diff options
author | Melanie | 2009-09-04 07:03:43 +0100 |
---|---|---|
committer | Melanie | 2009-09-04 07:03:43 +0100 |
commit | 11700ba4a4e35cf7512f7f6e8b9b8e54e812f574 (patch) | |
tree | 683c464db85a52aa0b176c8f2d9ec91df9f94c1d /OpenSim | |
parent | More work on new authentication service (diff) | |
download | opensim-SC-11700ba4a4e35cf7512f7f6e8b9b8e54e812f574.zip opensim-SC-11700ba4a4e35cf7512f7f6e8b9b8e54e812f574.tar.gz opensim-SC-11700ba4a4e35cf7512f7f6e8b9b8e54e812f574.tar.bz2 opensim-SC-11700ba4a4e35cf7512f7f6e8b9b8e54e812f574.tar.xz |
Implement plain password authentication partway. Tested, but no user
functionality yet.
Diffstat (limited to 'OpenSim')
7 files changed, 297 insertions, 26 deletions
diff --git a/OpenSim/Server/Base/ServerUtils.cs b/OpenSim/Server/Base/ServerUtils.cs index 8d76ffe..0a36bbe 100644 --- a/OpenSim/Server/Base/ServerUtils.cs +++ b/OpenSim/Server/Base/ServerUtils.cs | |||
@@ -31,6 +31,7 @@ using System.Reflection; | |||
31 | using System.Xml; | 31 | using System.Xml; |
32 | using System.Xml.Serialization; | 32 | using System.Xml.Serialization; |
33 | using System.Text; | 33 | using System.Text; |
34 | using System.Collections.Generic; | ||
34 | using log4net; | 35 | using log4net; |
35 | using OpenSim.Framework; | 36 | using OpenSim.Framework; |
36 | 37 | ||
@@ -156,5 +157,31 @@ namespace OpenSim.Server.Base | |||
156 | return null; | 157 | return null; |
157 | } | 158 | } |
158 | } | 159 | } |
160 | |||
161 | public static Dictionary<string, string> ParseQueryString(string query) | ||
162 | { | ||
163 | Dictionary<string, string> result = new Dictionary<string, string>(); | ||
164 | string[] terms = query.Split(new char[] {'&'}); | ||
165 | |||
166 | if (terms.Length == 0) | ||
167 | return result; | ||
168 | |||
169 | foreach (string t in terms) | ||
170 | { | ||
171 | string[] elems = t.Split(new char[] {'='}); | ||
172 | if (elems.Length == 0) | ||
173 | continue; | ||
174 | |||
175 | string name = System.Web.HttpUtility.UrlDecode(elems[0]); | ||
176 | string value = String.Empty; | ||
177 | |||
178 | if (elems.Length > 1) | ||
179 | value = System.Web.HttpUtility.UrlDecode(elems[1]); | ||
180 | |||
181 | result[name] = value; | ||
182 | } | ||
183 | |||
184 | return result; | ||
185 | } | ||
159 | } | 186 | } |
160 | } \ No newline at end of file | 187 | } |
diff --git a/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs b/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs index 03a7980..589dc3b 100644 --- a/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs +++ b/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs | |||
@@ -54,7 +54,7 @@ namespace OpenSim.Server.Handlers.Authentication | |||
54 | Object[] args = new Object[] { config }; | 54 | Object[] args = new Object[] { config }; |
55 | m_AuthenticationService = ServerUtils.LoadPlugin<IAuthenticationService>(authenticationService, args); | 55 | m_AuthenticationService = ServerUtils.LoadPlugin<IAuthenticationService>(authenticationService, args); |
56 | 56 | ||
57 | //server.AddStreamHandler(new AuthenticationServerGetHandler(m_AuthenticationService)); | 57 | server.AddStreamHandler(new AuthenticationServerPostHandler(m_AuthenticationService)); |
58 | } | 58 | } |
59 | } | 59 | } |
60 | } | 60 | } |
diff --git a/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs b/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs new file mode 100644 index 0000000..6cf7d56 --- /dev/null +++ b/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs | |||
@@ -0,0 +1,233 @@ | |||
1 | /* | ||
2 | * Copyright (c) Contributors, http://opensimulator.org/ | ||
3 | * See CONTRIBUTORS.TXT for a full list of copyright holders. | ||
4 | * | ||
5 | * Redistribution and use in source and binary forms, with or without | ||
6 | * modification, are permitted provided that the following conditions are met: | ||
7 | * * Redistributions of source code must retain the above copyright | ||
8 | * notice, this list of conditions and the following disclaimer. | ||
9 | * * Redistributions in binary form must reproduce the above copyright | ||
10 | * notice, this list of conditions and the following disclaimer in the | ||
11 | * documentation and/or other materials provided with the distribution. | ||
12 | * * Neither the name of the OpenSimulator Project nor the | ||
