Implement plain password authentication partway. Tested, but no user

functionality yet.

8 files changed, 299 insertions, 26 deletions

diff --git a/OpenSim/Server/Base/ServerUtils.cs b/OpenSim/Server/Base/ServerUtils.cs
index 8d76ffe..0a36bbe 100644
--- a/OpenSim/Server/Base/ServerUtils.cs
+++ b/OpenSim/Server/Base/ServerUtils.cs
@@ -31,6 +31,7 @@ using System.Reflection;
 using System.Xml;
 using System.Xml.Serialization;
 using System.Text;
+using System.Collections.Generic;
 using log4net;
 using OpenSim.Framework;
 
@@ -156,5 +157,31 @@ namespace OpenSim.Server.Base
                 return null;
             }
         }
+
+        public static Dictionary<string, string> ParseQueryString(string query)
+        {
+            Dictionary<string, string> result = new Dictionary<string, string>();
+            string[] terms = query.Split(new char[] {'&'});
+
+            if (terms.Length == 0)
+                return result;
+
+            foreach (string t in terms)
+            {
+                string[] elems = t.Split(new char[] {'='});
+                if (elems.Length == 0)
+                    continue;
+
+                string name = System.Web.HttpUtility.UrlDecode(elems[0]);
+                string value = String.Empty;
+
+                if (elems.Length > 1)
+                    value = System.Web.HttpUtility.UrlDecode(elems[1]);
+
+                result[name] = value;
+            }
+
+            return result;
+        }
     }
-}
\ No newline at end of file
+}
diff --git a/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs b/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs
index 03a7980..589dc3b 100644
--- a/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs
+++ b/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs
@@ -54,7 +54,7 @@ namespace OpenSim.Server.Handlers.Authentication
             Object[] args = new Object[] { config };
             m_AuthenticationService = ServerUtils.LoadPlugin<IAuthenticationService>(authenticationService, args);
 
