diff options
author | diva | 2009-03-22 04:39:16 +0000 |
---|---|---|
committer | diva | 2009-03-22 04:39:16 +0000 |
commit | 9489ad57f98e13c61725fe157eacf2e56053abe6 (patch) | |
tree | 08f22bd1eae20197e0e53a9300904608d45805b4 /OpenSim/Framework/Communications | |
parent | Initial support for authentication/authorization keys in UserManagerBase, and... (diff) | |
download | opensim-SC-9489ad57f98e13c61725fe157eacf2e56053abe6.zip opensim-SC-9489ad57f98e13c61725fe157eacf2e56053abe6.tar.gz opensim-SC-9489ad57f98e13c61725fe157eacf2e56053abe6.tar.bz2 opensim-SC-9489ad57f98e13c61725fe157eacf2e56053abe6.tar.xz |
Moving the LoginAuth service up, so that it can be shared among standalones and the User Server.
Diffstat (limited to 'OpenSim/Framework/Communications')
-rw-r--r-- | OpenSim/Framework/Communications/HGLoginAuthService.cs | 346 |
1 files changed, 346 insertions, 0 deletions
diff --git a/OpenSim/Framework/Communications/HGLoginAuthService.cs b/OpenSim/Framework/Communications/HGLoginAuthService.cs new file mode 100644 index 0000000..d12b73b --- /dev/null +++ b/OpenSim/Framework/Communications/HGLoginAuthService.cs | |||
@@ -0,0 +1,346 @@ | |||
1 | /* | ||
2 | * Copyright (c) Contributors, http://opensimulator.org/ | ||
3 | * See CONTRIBUTORS.TXT for a full list of copyright holders. | ||
4 | * | ||
5 | * Redistribution and use in source and binary forms, with or without | ||
6 | * modification, are permitted provided that the following conditions are met: | ||
7 | * * Redistributions of source code must retain the above copyright | ||
8 | * notice, this list of conditions and the following disclaimer. | ||
9 | * * Redistributions in binary form must reproduce the above copyright | ||
10 | * notice, this list of conditions and the following disclaimer in the | ||
11 | * documentation and/or other materials provided with the distribution. | ||
12 | * * Neither the name of the OpenSimulator Project nor the | ||
13 | * names of its contributors may be used to endorse or promote products | ||
14 | * derived from this software without specific prior written permission. | ||
15 | * | ||
16 | * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY | ||
17 | * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | ||
18 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | ||
19 | * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY | ||
20 | * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | ||
21 | * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
22 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND | ||
23 | * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
24 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS | ||
25 | * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
26 | */ | ||
27 | |||
28 | using System; | ||
29 | using System.Collections; | ||
30 | using System.Collections.Generic; | ||
31 | using System.Net; | ||
32 | using System.Reflection; | ||
33 | using System.Text.RegularExpressions; | ||
34 | using OpenSim.Framework; | ||
35 | using OpenSim.Framework.Communications.Cache; | ||
36 | using OpenSim.Framework.Communications.Capabilities; | ||
37 | using OpenSim.Framework.Servers; | ||
38 | |||
39 | using OpenMetaverse; | ||
40 | |||
41 | using log4net; | ||
42 | using Nini.Config; | ||
43 | using Nwc.XmlRpc; | ||
44 | |||
45 | namespace OpenSim.Framework.Communications | ||
46 | { | ||
47 | public class HGLoginAuthService : LoginService | ||
48 | { | ||
49 | private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); | ||
50 | |||
51 | protected NetworkServersInfo m_serversInfo; | ||
52 | protected bool m_authUsers = false; | ||
53 | |||
54 | /// <summary> | ||
55 | /// Used by the login service to make requests to the inventory service. | ||
56 | /// </summary> | ||
57 | protected IInterServiceInventoryServices m_interServiceInventoryService; | ||
58 | |||
59 | /// <summary> | ||
