feat(auth): initial auth added part 2, refs NOISSUE

.gitea/workflows/release.yml

@@ -38,10 +38,6 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v3
-    - name: Set up dotnet
-      uses: actions/setup-dotnet@v4
-      with:
-        dotnet-version: '9.0.X'
     - name: Check version match
       run: |
         REPOSITORY_NAME=$(echo "$GITHUB_REPOSITORY" | awk -F '/' '{print $2}' | tr '-' '_')
@@ -61,5 +57,5 @@ jobs:
       run: |
         REPOSITORY_OWNER=$(echo "$GITHUB_REPOSITORY" | awk -F '/' '{print $1}' | tr '[:upper:]' '[:lower:]')
         REPOSITORY_NAME=$(echo "$GITHUB_REPOSITORY" | awk -F '/' '{print $2}' | tr '-' '_')
-        docker build -t "git.disi.dev/$REPOSITORY_OWNER/song-of-the-day:$(cat $REPOSITORY_NAME/VERSION)" ./song_of_the_day
+        docker build -t "git.disi.dev/$REPOSITORY_OWNER/song-of-the-day:$(cat $REPOSITORY_NAME/VERSION)" ./
         docker push "git.disi.dev/$REPOSITORY_OWNER/song-of-the-day:$(cat $REPOSITORY_NAME/VERSION)"

Dockerfile

@@ -3,10 +3,13 @@ WORKDIR /App
 
 # Copy everything
 COPY . ./
+
+RUN apt upgrade && apt install libldap -y
+
 # Restore as distinct layers
-RUN dotnet restore
+RUN dotnet restore ./song_of_the_day/song_of_the_day.csproj
 # Build and publish a release
-RUN dotnet publish -o out
+RUN dotnet publish ./song_of_the_day/song_of_the_day.csproj -o out
 
