From 67e402afa3cdb3411fa9000501951ea107b2f1fb Mon Sep 17 00:00:00 2001
From: shiziyuan9527 <yuhao.li@fit2cloud.com>
Date: Wed, 24 Jun 2020 17:40:49 +0800
Subject: [PATCH] ldap

---
 .../java/io/metersphere/ldap/LdapService.java | 50 ++++++-------------
 .../io/metersphere/ldap/PersonRepoImpl.java   | 45 +++++++++++++++--
 .../io/metersphere/ldap/domain/Person.java    | 10 +++-
 3 files changed, 65 insertions(+), 40 deletions(-)

diff --git a/backend/src/main/java/io/metersphere/ldap/LdapService.java b/backend/src/main/java/io/metersphere/ldap/LdapService.java
index b6b5b6d798..d7483f964b 100644
--- a/backend/src/main/java/io/metersphere/ldap/LdapService.java
+++ b/backend/src/main/java/io/metersphere/ldap/LdapService.java
@@ -2,56 +2,38 @@ package io.metersphere.ldap;
 
 import io.metersphere.commons.exception.MSException;
 import io.metersphere.controller.request.LoginRequest;
-import org.apache.shiro.realm.ldap.LdapUtils;
-import org.springframework.ldap.core.LdapTemplate;
+import io.metersphere.i18n.Translator;
+import org.springframework.ldap.CommunicationException;
 import org.springframework.stereotype.Service;
-
 import javax.annotation.Resource;
-import javax.naming.directory.DirContext;
-import javax.naming.ldap.LdapContext;
-
 import java.util.List;
 
-import static org.springframework.ldap.query.LdapQueryBuilder.query;
-
 @Service
 public class LdapService {
 
-    @Resource
-    private LdapTemplate ldapTemplate;
-
     @Resource
     private PersonRepoImpl personRepo;
 
     public boolean authenticate(LoginRequest request) {
-//        String userDn, String credentials
-        DirContext ctx = null;
         String dn = null;
         String username = request.getUsername();
         String credentials = request.getPassword();
 
-        List user = personRepo.findByName(username);
-
-        if (user.size() > 0) {
-            dn = personRepo.getDnForUser(username);
-        } else {
-            MSException.throwException("no such user");
-        }
         try {
-            ctx = ldapTemplate.getContextSource().getContext(dn, credentials);
-//            ldapTemplate.authenticate(dn, credentials);
-            // Take care here - if a base was specified on the ContextSource
-            // that needs to be removed from the user DN for the lookup to succeed.
-            // ctx.lookup(userDn);
-            return true;
-        } catch (Exception e) {
-            // Context creation failed - authentication did not succeed
-            System.out.println("Login failed: " + e);
-            MSException.throwException("login failed...");
-            return false;
-        } finally {
-            // It is imperative that the created DirContext instance is always closed
-            LdapUtils.closeContext((LdapContext) ctx);
+            // select user by sAMAccountName
+            List user = personRepo.findByName(username);
+
+            if (user.size() == 1) {
+                dn = personRepo.getDnForUser(username);
+            } else if (user.size() == 0){
+                MSException.throwException(Translator.get("user_not_exist") + username);
+            } else {
+                MSException.throwException("Found multiple users");
+            }
+        } catch (CommunicationException e) {
+            MSException.throwException("LDAP Server connection failed!");
         }
+
+        return personRepo.authenticate(dn, credentials);
     }
 }
diff --git a/backend/src/main/java/io/metersphere/ldap/PersonRepoImpl.java b/backend/src/main/java/io/metersphere/ldap/PersonRepoImpl.java
index 9e3d24295a..886081533f 100644
--- a/backend/src/main/java/io/metersphere/ldap/PersonRepoImpl.java
+++ b/backend/src/main/java/io/metersphere/ldap/PersonRepoImpl.java
@@ -1,7 +1,11 @@
 package io.metersphere.ldap;
 
