log proper ldap dns again

roles/lib/files/FWO.Basics/StringExtensionsSanitizer.cs

@@ -1,13 +1,19 @@
 using System.Text.RegularExpressions;
+using Microsoft.AspNetCore.Mvc;
 
 namespace FWO.Basics
 {
     public static partial class StringExtensions
     {
-        public static string SanitizeMand(this string text)
+        public static string SanitizeMand(this string text, bool containsLdapDn = false)
         {
             bool shortened = false;
-            string output = SanitizeMand(text, ref shortened); 
+
+            string output = "";
+            if (containsLdapDn)
+                output = SanitizeLdapPathMand(text, ref shortened);
+            else
+                output = SanitizeMand(text, ref shortened);
             return output;
         }
 

roles/lib/files/FWO.Logging/Log.cs

@@ -64,20 +64,17 @@ static Log()
                             await writer.WriteLineAsync("GRANTED");
                         }
                         // RELEASED - lock was released by log swap process
-                        else if (lockFileContent.EndsWith("RELEASED"))
+                        // only release lock if it was formerly requested by us
+                        else if (lockFileContent.EndsWith("RELEASED") && logOwnedByExternal)
                         {
-                            // only release lock if it was formerly requested by us
-                            if (logOwnedByExternal)
-                            {
-                                stopwatch.Reset();
-                                semaphore.Release();
-                                logOwnedByExternal = false;
-                            }
+                            stopwatch.Reset();
+                            semaphore.Release();
+                            logOwnedByExternal = false;
                         }
                     }
                     catch (Exception)
                     {
-                        //WriteError("Log file locking", "Error while accessing log lock file.", e);
+                        // ignore exceptions
                     }
                     await Task.Delay(1000);
                 }
@@ -101,22 +98,22 @@ private static async Task<FileStream> GetFile(string path)
         }
 
         [Conditional("DEBUG")]
-        public static void WriteDebug(string Title, string Text, [CallerMemberName] string callerName = "", [CallerFilePath] string callerFile = "", [CallerLineNumber] int callerLineNumber = 0)
+        public static void WriteDebug(string Title, string Text, bool containsLdapDn = false, [CallerMemberName] string callerName = "", [CallerFilePath] string callerFile = "", [CallerLineNumber] int callerLineNumber = 0)
         {
-            WriteLog("Debug", Title, Text, callerName, callerFile, callerLineNumber, ConsoleColor.White);
+            WriteLog("Debug", Title, Text, containsLdapDn, callerName, callerFile, callerLineNumber, ConsoleColor.White);
         }
 
-        public static void WriteInfo(string Title, string Text, [CallerMemberName] string callerName = "", [CallerFilePath] string callerFile = "", [CallerLineNumber] int callerLineNumber = 0)
+        public static void WriteInfo(string Title, string Text, bool containsLdapDn = false, [CallerMemberName] string callerName = "", [CallerFilePath] string callerFile = "", [CallerLineNumber] int callerLineNumber = 0)
         {
-            WriteLog("Info", Title, Text, callerName, callerFile, callerLineNumber, ConsoleColor.Cyan);
+            WriteLog("Info", Title, Text, containsLdapDn, callerName, callerFile, callerLineNumber, ConsoleColor.Cyan);
         }
 
-        public static void WriteWarning(string Title, string Text, [CallerMemberName] string callerName = "", [CallerFilePath] string callerFile = "", [CallerLineNumber] int callerLineNumber = 0)
+        public static void WriteWarning(string Title, string Text, bool containsLdapDn = false, [CallerMemberName] string callerName = "", [CallerFilePath] string callerFile = "", [CallerLineNumber] int callerLineNumber = 0)
         {
-            WriteLog("Warning", Title, Text, callerName, callerFile, callerLineNumber, ConsoleColor.DarkYellow);
+            WriteLog("Warning", Title, Text, containsLdapDn, callerName, callerFile, callerLineNumber, ConsoleColor.DarkYellow);
         }
 
-        public static void WriteError(string Title, string? Text = null, Exception? Error = null, string? User = null, string? Role = null, [CallerMemberName] string callerName = "", [CallerFilePath] string callerFile = "", [CallerLineNumber] int callerLineNumber = 0)
+        public static void WriteError(string Title, string? Text = null, Exception? Error = null, string? User = null, string? Role = null, bool containsLdapDn = false, [CallerMemberName] string callerName = "", [CallerFilePath] string callerFile = "", [CallerLineNumber] int callerLineNumber = 0)
         {
             string DisplayText =
                 (User != null ? $"User: {User}, " : "") +
@@ -129,10 +126,10 @@ public static void WriteError(string Title, string? Text = null, Exception? Erro
                 $"Stack Trace: \n {Error?.StackTrace?.TrimStart()}"
                 : "");
 
