diff options
author | Melanie | 2009-09-04 07:03:43 +0100 |
---|---|---|
committer | Melanie | 2009-09-04 07:03:43 +0100 |
commit | 11700ba4a4e35cf7512f7f6e8b9b8e54e812f574 (patch) | |
tree | 683c464db85a52aa0b176c8f2d9ec91df9f94c1d /OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs | |
parent | More work on new authentication service (diff) | |
download | opensim-SC_OLD-11700ba4a4e35cf7512f7f6e8b9b8e54e812f574.zip opensim-SC_OLD-11700ba4a4e35cf7512f7f6e8b9b8e54e812f574.tar.gz opensim-SC_OLD-11700ba4a4e35cf7512f7f6e8b9b8e54e812f574.tar.bz2 opensim-SC_OLD-11700ba4a4e35cf7512f7f6e8b9b8e54e812f574.tar.xz |
Implement plain password authentication partway. Tested, but no user
functionality yet.
Diffstat (limited to 'OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs')
-rw-r--r-- | OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs | 233 |
1 files changed, 233 insertions, 0 deletions
diff --git a/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs b/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs new file mode 100644 index 0000000..6cf7d56 --- /dev/null +++ b/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs | |||
@@ -0,0 +1,233 @@ | |||
1 | /* | ||
2 | * Copyright (c) Contributors, http://opensimulator.org/ | ||
3 | * See CONTRIBUTORS.TXT for a full list of copyright holders. | ||
4 | * | ||
5 | * Redistribution and use in source and binary forms, with or without | ||
6 | * modification, are permitted provided that the following conditions are met: | ||
7 | * * Redistributions of source code must retain the above copyright | ||
8 | * notice, this list of conditions and the following disclaimer. | ||
9 | * * Redistributions in binary form must reproduce the above copyright | ||
10 | * notice, this list of conditions and the following disclaimer in the | ||
11 | * documentation and/or other materials provided with the distribution. | ||
12 | * * Neither the name of the OpenSimulator Project nor the | ||
13 | * names of its contributors may be used to endorse or promote products | ||
14 | * derived from this software without specific prior written permission. | ||
15 | * | ||
16 | * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY | ||
17 | * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | ||
18 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | ||
19 | * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY | ||
20 | * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | ||
21 | * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
22 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND | ||
23 | * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
24 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS | ||
25 | * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
26 | */ | ||
27 | |||
28 | using Nini.Config; | ||
29 | using log4net; | ||
30 | using System; | ||
31 | using System.Reflection; | ||
32 | using System.IO; | ||
33 | using System.Net; | ||
34 | using System.Text; | ||
35 | using System.Text.RegularExpressions; | ||
36 | using System.Xml; | ||
37 | using System.Xml.Serialization; | ||
38 | using System.Collections.Generic; | ||
39 | using OpenSim.Server.Base; | ||
40 | using OpenSim.Services.Interfaces; | ||
41 | using OpenSim.Framework; | ||
42 | using OpenSim.Framework.Servers.HttpServer; | ||
43 | using OpenMetaverse; | ||
44 | |||
45 | namespace OpenSim.Server.Handlers.Authentication | ||
46 | { | ||
47 | public class AuthenticationServerPostHandler : BaseStreamHandler | ||
48 | { | ||
49 | // private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); | ||
50 | |||
51 | private IAuthenticationService m_AuthenticationService; | ||
52 | |||
53 | public AuthenticationServerPostHandler(IAuthenticationService service) : | ||
54 | base("POST", "/auth") | ||
55 | { | ||
56 | m_AuthenticationService = service; | ||
57 | } | ||
58 | |||
59 | public override byte[] Handle(string path, Stream request, | ||
60 | OSHttpRequest httpRequest, OSHttpResponse httpResponse) | ||
61 | { | ||
62 | string[] p = SplitParams(path); | ||
63 | |||
64 | if (p.Length > 0) | ||
65 | { | ||
66 | switch (p[0]) | ||
67 | { | ||
68 | case "plain": | ||
69 | StreamReader sr = new StreamReader(request); | ||
70 | string body = sr.ReadToEnd(); | ||
71 | sr.Close(); | ||
72 | |||
73 | return DoPlainMethods(body); | ||
74 | case "crypt": | ||
75 | byte[] buffer = new byte[request.Length]; | ||
76 | long length = request.Length; | ||
77 | if (length > 16384) | ||
78 | length = 16384; | ||
79 | request.Read(buffer, 0, (int)length); | ||
80 | |||
81 | return DoEncryptedMethods(buffer); | ||
