diff options
Diffstat (limited to '')
-rw-r--r-- | OpenSim/Framework/ServiceAuth/BasicHttpAuthentication.cs | 113 | ||||
-rw-r--r-- | OpenSim/Framework/ServiceAuth/CompoundAuthentication.cs | 82 | ||||
-rw-r--r-- | OpenSim/Framework/ServiceAuth/DisallowLlHttpRequest.cs | 59 | ||||
-rw-r--r-- | OpenSim/Framework/ServiceAuth/IServiceAuth.cs | 48 | ||||
-rw-r--r-- | OpenSim/Framework/ServiceAuth/ServiceAuth.cs | 68 |
5 files changed, 370 insertions, 0 deletions
diff --git a/OpenSim/Framework/ServiceAuth/BasicHttpAuthentication.cs b/OpenSim/Framework/ServiceAuth/BasicHttpAuthentication.cs new file mode 100644 index 0000000..512ac4f --- /dev/null +++ b/OpenSim/Framework/ServiceAuth/BasicHttpAuthentication.cs | |||
@@ -0,0 +1,113 @@ | |||
1 | /* | ||
2 | * Copyright (c) Contributors, http://opensimulator.org/ | ||
3 | * See CONTRIBUTORS.TXT for a full list of copyright holders. | ||
4 | * | ||
5 | * Redistribution and use in source and binary forms, with or without | ||
6 | * modification, are permitted provided that the following conditions are met: | ||
7 | * * Redistributions of source code must retain the above copyright | ||
8 | * notice, this list of conditions and the following disclaimer. | ||
9 | * * Redistributions in binary form must reproduce the above copyright | ||
10 | * notice, this list of conditions and the following disclaimer in the | ||
11 | * documentation and/or other materials provided with the distribution. | ||
12 | * * Neither the name of the OpenSimulator Project nor the | ||
13 | * names of its contributors may be used to endorse or promote products | ||
14 | * derived from this software without specific prior written permission. | ||
15 | * | ||
16 | * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY | ||
17 | * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | ||
18 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | ||
19 | * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY | ||
20 | * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | ||
21 | * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
22 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND | ||
23 | * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
24 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS | ||
25 | * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
26 | */ | ||
27 | |||
28 | using System; | ||
29 | using System.Collections.Generic; | ||
30 | using System.Collections.Specialized; | ||
31 | using System.Net; | ||
32 | using System.Reflection; | ||
33 | |||
34 | using Nini.Config; | ||
35 | using log4net; | ||
36 | |||
37 | namespace OpenSim.Framework.ServiceAuth | ||
38 | { | ||
39 | public class BasicHttpAuthentication : IServiceAuth | ||
40 | { | ||
41 | // private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); | ||
42 | |||
43 | public string Name { get { return "BasicHttp"; } } | ||
44 | |||
45 | private string m_Username, m_Password; | ||
46 | private string m_CredentialsB64; | ||
47 | |||
48 | // private string remove_me; | ||
49 | |||
50 | public string Credentials | ||
51 | { | ||
52 | get { return m_CredentialsB64; } | ||
53 | } | ||
54 | |||
55 | public BasicHttpAuthentication(IConfigSource config, string section) | ||
56 | { | ||
57 | // remove_me = section; | ||
58 | m_Username = Util.GetConfigVarFromSections<string>(config, "HttpAuthUsername", new string[] { "Network", section }, string.Empty); | ||
59 | m_Password = Util.GetConfigVarFromSections<string>(config, "HttpAuthPassword", new string[] { "Network", section }, string.Empty); | ||
60 | string str = m_Username + ":" + m_Password; | ||
61 | byte[] encData_byte = Util.UTF8.GetBytes(str); | ||
62 | |||
63 | m_CredentialsB64 = Convert.ToBase64String(encData_byte); | ||
64 | // m_log.DebugFormat("[HTTP BASIC AUTH]: {0} {1} [{2}]", m_Username, m_Password, section); | ||
65 | } | ||
66 | |||
67 | public void AddAuthorization(NameValueCollection headers) | ||
68 | { | ||
69 | //m_log.DebugFormat("[HTTP BASIC AUTH]: Adding authorization for {0}", remove_me); | ||
70 | headers["Authorization"] = "Basic " + m_CredentialsB64; | ||
71 | } | ||
72 | |||
73 | public bool Authenticate(string data) | ||
74 | { | ||
75 | string recovered = Util.Base64ToString(data); | ||
76 | if (!String.IsNullOrEmpty(recovered)) | ||
77 | { | ||
78 | string[] parts = recovered.Split(new char[] { ':' }); | ||
79 | if (parts.Length >= 2) | ||
80 | { | ||
81 | return m_Username.Equals(parts[0]) && m_Password.Equals(parts[1]); | ||
