Implement plain password authentication partway. Tested, but no user

functionality yet.
author: Melanie 2009-09-04 07:03:43 +0100
committer: Melanie 2009-09-04 07:03:43 +0100
commit: 11700ba4a4e35cf7512f7f6e8b9b8e54e812f574 (patch)
tree: 683c464db85a52aa0b176c8f2d9ec91df9f94c1d /OpenSim/Server
parent: More work on new authentication service (diff)
download: opensim-SC_OLD-11700ba4a4e35cf7512f7f6e8b9b8e54e812f574.zip
opensim-SC_OLD-11700ba4a4e35cf7512f7f6e8b9b8e54e812f574.tar.gz
opensim-SC_OLD-11700ba4a4e35cf7512f7f6e8b9b8e54e812f574.tar.bz2
opensim-SC_OLD-11700ba4a4e35cf7512f7f6e8b9b8e54e812f574.tar.xz
3 files changed, 262 insertions, 2 deletions
diff --git a/OpenSim/Server/Base/ServerUtils.cs b/OpenSim/Server/Base/ServerUtils.cs
index 8d76ffe..0a36bbe 100644
--- a/OpenSim/Server/Base/ServerUtils.cs
+++ b/OpenSim/Server/Base/ServerUtils.cs
@@ -31,6 +31,7 @@ using System.Reflection;
 using System.Xml;
 using System.Xml.Serialization;
 using System.Text;
+using System.Collections.Generic;
 using log4net;
 using OpenSim.Framework;
@@ -156,5 +157,31 @@ namespace OpenSim.Server.Base
                return null;
            }
        }
+        public static Dictionary<string, string> ParseQueryString(string query)
+        {
+            Dictionary<string, string> result = new Dictionary<string, string>();
+            string[] terms = query.Split(new char[] {'&'});
+            if (terms.Length == 0)
+                return result;
+            foreach (string t in terms)
+            {
+                string[] elems = t.Split(new char[] {'='});
+                if (elems.Length == 0)
+                    continue;
+                string name = System.Web.HttpUtility.UrlDecode(elems[0]);
+                string value = String.Empty;
+                if (elems.Length > 1)
+                    value = System.Web.HttpUtility.UrlDecode(elems[1]);
+                result[name] = value;
+            }
+            return result;
+        }
    }
-}
-\ No newline at end of file
+}
diff --git a/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs b/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs
index 03a7980..589dc3b 100644
--- a/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs
+++ b/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs
@@ -54,7 +54,7 @@ namespace OpenSim.Server.Handlers.Authentication
            Object[] args = new Object[] { config };
            m_AuthenticationService = ServerUtils.LoadPlugin<IAuthenticationService>(authenticationService, args);
-            //server.AddStreamHandler(new AuthenticationServerGetHandler(m_AuthenticationService));
+            server.AddStreamHandler(new AuthenticationServerPostHandler(m_AuthenticationService));
        }
    }
 }
diff --git a/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs b/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs
new file mode 100644
index 0000000..6cf7d56
--- /dev/null
+++ b/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs
@@ -0,0 +1,233 @@
+/*
+ * Copyright (c) Contributors, http://opensimulator.org/
+ * See CONTRIBUTORS.TXT for a full list of copyright holders.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *     * Redistributions of source code must retain the above copyright
+ *       notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *     * Neither the name of the OpenSimulator Project nor the
+ *       names of its contributors may be used to endorse or promote products
+ *       derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+using Nini.Config;
+using log4net;
+using System;
+using System.Reflection;
+using System.IO;
+using System.Net;
+using System.Text;
+using System.Text.RegularExpressions;
+using System.Xml;
+using System.Xml.Serialization;
+using System.Collections.Generic;
+using OpenSim.Server.Base;
+using OpenSim.Services.Interfaces;
+using OpenSim.Framework;
+using OpenSim.Framework.Servers.HttpServer;
+using OpenMetaverse;
+namespace OpenSim.Server.Handlers.Authentication
+{
+    public class AuthenticationServerPostHandler : BaseStreamHandler
+    {
+        // private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
+        private IAuthenticationService m_AuthenticationService;
+        public AuthenticationServerPostHandler(IAuthenticationService service) :
+                base("POST", "/auth")
+        {
+            m_AuthenticationService = service;
+        }
+        public override byte[] Handle(string path, Stream request,
+                OSHttpRequest httpRequest, OSHttpResponse httpResponse)
+        {
