-
Notifications
You must be signed in to change notification settings - Fork 7
/
ServiceCollectionExtensions.cs
238 lines (222 loc) · 12.7 KB
/
ServiceCollectionExtensions.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
// <copyright file="ServiceCollectionExtensions.cs" company="Visualisierungsinstitut der Universität Stuttgart">
// Copyright © 2021 - 2024 Visualisierungsinstitut der Universität Stuttgart.
// Licensed under the MIT licence. See LICENCE file for details.
// </copyright>
// <author>Christoph Müller</author>
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.DependencyInjection.Extensions;
using Microsoft.Extensions.Options;
using System;
using System.DirectoryServices.Protocols;
using Visus.DirectoryAuthentication.Claims;
using Visus.DirectoryAuthentication.Configuration;
using Visus.DirectoryAuthentication.Mapping;
using Visus.DirectoryAuthentication.Services;
using Visus.Ldap;
using Visus.Ldap.Claims;
using Visus.Ldap.Configuration;
using Visus.Ldap.Mapping;
using Visus.Ldap.Services;
namespace Visus.DirectoryAuthentication {
/// <summary>
/// Extension methods for <see cref="IServiceCollection"/>.
/// </summary>
public static class ServiceCollectionExtensions {
/// <summary>
/// Adds <see cref="ILdapAuthenticationService{TUser}"/>,
/// <see cref="ILdapConnectionService"/> and
/// <see cref="ILdapSearchService{TUser, TGroup}"/> to the dependency
/// injection container and configures <see cref="LdapOptions"/>.
/// </summary>
/// <typeparam name="TUser">The type of user to be created for LDAP
/// entries of users.</typeparam>
/// <typeparam name="TGroup">The type of group to created for LDAP
/// entries of groups.</typeparam>
/// <typeparam name="TLdapMapper"></typeparam>
/// <typeparam name="TUserMap"></typeparam>
/// <typeparam name="TGroupMap"></typeparam>
/// <typeparam name="TClaimsBuilder"></typeparam>
/// <typeparam name="TClaimsMapper"></typeparam>
/// <typeparam name="TUserClaimsMap"></typeparam>
/// <typeparam name="TGroupClaimsMap"></typeparam>
/// <param name="services">The service collection to add the service to.
/// </param>
/// <param name="options">A callback configuring the options.</param>
/// <returns><paramref name="services"/> after injection.</returns>
/// <param name="mapUser">If not <c>null</c>, the method will call this
/// function to build a custom mapping of <typeparamref name="TUser"/>
/// to LDAP attributes.</param>
/// <param name="mapGroup">If not <c>null</c>, the method will call this
/// function to build a custom mapping of <typeparamref name="TGroup"/>
/// to LDAP attributes.</param>
/// <param name="mapUserClaims">If not <c>null</c>, the method will call
/// this function to build a custom mapping to
/// <typeparamref name="TUser"/> to claim types.</param>
/// <param name="mapGroupClaims">If not <c>null</c>, the method will call
/// this function to build a custom mapping to
/// <typeparamref name="TGroup"/> to claim types.</param>
/// <returns><paramref name="services"/>.</returns>
/// <exception cref="ArgumentNullException">If
/// <paramref name="services"/> is <c>null</c>.</exception>
public static IServiceCollection AddLdapAuthentication<
TUser, TGroup,
TLdapMapper, TUserMap, TGroupMap,
TClaimsBuilder, TClaimsMapper, TUserClaimsMap, TGroupClaimsMap>(
this IServiceCollection services,
Action<LdapOptions> options,
Action<ILdapAttributeMapBuilder<TUser>, LdapOptions>? mapUser = null,
Action<ILdapAttributeMapBuilder<TGroup>, LdapOptions>? mapGroup = null,
Action<IClaimsMapBuilder, LdapOptions>? mapUserClaims = null,
Action<IClaimsMapBuilder, LdapOptions>? mapGroupClaims = null)
where TUser : class, new()
where TGroup : class, new()
where TLdapMapper : class, ILdapMapper<SearchResultEntry, TUser, TGroup>
where TUserMap : class, ILdapAttributeMap<TUser>
where TGroupMap : class, ILdapAttributeMap<TGroup>
where TClaimsBuilder : class, IClaimsBuilder<TUser, TGroup>
where TClaimsMapper : class, IClaimsMapper<SearchResultEntry>
where TUserClaimsMap : class, IUserClaimsMap
where TGroupClaimsMap : class, IGroupClaimsMap {
_ = services ?? throw new ArgumentNullException(nameof(services));
{
var b = services.AddOptions<LdapOptions>()
.Configure(options)
.ValidateOnStart();
b.Services.AddSingleton<LdapOptionsValidator>();
b.Services.AddSingleton<IValidateOptions<LdapOptions>,
FluentValidateOptions<LdapOptions, LdapOptionsValidator>>();
}
// If a callback for a custom user map was installed, create a
// builder and obtain the mapping, but only register it if nothing
// has been registered before.