82 | } | ||
83 | } | ||
84 | |||
85 | return false; | ||
86 | } | ||
87 | |||
88 | public bool Authenticate(NameValueCollection requestHeaders, AddHeaderDelegate d, out HttpStatusCode statusCode) | ||
89 | { | ||
90 | // m_log.DebugFormat("[HTTP BASIC AUTH]: Authenticate in {0}", "BasicHttpAuthentication"); | ||
91 | |||
92 | string value = requestHeaders.Get("Authorization"); | ||
93 | if (value != null) | ||
94 | { | ||
95 | value = value.Trim(); | ||
96 | if (value.StartsWith("Basic ")) | ||
97 | { | ||
98 | value = value.Replace("Basic ", string.Empty); | ||
99 | if (Authenticate(value)) | ||
100 | { | ||
101 | statusCode = HttpStatusCode.OK; | ||
102 | return true; | ||
103 | } | ||
104 | } | ||
105 | } | ||
106 | |||
107 | d("WWW-Authenticate", "Basic realm = \"Asset Server\""); | ||
108 | |||
109 | statusCode = HttpStatusCode.Unauthorized; | ||
110 | return false; | ||
111 | } | ||
112 | } | ||
113 | } | ||
diff --git a/OpenSim/Framework/ServiceAuth/CompoundAuthentication.cs b/OpenSim/Framework/ServiceAuth/CompoundAuthentication.cs new file mode 100644 index 0000000..a49952c --- /dev/null +++ b/OpenSim/Framework/ServiceAuth/CompoundAuthentication.cs | |||
@@ -0,0 +1,82 @@ | |||
1 | /* | ||
2 | * Copyright (c) Contributors, http://opensimulator.org/ | ||
3 | * See CONTRIBUTORS.TXT for a full list of copyright holders. | ||
4 | * | ||
5 | * Redistribution and use in source and binary forms, with or without | ||
6 | * modification, are permitted provided that the following conditions are met: | ||
7 | * * Redistributions of source code must retain the above copyright | ||
8 | * notice, this list of conditions and the following disclaimer. | ||
9 | * * Redistributions in binary form must reproduce the above copyright | ||
10 | * notice, this list of conditions and the following disclaimer in the | ||
11 | * documentation and/or other materials provided with the distribution. | ||
12 | * * Neither the name of the OpenSimulator Project nor the | ||
13 | * names of its contributors may be used to endorse or promote products | ||
14 | * derived from this software without specific prior written permission. | ||
15 | * | ||
16 | * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY | ||
17 | * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | ||
18 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | ||
19 | * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY | ||
20 | * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | ||
21 | * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
22 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND | ||
23 | * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
24 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS | ||
25 | * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
26 | */ | ||
27 | |||
28 | using System; | ||
29 | using System.Collections.Generic; | ||
30 | using System.Collections.Specialized; | ||
31 | using System.Linq; | ||
32 | using System.Net; | ||
33 | |||
34 | namespace OpenSim.Framework.ServiceAuth | ||
35 | { | ||
36 | public class CompoundAuthentication : IServiceAuth | ||
37 | { | ||
38 | public string Name { get { return "Compound"; } } | ||
39 | |||
40 | private List<IServiceAuth> m_authentications = new List<IServiceAuth>(); | ||
41 | |||
42 | public int Count { get { return m_authentications.Count; } } | ||
43 | |||
44 | public List<IServiceAuth> GetAuthentors() | ||
45 | { | ||
46 | return new List<IServiceAuth>(m_authentications); | ||
47 | } | ||
48 | |||
49 | public void AddAuthenticator(IServiceAuth auth) | ||
50 | { | ||
51 | m_authentications.Add(auth); | ||
52 | } | ||
53 | |||
54 | public void RemoveAuthenticator(IServiceAuth auth) | ||
55 | { | ||
56 | m_authentications.Remove(auth); | ||
57 | } | ||
58 | |||
59 | public void AddAuthorization(NameValueCollection headers) | ||
60 | { | ||
61 | foreach (IServiceAuth auth in m_authentications) | ||
62 | auth.AddAuthorization(headers); | ||
63 | } | ||
64 | |||
65 | public bool Authenticate(string data) | ||
66 | { | ||
67 | return m_authentications.TrueForAll(a => a.Authenticate(data)); | ||
68 | } | ||
69 | |||
70 | public bool Authenticate(NameValueCollection requestHeaders, AddHeaderDelegate d, out HttpStatusCode statusCode) | ||
71 | { | ||
72 | foreach (IServiceAuth auth in m_authentications) | ||
73 | { | ||
74 | if (!auth.Authenticate(requestHeaders, d, out statusCode)) | ||
75 | return false; | ||
76 | } | ||
77 | |||
