Allow for overriding the LdapOptions when using the ILdapConnectionService.

Author: crowbar27

Visus.DirectoryAuthentication/ILdapConnectionService.cs

@@ -1,10 +1,11 @@
 // <copyright file="ILdapConnectionService.cs" company="Visualisierungsinstitut der Universität Stuttgart">
-// Copyright © 2021 - 2024 Visualisierungsinstitut der Universität Stuttgart.
+// Copyright © 2021 - 2025 Visualisierungsinstitut der Universität Stuttgart.
 // Licensed under the MIT licence. See LICENCE file for details.
 // </copyright>
 // <author>Christoph Müller</author>
 
 using System.DirectoryServices.Protocols;
+using Visus.DirectoryAuthentication.Configuration;
 
 
 namespace Visus.DirectoryAuthentication {
@@ -14,6 +15,14 @@ namespace Visus.DirectoryAuthentication {
     /// </summary>
     public interface ILdapConnectionService {
 
+        /// <summary>
+        /// Connect to the LDAP server configured in <paramref name="options"/>.
+        /// </summary>
+        /// <param name="options">The <see cref="LdapOptions" /> specifying the
+        /// server and the user account used to connect to the server.</param>
+        /// <returns>A new LDAP connection</returns>
+        LdapConnection Connect(LdapOptions options);
+
         /// <summary>
         /// Connect to the preconfigured LDAP service with the specified
         /// credentials.

Visus.DirectoryAuthentication/Services/LdapConnectionService.cs

@@ -1,5 +1,5 @@
 // <copyright file="LdapConnectionService.cs" company="Visualisierungsinstitut der Universität Stuttgart">
-// Copyright © 2021 - 2024 Visualisierungsinstitut der Universität Stuttgart.
+// Copyright © 2021 - 2025 Visualisierungsinstitut der Universität Stuttgart.
 // Licensed under the MIT licence. See LICENCE file for details.
 // </copyright>
 // <author>Christoph Müller</author>
@@ -45,14 +45,38 @@ public LdapConnectionService(IOptions<LdapOptions> options,
 
         #region Public methods
         /// <inheritdoc />
-        public LdapConnection Connect(string? username, string? password) {
-            var retval = this._options.ToConnection(_logger);
+        public LdapConnection Connect(LdapOptions options)
+            => this.Connect(null,
+                null,
+                options ?? throw new ArgumentNullException(nameof(options)));
+
+        /// <inheritdoc />
+        public LdapConnection Connect(string? username, string? password)
+            => this.Connect(username, password, this._options);
+        #endregion
+
+        #region Private class methods
+        /// <summary>
+        /// Gets a regular expression for detecting whether the user name is a
+        /// UPN.
+        /// </summary>
+        /// <returns></returns>
+        [GeneratedRegex(@".+@.+")]
+        private static partial Regex GetUpnRegex();
+        #endregion
+
+        #region Private methods
+        public LdapConnection Connect(string? username,
+                string? password,
+                LdapOptions options) {
+            Debug.Assert(options is not null);
+            var retval = options.ToConnection(_logger);
             Debug.Assert(retval != null);
 
             if ((username != null)
-                    && !string.IsNullOrWhiteSpace(this._options.DefaultDomain)
+                    && !string.IsNullOrWhiteSpace(options.DefaultDomain)
                     && !GetUpnRegex().IsMatch(username)) {
-                username = $"{username}@{this._options.DefaultDomain}";
+                username = $"{username}@{options.DefaultDomain}";
             }
 
             this._logger.LogDebug("User name to bind (possibly expanded by the "
@@ -79,21 +103,11 @@ public LdapConnection Connect(string? username, string? password) {
                 retval.SessionOptions.ProtocolVersion,
                 retval.AutoBind);
 
-            return retval;
-        }
-        #endregion
-
-        #region Private class methods
-        /// <summary>
-        /// Gets a regular expression for detecting whether the user name is a
-        /// UPN.
-        /// </summary>
-        /// <returns></returns>
-        [GeneratedRegex(@".+@.+")]
-        private static partial Regex GetUpnRegex();
+            return retval;
+        }
         #endregion
 
-        #region Private fields
+            #region Private fields
         private readonly ILogger _logger;
         private readonly LdapOptions _options;
         #endregion

