gaoxing/UNIVPLMDataIntegration
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
74d4253501
UNIVPLMDataIntegration/Admin.NET/Admin.NET.Core/Service/Auth/SysLdapService.cs

434 lines
16 KiB
C#
Raw Normal View History

😎初始化
2024-06-15 13:02:35 +08:00
// Admin.NET 项目的版权、商标、专利和其他相关权利均受相应法律法规的保护。使用本项目应遵守相关法律法规和许可证的要求。
//
// 本项目主要遵循 MIT 许可证和 Apache 许可证(版本 2.0)进行分发和使用。许可证位于源代码树根目录中的 LICENSE-MIT 和 LICENSE-APACHE 文件。
//
// 不得利用本项目从事危害国家安全、扰乱社会秩序、侵犯他人合法权益等法律法规禁止的活动!任何基于本项目二次开发而产生的一切法律纠纷和责任,我们不承担任何责任!
using Novell.Directory.Ldap;
namespace Admin.NET.Core;
/// <summary>
/// 系统域登录配置服务 🧩
/// </summary>
😎增加服务描述及去掉前端翻译
2024-09-05 14:08:51 +08:00
[ApiDescriptionSettings(Order = 496, Description = "域登录配置")]
😎初始化
2024-06-15 13:02:35 +08:00
public class SysLdapService : IDynamicApiController, ITransient
{
private readonly SqlSugarRepository<SysLdap> _sysLdapRep;
public SysLdapService(SqlSugarRepository<SysLdap> sysLdapRep)
{
_sysLdapRep = sysLdapRep;
}
/// <summary>
/// 获取系统域登录配置分页列表 🔖
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
[DisplayName("获取系统域登录配置分页列表")]
😎同步开源代码仓库
2024-11-25 16:27:14 +08:00
public async Task<SqlSugarPagedList<SysLdap>> Page(SysLdapInput input)
😎初始化
2024-06-15 13:02:35 +08:00
{
return await _sysLdapRep.AsQueryable()
😎同步开源代码仓库
2024-11-25 16:27:14 +08:00
.WhereIF(!string.IsNullOrWhiteSpace(input.Keyword), u => u.Host.Contains(input.Keyword.Trim()))
😎初始化
2024-06-15 13:02:35 +08:00
.WhereIF(!string.IsNullOrWhiteSpace(input.Host), u => u.Host.Contains(input.Host.Trim()))
.OrderBy(u => u.CreateTime, OrderByType.Desc)
.ToPagedListAsync(input.Page, input.PageSize);
}
/// <summary>
/// 增加系统域登录配置 🔖
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
[ApiDescriptionSettings(Name = "Add"), HttpPost]
[DisplayName("增加系统域登录配置")]
public async Task<long> Add(AddSysLdapInput input)
{
var entity = input.Adapt<SysLdap>();
entity.BindPass = CryptogramUtil.Encrypt(input.BindPass);
await _sysLdapRep.InsertAsync(entity);
return entity.Id;
}
/// <summary>
/// 更新系统域登录配置 🔖
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
[ApiDescriptionSettings(Name = "Update"), HttpPost]
[DisplayName("更新系统域登录配置")]
public async Task Update(UpdateSysLdapInput input)
{
var entity = input.Adapt<SysLdap>();
if (!string.IsNullOrEmpty(input.BindPass) && input.BindPass.Length < 32)
{
entity.BindPass = CryptogramUtil.Encrypt(input.BindPass); // 加密
}
await _sysLdapRep.AsUpdateable(entity).IgnoreColumns(ignoreAllNullColumns: true).ExecuteCommandAsync();
}
/// <summary>
/// 删除系统域登录配置 🔖
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
[ApiDescriptionSettings(Name = "Delete"), HttpPost]
[DisplayName("删除系统域登录配置")]
public async Task Delete(DeleteSysLdapInput input)
{
😎同步开源代码仓库
2024-11-25 16:27:14 +08:00
var entity = await _sysLdapRep.GetFirstAsync(u => u.Id == input.Id) ?? throw Oops.Oh(ErrorCodeEnum.D1002);
😎初始化
2024-06-15 13:02:35 +08:00
