aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Framework
diff options
context:
space:
mode:
authordiva2009-03-21 20:16:35 +0000
committerdiva2009-03-21 20:16:35 +0000
commit09732b4d5dfdb3a9e326e99c2e86d7492bc06e55 (patch)
tree2fcb55c9e341c7abf7225c5880a6984ab8544ff2 /OpenSim/Framework
parentMinor changes in names inside. (diff)
downloadopensim-SC_OLD-09732b4d5dfdb3a9e326e99c2e86d7492bc06e55.zip
opensim-SC_OLD-09732b4d5dfdb3a9e326e99c2e86d7492bc06e55.tar.gz
opensim-SC_OLD-09732b4d5dfdb3a9e326e99c2e86d7492bc06e55.tar.bz2
opensim-SC_OLD-09732b4d5dfdb3a9e326e99c2e86d7492bc06e55.tar.xz
Initial support for authentication/authorization keys in UserManagerBase, and use of it in HGStandaloneLoginService (producer of initial key for user, and of subsequent keys) and HGStandaloneInventoryService (consumer of a key).
Keys are of the form http://<authority>/<random uuid> and they are sent over http header "authorization".
Diffstat (limited to 'OpenSim/Framework')
-rw-r--r--OpenSim/Framework/Communications/IAuthentication.cs13
-rw-r--r--OpenSim/Framework/Communications/UserManagerBase.cs83
2 files changed, 95 insertions, 1 deletions
diff --git a/OpenSim/Framework/Communications/IAuthentication.cs b/OpenSim/Framework/Communications/IAuthentication.cs
new file mode 100644
index 0000000..5d6d5f2
--- /dev/null
+++ b/OpenSim/Framework/Communications/IAuthentication.cs
@@ -0,0 +1,13 @@
1using System;
2
3using OpenMetaverse;
4
5
6namespace OpenSim.Framework.Communications
7{
8 public interface IAuthentication
9 {
10 string GetNewKey(string url, UUID userID, UUID authToken);
11 bool VerifyKey(UUID userID, string key);
12 }
13}
diff --git a/OpenSim/Framework/Communications/UserManagerBase.cs b/OpenSim/Framework/Communications/UserManagerBase.cs
index 62c3f89..c177d4f 100644
--- a/OpenSim/Framework/Communications/UserManagerBase.cs
+++ b/OpenSim/Framework/Communications/UserManagerBase.cs
@@ -42,7 +42,7 @@ namespace OpenSim.Framework.Communications
42 /// <summary> 42 /// <summary>
43 /// Base class for user management (create, read, etc) 43 /// Base class for user management (create, read, etc)
44 /// </summary> 44 /// </summary>
45 public abstract class UserManagerBase : IUserService, IUserAdminService, IAvatarService, IMessagingService 45 public abstract class UserManagerBase : IUserService, IUserAdminService, IAvatarService, IMessagingService, IAuthentication
46 { 46 {
47 private static readonly ILog m_log 47 private static readonly ILog m_log
48 = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); 48 = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
@@ -750,5 +750,86 @@ namespace OpenSim.Framework.Communications
750 } 750 }
751 } 751 }
752 } 752 }
753
754 #region IAuthentication
755
756 protected Dictionary<UUID, List<string>> m_userKeys = new Dictionary<UUID, List<string>>();
757
758 /// <summary>
759 /// This generates authorization keys in the form
760 /// http://userserver/uuid
761 /// after verifying that the caller is, indeed, authorized to request a key
762 /// </summary>
763 /// <param name="url">URL of the user server</param>
764 /// <param name="userID">The user ID requesting the new key</param>
765 /// <param name="authToken">The original authorization token for that user, obtained during login</param>
766 /// <returns></returns>
767 public string GetNewKey(string url, UUID userID, UUID authToken)
768 {
769 UserProfileData profile = GetUserProfile(userID);
770 string newKey = string.Empty;
771 if (!url.EndsWith("/"))
772 url = url + "/";
773
774 if (profile != null)
775 {
776 // I'm overloading webloginkey for this, so that no changes are needed in the DB
777 // The uses of webloginkey are fairly mutually exclusive
778 if (profile.WebLoginKey.Equals(authToken))
779 {
780 newKey = UUID.Random().ToString();
781 List<string> keys;
782 lock (m_userKeys)
783 {
784 if (m_userKeys.ContainsKey(userID))
785 {
786 keys = m_userKeys[userID];
787 }
788 else
789 {
790 keys = new List<string>();
791 m_userKeys.Add(userID, keys);
792 }
793 keys.Add(newKey);
794 }
795 m_log.InfoFormat("[USERAUTH]: Successfully generated new auth key for user {0}", userID);
796 }
797 else
798 m_log.Info("[USERAUTH]: Unauthorized key generation request. Denying new key.");
799 }
800 else
801 m_log.Info("[USERAUTH]: User not found.");
802
803 return url + newKey;
804 }
805
806 /// <summary>
807 /// This verifies the uuid portion of the key given out by GenerateKey
808 /// </summary>
809 /// <param name="userID"></param>
810 /// <param name="key"></param>
811 /// <returns></returns>
812 public bool VerifyKey(UUID userID, string key)
813 {
814 lock (m_userKeys)
815 {
816 if (m_userKeys.ContainsKey(userID))
817 {
818 List<string> keys = m_userKeys[userID];
819 if (keys.Contains(key))
820 {
821 // Keys are one-time only, so remove it
822 keys.Remove(key);
823 return true;
824 }
825 return false;
826 }
827 else
828 return false;
829 }
830 }
831
832 #endregion
833
753 } 834 }
754} 835}