60 | /// Used to make requests to the local regions. | ||
61 | /// </summary> | ||
62 | protected ILoginServiceToRegionsConnector m_regionsConnector; | ||
63 | |||
64 | |||
65 | public HGLoginAuthService( | ||
66 | UserManagerBase userManager, string welcomeMess, | ||
67 | IInterServiceInventoryServices interServiceInventoryService, | ||
68 | NetworkServersInfo serversInfo, | ||
69 | bool authenticate, LibraryRootFolder libraryRootFolder, ILoginServiceToRegionsConnector regionsConnector) | ||
70 | : base(userManager, libraryRootFolder, welcomeMess) | ||
71 | { | ||
72 | this.m_serversInfo = serversInfo; | ||
73 | m_defaultHomeX = this.m_serversInfo.DefaultHomeLocX; | ||
74 | m_defaultHomeY = this.m_serversInfo.DefaultHomeLocY; | ||
75 | m_authUsers = authenticate; | ||
76 | |||
77 | m_interServiceInventoryService = interServiceInventoryService; | ||
78 | m_regionsConnector = regionsConnector; | ||
79 | m_inventoryService = interServiceInventoryService; | ||
80 | } | ||
81 | |||
82 | public override XmlRpcResponse XmlRpcLoginMethod(XmlRpcRequest request) | ||
83 | { | ||
84 | m_log.Info("[HGLOGIN] HGLogin called " + request.MethodName); | ||
85 | XmlRpcResponse response = base.XmlRpcLoginMethod(request); | ||
86 | Hashtable responseData = (Hashtable)response.Value; | ||
87 | |||
88 | responseData["grid_service"] = m_serversInfo.GridURL; | ||
89 | responseData["grid_service_send_key"] = m_serversInfo.GridSendKey; | ||
90 | responseData["inventory_service"] = m_serversInfo.InventoryURL; | ||
91 | responseData["asset_service"] = m_serversInfo.AssetURL; | ||
92 | responseData["asset_service_send_key"] = m_serversInfo.AssetSendKey; | ||
93 | int x = (Int32)responseData["region_x"]; | ||
94 | int y = (Int32)responseData["region_y"]; | ||
95 | uint ux = (uint)(x / Constants.RegionSize); | ||
96 | uint uy = (uint)(y / Constants.RegionSize); | ||
97 | ulong regionHandle = Util.UIntsToLong(ux, uy); | ||
98 | responseData["region_handle"] = regionHandle.ToString(); | ||
99 | responseData["http_port"] = (UInt32)m_serversInfo.HttpListenerPort; | ||
100 | |||
101 | // Let's remove the seed cap from the login | ||
102 | //responseData.Remove("seed_capability"); | ||
103 | |||
104 | // Let's add the appearance | ||
105 | UUID userID = UUID.Zero; | ||
106 | UUID.TryParse((string)responseData["agent_id"], out userID); | ||
107 | AvatarAppearance appearance = m_userManager.GetUserAppearance(userID); | ||
108 | if (appearance == null) | ||
109 | { | ||
110 | m_log.WarnFormat("[INTER]: Appearance not found for {0}. Creating default.", userID); | ||
111 | appearance = new AvatarAppearance(); | ||
112 | } | ||
113 | |||
114 | responseData["appearance"] = appearance.ToHashTable(); | ||
115 | |||
116 | // Let's also send the auth token | ||
117 | UUID token = UUID.Random(); | ||
118 | responseData["auth_token"] = token.ToString(); | ||
119 | UserProfileData userProfile = m_userManager.GetUserProfile(userID); | ||
120 | if (userProfile != null) | ||
121 | { | ||
122 | userProfile.WebLoginKey = token; | ||
123 | m_userManager.CommitAgent(ref userProfile); | ||
124 | } | ||
125 | |||
126 | return response; | ||
127 | } | ||
128 | |||
129 | public XmlRpcResponse XmlRpcGenerateKeyMethod(XmlRpcRequest request) | ||
130 | { | ||
131 | |||
132 | // Verify the key of who's calling | ||
133 | UUID userID = UUID.Zero; | ||
134 | UUID authKey = UUID.Zero; | ||
135 | UUID.TryParse((string)request.Params[0], out userID); | ||
136 | UUID.TryParse((string)request.Params[1], out authKey); | ||
137 | |||
138 | m_log.InfoFormat("[HGLOGIN] HGGenerateKey called with authToken ", authKey); | ||
139 | string newKey = string.Empty; | ||
140 | |||
141 | if (!(m_userManager is IAuthentication)) | ||
142 | { | ||
143 | m_log.Debug("[HGLOGIN]: UserManager is not IAuthentication service. Returning empty key."); | ||
144 | } | ||
145 | else | ||
146 | { | ||
147 | newKey = ((IAuthentication)m_userManager).GetNewKey(m_serversInfo.UserURL, userID, authKey); | ||