await _sysLdapRep.FakeDeleteAsync(entity); // 假删除
//await _rep.DeleteAsync(entity); // 真删除
}
/// <summary>
/// 获取系统域登录配置详情 🔖
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
[DisplayName("获取系统域登录配置详情")]
public async Task<SysLdap> GetDetail([FromQuery] DetailSysLdapInput input)
{
😎同步开源代码仓库
2024-11-25 16:27:14 +08:00
return await _sysLdapRep.GetFirstAsync(u => u.Id == input.Id);
😎初始化
2024-06-15 13:02:35 +08:00
}
/// <summary>
/// 获取系统域登录配置列表 🔖
/// </summary>
/// <returns></returns>
[DisplayName("获取系统域登录配置列表")]
public async Task<List<SysLdap>> GetList()
{
return await _sysLdapRep.AsQueryable().Select<SysLdap>().ToListAsync();
}
/// <summary>
/// 验证账号
/// </summary>
/// <param name="account">域用户</param>
/// <param name="password">密码</param>
/// <param name="tenantId">租户</param>
/// <returns></returns>
[NonAction]
public async Task<bool> AuthAccount(long tenantId, string account, string password)
{
var sysLdap = await _sysLdapRep.GetFirstAsync(u => u.TenantId == tenantId) ?? throw Oops.Oh(ErrorCodeEnum.D1002);
var ldapConn = new LdapConnection();
try
{
ldapConn.Connect(sysLdap.Host, sysLdap.Port);
😎同步开源代码仓库
2024-11-25 16:27:14 +08:00
string bindPass = CryptogramUtil.Decrypt(sysLdap.BindPass);
ldapConn.Bind(sysLdap.Version, sysLdap.BindDn, bindPass);
var ldapSearchResults = ldapConn.Search(sysLdap.BaseDn, LdapConnection.ScopeSub, sysLdap.AuthFilter.Replace("%s", account), null, false);
😎初始化
2024-06-15 13:02:35 +08:00
string dn = string.Empty;
while (ldapSearchResults.HasMore())
{
var ldapEntry = ldapSearchResults.Next();
😎同步开源代码仓库
2024-11-25 16:27:14 +08:00
var sAmAccountName = ldapEntry.GetAttribute(sysLdap.BindAttrAccount)?.StringValue;
if (string.IsNullOrEmpty(sAmAccountName)) continue;
dn = ldapEntry.Dn;
break;
😎初始化
2024-06-15 13:02:35 +08:00
}
if (string.IsNullOrEmpty(dn)) throw Oops.Oh(ErrorCodeEnum.D1002);
// var attr = new LdapAttribute("userPassword", password);
ldapConn.Bind(dn, password);
}
catch (LdapException e)
{
return e.ResultCode switch
{
LdapException.NoSuchObject or LdapException.NoSuchAttribute => throw Oops.Oh(ErrorCodeEnum.D0009),
LdapException.InvalidCredentials => false,
_ => throw Oops.Oh(e.Message),
};
}
finally
{
ldapConn.Disconnect();
}
return true;
}
😎同步开源代码仓库
2024-11-25 16:27:14 +08:00
/// <summary>
/// 同步域用户 🔖
/// </summary>
/// <param name="tenantId"></param>
/// <returns></returns>
[DisplayName("同步域用户")]
[NonAction]
public async Task<List<SysUserLdap>> SyncUserTenant(long tenantId)
{
var sysLdap = await _sysLdapRep.GetFirstAsync(c => c.TenantId == tenantId && c.IsDelete == false && c.Status == StatusEnum.Enable) ?? throw Oops.Oh(ErrorCodeEnum.D1002);
return await SyncUser(sysLdap);
}
😎初始化
2024-06-15 13:02:35 +08:00
/// <summary>
/// 同步域用户 🔖
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
[DisplayName("同步域用户")]
😎同步开源代码仓库
2024-11-25 16:27:14 +08:00
public async Task<List<SysUserLdap>> SyncUser(SyncSysLdapInput input)
😎初始化