-            WriteLog("Error", Title, DisplayText, callerName, callerFile, callerLineNumber, ConsoleColor.Red);
+            WriteLog("Error", Title, DisplayText, containsLdapDn, callerName, callerFile, callerLineNumber, ConsoleColor.Red);
         }
 
-        public static void WriteError(string Title, string Text, bool LogStackTrace, [CallerMemberName] string callerName = "", [CallerFilePath] string callerFile = "", [CallerLineNumber] int callerLineNumber = 0)
+        public static void WriteError(string Title, string Text, bool LogStackTrace, bool containsLdapDn = false, [CallerMemberName] string callerName = "", [CallerFilePath] string callerFile = "", [CallerLineNumber] int callerLineNumber = 0)
         {
             string DisplayText =
                 (Text != null ?
@@ -143,7 +140,7 @@ public static void WriteError(string Title, string Text, bool LogStackTrace, [Ca
                 $"Stack Trace: \n {Environment.StackTrace}"
                 : "");
 
-            WriteLog("Error", Title, DisplayText, callerName, callerFile, callerLineNumber, ConsoleColor.Red);
+            WriteLog("Error", Title, DisplayText, containsLdapDn, callerName, callerFile, callerLineNumber, ConsoleColor.Red);
         }
 
         /// <summary>
@@ -152,18 +149,19 @@ public static void WriteError(string Title, string Text, bool LogStackTrace, [Ca
         /// </summary>
         /// <param name="Title">The title of the audit log entry.</param>
         /// <param name="Text">The content of the audit log entry.</param>
+        /// <param name="containsLdapDn">The audit log entry contains ldap DN data so, do not strip ldap dn delimters (,/=).</param>
         /// <param name="WithSeparatorLine">Whether to append a separator line to the log entry. Default is true.</param>
         /// <param name="callerName">The name of the calling method (automatically supplied).</param>
         /// <param name="callerFile">The file path of the calling method (automatically supplied).</param>
         /// <param name="callerLineNumber">The line number in the source file at which the method is called (automatically supplied).</param>
-        public static void WriteAudit(string Title, string Text, bool WithSeparatorLine = true, [CallerMemberName] string callerName = "", [CallerFilePath] string callerFile = "", [CallerLineNumber] int callerLineNumber = 0)
+        public static void WriteAudit(string Title, string Text, bool WithSeparatorLine = true, bool containsLdapDn = true, [CallerMemberName] string callerName = "", [CallerFilePath] string callerFile = "", [CallerLineNumber] int callerLineNumber = 0)
         {
             if (WithSeparatorLine)
             {
                 Text += $"{Environment.NewLine}----{Environment.NewLine}";
             }
 
-            WriteLog("Audit", Title, Text, callerName, callerFile, callerLineNumber, ConsoleColor.Yellow);
+            WriteLog("Audit", Title, Text, containsLdapDn, callerName, callerFile, callerLineNumber, ConsoleColor.Yellow);
         }
 
         /// <summary>
@@ -172,13 +170,14 @@ public static void WriteAudit(string Title, string Text, bool WithSeparatorLine
         /// </summary>
         /// <param name="Title">The title of the audit log entry.</param>
         /// <param name="Text">The content of the audit log entry.</param>
+        /// <param name="containsLdapDn">The audit log entry contains ldap DN data so, do not strip ldap dn delimters (,/=).</param>
         /// <param name="UserName">The name of the user performing the action.</param>
         /// <param name="UserDN">The distinguished name (DN) of the user.</param>
         /// <param name="WithSeparatorLine">Whether to append a separator line to the log entry. Default is true.</param>
         /// <param name="callerName">The name of the calling method (automatically supplied).</param>
         /// <param name="callerFile">The file path of the calling method (automatically supplied).</param>
         /// <param name="callerLineNumber">The line number in the source file at which the method is called (automatically supplied).</param>
-        public static void WriteAudit(string Title, string Text, string UserName, string UserDN, bool WithSeparatorLine = true, [CallerMemberName] string callerName = "", [CallerFilePath] string callerFile = "", [CallerLineNumber] int callerLineNumber = 0)
+        public static void WriteAudit(string Title, string Text, string UserName, string UserDN, bool WithSeparatorLine = true, bool containsLdapDn = false, [CallerMemberName] string callerName = "", [CallerFilePath] string callerFile = "", [CallerLineNumber] int callerLineNumber = 0)
         {
             if (!string.IsNullOrEmpty(UserName))
             {
@@ -195,13 +194,13 @@ public static void WriteAudit(string Title, string Text, string UserName, string
                 Text += $"{Environment.NewLine}----{Environment.NewLine}";
             }
 