 # Build runtime image
 FROM mcr.microsoft.com/dotnet/aspnet:9.0

HISTORY.md

@@ -5,10 +5,56 @@ Changelog
 (unreleased)
 ------------
 
+Fix
+~~~
+- Fix new user saving refs NOISSUE. [Simon Diesenreiter]
+
+
+0.1.20 (2025-04-15)
+-------------------
+
+Fix
+~~~
+- Remove unnecessary dotnet runtime download in CI job refs NOISSUE.
+  [Simon Diesenreiter]
+
+Other
+~~~~~
+
+
+0.1.19 (2025-04-15)
+-------------------
+
+Fix
+~~~
+- Improve Docker build refs NOISSUE. [Simon Diesenreiter]
+
+Other
+~~~~~
+
+
+0.1.18 (2025-04-15)
+-------------------
+
+Fix
+~~~
+- Remove broken Crontimer NuGet feed reference refs NOISSUE. [Simon
+  Diesenreiter]
+
+Other
+~~~~~
+
+
+0.1.17 (2025-04-15)
+-------------------
+
 Fix
 ~~~
 - Remove uinnecessary NuGet login refs NOISSUE. [Simon Diesenreiter]
 
+Other
+~~~~~
+
 
 0.1.16 (2025-04-15)
 -------------------

song_of_the_day/Auth/ConfigurationAD.cs

@@ -0,0 +1,16 @@
+public class ConfigurationAD
+{
+    public int Port { get; set; } = 389;
+    public string Zone { get; set; } = string.Empty;
+    public string Domain { get; set; } = string.Empty;
+    public string Subdomain { get; set; } = string.Empty;
+
+    public string Username { get; set; } = string.Empty;
+    public string Password { get; set; } = string.Empty;
+
+    public string LDAPserver { get; set; } = string.Empty;
+    public string LDAPQueryBase { get; set; } = string.Empty;
+
+    public string Crew { get; set; } = string.Empty;
+    public string Managers { get; set; } = string.Empty;
+}

song_of_the_day/Config/AppConfiguration.cs

@@ -16,8 +16,22 @@ public class AppConfiguration
         this.SignalGroupId = Environment.GetEnvironmentVariable("SIGNAL_GROUP_ID") ?? "group.Wmk1UTVQTnh0Sjd6a0xiOGhnTnMzZlNkc2p2Q3c0SXJiQkU2eDlNU0hyTT0=";
         this.WebUIBaseURL = Environment.GetEnvironmentVariable("WEB_BASE_URL") ?? "https://sotd.disi.dev/";
         this.UseBotTag = bool.Parse(Environment.GetEnvironmentVariable("USE_BOT_TAG") ?? "true");
+        var managersGroupName = Environment.GetEnvironmentVariable("LDAP_ADMINGROUP") ?? "admins";
+        var userGroupName = Environment.GetEnvironmentVariable("LDAP_USERGROUP") ?? "everyone";
+        this.LDAPConfig = new ConfigurationAD() {
+            Username = Environment.GetEnvironmentVariable("LDAP_BIND") ?? "cn=admin.dc=disi,dc=dev",
+            Password = Environment.GetEnvironmentVariable("LDAP_PASS") ?? "adminPass2022!",
+            Port = !string.IsNullOrEmpty(Environment.GetEnvironmentVariable("LDAP_BIND")) ? int.Parse(Environment.GetEnvironmentVariable("LDAP_BIND")) : 389,
+            LDAPserver = Environment.GetEnvironmentVariable("LDAP_URL") ?? "192.168.1.108",
+            LDAPQueryBase = Environment.GetEnvironmentVariable("LDAP_BASE") ?? "dc=disi,dc=dev",
+            Crew = $"cn={userGroupName},ou=groups,dc=disi,dc=dev",
+            Managers = $"cn={managersGroupName},ou=groups,dc=disi,dc=dev"
+        };
     }
 
+    public string Crew { get; set; } = string.Empty;
+    public string Managers { get; set; } = string.Empty;
+
     public string SignalAPIEndpointUri
     {
         get; private set;
@@ -72,4 +86,8 @@ public class AppConfiguration
     {
         get; private set;
     }
+
+    public ConfigurationAD LDAPConfig {
+        get; private set;
+    }
 }

song_of_the_day/Program.cs

@@ -2,6 +2,9 @@
 using Scalar.AspNetCore;
 using Microsoft.AspNetCore.OpenApi;
 using Microsoft.EntityFrameworkCore;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.Cookies;
+using System.DirectoryServices.Protocols;
 
 SignalIntegration.Instance = new SignalIntegration(AppConfiguration.Instance.SignalAPIEndpointUri,
                                                     int.Parse(AppConfiguration.Instance.SignalAPIEndpointPort),
@@ -33,6 +36,7 @@ userCheckTimer.OnOccurence += async (s, ea) =>
                 NickName = string.Empty,
                 IsIntroduced = false
             };
+            dci.Users.Add(newUser);
             needsSaving = true;
         }
     }
@@ -43,7 +47,7 @@ userCheckTimer.OnOccurence += async (s, ea) =>
     }
     await dci.DisposeAsync();
 };
-userCheckTimer.Start();
+//userCheckTimer.Start();
 
