritdoc />
public bool IsSsl { get; set; }
/// <inheritdoc />
public LdapMapping Mapping {
get {
var retval = this._mapping;
if ((retval == null) && (this.Schema != null)) {
this.Mappings.TryGetValue(this.Schema, out retval);
}
return retval;
}
set => this._mapping = value;
}
/// <inheritdoc />
public Dictionary<string, LdapMapping> Mappings { get; set; }
= new Dictionary<string, LdapMapping>() {
{
DirectoryAuthentication.Schema.ActiveDirectory,
new LdapMapping() {
DistinguishedNameAttribute = "distinguishedName",
GroupIdentityAttribute = "objectSid",
GroupIdentityConverter = typeof(SidConverter).FullName,
GroupsAttribute = "memberOf",
PrimaryGroupAttribute = "primaryGroupID",
UserFilter = "(|(sAMAccountName={0})(userPrincipalName={0}))",
UsersFilter = "(&(objectClass=user)(objectClass=person)(!(objectClass=computer)))"
}
},
{
DirectoryAuthentication.Schema.IdentityManagementForUnix,
new LdapMapping() {
DistinguishedNameAttribute = "distinguishedName",
GroupIdentityAttribute = "gidNumber",
GroupsAttribute = "memberOf",
PrimaryGroupAttribute = "gidNumber",
UserFilter = "(|(sAMAccountName={0})(userPrincipalName={0}))",
UsersFilter = "(&(objectClass=user)(objectClass=person)(!(objectClass=computer)))"
}
},
{
DirectoryAuthentication.Schema.Rfc2307,
new LdapMapping() {
DistinguishedNameAttribute = "distinguishedName",
GroupIdentityAttribute = "gidNumber",
GroupsAttribute = "memberOf",
PrimaryGroupAttribute = "gidNumber",
UserFilter = "(&(objectClass=posixAccount)(entryDN={0}))",
UsersFilter = "(&(objectClass=posixAccount)(objectClass=person))"
}
}
};
/// <inheritdoc />
public int PageSize {
get => this._pageSize;
set => this._pageSize = Math.Max(1, value);
}
/// <inheritdoc />
public string Password { get; set; }
/// <inheritdoc />
public int Port { get; set; } = 389;
/// <inheritdoc />
public int ProtocolVersion { get; set; } = 3;
/// <inheritdoc />
public string Schema { get; set; }
/// <inheritdoc />
public IDictionary<string, SearchScope> SearchBase {
get;
set;
} = new Dictionary<string, SearchScope>();
/// <inheritdoc />
public string Server { get; set; }
/// <inheritdoc />
public string ServerCertificateIssuer { get; set; }
/// <inheritdoc />
public string[] ServerThumbprint {
get;
set;
} = Array.Empty<string>();
/// <inheritdoc />
public TimeSpan Timeout {
get => this._timeout;
set => this._timeout = (value < TimeSpan.Zero)
? TimeSpan.Zero
: value;
}
/// <inheritdoc />
public string User { get; set; }
#endregion
#region Private fields
private LdapMapping _mapping;
private int _pageSize;
private TimeSpan _timeout;
#endregion
}
}