if (mapUser != null) {
services.TryAddSingleton<ILdapAttributeMap<TUser>>(s => {
var o = s.GetRequiredService<IOptions<LdapOptions>>();
return new LdapAttributeMap<TUser>(mapUser, o);
});
}
// If a callback for a custom group map was installed, create a
// builder and obtain the mapping, but only register it if nothing
// has been registered before.
if (mapGroup != null) {
services.TryAddSingleton<ILdapAttributeMap<TGroup>>(s => {
var o = s.GetRequiredService<IOptions<LdapOptions>>();
return new LdapAttributeMap<TGroup>(mapGroup, o);
});
}
// If a callback for custom user claims was isntalled, create a
// builder and obtain the mapping, but only register it if nothing
// has been registered before.
if (mapUserClaims != null) {
services.TryAddSingleton<IUserClaimsMap>(s => {
var o = s.GetRequiredService<IOptions<LdapOptions>>();
return new ClaimsMap<TUser>(mapUserClaims, o);
});
}
// If a callback for custom user claims was isntalled, create a
// builder and obtain the mapping, but only register it if nothing
// has been registered before.
if (mapGroupClaims != null) {
services.TryAddSingleton<IGroupClaimsMap>(s => {
var o = s.GetRequiredService<IOptions<LdapOptions>>();
return new ClaimsMap<TGroup>(mapGroupClaims, o);
});
}
// The following maps are only installed if the user has not provided
// a custom implementation before.
services.TryAddSingleton<IClaimsBuilder<TUser, TGroup>, TClaimsBuilder>();
services.TryAddSingleton<IClaimsMapper<SearchResultEntry>, TClaimsMapper>();
services.TryAddSingleton<IGroupClaimsMap, TGroupClaimsMap>();
services.TryAddSingleton<IUserClaimsMap, TUserClaimsMap>();
services.TryAddSingleton<ILdapMapper<SearchResultEntry, TUser, TGroup>, TLdapMapper>();
services.TryAddSingleton<ILdapAttributeMap<TUser>, TUserMap>();
services.TryAddSingleton<ILdapAttributeMap<TGroup>, TGroupMap>();
// Try adding the connection service, which allows users to register
// multiple users and group types. This would otherwise conflict as
// the connection service is not typed.
services.TryAddSingleton<ILdapConnectionService, LdapConnectionService>();
// Add the in-memory caches.
services.AddMemoryCache();
services.TryAddSingleton<ILdapCache<SearchResultEntry>, LdapCacheService>();
return services.AddScoped<ILdapAuthenticationService<TUser>,
LdapAuthenticationService<TUser, TGroup>>()
.AddScoped<ILdapSearchService<TUser, TGroup>,
LdapSearchService<TUser, TGroup>>();
}
/// <summary>
/// Adds <see cref="ILdapAuthenticationService{TUser}"/>,
/// <see cref="ILdapConnectionService"/> and
/// <see cref="ILdapSearchService{TUser, TGroup}"/> to the dependency
/// injection container and configures <see cref="LdapOptions"/>.