148 | } | ||
149 | |||
150 | XmlRpcResponse response = new XmlRpcResponse(); | ||
151 | response.Value = (string) newKey; | ||
152 | return response; | ||
153 | } | ||
154 | |||
155 | public XmlRpcResponse XmlRpcVerifyKeyMethod(XmlRpcRequest request) | ||
156 | { | ||
157 | foreach (object o in request.Params) | ||
158 | { | ||
159 | if (o != null) | ||
160 | m_log.Debug(" >> Param " + o.ToString()); | ||
161 | else | ||
162 | m_log.Debug(" >> Null"); | ||
163 | } | ||
164 | |||
165 | // Verify the key of who's calling | ||
166 | UUID userID = UUID.Zero; | ||
167 | string authKey = string.Empty; | ||
168 | UUID.TryParse((string)request.Params[0], out userID); | ||
169 | authKey = (string)request.Params[1]; | ||
170 | |||
171 | m_log.InfoFormat("[HGLOGIN] HGVerifyKey called with key ", authKey); | ||
172 | bool success = false; | ||
173 | |||
174 | if (!(m_userManager is IAuthentication)) | ||
175 | { | ||
176 | m_log.Debug("[HGLOGIN]: UserManager is not IAuthentication service. Denying."); | ||
177 | } | ||
178 | else | ||
179 | { | ||
180 | success = ((IAuthentication)m_userManager).VerifyKey(userID, authKey); | ||
181 | } | ||
182 | |||
183 | XmlRpcResponse response = new XmlRpcResponse(); | ||
184 | response.Value = (string)success.ToString(); | ||
185 | return response; | ||
186 | } | ||
187 | |||
188 | public override UserProfileData GetTheUser(string firstname, string lastname) | ||
189 | { | ||
190 | UserProfileData profile = m_userManager.GetUserProfile(firstname, lastname); | ||
191 | if (profile != null) | ||
192 | { | ||
193 | return profile; | ||
194 | } | ||
195 | |||
196 | if (!m_authUsers) | ||
197 | { | ||
198 | //no current user account so make one | ||
199 | m_log.Info("[LOGIN]: No user account found so creating a new one."); | ||
200 | |||
201 | m_userManager.AddUser(firstname, lastname, "test", "", m_defaultHomeX, m_defaultHomeY); | ||
202 | |||
203 | return m_userManager.GetUserProfile(firstname, lastname); | ||
204 | } | ||
205 | |||
206 | return null; | ||
207 | } | ||
208 | |||
209 | public override bool AuthenticateUser(UserProfileData profile, string password) | ||
210 | { | ||
211 | if (!m_authUsers) | ||
212 | { | ||
213 | //for now we will accept any password in sandbox mode | ||
214 | m_log.Info("[LOGIN]: Authorising user (no actual password check)"); | ||
215 | |||
216 | return true; | ||
217 | } | ||
218 | else | ||
219 | { | ||
220 | m_log.Info( | ||
221 | "[LOGIN]: Authenticating " + profile.FirstName + " " + profile.SurName); | ||
222 | |||
223 | if (!password.StartsWith("$1$")) | ||
224 | password = "$1$" + Util.Md5Hash(password); | ||
225 | |||
226 | password = password.Remove(0, 3); //remove $1$ | ||
227 | |||
228 | string s = Util.Md5Hash(password + ":" + profile.PasswordSalt); | ||
229 | |||
230 | bool loginresult = (profile.PasswordHash.Equals(s.ToString(), StringComparison.InvariantCultureIgnoreCase) | ||
231 | || profile.PasswordHash.Equals(password, StringComparison.InvariantCultureIgnoreCase)); | ||
232 | return loginresult; | ||
233 | } | ||
234 | } | ||
235 | |||
236 | protected override RegionInfo RequestClosestRegion(string region) | ||
237 | { | ||
238 | return m_regionsConnector.RequestClosestRegion(region); | ||
239 | } | ||
240 | |||
241 | protected override RegionInfo GetRegionInfo(ulong homeRegionHandle) | ||
242 | { | ||
243 | return m_regionsConnector.RequestNeighbourInfo(homeRegionHandle); | ||
244 | } | ||
245 | |||
246 | protected override RegionInfo GetRegionInfo(UUID homeRegionId) | ||
247 | { | ||
248 | return m_regionsConnector.RequestNeighbourInfo(homeRegionId); | ||
249 | } | ||
250 | |||
251 | |||
252 | /// <summary> | ||
253 | /// Prepare a login to the given region. This involves both telling the region to expect a connection | ||
254 | /// and appropriately customising the response to the user. | ||
255 | /// </summary> | ||