 
+import io.metersphere.commons.exception.MSException;
+import io.metersphere.commons.utils.LogUtil;
 import io.metersphere.ldap.domain.Person;
+import org.apache.shiro.realm.ldap.LdapUtils;
+import org.springframework.ldap.AuthenticationException;
 import org.springframework.ldap.NamingException;
 import org.springframework.ldap.core.*;
 import org.springframework.ldap.core.support.AbstractContextMapper;
@@ -9,10 +13,9 @@ import org.springframework.ldap.query.LdapQuery;
 import org.springframework.stereotype.Service;
 import javax.annotation.Resource;
 import javax.naming.directory.Attributes;
-
-
+import javax.naming.directory.DirContext;
+import javax.naming.ldap.LdapContext;
 import java.util.List;
-
 import static org.springframework.ldap.query.LdapQueryBuilder.query;
 
 @Service
@@ -36,6 +39,38 @@ public class PersonRepoImpl implements PersonRepo {
                 });
     }
 
+    public boolean authenticate(String dn, String credentials) {
+        DirContext ctx = null;
+        try {
+            ctx = ldapTemplate.getContextSource().getContext(dn, credentials);
+//            ldapTemplate.authenticate(dn, credentials);
+            // Take care here - if a base was specified on the ContextSource
+            // that needs to be removed from the user DN for the lookup to succeed.
+            // ctx.lookup(userDn);
+            return true;
+        } catch (AuthenticationException e) {
+            LogUtil.error("ldap authenticate failed..." + e);
+            System.out.println("Login failed: " + e);
+            MSException.throwException("用户认证失败！");
+            return false;
+        } catch (Exception e) {
+            // Context creation failed - authentication did not succeed
+            LogUtil.error("ldap authenticate failed..." + e);
+            System.out.println("Login failed: " + e);
+            MSException.throwException("login failed...");
+            return false;
+        } finally {
+            // It is imperative that the created DirContext instance is always closed
+            LdapUtils.closeContext((LdapContext) ctx);
+        }
+    }
+
+    public List<Person> getAllPersons() {
+        ldapTemplate.setIgnorePartialResultException(true);
+        return ldapTemplate.search(query()
+                .where("objectclass").is("person"), getContextMapper());
+    }
+
     @Override
     public List findByName(String name) {
         ldapTemplate.setIgnorePartialResultException(true);
@@ -74,7 +109,9 @@ public class PersonRepoImpl implements PersonRepo {
         public Person doMapFromContext(DirContextOperations context) {
             Person person = new Person();
             person.setCommonName(context.getStringAttribute("cn"));
-            person.setSuerName(context.getStringAttribute("sn"));
+            person.setSurName(context.getStringAttribute("sn"));
+            person.setUsername(context.getStringAttribute("sAMAccountName"));
+            person.setEmail(context.getStringAttribute("mail"));
             return person;
         }
     }
diff --git a/backend/src/main/java/io/metersphere/ldap/domain/Person.java b/backend/src/main/java/io/metersphere/ldap/domain/Person.java
index 2dcb9eca49..36205db73f 100644
--- a/backend/src/main/java/io/metersphere/ldap/domain/Person.java
+++ b/backend/src/main/java/io/metersphere/ldap/domain/Person.java
@@ -3,11 +3,13 @@ package io.metersphere.ldap.domain;
 import lombok.Data;
 import org.springframework.ldap.odm.annotations.Attribute;
 import org.springframework.ldap.odm.annotations.DnAttribute;
+import org.springframework.ldap.odm.annotations.Entry;
 import org.springframework.ldap.odm.annotations.Id;
 
 import javax.naming.Name;
 
 @Data
+@Entry(objectClasses = {"person", "top"})
 public class Person {
 
     @Id
@@ -17,6 +19,10 @@ public class Person {
     @Attribute(name = "cn")
     private String commonName;
     @Attribute(name = "sn")
-    private String suerName;
-    private String userPassword;
+    private String surName;
+    @Attribute(name = "sAMAccountName")
+    private String username;
+    @Attribute(name = "mail")
+    private String email;
+
 }
\ No newline at end of file