-            //server.AddStreamHandler(new AuthenticationServerGetHandler(m_AuthenticationService));
+            server.AddStreamHandler(new AuthenticationServerPostHandler(m_AuthenticationService));
         }
     }
 }
diff --git a/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs b/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs
new file mode 100644
index 0000000..6cf7d56
--- /dev/null
+++ b/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs
@@ -0,0 +1,233 @@
+/*
+ * Copyright (c) Contributors, http://opensimulator.org/
+ * See CONTRIBUTORS.TXT for a full list of copyright holders.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *     * Redistributions of source code must retain the above copyright
+ *       notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *     * Neither the name of the OpenSimulator Project nor the
+ *       names of its contributors may be used to endorse or promote products
+ *       derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+using Nini.Config;
+using log4net;
+using System;
+using System.Reflection;
+using System.IO;
+using System.Net;
+using System.Text;
+using System.Text.RegularExpressions;
+using System.Xml;
+using System.Xml.Serialization;
+using System.Collections.Generic;
+using OpenSim.Server.Base;
+using OpenSim.Services.Interfaces;
+using OpenSim.Framework;
+using OpenSim.Framework.Servers.HttpServer;
+using OpenMetaverse;
+
+namespace OpenSim.Server.Handlers.Authentication
+{
+    public class AuthenticationServerPostHandler : BaseStreamHandler
+    {
+        // private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
+
+        private IAuthenticationService m_AuthenticationService;
+
+        public AuthenticationServerPostHandler(IAuthenticationService service) :
+                base("POST", "/auth")
+        {
+            m_AuthenticationService = service;
+        }
+
+        public override byte[] Handle(string path, Stream request,
+                OSHttpRequest httpRequest, OSHttpResponse httpResponse)
+        {
+            string[] p = SplitParams(path);
+
+            if (p.Length > 0)
+            {
+                switch (p[0])
+                {
+                case "plain":
+                    StreamReader sr = new StreamReader(request);
+                    string body = sr.ReadToEnd();
+                    sr.Close();
+
+                    return DoPlainMethods(body);
+                case "crypt":
+                    byte[] buffer = new byte[request.Length];
+                    long length = request.Length;
+                    if (length > 16384)
+                        length = 16384;
+                    request.Read(buffer, 0, (int)length);
+
+                    return DoEncryptedMethods(buffer);
+                }
+            }
+            return new byte[0];
+        }
+
+        private byte[] DoPlainMethods(string body)
+        {
+            Dictionary<string, string> request =
+                    ServerUtils.ParseQueryString(body);
+
+            int lifetime = 30;
+
+            if (request.ContainsKey("LIFETIME"))
+            {
+                lifetime = Convert.ToInt32(request["LIFETIME"]);
+                if (lifetime > 30)
+                    lifetime = 30;
+            }
+
+            if (!request.ContainsKey("METHOD"))
+                return FailureResult();
+            if (!request.ContainsKey("PRINCIPAL"))
+                return FailureResult();
+
+            string method = request["METHOD"];
+
+            UUID principalID;
+            string token;
+
+            if (!UUID.TryParse(request["PRINCIPAL"], out principalID))
+                return FailureResult();
+
+            switch (method)
+            {
+            case "authenticate":
+                if (!request.ContainsKey("PASSWORD"))
+                    return FailureResult();
+                
+                token = m_AuthenticationService.Authenticate(principalID, request["PASSWORD"], lifetime);
+
+                if (token != String.Empty)
+                    return SuccessResult(token);
+                return FailureResult();
+            case "verify":
+                if (!request.ContainsKey("TOKEN"))
+                    return FailureResult();
+                
+                if (m_AuthenticationService.Verify(principalID, request["TOKEN"], lifetime))
+                    return SuccessResult();
+
+                return FailureResult();
+            case "release":
+                if (!request.ContainsKey("TOKEN"))
+                    return FailureResult();
+
+                if (m_AuthenticationService.Release(principalID, request["TOKEN"]))
+                    return SuccessResult();
+
+                return FailureResult();
+            }
+
+            return FailureResult();
+        }
+
+        private byte[] DoEncryptedMethods(byte[] ciphertext)
+        {
+            return new byte[0];
+        }
+
+        private byte[] SuccessResult()
+        {
+            XmlDocument doc = new XmlDocument();
+
+            XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration,
+                    "", "");
+
+            doc.AppendChild(xmlnode);
+
+            XmlElement rootElement = doc.CreateElement("", "Authentication",
+                    "");
+
+            doc.AppendChild(rootElement);
+
+            XmlElement result = doc.CreateElement("", "Result", "");
+            result.AppendChild(doc.CreateTextNode("Success"));
+
+            rootElement.AppendChild(result);
+
+            return DocToBytes(doc);
+        }
+
+        private byte[] FailureResult()
+        {
+            XmlDocument doc = new XmlDocument();
+
+            XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration,
+                    "", "");
+
+            doc.AppendChild(xmlnode);
+
+            XmlElement rootElement = doc.CreateElement("", "Authentication",
+                    "");
+
+            doc.AppendChild(rootElement);
+
+            XmlElement result = doc.CreateElement("", "Result", "");
+            result.AppendChild(doc.CreateTextNode("Failure"));
+
+            rootElement.AppendChild(result);
+
+            return DocToBytes(doc);
+        }
+
+        private byte[] SuccessResult(string token)
+        {
+            XmlDocument doc = new XmlDocument();
+
+            XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration,
+                    "", "");
+
+            doc.AppendChild(xmlnode);
+
+            XmlElement rootElement = doc.CreateElement("", "Authentication",
+                    "");
+
+            doc.AppendChild(rootElement);
+
+            XmlElement result = doc.CreateElement("", "Result", "");
+            result.AppendChild(doc.CreateTextNode("Success"));
+
+            rootElement.AppendChild(result);
+
+            XmlElement t = doc.CreateElement("", "Token", "");
+            t.AppendChild(doc.CreateTextNode(token));
+
+            rootElement.AppendChild(t);
+
+            return DocToBytes(doc);
+        }
+
+        private byte[] DocToBytes(XmlDocument doc)
+        {
+            MemoryStream ms = new MemoryStream();
+            XmlTextWriter xw = new XmlTextWriter(ms, null);
+            xw.Formatting = Formatting.Indented;
+            doc.WriteTo(xw);
+            xw.Flush();
+
+            return ms.GetBuffer();
+        }
+    }
+}
diff --git a/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs b/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs
index 200268b..dab0598 100644
--- a/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs
+++ b/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs
@@ -95,6 +95,16 @@ namespace OpenSim.Services.AuthenticationService
             return new byte[0];
         }
 