2024-06-15 13:02:35 +08:00
{
😎调整根据ID获取单条数据查询模式
2024-09-01 11:35:08 +08:00
var sysLdap = await _sysLdapRep.GetByIdAsync(input.Id) ?? throw Oops.Oh(ErrorCodeEnum.D1002);
😎同步开源代码仓库
2024-11-25 16:27:14 +08:00
return await SyncUser(sysLdap);
}
/// <summary>
/// 同步域用户 🔖
/// </summary>
/// <param name="sysLdap"></param>
/// <returns></returns>
private async Task<List<SysUserLdap>> SyncUser(SysLdap sysLdap)
{
if (sysLdap == null) throw Oops.Oh(ErrorCodeEnum.D1002);
😎初始化
2024-06-15 13:02:35 +08:00
var ldapConn = new LdapConnection();
try
{
ldapConn.Connect(sysLdap.Host, sysLdap.Port);
ldapConn.Bind(sysLdap.Version, sysLdap.BindDn, sysLdap.BindPass);
var ldapSearchResults = ldapConn.Search(sysLdap.BaseDn, LdapConnection.ScopeOne, "(objectClass=*)", null, false);
var userLdapList = new List<SysUserLdap>();
while (ldapSearchResults.HasMore())
{
LdapEntry ldapEntry;
try
{
ldapEntry = ldapSearchResults.Next();
if (ldapEntry == null) continue;
}
catch (LdapException)
{
continue;
}
var attrs = ldapEntry.GetAttributeSet();
var deptCode = GetDepartmentCode(attrs, sysLdap.BindAttrCode);
if (attrs.Count == 0 || attrs.ContainsKey("OU"))
{
SearchDnLdapUser(ldapConn, sysLdap, userLdapList, ldapEntry.Dn, deptCode);
}
else
{
var sysUserLdap = CreateSysUserLdap(attrs, sysLdap.BindAttrAccount, sysLdap.BindAttrEmployeeId, deptCode);
😎同步开源代码仓库
2024-11-25 16:27:14 +08:00
sysUserLdap.Dn = ldapEntry.Dn;
😎初始化
2024-06-15 13:02:35 +08:00
userLdapList.Add(sysUserLdap);
}
}
😎同步开源代码仓库
2024-11-25 16:27:14 +08:00
if (userLdapList.Count == 0) return null;
😎初始化
2024-06-15 13:02:35 +08:00
😎同步开源代码仓库
2024-11-25 16:27:14 +08:00
await App.GetRequiredService<SysUserLdapService>().InsertUserLdapList(sysLdap.TenantId!.Value, userLdapList);
return userLdapList;
😎初始化
2024-06-15 13:02:35 +08:00
}
catch (LdapException e)
{
throw e.ResultCode switch
{
LdapException.NoSuchObject or LdapException.NoSuchAttribute => Oops.Oh(ErrorCodeEnum.D0009),
_ => Oops.Oh(e.Message),
};
}
finally
{
ldapConn.Disconnect();
}
}
/// <summary>
/// 获取部门代码
/// </summary>
/// <param name="attrs"></param>
/// <param name="bindAttrCode"></param>
/// <returns></returns>
private static string GetDepartmentCode(LdapAttributeSet attrs, string bindAttrCode)
{
return bindAttrCode == "objectGUID"
😎同步开源代码仓库
2024-11-25 16:27:14 +08:00
? new Guid(attrs.GetAttribute(bindAttrCode)?.ByteValue!).ToString()
😎初始化
2024-06-15 13:02:35 +08:00
: attrs.GetAttribute(bindAttrCode)?.StringValue ?? "0";
}
/// <summary>
/// 创建同步对象
/// </summary>
/// <param name="attrs"></param>
/// <param name="bindAttrAccount"></param>
/// <param name="bindAttrEmployeeId"></param>
/// <param name="deptCode"></param>
/// <returns></returns>
private static SysUserLdap CreateSysUserLdap(LdapAttributeSet attrs, string bindAttrAccount, string bindAttrEmployeeId, string deptCode)
{
😎同步开源代码仓库
2024-11-25 16:27:14 +08:00
var userLdap = new SysUserLdap
😎初始化
