diff options
Diffstat (limited to 'OpenSim/Framework/ServiceAuth/BasicHttpAuthentication.cs')
-rw-r--r-- | OpenSim/Framework/ServiceAuth/BasicHttpAuthentication.cs | 113 |
1 files changed, 113 insertions, 0 deletions
diff --git a/OpenSim/Framework/ServiceAuth/BasicHttpAuthentication.cs b/OpenSim/Framework/ServiceAuth/BasicHttpAuthentication.cs new file mode 100644 index 0000000..512ac4f --- /dev/null +++ b/OpenSim/Framework/ServiceAuth/BasicHttpAuthentication.cs | |||
@@ -0,0 +1,113 @@ | |||
1 | /* | ||
2 | * Copyright (c) Contributors, http://opensimulator.org/ | ||
3 | * See CONTRIBUTORS.TXT for a full list of copyright holders. | ||
4 | * | ||
5 | * Redistribution and use in source and binary forms, with or without | ||
6 | * modification, are permitted provided that the following conditions are met: | ||
7 | * * Redistributions of source code must retain the above copyright | ||
8 | * notice, this list of conditions and the following disclaimer. | ||
9 | * * Redistributions in binary form must reproduce the above copyright | ||
10 | * notice, this list of conditions and the following disclaimer in the | ||
11 | * documentation and/or other materials provided with the distribution. | ||
12 | * * Neither the name of the OpenSimulator Project nor the | ||
13 | * names of its contributors may be used to endorse or promote products | ||
14 | * derived from this software without specific prior written permission. | ||
15 | * | ||
16 | * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY | ||
17 | * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | ||
18 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | ||
19 | * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY | ||
20 | * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | ||
21 | * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
22 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND | ||
23 | * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
24 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS | ||
25 | * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
26 | */ | ||
27 | |||
28 | using System; | ||
29 | using System.Collections.Generic; | ||
30 | using System.Collections.Specialized; | ||
31 | using System.Net; | ||
32 | using System.Reflection; | ||
33 | |||
34 | using Nini.Config; | ||
35 | using log4net; | ||
36 | |||
37 | namespace OpenSim.Framework.ServiceAuth | ||
38 | { | ||
39 | public class BasicHttpAuthentication : IServiceAuth | ||
40 | { | ||
41 | // private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); | ||
42 | |||
43 | public string Name { get { return "BasicHttp"; } } | ||
44 | |||
45 | private string m_Username, m_Password; | ||
46 | private string m_CredentialsB64; | ||
47 | |||
48 | // private string remove_me; | ||
49 | |||
50 | public string Credentials | ||
51 | { | ||
52 | get { return m_CredentialsB64; } | ||
53 | } | ||
54 | |||
55 | public BasicHttpAuthentication(IConfigSource config, string section) | ||
56 | { | ||
57 | // remove_me = section; | ||
58 | m_Username = Util.GetConfigVarFromSections<string>(config, "HttpAuthUsername", new string[] { "Network", section }, string.Empty); | ||
59 | m_Password = Util.GetConfigVarFromSections<string>(config, "HttpAuthPassword", new string[] { "Network", section }, string.Empty); | ||
60 | string str = m_Username + ":" + m_Password; | ||
61 | byte[] encData_byte = Util.UTF8.GetBytes(str); | ||
62 | |||
63 | m_CredentialsB64 = Convert.ToBase64String(encData_byte); | ||
64 | // m_log.DebugFormat("[HTTP BASIC AUTH]: {0} {1} [{2}]", m_Username, m_Password, section); | ||
65 | } | ||
66 | |||
67 | public void AddAuthorization(NameValueCollection headers) | ||
68 | { | ||
69 | //m_log.DebugFormat("[HTTP BASIC AUTH]: Adding authorization for {0}", remove_me); | ||
70 | headers["Authorization"] = "Basic " + m_CredentialsB64; | ||
71 | } | ||
72 | |||
73 | public bool Authenticate(string data) | ||
74 | { | ||
75 | string recovered = Util.Base64ToString(data); | ||
76 | if (!String.IsNullOrEmpty(recovered)) | ||
77 | { | ||
78 | string[] parts = recovered.Split(new char[] { ':' }); | ||
79 | if (parts.Length >= 2) | ||
80 | { | ||
81 | return m_Username.Equals(parts[0]) && m_Password.Equals(parts[1]); | ||
82 | } | ||
83 | } | ||
84 | |||
85 | return false; | ||
86 | } | ||
87 | |||
88 | public bool Authenticate(NameValueCollection requestHeaders, AddHeaderDelegate d, out HttpStatusCode statusCode) | ||
89 | { | ||
90 | // m_log.DebugFormat("[HTTP BASIC AUTH]: Authenticate in {0}", "BasicHttpAuthentication"); | ||
91 | |||
92 | string value = requestHeaders.Get("Authorization"); | ||
93 | if (value != null) | ||
94 | { | ||
95 | value = value.Trim(); | ||
96 | if (value.StartsWith("Basic ")) | ||
97 | { | ||
98 | value = value.Replace("Basic ", string.Empty); | ||
99 | if (Authenticate(value)) | ||
100 | { | ||
101 | statusCode = HttpStatusCode.OK; | ||
102 | return true; | ||
103 | } | ||
104 | } | ||
105 | } | ||
106 | |||
107 | d("WWW-Authenticate", "Basic realm = \"Asset Server\""); | ||
108 | |||
109 | statusCode = HttpStatusCode.Unauthorized; | ||
110 | return false; | ||
111 | } | ||
112 | } | ||
113 | } | ||