Visus.DirectoryAuthentication/Visus.DirectoryAuthentication.csproj

@@ -18,7 +18,7 @@ Updated dependencies.</PackageReleaseNotes>
     <NeutralLanguage>en</NeutralLanguage>
     <UserSecretsId>e07a7441-ba97-46b5-9ce1-391f2c978578</UserSecretsId>
     <GeneratePackageOnBuild>true</GeneratePackageOnBuild>
-    <Version>2.2.1</Version>
+    <Version>2.3.0</Version>
     <Nullable>enable</Nullable>
   </PropertyGroup>
 

Visus.LdapAuthentication/ILdapConnectionService.cs

@@ -1,10 +1,11 @@
 // <copyright file="ILdapConnectionService.cs" company="Visualisierungsinstitut der Universität Stuttgart">
-// Copyright © 2021 - 2024 Visualisierungsinstitut der Universität Stuttgart.
+// Copyright © 2021 - 2025 Visualisierungsinstitut der Universität Stuttgart.
 // Licensed under the MIT licence. See LICENCE file for details.
 // </copyright>
 // <author>Christoph Müller</author>
 
 using Novell.Directory.Ldap;
+using Visus.LdapAuthentication.Configuration;
 
 
 namespace Visus.LdapAuthentication {
@@ -14,6 +15,14 @@ namespace Visus.LdapAuthentication {
     /// </summary>
     public interface ILdapConnectionService {
 
+        /// <summary>
+        /// Connect to the LDAP server configured in <paramref name="options"/>.
+        /// </summary>
+        /// <param name="options">The <see cref="LdapOptions" /> specifying the
+        /// server and the user account used to connect to the server.</param>
+        /// <returns>A new LDAP connection</returns>
+        LdapConnection Connect(LdapOptions options);
+
         /// <summary>
         /// Connect to the preconfigured LDAP service with the specified
         /// credentials.

Visus.LdapAuthentication/Services/LdapConnectionService.cs

@@ -1,5 +1,5 @@
 // <copyright file="LdapConnectionService.cs" company="Visualisierungsinstitut der Universität Stuttgart">
-// Copyright © 2021 - 2024 Visualisierungsinstitut der Universität Stuttgart.
+// Copyright © 2021 - 2025 Visualisierungsinstitut der Universität Stuttgart.
 // Licensed under the MIT licence. See LICENCE file for details.
 // </copyright>
 // <author>Christoph Müller</author>
@@ -10,7 +10,6 @@
 using System;
 using System.Collections.Generic;
 using System.Diagnostics;
-using System.Net.Http.Headers;
 using System.Text.RegularExpressions;
 using Visus.LdapAuthentication.Configuration;
 using Visus.LdapAuthentication.Properties;
@@ -41,37 +40,19 @@ public LdapConnectionService(IOptions<LdapOptions> options,
                 ?? throw new ArgumentNullException(nameof(logger));
             this._options = options?.Value
                 ?? throw new ArgumentNullException(nameof(options));
-        }
+        }
         #endregion
-
+
         #region Public methods
         /// <inheritdoc />
-        public LdapConnection Connect(string? username, string? password) {
-            var retval = this.TryConnect();
-
-            if ((username != null)
-                    && !string.IsNullOrWhiteSpace(this._options.DefaultDomain)
-                    && !GetUpnRegex().IsMatch(username)) {
-                username = $"{username}@{this._options.DefaultDomain}";
-            }
-
-            this._logger.LogDebug("User name to bind (possibly expanded by the "
-                + "default domain) is {username}.", username);
-
-            if ((username == null) && (password == null)) {
-                this._logger.LogInformation(Resources.InfoBindAnonymous);
-                retval.Bind(null, null);
-                this._logger.LogInformation(Resources.InfoBoundAnonymous);
+        public LdapConnection Connect(LdapOptions options)
+            => this.Connect(null,
+                null,
+                options ?? throw new ArgumentNullException(nameof(options)));
 
-            } else {
-                this._logger.LogInformation(Resources.InfoBindingAsUser,
-                    username);
-                retval.Bind(username, password);
-                this._logger.LogInformation(Resources.InfoBoundAsUser, username);
-            }
-
-            return retval;
-        }
+        /// <inheritdoc />
+        public LdapConnection Connect(string? username, string? password)
+            => this.Connect(username, password, this._options);
         #endregion
 
         #region Private class methods
@@ -89,18 +70,19 @@ public LdapConnection Connect(string? username, string? password) {
         /// Block the <paramref name="server"/> at the specified position for
         /// the configured amount of time.
         /// </summary>
-        private void Blacklist(int server) {
-            Debug.Assert(server < this._options.Servers.Length);
+        private void Blacklist(int server, LdapOptions options) {
+            Debug.Assert(options is not null);
+            Debug.Assert(server < options.Servers.Length);
 