13 | * names of its contributors may be used to endorse or promote products | ||
14 | * derived from this software without specific prior written permission. | ||
15 | * | ||
16 | * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY | ||
17 | * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | ||
18 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | ||
19 | * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY | ||
20 | * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | ||
21 | * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
22 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND | ||
23 | * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
24 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS | ||
25 | * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
26 | */ | ||
27 | |||
28 | using Nini.Config; | ||
29 | using log4net; | ||
30 | using System; | ||
31 | using System.Reflection; | ||
32 | using System.IO; | ||
33 | using System.Net; | ||
34 | using System.Text; | ||
35 | using System.Text.RegularExpressions; | ||
36 | using System.Xml; | ||
37 | using System.Xml.Serialization; | ||
38 | using System.Collections.Generic; | ||
39 | using OpenSim.Server.Base; | ||
40 | using OpenSim.Services.Interfaces; | ||
41 | using OpenSim.Framework; | ||
42 | using OpenSim.Framework.Servers.HttpServer; | ||
43 | using OpenMetaverse; | ||
44 | |||
45 | namespace OpenSim.Server.Handlers.Authentication | ||
46 | { | ||
47 | public class AuthenticationServerPostHandler : BaseStreamHandler | ||
48 | { | ||
49 | // private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); | ||
50 | |||
51 | private IAuthenticationService m_AuthenticationService; | ||
52 | |||
53 | public AuthenticationServerPostHandler(IAuthenticationService service) : | ||
54 | base("POST", "/auth") | ||
55 | { | ||
56 | m_AuthenticationService = service; | ||
57 | } | ||
58 | |||
59 | public override byte[] Handle(string path, Stream request, | ||
60 | OSHttpRequest httpRequest, OSHttpResponse httpResponse) | ||
61 | { | ||
62 | string[] p = SplitParams(path); | ||
63 | |||
64 | if (p.Length > 0) | ||
65 | { | ||
66 | switch (p[0]) | ||
67 | { | ||
68 | case "plain": | ||
69 | StreamReader sr = new StreamReader(request); | ||
70 | string body = sr.ReadToEnd(); | ||
71 | sr.Close(); | ||
72 | |||
73 | return DoPlainMethods(body); | ||
74 | case "crypt": | ||
75 | byte[] buffer = new byte[request.Length]; | ||
76 | long length = request.Length; | ||
77 | if (length > 16384) | ||
78 | length = 16384; | ||
79 | request.Read(buffer, 0, (int)length); | ||
80 | |||
81 | return DoEncryptedMethods(buffer); | ||
82 | } | ||
83 | } | ||
84 | return new byte[0]; | ||
85 | } | ||
86 | |||
87 | private byte[] DoPlainMethods(string body) | ||
88 | { | ||
89 | Dictionary<string, string> request = | ||
90 | ServerUtils.ParseQueryString(body); | ||
91 | |||
92 | int lifetime = 30; | ||
93 | |||
94 | if (request.ContainsKey("LIFETIME")) | ||
95 | { | ||
96 | lifetime = Convert.ToInt32(request["LIFETIME"]); | ||
97 | if (lifetime > 30) | ||
98 | lifetime = 30; | ||
99 | } | ||
100 | |||
101 | if (!request.ContainsKey("METHOD")) | ||
102 | return FailureResult(); | ||
103 | if (!request.ContainsKey("PRINCIPAL")) | ||
104 | return FailureResult(); | ||
105 | |||
106 | string method = request["METHOD"]; | ||
107 | |||
108 | UUID principalID; | ||
109 | string token; | ||
110 | |||
111 | if (!UUID.TryParse(request["PRINCIPAL"], out principalID)) | ||
112 | return FailureResult(); | ||
113 | |||
114 | switch (method) | ||
115 | { | ||
116 | case "authenticate": | ||
117 | if (!request.ContainsKey("PASSWORD")) | ||
118 | return FailureResult(); | ||
119 | |||
120 | token = m_AuthenticationService.Authenticate(principalID, request["PASSWORD"], lifetime); | ||
121 | |||
122 | if (token != String.Empty) | ||
123 | return SuccessResult(token); | ||
124 | return FailureResult(); | ||
125 | case "verify": | ||
126 | if (!request.ContainsKey("TOKEN")) | ||
127 | return FailureResult(); | ||
128 | |||
129 | if (m_AuthenticationService.Verify(principalID, request["TOKEN"], lifetime)) | ||
130 | return SuccessResult(); | ||
131 | |||
132 | return FailureResult(); | ||
133 | case "release": | ||
134 | if (!request.ContainsKey("TOKEN")) | ||