82 | } | ||
83 | } | ||
84 | return new byte[0]; | ||
85 | } | ||
86 | |||
87 | private byte[] DoPlainMethods(string body) | ||
88 | { | ||
89 | Dictionary<string, string> request = | ||
90 | ServerUtils.ParseQueryString(body); | ||
91 | |||
92 | int lifetime = 30; | ||
93 | |||
94 | if (request.ContainsKey("LIFETIME")) | ||
95 | { | ||
96 | lifetime = Convert.ToInt32(request["LIFETIME"]); | ||
97 | if (lifetime > 30) | ||
98 | lifetime = 30; | ||
99 | } | ||
100 | |||
101 | if (!request.ContainsKey("METHOD")) | ||
102 | return FailureResult(); | ||
103 | if (!request.ContainsKey("PRINCIPAL")) | ||
104 | return FailureResult(); | ||
105 | |||
106 | string method = request["METHOD"]; | ||
107 | |||
108 | UUID principalID; | ||
109 | string token; | ||
110 | |||
111 | if (!UUID.TryParse(request["PRINCIPAL"], out principalID)) | ||
112 | return FailureResult(); | ||
113 | |||
114 | switch (method) | ||
115 | { | ||
116 | case "authenticate": | ||
117 | if (!request.ContainsKey("PASSWORD")) | ||
118 | return FailureResult(); | ||
119 | |||
120 | token = m_AuthenticationService.Authenticate(principalID, request["PASSWORD"], lifetime); | ||
121 | |||
122 | if (token != String.Empty) | ||
123 | return SuccessResult(token); | ||
124 | return FailureResult(); | ||
125 | case "verify": | ||
126 | if (!request.ContainsKey("TOKEN")) | ||
127 | return FailureResult(); | ||
128 | |||
129 | if (m_AuthenticationService.Verify(principalID, request["TOKEN"], lifetime)) | ||
130 | return SuccessResult(); | ||
131 | |||
132 | return FailureResult(); | ||
133 | case "release": | ||
134 | if (!request.ContainsKey("TOKEN")) | ||
135 | return FailureResult(); | ||
136 | |||
137 | if (m_AuthenticationService.Release(principalID, request["TOKEN"])) | ||
138 | return SuccessResult(); | ||
139 | |||
140 | return FailureResult(); | ||
141 | } | ||
142 | |||
143 | return FailureResult(); | ||
144 | } | ||
145 | |||
146 | private byte[] DoEncryptedMethods(byte[] ciphertext) | ||
147 | { | ||
148 | return new byte[0]; | ||
149 | } | ||
150 | |||
151 | private byte[] SuccessResult() | ||
152 | { | ||
153 | XmlDocument doc = new XmlDocument(); | ||
154 | |||
155 | XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration, | ||
156 | "", ""); | ||
157 | |||
158 | doc.AppendChild(xmlnode); | ||
159 | |||
160 | XmlElement rootElement = doc.CreateElement("", "Authentication", | ||
161 | ""); | ||
162 | |||
163 | doc.AppendChild(rootElement); | ||
164 | |||
165 | XmlElement result = doc.CreateElement("", "Result", ""); | ||
166 | result.AppendChild(doc.CreateTextNode("Success")); | ||
167 | |||
168 | rootElement.AppendChild(result); | ||
169 | |||
170 | return DocToBytes(doc); | ||
171 | } | ||
172 | |||
173 | private byte[] FailureResult() | ||
174 | { | ||
175 | XmlDocument doc = new XmlDocument(); | ||
176 | |||
177 | XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration, | ||
178 | "", ""); | ||
179 | |||
180 | doc.AppendChild(xmlnode); | ||
181 | |||
182 | XmlElement rootElement = doc.CreateElement("", "Authentication", | ||
183 | ""); | ||
184 | |||
185 | doc.AppendChild(rootElement); | ||
186 | |||
187 | XmlElement result = doc.CreateElement("", "Result", ""); | ||
188 | result.AppendChild(doc.CreateTextNode("Failure")); | ||
189 | |||
190 | rootElement.AppendChild(result); | ||
191 | |||
192 | return DocToBytes(doc); | ||
193 | } | ||
194 | |||
195 | private byte[] SuccessResult(string token) | ||
196 | { | ||
197 | XmlDocument doc = new XmlDocument(); | ||
198 | |||
199 | XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration, | ||
200 | "", ""); | ||
201 | |||
202 | doc.AppendChild(xmlnode); | ||
203 | |||
204 | XmlElement rootElement = doc.CreateElement("", "Authentication", | ||
205 | ""); | ||
206 | |||
207 | doc.AppendChild(rootElement); | ||
208 | |||
209 | XmlElement result = doc.CreateElement("", "Result", ""); | ||
210 | result.AppendChild(doc.CreateTextNode("Success")); | ||
211 | |||
212 | rootElement.AppendChild(result); | ||
213 | |||
214 | XmlElement t = doc.CreateElement("", "Token", ""); | ||
215 | t.AppendChild(doc.CreateTextNode(token)); | ||
216 | |||
217 | rootElement.AppendChild(t); | ||
218 | |||
219 | return DocToBytes(doc); | ||
220 | } | ||
221 | |||
222 | private byte[] DocToBytes(XmlDocument doc) | ||
223 | { | ||
224 | MemoryStream ms = new MemoryStream(); | ||
225 | XmlTextWriter xw = new XmlTextWriter(ms, null); | ||
226 | xw.Formatting = Formatting.Indented; | ||
227 | doc.WriteTo(xw); | ||
228 | xw.Flush(); | ||
229 | |||
230 | return ms.GetBuffer(); | ||
231 | } | ||
232 | } | ||
233 | } | ||