+            string[] p = SplitParams(path);
+            if (p.Length > 0)
+            {
+                switch (p[0])
+                {
+                case "plain":
+                    StreamReader sr = new StreamReader(request);
+                    string body = sr.ReadToEnd();
+                    sr.Close();
+                    return DoPlainMethods(body);
+                case "crypt":
+                    byte[] buffer = new byte[request.Length];
+                    long length = request.Length;
+                    if (length > 16384)
+                        length = 16384;
+                    request.Read(buffer, 0, (int)length);
+                    return DoEncryptedMethods(buffer);
+                }
+            }
+            return new byte[0];
+        }
+        private byte[] DoPlainMethods(string body)
+        {
+            Dictionary<string, string> request =
+                    ServerUtils.ParseQueryString(body);
+            int lifetime = 30;
+            if (request.ContainsKey("LIFETIME"))
+            {
+                lifetime = Convert.ToInt32(request["LIFETIME"]);
+                if (lifetime > 30)
+                    lifetime = 30;
+            }
+            if (!request.ContainsKey("METHOD"))
+                return FailureResult();
+            if (!request.ContainsKey("PRINCIPAL"))
+                return FailureResult();
+            string method = request["METHOD"];
+            UUID principalID;
+            string token;
+            if (!UUID.TryParse(request["PRINCIPAL"], out principalID))
+                return FailureResult();
+            switch (method)
+            {
+            case "authenticate":
+                if (!request.ContainsKey("PASSWORD"))
+                    return FailureResult();
+                
+                token = m_AuthenticationService.Authenticate(principalID, request["PASSWORD"], lifetime);
+                if (token != String.Empty)
+                    return SuccessResult(token);
+                return FailureResult();
+            case "verify":
+                if (!request.ContainsKey("TOKEN"))
+                    return FailureResult();
+                
+                if (m_AuthenticationService.Verify(principalID, request["TOKEN"], lifetime))
+                    return SuccessResult();
+                return FailureResult();
+            case "release":
+                if (!request.ContainsKey("TOKEN"))
+                    return FailureResult();
+                if (m_AuthenticationService.Release(principalID, request["TOKEN"]))
+                    return SuccessResult();
+                return FailureResult();
+            }
+            return FailureResult();
+        }
+        private byte[] DoEncryptedMethods(byte[] ciphertext)
+        {
+            return new byte[0];
+        }
+        private byte[] SuccessResult()
+        {
+            XmlDocument doc = new XmlDocument();
+            XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration,
+                    "", "");
+            doc.AppendChild(xmlnode);
+            XmlElement rootElement = doc.CreateElement("", "Authentication",
+                    "");
+            doc.AppendChild(rootElement);
+            XmlElement result = doc.CreateElement("", "Result", "");
+            result.AppendChild(doc.CreateTextNode("Success"));
+            rootElement.AppendChild(result);
+            return DocToBytes(doc);
+        }
+        private byte[] FailureResult()
+        {
+            XmlDocument doc = new XmlDocument();
+            XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration,
+                    "", "");
+            doc.AppendChild(xmlnode);
+            XmlElement rootElement = doc.CreateElement("", "Authentication",
+                    "");
+            doc.AppendChild(rootElement);
+            XmlElement result = doc.CreateElement("", "Result", "");
+            result.AppendChild(doc.CreateTextNode("Failure"));
+            rootElement.AppendChild(result);
+            return DocToBytes(doc);
+        }
+        private byte[] SuccessResult(string token)
+        {
+            XmlDocument doc = new XmlDocument();
+            XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration,
+                    "", "");
+            doc.AppendChild(xmlnode);
+            XmlElement rootElement = doc.CreateElement("", "Authentication",
+                    "");
+            doc.AppendChild(rootElement);
+            XmlElement result = doc.CreateElement("", "Result", "");