78 | statusCode = HttpStatusCode.OK; | ||
79 | return true; | ||
80 | } | ||
81 | } | ||
82 | } \ No newline at end of file | ||
diff --git a/OpenSim/Framework/ServiceAuth/DisallowLlHttpRequest.cs b/OpenSim/Framework/ServiceAuth/DisallowLlHttpRequest.cs new file mode 100644 index 0000000..e0c413b --- /dev/null +++ b/OpenSim/Framework/ServiceAuth/DisallowLlHttpRequest.cs | |||
@@ -0,0 +1,59 @@ | |||
1 | /* | ||
2 | * Copyright (c) Contributors, http://opensimulator.org/ | ||
3 | * See CONTRIBUTORS.TXT for a full list of copyright holders. | ||
4 | * | ||
5 | * Redistribution and use in source and binary forms, with or without | ||
6 | * modification, are permitted provided that the following conditions are met: | ||
7 | * * Redistributions of source code must retain the above copyright | ||
8 | * notice, this list of conditions and the following disclaimer. | ||
9 | * * Redistributions in binary form must reproduce the above copyright | ||
10 | * notice, this list of conditions and the following disclaimer in the | ||
11 | * documentation and/or other materials provided with the distribution. | ||
12 | * * Neither the name of the OpenSimulator Project nor the | ||
13 | * names of its contributors may be used to endorse or promote products | ||
14 | * derived from this software without specific prior written permission. | ||
15 | * | ||
16 | * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY | ||
17 | * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | ||
18 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | ||
19 | * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY | ||
20 | * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | ||
21 | * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
22 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND | ||
23 | * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
24 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS | ||
25 | * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
26 | */ | ||
27 | |||
28 | using System; | ||
29 | using System.Collections.Specialized; | ||
30 | using System.Net; | ||
31 | |||
32 | namespace OpenSim.Framework.ServiceAuth | ||
33 | { | ||
34 | public class DisallowLlHttpRequest : IServiceAuth | ||
35 | { | ||
36 | public string Name { get { return "DisallowllHTTPRequest"; } } | ||
37 | |||
38 | public void AddAuthorization(NameValueCollection headers) {} | ||
39 | |||
40 | public bool Authenticate(string data) | ||
41 | { | ||
42 | return false; | ||
43 | } | ||
44 | |||
45 | public bool Authenticate(NameValueCollection requestHeaders, AddHeaderDelegate d, out HttpStatusCode statusCode) | ||
46 | { | ||
47 | // Console.WriteLine("DisallowLlHttpRequest"); | ||
48 | |||
49 | if (requestHeaders["X-SecondLife-Shard"] != null) | ||
50 | { | ||
51 | statusCode = HttpStatusCode.Forbidden; | ||
52 | return false; | ||
53 | } | ||
54 | |||
55 | statusCode = HttpStatusCode.OK; | ||
56 | return true; | ||
57 | } | ||
58 | } | ||
59 | } \ No newline at end of file | ||
diff --git a/OpenSim/Framework/ServiceAuth/IServiceAuth.cs b/OpenSim/Framework/ServiceAuth/IServiceAuth.cs new file mode 100644 index 0000000..5f744cb --- /dev/null +++ b/OpenSim/Framework/ServiceAuth/IServiceAuth.cs | |||
@@ -0,0 +1,48 @@ | |||
1 | /* | ||
2 | * Copyright (c) Contributors, http://opensimulator.org/ | ||
3 | * See CONTRIBUTORS.TXT for a full list of copyright holders. | ||
4 | * | ||
5 | * Redistribution and use in source and binary forms, with or without | ||
6 | * modification, are permitted provided that the following conditions are met: | ||
7 | * * Redistributions of source code must retain the above copyright | ||
8 | * notice, this list of conditions and the following disclaimer. | ||
9 | * * Redistributions in binary form must reproduce the above copyright | ||
10 | * notice, this list of conditions and the following disclaimer in the | ||
11 | * documentation and/or other materials provided with the distribution. | ||
12 | * * Neither the name of the OpenSimulator Project nor the | ||
13 | * names of its contributors may be used to endorse or promote products | ||
14 | * derived from this software without specific prior written permission. | ||
15 | * | ||
16 | * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY | ||
17 | * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | ||
18 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | ||
19 | * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY | ||
