feat(security): LdapAuthResult.IsSystemFailure distinguishes directory outage from credential deny (03/S2)
This commit is contained in:
@@ -7,4 +7,15 @@ public sealed record LdapAuthResult(
|
||||
string? Username,
|
||||
IReadOnlyList<string> Groups,
|
||||
IReadOnlyList<string> Roles,
|
||||
string? Error);
|
||||
string? Error)
|
||||
{
|
||||
/// <summary>
|
||||
/// <c>true</c> when this failure is a SYSTEM-side directory fault (the directory is unreachable or
|
||||
/// the service account is misconfigured) rather than a user-credential deny. Feeds the OPC UA
|
||||
/// data-plane authenticator's outage circuit (03/S2): a run of consecutive system-side failures
|
||||
/// opens the circuit and fails fast, whereas user-side denies never trip it. Always <c>false</c>
|
||||
/// on success and on user-side denies; set only on the delegated real path for the library's
|
||||
/// directory-unreachable bucket.
|
||||
/// </summary>
|
||||
public bool IsSystemFailure { get; init; }
|
||||
}
|
||||
|
||||
@@ -113,7 +113,13 @@ public sealed class OtOpcUaLdapAuthService : ILdapAuthService
|
||||
if (result.Succeeded)
|
||||
return new(true, result.DisplayName, result.Username, result.Groups, [], null);
|
||||
|
||||
return new(false, null, username, [], [], FailureToError(result.Failure));
|
||||
// ServiceAccountBindFailed is the library's directory-unreachable / service-account-misconfigured
|
||||
// bucket (its enum has no dedicated DirectoryUnavailable) — flag it as system-side so the OPC UA
|
||||
// authenticator's outage circuit can distinguish an outage from a user-credential deny (03/S2).
|
||||
return new(false, null, username, [], [], FailureToError(result.Failure))
|
||||
{
|
||||
IsSystemFailure = result.Failure is LdapAuthFailure.ServiceAccountBindFailed,
|
||||
};
|
||||
}
|
||||
|
||||
/// <summary>Folds a structured library failure code into the app's user-facing error text.</summary>
|
||||
|
||||
Reference in New Issue
Block a user