aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs
diff options
context:
space:
mode:
authorMelanie2009-09-04 07:03:43 +0100
committerMelanie2009-09-04 07:03:43 +0100
commit11700ba4a4e35cf7512f7f6e8b9b8e54e812f574 (patch)
tree683c464db85a52aa0b176c8f2d9ec91df9f94c1d /OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs
parentMore work on new authentication service (diff)
downloadopensim-SC_OLD-11700ba4a4e35cf7512f7f6e8b9b8e54e812f574.zip
opensim-SC_OLD-11700ba4a4e35cf7512f7f6e8b9b8e54e812f574.tar.gz
opensim-SC_OLD-11700ba4a4e35cf7512f7f6e8b9b8e54e812f574.tar.bz2
opensim-SC_OLD-11700ba4a4e35cf7512f7f6e8b9b8e54e812f574.tar.xz
Implement plain password authentication partway. Tested, but no user
functionality yet.
Diffstat (limited to 'OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs')
-rw-r--r--OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs233
1 files changed, 233 insertions, 0 deletions
diff --git a/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs b/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs
new file mode 100644
index 0000000..6cf7d56
--- /dev/null
+++ b/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs
@@ -0,0 +1,233 @@
1/*
2 * Copyright (c) Contributors, http://opensimulator.org/
3 * See CONTRIBUTORS.TXT for a full list of copyright holders.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are met:
7 * * Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * * Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * * Neither the name of the OpenSimulator Project nor the
13 * names of its contributors may be used to endorse or promote products
14 * derived from this software without specific prior written permission.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
17 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19 * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
20 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
28using Nini.Config;
29using log4net;
30using System;
31using System.Reflection;
32using System.IO;
33using System.Net;
34using System.Text;
35using System.Text.RegularExpressions;
36using System.Xml;
37using System.Xml.Serialization;
38using System.Collections.Generic;
39using OpenSim.Server.Base;
40using OpenSim.Services.Interfaces;
41using OpenSim.Framework;
42using OpenSim.Framework.Servers.HttpServer;
43using OpenMetaverse;
44
45namespace OpenSim.Server.Handlers.Authentication
46{
47 public class AuthenticationServerPostHandler : BaseStreamHandler
48 {
49 // private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
50
51 private IAuthenticationService m_AuthenticationService;
52
53 public AuthenticationServerPostHandler(IAuthenticationService service) :
54 base("POST", "/auth")
55 {
56 m_AuthenticationService = service;
57 }
58
59 public override byte[] Handle(string path, Stream request,
60 OSHttpRequest httpRequest, OSHttpResponse httpResponse)
61 {
62 string[] p = SplitParams(path);
63
64 if (p.Length > 0)
65 {
66 switch (p[0])
67 {
68 case "plain":
69 StreamReader sr = new StreamReader(request);
70 string body = sr.ReadToEnd();
71 sr.Close();
72
73 return DoPlainMethods(body);
74 case "crypt":
75 byte[] buffer = new byte[request.Length];
76 long length = request.Length;
77 if (length > 16384)
78 length = 16384;
79 request.Read(buffer, 0, (int)length);
80
81 return DoEncryptedMethods(buffer);
82 }
83 }
84 return new byte[0];
85 }
86
87 private byte[] DoPlainMethods(string body)
88 {
89 Dictionary<string, string> request =
90 ServerUtils.ParseQueryString(body);
91
92 int lifetime = 30;
93
94 if (request.ContainsKey("LIFETIME"))
95 {
96 lifetime = Convert.ToInt32(request["LIFETIME"]);
97 if (lifetime > 30)
98 lifetime = 30;
99 }
100
101 if (!request.ContainsKey("METHOD"))
102 return FailureResult();
103 if (!request.ContainsKey("PRINCIPAL"))
104 return FailureResult();
105
106 string method = request["METHOD"];
107
108 UUID principalID;
109 string token;
110
111 if (!UUID.TryParse(request["PRINCIPAL"], out principalID))
112 return FailureResult();
113
114 switch (method)
115 {
116 case "authenticate":
117 if (!request.ContainsKey("PASSWORD"))
118 return FailureResult();
119
120 token = m_AuthenticationService.Authenticate(principalID, request["PASSWORD"], lifetime);
121
122 if (token != String.Empty)
123 return SuccessResult(token);
124 return FailureResult();
125 case "verify":
126 if (!request.ContainsKey("TOKEN"))
127 return FailureResult();
128
129 if (m_AuthenticationService.Verify(principalID, request["TOKEN"], lifetime))
130 return SuccessResult();
131
132 return FailureResult();
133 case "release":
134 if (!request.ContainsKey("TOKEN"))
135 return FailureResult();
136
137 if (m_AuthenticationService.Release(principalID, request["TOKEN"]))
138 return SuccessResult();
139
140 return FailureResult();
141 }
142
143 return FailureResult();
144 }
145
146 private byte[] DoEncryptedMethods(byte[] ciphertext)
147 {
148 return new byte[0];
149 }
150
151 private byte[] SuccessResult()
152 {
153 XmlDocument doc = new XmlDocument();
154
155 XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration,
156 "", "");
157
158 doc.AppendChild(xmlnode);
159
160 XmlElement rootElement = doc.CreateElement("", "Authentication",
161 "");
162
163 doc.AppendChild(rootElement);
164
165 XmlElement result = doc.CreateElement("", "Result", "");
166 result.AppendChild(doc.CreateTextNode("Success"));
167
168 rootElement.AppendChild(result);
169
170 return DocToBytes(doc);
171 }
172
173 private byte[] FailureResult()
174 {
175 XmlDocument doc = new XmlDocument();
176
177 XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration,
178 "", "");
179
180 doc.AppendChild(xmlnode);
181
182 XmlElement rootElement = doc.CreateElement("", "Authentication",
183 "");
184
185 doc.AppendChild(rootElement);
186
187 XmlElement result = doc.CreateElement("", "Result", "");
188 result.AppendChild(doc.CreateTextNode("Failure"));
189
190 rootElement.AppendChild(result);
191
192 return DocToBytes(doc);
193 }
194
195 private byte[] SuccessResult(string token)
196 {
197 XmlDocument doc = new XmlDocument();
198
199 XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration,
200 "", "");
201
202 doc.AppendChild(xmlnode);
203
204 XmlElement rootElement = doc.CreateElement("", "Authentication",
205 "");
206
207 doc.AppendChild(rootElement);
208
209 XmlElement result = doc.CreateElement("", "Result", "");
210 result.AppendChild(doc.CreateTextNode("Success"));
211
212 rootElement.AppendChild(result);
213
214 XmlElement t = doc.CreateElement("", "Token", "");
215 t.AppendChild(doc.CreateTextNode(token));
216
217 rootElement.AppendChild(t);
218
219 return DocToBytes(doc);
220 }
221
222 private byte[] DocToBytes(XmlDocument doc)
223 {
224 MemoryStream ms = new MemoryStream();
225 XmlTextWriter xw = new XmlTextWriter(ms, null);
226 xw.Formatting = Formatting.Indented;
227 doc.WriteTo(xw);
228 xw.Flush();
229
230 return ms.GetBuffer();
231 }
232 }
233}