135 | return FailureResult(); | ||
136 | |||
137 | if (m_AuthenticationService.Release(principalID, request["TOKEN"])) | ||
138 | return SuccessResult(); | ||
139 | |||
140 | return FailureResult(); | ||
141 | } | ||
142 | |||
143 | return FailureResult(); | ||
144 | } | ||
145 | |||
146 | private byte[] DoEncryptedMethods(byte[] ciphertext) | ||
147 | { | ||
148 | return new byte[0]; | ||
149 | } | ||
150 | |||
151 | private byte[] SuccessResult() | ||
152 | { | ||
153 | XmlDocument doc = new XmlDocument(); | ||
154 | |||
155 | XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration, | ||
156 | "", ""); | ||
157 | |||
158 | doc.AppendChild(xmlnode); | ||
159 | |||
160 | XmlElement rootElement = doc.CreateElement("", "Authentication", | ||
161 | ""); | ||
162 | |||
163 | doc.AppendChild(rootElement); | ||
164 | |||
165 | XmlElement result = doc.CreateElement("", "Result", ""); | ||
166 | result.AppendChild(doc.CreateTextNode("Success")); | ||
167 | |||
168 | rootElement.AppendChild(result); | ||
169 | |||
170 | return DocToBytes(doc); | ||
171 | } | ||
172 | |||
173 | private byte[] FailureResult() | ||
174 | { | ||
175 | XmlDocument doc = new XmlDocument(); | ||
176 | |||
177 | XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration, | ||
178 | "", ""); | ||
179 | |||
180 | doc.AppendChild(xmlnode); | ||
181 | |||
182 | XmlElement rootElement = doc.CreateElement("", "Authentication", | ||
183 | ""); | ||
184 | |||
185 | doc.AppendChild(rootElement); | ||
186 | |||
187 | XmlElement result = doc.CreateElement("", "Result", ""); | ||
188 | result.AppendChild(doc.CreateTextNode("Failure")); | ||
189 | |||
190 | rootElement.AppendChild(result); | ||
191 | |||
192 | return DocToBytes(doc); | ||
193 | } | ||
194 | |||
195 | private byte[] SuccessResult(string token) | ||
196 | { | ||
197 | XmlDocument doc = new XmlDocument(); | ||
198 | |||
199 | XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration, | ||
200 | "", ""); | ||
201 | |||
202 | doc.AppendChild(xmlnode); | ||
203 | |||
204 | XmlElement rootElement = doc.CreateElement("", "Authentication", | ||
205 | ""); | ||
206 | |||
207 | doc.AppendChild(rootElement); | ||
208 | |||
209 | XmlElement result = doc.CreateElement("", "Result", ""); | ||
210 | result.AppendChild(doc.CreateTextNode("Success")); | ||
211 | |||
212 | rootElement.AppendChild(result); | ||
213 | |||
214 | XmlElement t = doc.CreateElement("", "Token", ""); | ||
215 | t.AppendChild(doc.CreateTextNode(token)); | ||
216 | |||
217 | rootElement.AppendChild(t); | ||
218 | |||
219 | return DocToBytes(doc); | ||
220 | } | ||
221 | |||
222 | private byte[] DocToBytes(XmlDocument doc) | ||
223 | { | ||
224 | MemoryStream ms = new MemoryStream(); | ||
225 | XmlTextWriter xw = new XmlTextWriter(ms, null); | ||
226 | xw.Formatting = Formatting.Indented; | ||
227 | doc.WriteTo(xw); | ||
228 | xw.Flush(); | ||
229 | |||
230 | return ms.GetBuffer(); | ||
231 | } | ||
232 | } | ||
233 | } | ||
diff --git a/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs b/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs index 200268b..dab0598 100644 --- a/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs +++ b/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs | |||
@@ -95,6 +95,16 @@ namespace OpenSim.Services.AuthenticationService | |||
95 | return new byte[0]; | 95 | return new byte[0]; |
96 | } | 96 | } |
97 | 97 | ||
98 | public bool Verify(UUID principalID, string token, int lifetime) | ||
99 | { | ||
100 | return false; | ||
101 | } | ||
102 | |||
103 | public bool VerifyEncrypted(byte[] cyphertext, byte[] key) | ||
104 | { | ||
105 | return false; | ||
106 | } | ||
107 | |||
98 | public virtual bool Release(UUID principalID, string token) | 108 | public virtual bool Release(UUID principalID, string token) |
99 | { | 109 | { |
100 | return false; | 110 | return false; |
@@ -104,5 +114,10 @@ namespace OpenSim.Services.AuthenticationService | |||
104 | { | 114 | { |
105 | return false; | 115 | return false; |
106 | } | 116 | } |
117 | |||
118 | protected string GetToken(UUID principalID, int lifetime) | ||
119 | { | ||
120 | return "OK"; | ||
121 | } | ||
107 | } | 122 | } |
108 | } | 123 | } |