+            result.AppendChild(doc.CreateTextNode("Success"));
+            rootElement.AppendChild(result);
+            XmlElement t = doc.CreateElement("", "Token", "");
+            t.AppendChild(doc.CreateTextNode(token));
+            rootElement.AppendChild(t);
+            return DocToBytes(doc);
+        }
+        private byte[] DocToBytes(XmlDocument doc)
+        {
+            MemoryStream ms = new MemoryStream();
+            XmlTextWriter xw = new XmlTextWriter(ms, null);
+            xw.Formatting = Formatting.Indented;
+            doc.WriteTo(xw);
+            xw.Flush();
+            return ms.GetBuffer();
+        }
+    }
+}
author	Melanie	2009-09-04 07:03:43 +0100
committer	Melanie	2009-09-04 07:03:43 +0100
commit	11700ba4a4e35cf7512f7f6e8b9b8e54e812f574 (patch)
tree	683c464db85a52aa0b176c8f2d9ec91df9f94c1d /OpenSim/Server
parent	More work on new authentication service (diff)
download	opensim-SC_OLD-11700ba4a4e35cf7512f7f6e8b9b8e54e812f574.zip opensim-SC_OLD-11700ba4a4e35cf7512f7f6e8b9b8e54e812f574.tar.gz opensim-SC_OLD-11700ba4a4e35cf7512f7f6e8b9b8e54e812f574.tar.bz2 opensim-SC_OLD-11700ba4a4e35cf7512f7f6e8b9b8e54e812f574.tar.xz

diff --git a/OpenSim/Server/Base/ServerUtils.cs b/OpenSim/Server/Base/ServerUtils.cs index 8d76ffe..0a36bbe 100644 --- a/OpenSim/Server/Base/ServerUtils.cs +++ b/OpenSim/Server/Base/ServerUtils.cs
@@ -31,6 +31,7 @@ using System.Reflection;
31	using System.Xml;	31	using System.Xml;
32	using System.Xml.Serialization;	32	using System.Xml.Serialization;
33	using System.Text;	33	using System.Text;
		34	using System.Collections.Generic;
34	using log4net;	35	using log4net;
35	using OpenSim.Framework;	36	using OpenSim.Framework;
36		37
@@ -156,5 +157,31 @@ namespace OpenSim.Server.Base
156	return null;	157	return null;
157	}	158	}
158	}	159	}
		160
		161	public static Dictionary<string, string> ParseQueryString(string query)
		162	{
		163	Dictionary<string, string> result = new Dictionary<string, string>();
		164	string[] terms = query.Split(new char[] {'&'});
		165
		166	if (terms.Length == 0)
		167	return result;
		168
		169	foreach (string t in terms)
		170	{
		171	string[] elems = t.Split(new char[] {'='});
		172	if (elems.Length == 0)
		173	continue;
		174
		175	string name = System.Web.HttpUtility.UrlDecode(elems[0]);
		176	string value = String.Empty;
		177
		178	if (elems.Length > 1)
		179	value = System.Web.HttpUtility.UrlDecode(elems[1]);
		180
		181	result[name] = value;
		182	}
		183
		184	return result;
		185	}
159	}	186	}
160	} \ No newline at end of file	187	}


diff --git a/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs b/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs index 03a7980..589dc3b 100644 --- a/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs +++ b/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs
@@ -54,7 +54,7 @@ namespace OpenSim.Server.Handlers.Authentication
54	Object[] args = new Object[] { config };	54	Object[] args = new Object[] { config };
55	m_AuthenticationService = ServerUtils.LoadPlugin<IAuthenticationService>(authenticationService, args);	55	m_AuthenticationService = ServerUtils.LoadPlugin<IAuthenticationService>(authenticationService, args);
56		56
57	//server.AddStreamHandler(new AuthenticationServerGetHandler(m_AuthenticationService));	57	server.AddStreamHandler(new AuthenticationServerPostHandler(m_AuthenticationService));
58	}	58	}
59	}	59	}
60	}	60	}


diff --git a/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs b/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs new file mode 100644 index 0000000..6cf7d56 --- /dev/null +++ b/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs
@@ -0,0 +1,233 @@
		1	/*
		2	* Copyright (c) Contributors, http://opensimulator.org/
		3	* See CONTRIBUTORS.TXT for a full list of copyright holders.
		4	*
		5	* Redistribution and use in source and binary forms, with or without
		6	* modification, are permitted provided that the following conditions are met:
		7	* * Redistributions of source code must retain the above copyright
		8	* notice, this list of conditions and the following disclaimer.
		9	* * Redistributions in binary form must reproduce the above copyright
		10	* notice, this list of conditions and the following disclaimer in the
		11	* documentation and/or other materials provided with the distribution.
		12	* * Neither the name of the OpenSimulator Project nor the
		13	* names of its contributors may be used to endorse or promote products
		14	* derived from this software without specific prior written permission.