 Console.WriteLine("Setting up user intro timer");
 var userIntroTimer = new CronTimer("*/1 * * * *", "Europe/Vienna", includingSeconds: false);
@@ -65,7 +69,7 @@ userIntroTimer.OnOccurence += async (s, ea) =>
     }
     await dci.DisposeAsync();
 };
-userIntroTimer.Start();
+//userIntroTimer.Start();
 
 
 Console.WriteLine("Setting up pick of the day timer");
@@ -81,7 +85,84 @@ pickOfTheDayTimer.OnOccurence += async (s, ea) =>
     SignalIntegration.Instance.SendMessageToUserAsync($"Today's (optional) suggestion helper to help you pick a song is:\n\n**{suggestion.Title}**\n\n*{suggestion.Description}*", luckyUser.SignalMemberId);
     SignalIntegration.Instance.SendMessageToUserAsync($"For now please just share your suggestion with the group - in the future I might ask you to share directly with me or via the website to help me keep track of past suggestions!", luckyUser.SignalMemberId);
 };
-pickOfTheDayTimer.Start();
+//pickOfTheDayTimer.Start();
+
+var connection = new LdapConnection(AppConfiguration.Instance.LDAPConfig.LDAPserver)
+{
+    Credential = new(
+        AppConfiguration.Instance.LDAPConfig.Username,
+        AppConfiguration.Instance.LDAPConfig.Password
+    )
+};
+
+var attributesToQuery = new string[]
+{
+    "objectGUID",
+    "sAMAccountName",
+    "displayName",
+    "mail",
+    "whenCreated"
+};
+
+SearchResponse SearchInAD(
+    string ldapServer,
+    int ldapPort,
+    string domainForAD,
+    string username,
+    string password,
+    string targetOU,
+    string query,
+    SearchScope scope,
+    params string[] attributeList
+    )
+{
+    // on Windows the authentication type is Negotiate, so there is no need to prepend
+    // AD user login with domain. On other platforms at the moment only
+    // Basic authentication is supported
+    var authType = AuthType.Basic;
+
+    //var connection = new LdapConnection(ldapServer)
+    var connection = new LdapConnection(
+        new LdapDirectoryIdentifier(ldapServer, ldapPort)
+        )
+    {
+        AuthType = authType,
+        Credential = new(username, password)
+    };
+    // the default one is v2 (at least in that version), and it is unknown if v3
+    // is actually needed, but at least Synology LDAP works only with v3,
+    // and since our Exchange doesn't complain, let it be v3
+    connection.SessionOptions.ProtocolVersion = 3;
+
+    // this is for connecting via LDAPS (636 port). It should be working,
+    // according to https://github.com/dotnet/runtime/issues/43890,
+    // but it doesn't (at least with Synology DSM LDAP), although perhaps
+    // for a different reason
+    //connection.SessionOptions.SecureSocketLayer = true;
+
+    connection.Bind();
+
+    var request = new SearchRequest(targetOU, query, scope, attributeList);
+
+    return (SearchResponse)connection.SendRequest(request);
+}
+
+var searchResults = SearchInAD(
+    AppConfiguration.Instance.LDAPConfig.LDAPserver,
+    AppConfiguration.Instance.LDAPConfig.Port,
+    AppConfiguration.Instance.LDAPConfig.Username,
+    AppConfiguration.Instance.LDAPConfig.Password,
+    AppConfiguration.Instance.LDAPConfig.LDAPQueryBase,
+    new StringBuilder("(&")
+        .Append("(objectCategory=person)")
+        .Append("(objectClass=user)")
+        .Append($"(memberOf={_configurationAD.Crew})")
+        .Append("(!(userAccountControl:1.2.840.113556.1.4.803:=2))")
+        .Append(")")
+        .ToString(),
+    SearchScope.Subtree,
+    attributesToQuery
+);
 
 // Add services to the container.
 builder.Services.AddRazorPages();

song_of_the_day/VERSION

@@ -1 +1 @@
-0.1.17
+0.1.21

song_of_the_day/song_of_the_day.csproj

@@ -16,7 +16,7 @@
     <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL" Version="9.0.4" />
     <PackageReference Include="NSwag.ApiDescription.Client" Version="13.0.5" />
     <PackageReference Include="Scalar.AspNetCore" Version="2.1.*" />
-    <PackageReference Include="CronTimer" Version="2.0.1" />
+    <PackageReference Include="System.DirectoryServices.Protocols" Version="*" />
   </ItemGroup>
   <ItemGroup>
     <OpenApiReference Include="swagger.json" SourceUrl="https://bbernhard.github.io/signal-cli-rest-api/src/docs/swagger.json" />