aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Framework/ServiceAuth/BasicHttpAuthentication.cs
diff options
context:
space:
mode:
Diffstat (limited to 'OpenSim/Framework/ServiceAuth/BasicHttpAuthentication.cs')
-rw-r--r--OpenSim/Framework/ServiceAuth/BasicHttpAuthentication.cs113
1 files changed, 113 insertions, 0 deletions
diff --git a/OpenSim/Framework/ServiceAuth/BasicHttpAuthentication.cs b/OpenSim/Framework/ServiceAuth/BasicHttpAuthentication.cs
new file mode 100644
index 0000000..512ac4f
--- /dev/null
+++ b/OpenSim/Framework/ServiceAuth/BasicHttpAuthentication.cs
@@ -0,0 +1,113 @@
1/*
2 * Copyright (c) Contributors, http://opensimulator.org/
3 * See CONTRIBUTORS.TXT for a full list of copyright holders.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are met:
7 * * Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * * Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * * Neither the name of the OpenSimulator Project nor the
13 * names of its contributors may be used to endorse or promote products
14 * derived from this software without specific prior written permission.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
17 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19 * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
20 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
28using System;
29using System.Collections.Generic;
30using System.Collections.Specialized;
31using System.Net;
32using System.Reflection;
33
34using Nini.Config;
35using log4net;
36
37namespace OpenSim.Framework.ServiceAuth
38{
39 public class BasicHttpAuthentication : IServiceAuth
40 {
41// private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
42
43 public string Name { get { return "BasicHttp"; } }
44
45 private string m_Username, m_Password;
46 private string m_CredentialsB64;
47
48// private string remove_me;
49
50 public string Credentials
51 {
52 get { return m_CredentialsB64; }
53 }
54
55 public BasicHttpAuthentication(IConfigSource config, string section)
56 {
57// remove_me = section;
58 m_Username = Util.GetConfigVarFromSections<string>(config, "HttpAuthUsername", new string[] { "Network", section }, string.Empty);
59 m_Password = Util.GetConfigVarFromSections<string>(config, "HttpAuthPassword", new string[] { "Network", section }, string.Empty);
60 string str = m_Username + ":" + m_Password;
61 byte[] encData_byte = Util.UTF8.GetBytes(str);
62
63 m_CredentialsB64 = Convert.ToBase64String(encData_byte);
64// m_log.DebugFormat("[HTTP BASIC AUTH]: {0} {1} [{2}]", m_Username, m_Password, section);
65 }
66
67 public void AddAuthorization(NameValueCollection headers)
68 {
69 //m_log.DebugFormat("[HTTP BASIC AUTH]: Adding authorization for {0}", remove_me);
70 headers["Authorization"] = "Basic " + m_CredentialsB64;
71 }
72
73 public bool Authenticate(string data)
74 {
75 string recovered = Util.Base64ToString(data);
76 if (!String.IsNullOrEmpty(recovered))
77 {
78 string[] parts = recovered.Split(new char[] { ':' });
79 if (parts.Length >= 2)
80 {
81 return m_Username.Equals(parts[0]) && m_Password.Equals(parts[1]);
82 }
83 }
84
85 return false;
86 }
87
88 public bool Authenticate(NameValueCollection requestHeaders, AddHeaderDelegate d, out HttpStatusCode statusCode)
89 {
90// m_log.DebugFormat("[HTTP BASIC AUTH]: Authenticate in {0}", "BasicHttpAuthentication");
91
92 string value = requestHeaders.Get("Authorization");
93 if (value != null)
94 {
95 value = value.Trim();
96 if (value.StartsWith("Basic "))
97 {
98 value = value.Replace("Basic ", string.Empty);
99 if (Authenticate(value))
100 {
101 statusCode = HttpStatusCode.OK;
102 return true;
103 }
104 }
105 }
106
107 d("WWW-Authenticate", "Basic realm = \"Asset Server\"");
108
109 statusCode = HttpStatusCode.Unauthorized;
110 return false;
111 }
112 }
113}