/// </summary>
/// <param name="services">The service collection to add the service to.
/// </param>
/// <param name="options">A callback configuring the options.</param>
/// <param name="mapUser">If not <c>null</c>, the method will call this
/// function to build a custom mapping of <typeparamref name="TUser"/>
/// to LDAP attributes.</param>
/// <param name="mapGroup">If not <c>null</c>, the method will call this
/// function to build a custom mapping of <typeparamref name="TGroup"/>
/// to LDAP attributes.</param>
/// <param name="mapUserClaims">If not <c>null</c>, the method will call
/// this function to build a custom mapping to
/// <typeparamref name="TUser"/> to claim types.</param>
/// <param name="mapGroupClaims">If not <c>null</c>, the method will call
/// this function to build a custom mapping to
/// <typeparamref name="TGroup"/> to claim types.</param>
/// <returns><paramref name="services"/>.</returns>
public static IServiceCollection AddLdapAuthentication<TUser, TGroup>(
this IServiceCollection services,
Action<LdapOptions> options,
Action<ILdapAttributeMapBuilder<TUser>, LdapOptions>? mapUser = null,
Action<ILdapAttributeMapBuilder<TGroup>, LdapOptions>? mapGroup = null,
Action<IClaimsMapBuilder, LdapOptions>? mapUserClaims = null,
Action<IClaimsMapBuilder, LdapOptions>? mapGroupClaims = null)
where TUser : class, new()
where TGroup : class, new()
=> services.AddLdapAuthentication<TUser,
TGroup,
LdapMapper<TUser, TGroup>,
LdapAttributeMap<TUser>,
LdapAttributeMap<TGroup>,
ClaimsBuilder<TUser, TGroup>,
ClaimsMapper,
ClaimsMap<TUser>,
ClaimsMap<TGroup>>(options,
mapUser, mapGroup,
mapUserClaims, mapGroupClaims);
/// <summary>
/// Adds <see cref="ILdapAuthenticationService{TUser}"/>,
/// <see cref="ILdapConnectionService"/> and
/// <see cref="ILdapSearchService{TUser, TGroup}"/> using the default
/// <see cref="LdapUser"/> and <see cref="LdapGroup"/> representations
/// to the dependency injection container and configures
/// <see cref="LdapOptions"/>.
/// </summary>
/// <param name="services">The service collection to add the service to.
/// </param>
/// <param name="options">A callback configuring the options.</param>
/// <param name="mapUser">If not <c>null</c>, the method will call this
/// function to build a custom mapping of <typeparamref name="TUser"/>
/// to LDAP attributes.</param>
/// <param name="mapGroup">If not <c>null</c>, the method will call this
/// function to build a custom mapping of <typeparamref name="TGroup"/>
/// to LDAP attributes.</param>
/// <param name="mapUserClaims">If not <c>null</c>, the method will call
/// this function to build a custom mapping to
/// <typeparamref name="TUser"/> to claim types.</param>
/// <param name="mapGroupClaims">If not <c>null</c>, the method will call
/// this function to build a custom mapping to
/// <typeparamref name="TGroup"/> to claim types.</param>
/// <returns><paramref name="services"/>.</returns>
public static IServiceCollection AddLdapAuthentication(
this IServiceCollection services,
Action<LdapOptions> options,
Action<ILdapAttributeMapBuilder<LdapUser>, LdapOptions>? mapUser = null,
Action<ILdapAttributeMapBuilder<LdapGroup>, LdapOptions>? mapGroup = null,
Action<IClaimsMapBuilder, LdapOptions>? mapUserClaims = null,
Action<IClaimsMapBuilder, LdapOptions>? mapGroupClaims = null)
=> services.AddLdapAuthentication<LdapUser, LdapGroup>(options,
mapUser, mapGroup, mapUserClaims, mapGroupClaims);
}
}