256 | /// <param name="sim"></param> | ||
257 | /// <param name="user"></param> | ||
258 | /// <param name="response"></param> | ||
259 | /// <returns>true if the region was successfully contacted, false otherwise</returns> | ||
260 | protected override bool PrepareLoginToRegion(RegionInfo regionInfo, UserProfileData user, LoginResponse response) | ||
261 | { | ||
262 | IPEndPoint endPoint = regionInfo.ExternalEndPoint; | ||
263 | response.SimAddress = endPoint.Address.ToString(); | ||
264 | response.SimPort = (uint)endPoint.Port; | ||
265 | response.RegionX = regionInfo.RegionLocX; | ||
266 | response.RegionY = regionInfo.RegionLocY; | ||
267 | |||
268 | string capsPath = CapsUtil.GetRandomCapsObjectPath(); | ||
269 | string capsSeedPath = CapsUtil.GetCapsSeedPath(capsPath); | ||
270 | |||
271 | // Don't use the following! It Fails for logging into any region not on the same port as the http server! | ||
272 | // Kept here so it doesn't happen again! | ||
273 | // response.SeedCapability = regionInfo.ServerURI + capsSeedPath; | ||
274 | |||
275 | string seedcap = "http://"; | ||
276 | |||
277 | if (m_serversInfo.HttpUsesSSL) | ||
278 | { | ||
279 | seedcap = "https://" + m_serversInfo.HttpSSLCN + ":" + m_serversInfo.httpSSLPort + capsSeedPath; | ||
280 | } | ||
281 | else | ||
282 | { | ||
283 | seedcap = "http://" + regionInfo.ExternalHostName + ":" + m_serversInfo.HttpListenerPort + capsSeedPath; | ||
284 | } | ||
285 | |||
286 | response.SeedCapability = seedcap; | ||
287 | |||
288 | // Notify the target of an incoming user | ||
289 | m_log.InfoFormat( | ||
290 | "[LOGIN]: Telling {0} @ {1},{2} ({3}) to prepare for client connection", | ||
291 | regionInfo.RegionName, response.RegionX, response.RegionY, regionInfo.ServerURI); | ||
292 | |||
293 | // Update agent with target sim | ||
294 | user.CurrentAgent.Region = regionInfo.RegionID; | ||
295 | user.CurrentAgent.Handle = regionInfo.RegionHandle; | ||
296 | |||
297 | AgentCircuitData agent = new AgentCircuitData(); | ||
298 | agent.AgentID = user.ID; | ||
299 | agent.firstname = user.FirstName; | ||
300 | agent.lastname = user.SurName; | ||
301 | agent.SessionID = user.CurrentAgent.SessionID; | ||
302 | agent.SecureSessionID = user.CurrentAgent.SecureSessionID; | ||
303 | agent.circuitcode = Convert.ToUInt32(response.CircuitCode); | ||
304 | agent.BaseFolder = UUID.Zero; | ||
305 | agent.InventoryFolder = UUID.Zero; | ||
306 | agent.startpos = user.CurrentAgent.Position; | ||
307 | agent.CapsPath = capsPath; | ||
308 | agent.Appearance = m_userManager.GetUserAppearance(user.ID); | ||
309 | if (agent.Appearance == null) | ||
310 | { | ||
311 | m_log.WarnFormat("[INTER]: Appearance not found for {0} {1}. Creating default.", agent.firstname, agent.lastname); | ||
312 | agent.Appearance = new AvatarAppearance(); | ||
313 | } | ||
314 | |||
315 | if (m_regionsConnector.RegionLoginsEnabled) | ||
316 | { | ||
317 | // m_log.Info("[LLStandaloneLoginModule] Informing region about user"); | ||
318 | return m_regionsConnector.NewUserConnection(regionInfo.RegionHandle, agent); | ||
319 | } | ||
320 | |||
321 | return false; | ||
322 | } | ||
323 | |||
324 | public override void LogOffUser(UserProfileData theUser, string message) | ||
325 | { | ||
326 | RegionInfo SimInfo; | ||
327 | try | ||
328 | { | ||
329 | SimInfo = this.m_regionsConnector.RequestNeighbourInfo(theUser.CurrentAgent.Handle); | ||
330 | |||
331 | if (SimInfo == null) | ||
332 | { | ||
333 | m_log.Error("[LOCAL LOGIN]: Region user was in isn't currently logged in"); | ||
334 | return; | ||
335 | } | ||
336 | } | ||
337 | catch (Exception) | ||
338 | { | ||
339 | m_log.Error("[LOCAL LOGIN]: Unable to look up region to log user off"); | ||
340 | return; | ||
341 | } | ||
342 | |||
343 | m_regionsConnector.LogOffUserFromGrid(SimInfo.RegionHandle, theUser.ID, theUser.CurrentAgent.SecureSessionID, "Logging you off"); | ||
344 | } | ||
345 | } | ||
346 | } | ||