2024-06-15 13:02:35 +08:00
{
Account = !attrs.ContainsKey(bindAttrAccount) ? null : attrs.GetAttribute(bindAttrAccount)?.StringValue,
EmployeeId = !attrs.ContainsKey(bindAttrEmployeeId) ? null : attrs.GetAttribute(bindAttrEmployeeId)?.StringValue,
😎同步开源代码仓库
2024-11-25 16:27:14 +08:00
DeptCode = deptCode,
UserName = !attrs.ContainsKey("name") ? null : attrs.GetAttribute("name")?.StringValue,
Mail = !attrs.ContainsKey("mail") ? null : attrs.GetAttribute("mail")?.StringValue
😎初始化
2024-06-15 13:02:35 +08:00
};
😎同步开源代码仓库
2024-11-25 16:27:14 +08:00
var pwdLastSet = !attrs.ContainsKey("pwdLastSet") ? null : attrs.GetAttribute("pwdLastSet")?.StringValue;
if (!pwdLastSet!.Equals("0")) userLdap.PwdLastSetTime = DateTime.FromFileTime(Convert.ToInt64(pwdLastSet));
var userAccountControl = !attrs.ContainsKey("userAccountControl") ? null : attrs.GetAttribute("userAccountControl")?.StringValue;
if ((Convert.ToInt32(userAccountControl) & 0x2) == 0x2) // 检查账户是否已过期通过检查userAccountControl属性的特定位
userLdap.AccountExpiresFlag = true;
if ((Convert.ToInt32(userAccountControl) & 0x10000) == 0x10000) // 检查账户密码设置是否永不过期
userLdap.DontExpiresFlag = true;
return userLdap;
😎初始化
2024-06-15 13:02:35 +08:00
}
/// <summary>
/// 遍历查询域用户
/// </summary>
/// <param name="ldapConn"></param>
/// <param name="sysLdap"></param>
/// <param name="userLdapList"></param>
/// <param name="baseDn"></param>
/// <param name="deptCode"></param>
private static void SearchDnLdapUser(LdapConnection ldapConn, SysLdap sysLdap, List<SysUserLdap> userLdapList, string baseDn, string deptCode)
{
var ldapSearchResults = ldapConn.Search(baseDn, LdapConnection.ScopeOne, "(objectClass=*)", null, false);
while (ldapSearchResults.HasMore())
{
LdapEntry ldapEntry;
try
{
ldapEntry = ldapSearchResults.Next();
if (ldapEntry == null) continue;
}
catch (LdapException)
{
continue;
}
var attrs = ldapEntry.GetAttributeSet();
deptCode = GetDepartmentCode(attrs, sysLdap.BindAttrCode);
if (attrs.Count == 0 || attrs.ContainsKey("OU"))
SearchDnLdapUser(ldapConn, sysLdap, userLdapList, ldapEntry.Dn, deptCode);
else
{
var sysUserLdap = CreateSysUserLdap(attrs, sysLdap.BindAttrAccount, sysLdap.BindAttrEmployeeId, deptCode);
😎同步开源代码仓库
2024-11-25 16:27:14 +08:00
sysUserLdap.Dn = ldapEntry.Dn;
😎初始化
2024-06-15 13:02:35 +08:00
if (string.IsNullOrEmpty(sysUserLdap.EmployeeId)) continue;
userLdapList.Add(sysUserLdap);
}
}
}
/// <summary>
/// 同步域组织 🔖
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
[DisplayName("同步域组织")]
public async Task SyncDept(SyncSysLdapInput input)
{
😎同步开源代码仓库
2024-11-25 16:27:14 +08:00
var sysLdap = await _sysLdapRep.GetFirstAsync(u => u.Id == input.Id) ?? throw Oops.Oh(ErrorCodeEnum.D1002);
😎初始化
2024-06-15 13:02:35 +08:00
var ldapConn = new LdapConnection();
try
{
ldapConn.Connect(sysLdap.Host, sysLdap.Port);
😎同步开源代码仓库
2024-11-25 16:27:14 +08:00
string bindPass = CryptogramUtil.Decrypt(sysLdap.BindPass);