20 | * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | ||
21 | * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
22 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND | ||
23 | * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
24 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS | ||
25 | * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
26 | */ | ||
27 | |||
28 | using System; | ||
29 | using System.Net; | ||
30 | using System.Collections.Generic; | ||
31 | using System.Collections.Specialized; | ||
32 | |||
33 | namespace OpenSim.Framework.ServiceAuth | ||
34 | { | ||
35 | public delegate void AddHeaderDelegate(string key, string value); | ||
36 | |||
37 | public interface IServiceAuth | ||
38 | { | ||
39 | /// <summary> | ||
40 | /// Name of this authenticator. | ||
41 | /// </summary> | ||
42 | string Name { get; } | ||
43 | |||
44 | bool Authenticate(string data); | ||
45 | bool Authenticate(NameValueCollection headers, AddHeaderDelegate d, out HttpStatusCode statusCode); | ||
46 | void AddAuthorization(NameValueCollection headers); | ||
47 | } | ||
48 | } | ||
diff --git a/OpenSim/Framework/ServiceAuth/ServiceAuth.cs b/OpenSim/Framework/ServiceAuth/ServiceAuth.cs new file mode 100644 index 0000000..51012e3 --- /dev/null +++ b/OpenSim/Framework/ServiceAuth/ServiceAuth.cs | |||
@@ -0,0 +1,68 @@ | |||
1 | /* | ||
2 | * Copyright (c) Contributors, http://opensimulator.org/ | ||
3 | * See CONTRIBUTORS.TXT for a full list of copyright holders. | ||
4 | * | ||
5 | * Redistribution and use in source and binary forms, with or without | ||
6 | * modification, are permitted provided that the following conditions are met: | ||
7 | * * Redistributions of source code must retain the above copyright | ||
8 | * notice, this list of conditions and the following disclaimer. | ||
9 | * * Redistributions in binary form must reproduce the above copyright | ||
10 | * notice, this list of conditions and the following disclaimer in the | ||
11 | * documentation and/or other materials provided with the distribution. | ||
12 | * * Neither the name of the OpenSimulator Project nor the | ||
13 | * names of its contributors may be used to endorse or promote products | ||
14 | * derived from this software without specific prior written permission. | ||
15 | * | ||
16 | * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY | ||
17 | * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | ||
18 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | ||
19 | * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY | ||
20 | * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | ||
21 | * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
22 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND | ||
23 | * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
24 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS | ||
25 | * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
26 | */ | ||
27 | |||
28 | using System; | ||
29 | using System.Collections.Generic; | ||
30 | using System.Reflection; | ||
31 | using log4net; | ||
32 | using Nini.Config; | ||
33 | |||
34 | namespace OpenSim.Framework.ServiceAuth | ||
35 | { | ||
36 | public class ServiceAuth | ||
37 | { | ||
38 | // private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); | ||
39 | |||
40 | public static IServiceAuth Create(IConfigSource config, string section) | ||
41 | { | ||
42 | CompoundAuthentication compoundAuth = new CompoundAuthentication(); | ||
43 | |||
44 | bool allowLlHttpRequestIn | ||
45 | = Util.GetConfigVarFromSections<bool>(config, "AllowllHTTPRequestIn", new string[] { "Network", section }, false); | ||
46 | |||
47 | if (!allowLlHttpRequestIn) | ||
48 | compoundAuth.AddAuthenticator(new DisallowLlHttpRequest()); | ||
49 | |||
50 | string authType = Util.GetConfigVarFromSections<string>(config, "AuthType", new string[] { "Network", section }, "None"); | ||
51 | |||
52 | switch (authType) | ||
53 | { | ||
54 | case "BasicHttpAuthentication": | ||
55 | compoundAuth.AddAuthenticator(new BasicHttpAuthentication(config, section)); | ||
56 | break; | ||
57 | } | ||
58 | |||
59 | // foreach (IServiceAuth auth in compoundAuth.GetAuthentors()) | ||
60 | // m_log.DebugFormat("[SERVICE AUTH]: Configured authenticator {0}", auth.Name); | ||
61 | |||
62 | if (compoundAuth.Count > 0) | ||
63 | return compoundAuth; | ||
64 | else | ||
65 | return null; | ||
66 | } | ||
67 | } | ||
68 | } \ No newline at end of file | ||