-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathLdapUser.cs
113 lines (101 loc) · 4.51 KB
/
LdapUser.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
// <copyright file="LdapUser.cs" company="Visualisierungsinstitut der Universität Stuttgart">
// Copyright © 2021 - 2024 Visualisierungsinstitut der Universität Stuttgart.
// Licensed under the MIT licence. See LICENCE file for details.
// </copyright>
// <author>Christoph Müller</author>
using System.Collections.Generic;
using System.Diagnostics;
using System.Security.Claims;
using Visus.Ldap.Claims;
using Visus.Ldap.Mapping;
namespace Visus.Ldap {
/// <summary>
/// The basic representation of a user from LDAP.
/// </summary>
/// <remarks>
/// <para>This class provides mappings for LDAP attributes typically used
/// for authenticating users along with <see cref="Groups"/> that might be
/// mapped to roles.</para>
/// <para>If you need additional data from the directory, you can derive
/// from this class and add these properties with appropriate attributes.
/// Make sure to use the attribute-based mapper in this case as the
/// performance-optimised ones derived from
/// <see cref="DefaultMapperBase{TEntry}"/> only fill the properties
/// in this class, but not the ones you may have added.</para>
/// <para>Note to implementors: When changing this class, make sure to
/// reflect the hard-coded assignments of properties in
/// <see cref="DefaultMapperBase{TEntry}.MapUser(TEntry, LdapUser)"/>.
/// </para>
/// </remarks>
[DebuggerDisplay("{AccountName}")]
public class LdapUser {
#region Public properties
/// <summary>
/// Gets the unique account name of the user.
/// </summary>
[LdapAttribute(Schema.ActiveDirectory, "sAMAccountName")]
[LdapAttribute(Schema.IdentityManagementForUnix, "sAMAccountName")]
[LdapAttribute(Schema.Rfc2307, "uid")]
[Claim(ClaimTypes.Name)]
[Claim(ClaimTypes.WindowsAccountName)]
[AccountName]
public string AccountName { get; set; } = null!;
/// <summary>
/// Gets the Christian name of the user.
/// </summary>
[LdapAttribute(Schema.ActiveDirectory, "givenName")]
[LdapAttribute(Schema.IdentityManagementForUnix, "givenName")]
[LdapAttribute(Schema.Rfc2307, "givenName")]
[Claim(ClaimTypes.GivenName)]
public string? ChristianName { get; set; }
/// <summary>
/// Gets the display name of the user.
/// </summary>
[LdapAttribute(Schema.ActiveDirectory, "displayName")]
[LdapAttribute(Schema.IdentityManagementForUnix, "displayName")]
[LdapAttribute(Schema.Rfc2307, "displayName")]
public string? DisplayName { get; set; }
/// <summary>
/// Gets the distinguished name of the user.
/// </summary>
[LdapAttribute(Schema.ActiveDirectory, "distinguishedName")]
[LdapAttribute(Schema.IdentityManagementForUnix, "distinguishedName")]
[LdapAttribute(Schema.Rfc2307, "distinguishedName")]
[DistinguishedName]
public string DistinguishedName { get; set; } = null!;
/// <summary>
/// Gets the e-mail address of the user.
/// </summary>
[LdapAttribute(Schema.ActiveDirectory, "mail")]
[LdapAttribute(Schema.IdentityManagementForUnix, "mail")]
[LdapAttribute(Schema.Rfc2307, "mail")]
[Claim(ClaimTypes.Email)]
public string? EmailAddress { get; set; }
/// <summary>
/// Gets the groups the user is member of.
/// </summary>
[GroupMemberships]
public IEnumerable<LdapGroup> Groups { get; internal set; } = null!;
/// <summary>
/// Gets the security identifier of the user.
/// </summary>
[LdapAttribute(Schema.ActiveDirectory, "objectSid",
Converter = typeof(SidConverter))]
[LdapAttribute(Schema.IdentityManagementForUnix, "uidNumber")]
[LdapAttribute(Schema.Rfc2307, "uidNumber")]
[Claim(ClaimTypes.PrimarySid)]
[Claim(ClaimTypes.Sid)]
[Claim(ClaimTypes.NameIdentifier)]
[Identity]
public string Identity { get; set; } = null!;
/// <summary>
/// Gets the surname of the user.
/// </summary>
[LdapAttribute(Schema.ActiveDirectory, "sn")]
[LdapAttribute(Schema.IdentityManagementForUnix, "sn")]
[LdapAttribute(Schema.Rfc2307, "sn")]
[Claim(ClaimTypes.Surname)]
public string? Surname { get; set; }
#endregion
}
}