Hello, I already tried that, but I get: “VoloLdapExternalLoginProvider.CreateUserIfNotExistsAsync(string, string, ExternalLoginUserInfo)”: No suitable method for overwriting was found.
using AbelSystems_QMP.Security;
using LdapForNet;
using Microsoft.AspNetCore.Identity;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Volo.Abp.Features;
using Volo.Abp.Guids;
using Volo.Abp.Identity;
using Volo.Abp.Identity.ExternalLoginProviders.Ldap;
using Volo.Abp.MultiTenancy;
using Volo.Abp.Settings;
namespace AbelSystems_QMP.LDAP
{
public class VoloLdapExternalLoginProvider : LdapExternalLoginProvider
{
private readonly VoloOpenLdapManager _ldapManager;
private readonly QMPLdapSettingProvider _qmpLdapSettingProvider;
private readonly ILDAPAppService _ldapLoginAppService;
public VoloLdapExternalLoginProvider(
IGuidGenerator guidGenerator,
ICurrentTenant currentTenant,
IdentityUserManager userManager,
IIdentityUserRepository identityUserRepository,
OpenLdapManager ldapManager,
QMPLdapSettingProvider qmpLdapSettingProvider,
IFeatureChecker featureChecker,
ISettingProvider settingProvider,
IOptions<IdentityOptions> identityOptions,
ILDAPAppService ldapLoginAppService)
: base(guidGenerator,
currentTenant,
userManager,
identityUserRepository,
ldapManager,
qmpLdapSettingProvider,
featureChecker,
settingProvider,
identityOptions)
{
_ldapManager = (VoloOpenLdapManager)ldapManager;
_qmpLdapSettingProvider = qmpLdapSettingProvider;
_ldapLoginAppService = ldapLoginAppService;
}
protected override Task<string> NormalizeUserNameAsync(string userName)
{
return Task.FromResult(userName);
}
protected override async Task<ExternalLoginUserInfo> GetUserInfoAsync(IdentityUser user)
{
var userInfo = await base.GetUserInfoAsync(user);
return userInfo;
}
protected override async Task<ExternalLoginUserInfo> GetUserInfoAsync(string userName)
{
var entry = await _ldapManager.FindUserAsync(userName);
if (entry == null)
{
throw new Exception($"LDAP user '{userName}' not found.");
}
var attr = entry.DirectoryAttributes;
// Felder dynamisch laden
var emailField = await _qmpLdapSettingProvider.GetEmailFieldAsync();
var givenNameField = await _qmpLdapSettingProvider.GetGivenNameFieldAsync();
var surnameField = await _qmpLdapSettingProvider.GetSurnameFieldAsync();
var departmentField = await _qmpLdapSettingProvider.GetAbteilungFieldAsync();
var phoneField = await _qmpLdapSettingProvider.GetTelefongFieldAsync();
var rolesField = await _qmpLdapSettingProvider.GetRoleFieldAsync();
// Dynamisch auslesen
var email = TryGetAttrValue(attr, emailField);
var givenName = TryGetAttrValue(attr, givenNameField);
var surname = TryGetAttrValue(attr, surnameField);
var department = TryGetAttrValue(attr, departmentField);
var phone = TryGetAttrValue(attr, phoneField);
var memberOf = TryGetAttrValues(attr, rolesField);
var roleNames = memberOf
.Select(dn => dn.Split(',').FirstOrDefault(x => x.StartsWith("CN=", StringComparison.InvariantCultureIgnoreCase)))
.Where(cn => cn != null)
.Select(cn => cn!.Substring(3)) // "CN=QM-Leitung" → "QM-Leitung"
.Distinct()
.ToList();
var userInfo = new QMPExternalLoginUserInfo(email ?? $"{userName}@unknown.local")
{
Name = givenName,
Surname = surname+"XX",
Department = department,
PhoneNumber = phone,
PhoneNumberConfirmed = true,
EmailConfirmed = true,
LdapRoles = roleNames,
};
return userInfo;
}
private static List<string> TryGetAttrValues(SearchResultAttributeCollection attr, string key)
{
return attr.TryGetValue(key, out var val)
? val.GetValues<string>().ToList()
: new List<string>();
}
private static string? TryGetAttrValue(SearchResultAttributeCollection attr, string key)
{
return attr.TryGetValue(key, out var val) ? val.GetValue<string>() : null;
}
public override async Task<bool> TryAuthenticateAsync(string userName, string plainPassword)
{
var ldapValid = await LdapManager.AuthenticateAsync(userName, plainPassword);
if (!ldapValid)
{
return false; // Kein Login, kein Benutzer
}
var userInfo = await GetUserInfoAsync(userName) as QMPExternalLoginUserInfo;
if (userInfo == null)
{
return false; // Kein Benutzerinfo, kein Login
}
// Optional: Existiert schon?
// Jetzt selbst anlegen
var dto = new QMPExternalLoginUserInfoDto
{
Email = userInfo.Email,
Name = userInfo.Name+"YYYY",
Surname = userInfo.Surname,
Department = userInfo.Department,
Phone = userInfo.PhoneNumber,
LdapRoles = userInfo.LdapRoles
};
var userDto = await _ldapLoginAppService.CreateOrUpdateFromExternalAsync(dto);
if (userDto == null)
{
Logger.LogInformation("Login unterdrückt – kein Benutzer angelegt.");
return false;
}
// Benutzer existiert → ABP loggt ihn automatisch ein
return true;
}
protected override Task<ExternalLoginUserInfo> CreateUserIfNotExistsAsync(string userName,string providerName,ExternalLoginUserInfo externalUser)
{
// Prevent automatic user creation
// Optionally, throw a custom exception or return null
return Task.FromResult<ExternalLoginUserInfo>(null);
}
//protected override async Task<ExternalLoginUserInfo> GetUserInfoAsync(string userName)
//{
// return await base.GetUserInfoAsync(userName);
//}
}
}
Uwe