diff --git a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs index 83ce0d0..7fdbbf6 100644 --- a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs +++ b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs | |||
@@ -56,8 +56,24 @@ namespace OpenSim.Services.AuthenticationService | |||
56 | { | 56 | { |
57 | } | 57 | } |
58 | 58 | ||
59 | public string Authenticate(UUID principalID, string password) | 59 | public string Authenticate(UUID principalID, string password, int lifetime) |
60 | { | 60 | { |
61 | AuthenticationData data = m_Database.Get(principalID); | ||
62 | |||
63 | if (!data.Data.ContainsKey("passwordHash") || | ||
64 | !data.Data.ContainsKey("passwordSalt")) | ||
65 | { | ||
66 | return String.Empty; | ||
67 | } | ||
68 | |||
69 | string hashed = Util.Md5Hash(Util.Md5Hash(password) + ":" + | ||
70 | data.Data["passwordSalt"].ToString()); | ||
71 | |||
72 | if (data.Data["passwordHash"].ToString() == hashed) | ||
73 | { | ||
74 | return GetToken(principalID, lifetime); | ||
75 | } | ||
76 | |||
61 | return String.Empty; | 77 | return String.Empty; |
62 | } | 78 | } |
63 | 79 | ||
@@ -65,15 +81,5 @@ namespace OpenSim.Services.AuthenticationService | |||
65 | { | 81 | { |
66 | return new byte[0]; | 82 | return new byte[0]; |
67 | } | 83 | } |
68 | |||
69 | public bool Verify(UUID principalID, string token) | ||
70 | { | ||
71 | return false; | ||
72 | } | ||
73 | |||
74 | public bool VerifyEncrypted(byte[] cyphertext, byte[] key) | ||
75 | { | ||
76 | return false; | ||
77 | } | ||
78 | } | 84 | } |
79 | } | 85 | } |
diff --git a/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs b/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs index af55df0..0118c91 100644 --- a/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs +++ b/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs | |||
@@ -52,7 +52,7 @@ namespace OpenSim.Services.AuthenticationService | |||
52 | { | 52 | { |
53 | } | 53 | } |
54 | 54 | ||
55 | public string Authenticate(UUID principalID, string password) | 55 | public string Authenticate(UUID principalID, string password, int lifetime) |
56 | { | 56 | { |
57 | return String.Empty; | 57 | return String.Empty; |
58 | } | 58 | } |
@@ -61,15 +61,5 @@ namespace OpenSim.Services.AuthenticationService | |||
61 | { | 61 | { |
62 | return new byte[0]; | 62 | return new byte[0]; |
63 | } | 63 | } |
64 | |||
65 | public bool Verify(UUID principalID, string token) | ||
66 | { | ||
67 | return false; | ||
68 | } | ||
69 | |||
70 | public bool VerifyEncrypted(byte[] cyphertext, byte[] key) | ||
71 | { | ||
72 | return false; | ||
73 | } | ||
74 | } | 64 | } |
75 | } | 65 | } |
diff --git a/OpenSim/Services/Interfaces/IAuthenticationService.cs b/OpenSim/Services/Interfaces/IAuthenticationService.cs index f042c93..b448a14 100644 --- a/OpenSim/Services/Interfaces/IAuthenticationService.cs +++ b/OpenSim/Services/Interfaces/IAuthenticationService.cs | |||
@@ -70,7 +70,7 @@ namespace OpenSim.Services.Interfaces | |||
70 | // the public key of the peer, which the connector must have | 70 | // the public key of the peer, which the connector must have |
71 | // obtained using a remote GetPublicKey call. | 71 | // obtained using a remote GetPublicKey call. |
72 | // | 72 | // |
73 | string Authenticate(UUID principalID, string password); | 73 | string Authenticate(UUID principalID, string password, int lifetime); |
74 | byte[] AuthenticateEncrypted(byte[] cyphertext, byte[] key); | 74 | byte[] AuthenticateEncrypted(byte[] cyphertext, byte[] key); |
75 | 75 | ||
76 | ////////////////////////////////////////////////////// | 76 | ////////////////////////////////////////////////////// |
@@ -85,7 +85,7 @@ namespace OpenSim.Services.Interfaces | |||
85 | // must be used to refresh. Unencrypted verification is still | 85 | // must be used to refresh. Unencrypted verification is still |
86 | // performed, but doesn't refresh token lifetime. | 86 | // performed, but doesn't refresh token lifetime. |
87 | // | 87 | // |
88 | bool Verify(UUID principalID, string token); | 88 | bool Verify(UUID principalID, string token, int lifetime); |
89 | bool VerifyEncrypted(byte[] cyphertext, byte[] key); | 89 | bool VerifyEncrypted(byte[] cyphertext, byte[] key); |
90 | 90 | ||
91 | ////////////////////////////////////////////////////// | 91 | ////////////////////////////////////////////////////// |