-            WriteLog("Audit", Title, Text, callerName, callerFile, callerLineNumber, ConsoleColor.Yellow);
+            WriteLog("Audit", Title, Text, containsLdapDn, callerName, callerFile, callerLineNumber, ConsoleColor.Yellow);
         }
 
-        private static void WriteLog(string LogType, string Title, string Text, string Method, string Path, int Line, ConsoleColor? ForegroundColor = null, ConsoleColor? BackgroundColor = null)
+        private static void WriteLog(string LogType, string Title, string Text, bool containsLdapDn, string Method, string Path, int Line, ConsoleColor? ForegroundColor = null, ConsoleColor? BackgroundColor = null)
         {
             string File = Path.Split('\\', '/').Last(); // do not show the full file path, just the basename
-            WriteInColor($"{DateTime.Now.ToString("yyyy-MM-ddTHH:mm:sszzz")} {LogType} - {Title} ({File} in line {Line}), {Text}", ForegroundColor, BackgroundColor);
+            WriteInColor($"{DateTime.Now.ToString("yyyy-MM-ddTHH:mm:sszzz")} {LogType} - {Title} ({File} in line {Line}), {Text}", ForegroundColor, BackgroundColor, containsLdapDn);
         }
 
         public static void WriteAlert(string Title, string Text)
@@ -210,18 +209,18 @@ public static void WriteAlert(string Title, string Text)
             WriteInColor($"FWORCHAlert - {Title}, {Text}");
         }
 
-        private static void WriteInColor(string Text, ConsoleColor? ForegroundColor = null, ConsoleColor? BackgroundColor = null)
+        private static void WriteInColor(string Text, ConsoleColor? ForegroundColor = null, ConsoleColor? BackgroundColor = null, bool containsLdapDn = false)
         {
             semaphore.Wait();
             if (ForegroundColor != null)
                 Console.ForegroundColor = (ConsoleColor)ForegroundColor;
             if (BackgroundColor != null)
                 Console.BackgroundColor = (ConsoleColor)BackgroundColor;
-            Console.Out.WriteLine(Text.SanitizeMand()); // TODO: async method ?
+            Console.Out.WriteLine(Text.SanitizeMand(containsLdapDn)); // TODO: async method ?
             Console.ResetColor();
             semaphore.Release();
         }
-        
+
         public static void TryWriteLog(LogType logType, string title, string text, bool condition)
         {
             if (condition)

roles/middleware/files/FWO.Middleware.Server/LdapBasic.cs

@@ -47,9 +47,9 @@ private async Task<LdapConnection> Connect()
         {
             try
             {
-                LdapConnectionOptions ldapOptions = new ();
+                LdapConnectionOptions ldapOptions = new();
                 if (Tls) ldapOptions.ConfigureRemoteCertificateValidationCallback((object sen, X509Certificate? cer, X509Chain? cha, SslPolicyErrors err) => true); // todo: allow real cert validation     
-                LdapConnection connection = new (ldapOptions) { SecureSocketLayer = Tls, ConnectionTimeout = timeOutInMs };
+                LdapConnection connection = new(ldapOptions) { SecureSocketLayer = Tls, ConnectionTimeout = timeOutInMs };
                 await connection.ConnectAsync(Address, Port);
 
