README.md

@@ -14,6 +14,10 @@ Instructions for making it run:
 * Visit your SharePoint and put in your User Guid
 	* You find one from your Coscine database
 	* You should be logged in with that User Guid
+* Set the value "coscine/global/ad/url" in your Consul storage with your Active Directory url
+* Set the value "coscine/global/ad/ou" in your Consul storage with your Active Directory orginizational unit
+* Set the value "coscine/global/ad/username" in your Consul storage with your Active Directory username
+* Set the value "coscine/global/ad/password" in your Consul storage with your Active Directory password
 * Have fun!
 
 For ORCiD:

docs/home.md

@@ -14,6 +14,10 @@ Instructions for making it run:
 * Visit your SharePoint and put in your User Guid
 	* You find one from your Coscine database
 	* You should be logged in with that User Guid
+* Set the value "coscine/global/ad/url" in your Consul storage with your Active Directory url
+* Set the value "coscine/global/ad/ou" in your Consul storage with your Active Directory orginizational unit
+* Set the value "coscine/global/ad/username" in your Consul storage with your Active Directory username
+* Set the value "coscine/global/ad/password" in your Consul storage with your Active Directory password
 * Have fun!
 
 ### Links 

src/STS/Controllers/ORCiDController.cs

@@ -15,6 +15,8 @@ using System.Net;
 using Microsoft.IdentityModel.Logging;
 using Coscine.ApiCommons.Models;
 using System.Linq;
+using System.DirectoryServices;
+using System.DirectoryServices.AccountManagement;
 
 namespace Coscine.STS.Controllers
 {
@@ -67,7 +69,7 @@ namespace Coscine.STS.Controllers
                     UserPlainModel userPlainModel = new UserPlainModel(Program.Configuration);
                     var user = new User
                     {
-                        DisplayName = givenname + " " + surname,
+                        DisplayName = (givenname + " " + surname).Trim(),
                         EmailAddress = ORCiD + "@orcid.org",
                         Surname = surname,
                         Givenname = givenname

src/STS/Properties/AssemblyInfo.cs

@@ -9,8 +9,8 @@ using System.Reflection;
 [assembly: AssemblyDescription("STS is a part of the CoScInE group.")]
 [assembly: AssemblyCompany("IT Center, RWTH Aachen University")]
 [assembly: AssemblyProduct("STS")]
-[assembly: AssemblyVersion("1.5.0.0")]
-[assembly: AssemblyFileVersion("1.5.0.0")]
-[assembly: AssemblyInformationalVersion("1.5.0.0")]
+[assembly: AssemblyVersion("1.6.0.0")]
+[assembly: AssemblyFileVersion("1.6.0.0")]
+[assembly: AssemblyInformationalVersion("1.6.0.0")]
 [assembly: AssemblyCopyright("2019 IT Center, RWTH Aachen University")]
 

src/STS/STS.csproj

@@ -9,8 +9,8 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Coscine.ApiCommons" Version="1.2.1" />
-    <PackageReference Include="Coscine.Database" Version="1.5.1" />
+    <PackageReference Include="Coscine.ApiCommons" Version="1.2.2" />
+    <PackageReference Include="Coscine.Database" Version="1.10.0" />
     <PackageReference Include="Microsoft.AspNetCore" Version="2.2.0" />
     <PackageReference Include="Microsoft.AspNetCore.Authentication" Version="2.2.0" />
     <PackageReference Include="Microsoft.AspNetCore.Authentication.Abstractions" Version="2.2.0" />
@@ -21,6 +21,9 @@
     <PackageReference Include="Microsoft.AspNetCore.StaticFiles" Version="2.2.0" />
     <PackageReference Include="Microsoft.IdentityModel" Version="7.0.0" />
     <PackageReference Include="Microsoft.NET.Sdk.Razor" Version="2.2.0" />
+    <PackageReference Include="System.DirectoryServices" Version="4.6.0" />
+    <PackageReference Include="System.DirectoryServices.AccountManagement" Version="4.6.0" />
+    <PackageReference Include="System.DirectoryServices.Protocols" Version="4.6.0" />
     <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="5.5.0" />
   </ItemGroup>
 

src/STS/Security/CustomSecurityTokenService.cs

 using Coscine.ApiCommons.Models;
 using System;
 using System.Configuration;
+using System.DirectoryServices;
 using System.IdentityModel;
 using System.IdentityModel.Configuration;
 using System.IdentityModel.Protocols.WSTrust;
@@ -77,6 +78,8 @@ namespace Coscine.STS.Security
             UserPlainModel userPlainModel = new UserPlainModel(Program.Configuration);
             var user = userPlainModel.GetById(Guid.Parse(principal.Identity.Name));
 
+            AddToAD(user);
+
             var claims = new[]
                 {
                     new Claim(System.IdentityModel.Claims.ClaimTypes.Name, user.DisplayName),
@@ -91,6 +94,49 @@ namespace Coscine.STS.Security
             return identity;
         }
 
+        private static void AddToAD(Database.Model.User user)
+        {
+            // If keys exist
+            if (Program.Configuration.KeysAndWait("coscine/global/ad") != null)
+            {
+                var adUsername = Program.Configuration.GetStringAndWait("coscine/global/ad/username");
+                var adPassword = Program.Configuration.GetStringAndWait("coscine/global/ad/password");
+
+                using (DirectoryEntry directoryEntry = new DirectoryEntry("LDAP://" + Program.Configuration.GetStringAndWait("coscine/global/ad/url"), adUsername, adPassword))
+                {
+                    using (var coscineEntry = directoryEntry.Children.Find("OU=" + Program.Configuration.GetStringAndWait("coscine/global/ad/ou")))
+                    {
+                        try
+                        {
+                            // Check if user already exists in AD
+                            coscineEntry.Children.Find("CN=" + user.Id);
+                        }
+                        catch (DirectoryServicesCOMException)
+                        {
+                            using (var newUser = coscineEntry.Children.Add("CN=" + user.Id, "User"))
+                            {
+                                newUser.Properties["sAMAccountName"].Value = user.Id.ToString().Substring(0, 20);
+                                if (!string.IsNullOrWhiteSpace(user.Givenname))
+                                {
+                                    newUser.Properties["givenName"].Value = user.Givenname;
+                                }
+                                if (!string.IsNullOrWhiteSpace(user.Surname))
+                                {
+                                    newUser.Properties["sn"].Value = user.Surname;
+                                }
+                                newUser.Properties["displayName"].Value = user.DisplayName;
+                                newUser.Properties["mail"].Value = user.EmailAddress;
+                                newUser.Properties["uid"].Value = user.Id.ToString();
+                                newUser.Properties["userPrincipalName"].Value = user.Id.ToString() + "@" + Program.Configuration.GetStringAndWait("coscine/global/ad/url");
+
+                                newUser.CommitChanges();
+                            }
+                        }
+                    }
+                }
+            }
+        }
+
         public static X509Certificate2 GetCertificate()
         {
             var pfx = Program.Configuration.GetAndWait("coscine/global/sts/pfx");