             // Only enter the critical section if a valid timespan was
             // specified that actually needs to expire.
-            if (this._options.BlacklistFailedServersFor > TimeSpan.Zero) {
+            if (options.BlacklistFailedServersFor > TimeSpan.Zero) {
                 lock (this._lock) {
                     var until = DateTimeOffset.UtcNow;
-                    until += this._options.BlacklistFailedServersFor;
+                    until += options.BlacklistFailedServersFor;
                     this._blacklisted[server] = until;
                     this._logger.LogWarning(Resources.WarnServerBlacklisted,
-                        this._options.Servers[server], until);
+                        options.Servers[server], until);
 
                     // If the currently active server is the blacklisted one,
                     // make sure that we now select another one in the
@@ -109,7 +91,7 @@ private void Blacklist(int server) {
                     if (this._currentServer == server) {
                         do {
                             ++this._currentServer;
-                            this._currentServer %= this._options.Servers.Length;
+                            this._currentServer %= options.Servers.Length;
                         } while (this.IsBlacklistedUnsafe(this._currentServer)
                             && (this._currentServer != server));
 
@@ -121,6 +103,43 @@ private void Blacklist(int server) {
             } /* if (this._options.BlacklistFailedServersFor > TimeSpan.Zero) */
         }
 
+        /// <summary>
+        /// Connect to the server specified in <paramref name="options"/>
+        /// </summary>
+        /// <param name="username"></param>
+        /// <param name="password"></param>
+        /// <param name="options"></param>
+        /// <returns></returns>
+        private LdapConnection Connect(string? username,
+                string? password,
+                LdapOptions options) {
+            Debug.Assert(options is not null);
+            var retval = this.TryConnect(options);
+
+            if ((username != null)
+                    && !string.IsNullOrWhiteSpace(options.DefaultDomain)
+                    && !GetUpnRegex().IsMatch(username)) {
+                username = $"{username}@{options.DefaultDomain}";
+            }
+
+            this._logger.LogDebug("User name to bind (possibly expanded by the "
+                + "default domain) is {username}.", username);
+
+            if ((username == null) && (password == null)) {
+                this._logger.LogInformation(Resources.InfoBindAnonymous);
+                retval.Bind(null, null);
+                this._logger.LogInformation(Resources.InfoBoundAnonymous);
+
+            } else {
+                this._logger.LogInformation(Resources.InfoBindingAsUser,
+                    username);
+                retval.Bind(username, password);
+                this._logger.LogInformation(Resources.InfoBoundAsUser, username);
+            }
+
+            return retval;
+        }
+
         /// <summary>
         /// Checks whether <paramref name="server"/> is on the black list, but
         /// does not acquire the <see cref="_lock"/> before doing so. Therefore,
@@ -183,19 +202,20 @@ private int SelectRoundRobin() {
         /// <summary>
         /// Try connecting to any of the configured servers.
         /// </summary>
-        private LdapConnection TryConnect() {
+        private LdapConnection TryConnect(LdapOptions options) {
+            Debug.Assert(options is not null);
             Exception? error = null;
 
-            for (int i = 0; i < this._options.Servers.Length; ++i) {
+            for (int i = 0; i < options.Servers.Length; ++i) {
                 var selection = this.Select();
-                var server = this._options.Servers[selection];
+                var server = options.Servers[selection];
 
                 try {
                     this._logger.LogInformation(Resources.InfoServerSelected,
                         server);
-                    return this._options.ToConnection(server, this._logger);
+                    return options.ToConnection(server, this._logger);
                 } catch (Exception ex) {
-                    this.Blacklist(selection);
+                    this.Blacklist(selection, options);
                     error = ex;
                 }
             }

Visus.LdapAuthentication/Visus.LdapAuthentication.csproj

@@ -13,7 +13,7 @@
     <RepositoryUrl>https://github.com/UniStuttgart-VISUS/Visus.LdapAuthentication</RepositoryUrl>
     <PackageTags>ldap aspnet authentication net5</PackageTags>
     <NeutralLanguage>en</NeutralLanguage>
-    <Version>2.2.1</Version>
+    <Version>2.3.0</Version>
     <PackageReleaseNotes>Added support for fluent mapping.
 Improved performance of group mapping.
 Updated dependencies.</PackageReleaseNotes>