                 return connection;
@@ -304,7 +304,7 @@ public static string GetFirstName(LdapEntry user)
         {
             return user.GetAttributeSet().ContainsKey("givenName") ? user.Get("givenName").StringValue : "";
         }
-        
+
         /// <summary>
         /// Get the last name for the given user
         /// </summary>
@@ -333,17 +333,17 @@ public static string GetName(LdapEntry user)
             }
             return "";
         }
-        
+
         /// <summary>
         /// Get the tenant name for the given user
         /// </summary>
         /// <returns>tenant name of the given user</returns>
         public string GetTenantName(LdapEntry user)
         {
-            DistName dn = new (user.Dn);
-            return dn.GetTenantNameViaLdapTenantLevel (TenantLevel);
+            DistName dn = new(user.Dn);
+            return dn.GetTenantNameViaLdapTenantLevel(TenantLevel);
         }
-        
+
         /// <summary>
         /// Get the groups for the given user
         /// </summary>
@@ -408,7 +408,7 @@ public async Task<string> SetPassword(string userDn, string newPassword)
                 if (await TryBind(connection, WriteUser, WriteUserPwd))
                 {
                     // authentication was successful: set new password
-                    LdapAttribute attribute = new ("userPassword", newPassword);
+                    LdapAttribute attribute = new("userPassword", newPassword);
                     LdapModification[] mods = [new LdapModification(LdapModification.Replace, attribute)];
 
                     await connection.ModifyAsync(userDn, mods);
@@ -483,7 +483,7 @@ public async Task<bool> AddUser(string userDn, string password, string email)
                 await TryBind(connection, WriteUser, WriteUserPwd);
 
                 string userName = new DistName(userDn).UserName;
-                LdapAttributeSet attributeSet = new ()
+                LdapAttributeSet attributeSet = new()
                 {
                     new LdapAttribute("objectclass", "inetOrgPerson"),
                     new LdapAttribute("sn", userName),
@@ -493,7 +493,7 @@ public async Task<bool> AddUser(string userDn, string password, string email)
                     new LdapAttribute("mail", email)
                 };
 
-                LdapEntry newEntry = new (userDn, attributeSet);
+                LdapEntry newEntry = new(userDn, attributeSet);
 
                 try
                 {
@@ -527,8 +527,8 @@ public async Task<bool> UpdateUser(string userDn, string email)
                 using LdapConnection connection = await Connect();
                 // Authenticate as write user
                 await TryBind(connection, WriteUser, WriteUserPwd);
-                LdapAttribute attribute = new ("mail", email);
-                LdapModification[] mods = [new (LdapModification.Replace, attribute)];
+                LdapAttribute attribute = new("mail", email);
+                LdapModification[] mods = [new(LdapModification.Replace, attribute)];
 
                 try
                 {
@@ -594,7 +594,7 @@ private static bool IsFullyQualifiedDn(string name)
         /// <returns>true if user added</returns>
         public async Task<bool> AddUserToEntry(string userDn, string entry)
         {
-            Log.WriteInfo("Add User to Entry", $"Trying to add User: \"{userDn}\" to Entry: \"{entry}\"");
+            Log.WriteInfo("Add User to Entry", $"Trying to add User: \"{userDn}\" to Entry: \"{entry}\"", true);
             return await ModifyUserInEntry(userDn, entry, LdapModification.Add);
         }
 

roles/ui/files/FWO.UI/Services/UrlSanitizer.cs

@@ -24,9 +24,9 @@ public sealed partial class UrlSanitizer : IUrlSanitizer
 
             string decoded = HttpUtility.UrlDecode(normalizedInput);
             decoded = HttpUtility.HtmlDecode(decoded);
-            if (MyRegex().IsMatch(decoded) ||
-                MyRegex1().IsMatch(decoded) ||
-                MyRegex2().IsMatch(decoded)
+            if (RegExFindScript().IsMatch(decoded) ||
+                RegExFindOn().IsMatch(decoded) ||
+                RegExFindJavascript().IsMatch(decoded)
             ) // e.g. onload=, onclick=
             {
                 BlockingUrlLog(input);
@@ -91,13 +91,13 @@ private static void BlockingUrlLog(string url)
         }
 
         [GeneratedRegex(@"<\s*script\b", RegexOptions.IgnoreCase, "en-US")]
-        private static partial Regex MyRegex();
+        private static partial Regex RegExFindScript();
 
         [GeneratedRegex(@"on\w+\s*=", RegexOptions.IgnoreCase, "en-US")]
-        private static partial Regex MyRegex1();
+        private static partial Regex RegExFindOn();
 
         [GeneratedRegex(@"javascript\s*:", RegexOptions.IgnoreCase, "en-US")]
-        private static partial Regex MyRegex2();
+        private static partial Regex RegExFindJavascript();
     }
 
 }