+        public bool Verify(UUID principalID, string token, int lifetime)
+        {
+            return false;
+        }
+
+        public bool VerifyEncrypted(byte[] cyphertext, byte[] key)
+        {
+            return false;
+        }
+
         public virtual bool Release(UUID principalID, string token)
         {
             return false;
@@ -104,5 +114,10 @@ namespace OpenSim.Services.AuthenticationService
         {
             return false;
         }
+
+        protected string GetToken(UUID principalID, int lifetime)
+        {
+            return "OK";
+        }
     }
 }
diff --git a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
index 83ce0d0..7fdbbf6 100644
--- a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
+++ b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
@@ -56,8 +56,24 @@ namespace OpenSim.Services.AuthenticationService
         {
         }
 
-        public string Authenticate(UUID principalID, string password)
+        public string Authenticate(UUID principalID, string password, int lifetime)
         {
+            AuthenticationData data = m_Database.Get(principalID);
+            
+            if (!data.Data.ContainsKey("passwordHash") ||
+                !data.Data.ContainsKey("passwordSalt"))
+            {
+                return String.Empty;
+            }
+
+            string hashed = Util.Md5Hash(Util.Md5Hash(password) + ":" +
+                    data.Data["passwordSalt"].ToString());
+
+            if (data.Data["passwordHash"].ToString() == hashed)
+            {
+                return GetToken(principalID, lifetime);
+            }
+
             return String.Empty;
         }
 
@@ -65,15 +81,5 @@ namespace OpenSim.Services.AuthenticationService
         {
             return new byte[0];
         }
-
-        public bool Verify(UUID principalID, string token)
-        {
-            return false;
-        }
-
-        public bool VerifyEncrypted(byte[] cyphertext, byte[] key)
-        {
-            return false;
-        }
     }
 }
diff --git a/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs b/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs
index af55df0..0118c91 100644
--- a/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs
+++ b/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs
@@ -52,7 +52,7 @@ namespace OpenSim.Services.AuthenticationService
         {
         }
 
-        public string Authenticate(UUID principalID, string password)
+        public string Authenticate(UUID principalID, string password, int lifetime)
         {
             return String.Empty;
         }
@@ -61,15 +61,5 @@ namespace OpenSim.Services.AuthenticationService
         {
             return new byte[0];
         }
-
-        public bool Verify(UUID principalID, string token)
-        {
-            return false;
-        }
-
-        public bool VerifyEncrypted(byte[] cyphertext, byte[] key)
-        {
-            return false;
-        }
     }
 }
diff --git a/OpenSim/Services/Interfaces/IAuthenticationService.cs b/OpenSim/Services/Interfaces/IAuthenticationService.cs
index f042c93..b448a14 100644
--- a/OpenSim/Services/Interfaces/IAuthenticationService.cs
+++ b/OpenSim/Services/Interfaces/IAuthenticationService.cs
@@ -70,7 +70,7 @@ namespace OpenSim.Services.Interfaces
         // the public key of the peer, which the connector must have
         // obtained using a remote GetPublicKey call.
         //
-        string Authenticate(UUID principalID, string password);
+        string Authenticate(UUID principalID, string password, int lifetime);
         byte[] AuthenticateEncrypted(byte[] cyphertext, byte[] key);
 
         //////////////////////////////////////////////////////
@@ -85,7 +85,7 @@ namespace OpenSim.Services.Interfaces
         // must be used to refresh. Unencrypted verification is still
         // performed, but doesn't refresh token lifetime.
         //
-        bool Verify(UUID principalID, string token);
+        bool Verify(UUID principalID, string token, int lifetime);
         bool VerifyEncrypted(byte[] cyphertext, byte[] key);
 
         //////////////////////////////////////////////////////
diff --git a/prebuild.xml b/prebuild.xml
index cdffd8a..b84fddd 100644
--- a/prebuild.xml
+++ b/prebuild.xml
@@ -1399,6 +1399,7 @@
       <ReferencePath>../../../bin/</ReferencePath>
       <Reference name="System"/>
       <Reference name="System.Xml"/>
+      <Reference name="System.Web"/>
       <Reference name="OpenMetaverseTypes.dll"/>
       <Reference name="OpenMetaverse.dll"/>
       <Reference name="OpenSim.Framework"/>
@@ -1427,6 +1428,7 @@
       <ReferencePath>../../../bin/</ReferencePath>
       <Reference name="System"/>
       <Reference name="System.Xml"/>
+      <Reference name="System.Web"/>
       <Reference name="OpenMetaverseTypes.dll"/>
       <Reference name="OpenMetaverse.dll"/>
       <Reference name="OpenMetaverse.StructuredData.dll"/>