ldapConn.Bind(sysLdap.Version, sysLdap.BindDn, bindPass);
😎初始化
2024-06-15 13:02:35 +08:00
var ldapSearchResults = ldapConn.Search(sysLdap.BaseDn, LdapConnection.ScopeOne, "(objectClass=*)", null, false);
var orgList = new List<SysOrg>();
while (ldapSearchResults.HasMore())
{
LdapEntry ldapEntry;
try
{
ldapEntry = ldapSearchResults.Next();
if (ldapEntry == null) continue;
}
catch (LdapException)
{
continue;
}
var attrs = ldapEntry.GetAttributeSet();
😎同步开源代码仓库
2024-11-25 16:27:14 +08:00
if (attrs.Count != 0 && !attrs.ContainsKey("OU")) continue;
😎初始化
2024-06-15 13:02:35 +08:00
😎同步开源代码仓库
2024-11-25 16:27:14 +08:00
var sysOrg = CreateSysOrg(attrs, sysLdap, orgList, new SysOrg { Id = 0, Level = 0 });
orgList.Add(sysOrg);
SearchDnLdapDept(ldapConn, sysLdap, orgList, ldapEntry.Dn, sysOrg);
😎初始化
2024-06-15 13:02:35 +08:00
}
if (orgList.Count == 0)
return;
await App.GetRequiredService<SysOrgService>().BatchAddOrgs(orgList);
}
catch (LdapException e)
{
throw e.ResultCode switch
{
LdapException.NoSuchObject or LdapException.NoSuchAttribute => Oops.Oh(ErrorCodeEnum.D0009),
_ => Oops.Oh(e.Message),
};
}
finally
{
ldapConn.Disconnect();
}
}
/// <summary>
/// 遍历查询域用户
/// </summary>
/// <param name="ldapConn"></param>
/// <param name="sysLdap"></param>
/// <param name="listOrgs"></param>
/// <param name="baseDn"></param>
/// <param name="org"></param>
private static void SearchDnLdapDept(LdapConnection ldapConn, SysLdap sysLdap, List<SysOrg> listOrgs, string baseDn, SysOrg org)
{
var ldapSearchResults = ldapConn.Search(baseDn, LdapConnection.ScopeOne, "(objectClass=*)", null, false);
while (ldapSearchResults.HasMore())
{
LdapEntry ldapEntry;
try
{
ldapEntry = ldapSearchResults.Next();
if (ldapEntry == null) continue;
}
catch (LdapException)
{
continue;
}
var attrs = ldapEntry.GetAttributeSet();
😎同步开源代码仓库
2024-11-25 16:27:14 +08:00
if (attrs.Count != 0 && !attrs.ContainsKey("OU")) continue;
😎初始化
2024-06-15 13:02:35 +08:00
😎同步开源代码仓库
2024-11-25 16:27:14 +08:00
var sysOrg = CreateSysOrg(attrs, sysLdap, listOrgs, org);
listOrgs.Add(sysOrg);
SearchDnLdapDept(ldapConn, sysLdap, listOrgs, ldapEntry.Dn, sysOrg);
😎初始化
2024-06-15 13:02:35 +08:00
}
}
/// <summary>
/// 创建架构对象
/// </summary>
/// <param name="attrs"></param>
/// <param name="sysLdap"></param>
/// <param name="listOrgs"></param>
/// <param name="org"></param>
/// <returns></returns>
private static SysOrg CreateSysOrg(LdapAttributeSet attrs, SysLdap sysLdap, List<SysOrg> listOrgs, SysOrg org)
{
return new SysOrg
{
Pid = org.Id,
Id = YitIdHelper.NextId(),
Code = !attrs.ContainsKey(sysLdap.BindAttrCode) ? null : new Guid(attrs.GetAttribute(sysLdap.BindAttrCode)?.ByteValue).ToString(),
Level = org.Level + 1,
Name = !attrs.ContainsKey(sysLdap.BindAttrAccount) ? null : attrs.GetAttribute(sysLdap.BindAttrAccount)?.StringValue,
OrderNo = listOrgs.Count + 1,
};
}
}
Reference in New Issue Copy Permalink