		15	*
		16	* THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
		17	* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
		18	* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
		19	* DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
		20	* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
		21	* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
		22	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
		23	* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
		24	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
		25	* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
		26	*/
		27
		28	using Nini.Config;
		29	using log4net;
		30	using System;
		31	using System.Reflection;
		32	using System.IO;
		33	using System.Net;
		34	using System.Text;
		35	using System.Text.RegularExpressions;
		36	using System.Xml;
		37	using System.Xml.Serialization;
		38	using System.Collections.Generic;
		39	using OpenSim.Server.Base;
		40	using OpenSim.Services.Interfaces;
		41	using OpenSim.Framework;
		42	using OpenSim.Framework.Servers.HttpServer;
		43	using OpenMetaverse;
		44
		45	namespace OpenSim.Server.Handlers.Authentication
		46	{
		47	public class AuthenticationServerPostHandler : BaseStreamHandler
		48	{
		49	// private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
		50
		51	private IAuthenticationService m_AuthenticationService;
		52
		53	public AuthenticationServerPostHandler(IAuthenticationService service) :
		54	base("POST", "/auth")
		55	{
		56	m_AuthenticationService = service;
		57	}
		58
		59	public override byte[] Handle(string path, Stream request,
		60	OSHttpRequest httpRequest, OSHttpResponse httpResponse)
		61	{
		62	string[] p = SplitParams(path);
		63
		64	if (p.Length > 0)
		65	{
		66	switch (p[0])
		67	{
		68	case "plain":
		69	StreamReader sr = new StreamReader(request);
		70	string body = sr.ReadToEnd();
		71	sr.Close();
		72
		73	return DoPlainMethods(body);
		74	case "crypt":
		75	byte[] buffer = new byte[request.Length];
		76	long length = request.Length;
		77	if (length > 16384)
		78	length = 16384;
		79	request.Read(buffer, 0, (int)length);
		80
		81	return DoEncryptedMethods(buffer);
		82	}
		83	}
		84	return new byte[0];
		85	}
		86
		87	private byte[] DoPlainMethods(string body)
		88	{
		89	Dictionary<string, string> request =
		90	ServerUtils.ParseQueryString(body);
		91
		92	int lifetime = 30;
		93
		94	if (request.ContainsKey("LIFETIME"))
		95	{
		96	lifetime = Convert.ToInt32(request["LIFETIME"]);
		97	if (lifetime > 30)
		98	lifetime = 30;
		99	}
		100
		101	if (!request.ContainsKey("METHOD"))
		102	return FailureResult();
		103	if (!request.ContainsKey("PRINCIPAL"))
		104	return FailureResult();
		105
		106	string method = request["METHOD"];
		107
		108	UUID principalID;
		109	string token;
		110
		111	if (!UUID.TryParse(request["PRINCIPAL"], out principalID))
		112	return FailureResult();
		113
		114	switch (method)
		115	{
		116	case "authenticate":
		117	if (!request.ContainsKey("PASSWORD"))
		118	return FailureResult();
		119
		120	token = m_AuthenticationService.Authenticate(principalID, request["PASSWORD"], lifetime);
		121
		122	if (token != String.Empty)
		123	return SuccessResult(token);
		124	return FailureResult();
		125	case "verify":
		126	if (!request.ContainsKey("TOKEN"))
		127	return FailureResult();
		128
		129	if (m_AuthenticationService.Verify(principalID, request["TOKEN"], lifetime))
		130	return SuccessResult();
		131
		132	return FailureResult();
		133	case "release":
		134	if (!request.ContainsKey("TOKEN"))
		135	return FailureResult();
		136
		137	if (m_AuthenticationService.Release(principalID, request["TOKEN"]))
		138	return SuccessResult();
		139
		140	return FailureResult();
		141	}
		142
		143	return FailureResult();
		144	}
		145
		146	private byte[] DoEncryptedMethods(byte[] ciphertext)
		147	{
		148	return new byte[0];
		149	}
		150
		151	private byte[] SuccessResult()
		152	{
		153	XmlDocument doc = new XmlDocument();
		154
		155	XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration,
		156	"", "");
		157
		158	doc.AppendChild(xmlnode);
		159
		160	XmlElement rootElement = doc.CreateElement("", "Authentication",
		161	"");
		162
		163	doc.AppendChild(rootElement);
		164
		165	XmlElement result = doc.CreateElement("", "Result", "");
		166	result.AppendChild(doc.CreateTextNode("Success"));
		167
		168	rootElement.AppendChild(result);
		169
		170	return DocToBytes(doc);
		171	}
		172
		173	private byte[] FailureResult()
		174	{
		175	XmlDocument doc = new XmlDocument();
		176
		177	XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration,
		178	"", "");
		179
		180	doc.AppendChild(xmlnode);
		181
		182	XmlElement rootElement = doc.CreateElement("", "Authentication",
		183	"");
		184
		185	doc.AppendChild(rootElement);
		186
		187	XmlElement result = doc.CreateElement("", "Result", "");
		188	result.AppendChild(doc.CreateTextNode("Failure"));
		189
		190	rootElement.AppendChild(result);
		191
		192	return DocToBytes(doc);
		193	}
		194
		195	private byte[] SuccessResult(string token)
		196	{
		197	XmlDocument doc = new XmlDocument();
		198
		199	XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration,
		200	"", "");
		201
		202	doc.AppendChild(xmlnode);
		203
		204	XmlElement rootElement = doc.CreateElement("", "Authentication",
		205	"");
		206
		207	doc.AppendChild(rootElement);
		208
		209	XmlElement result = doc.CreateElement("", "Result", "");
		210	result.AppendChild(doc.CreateTextNode("Success"));
		211
		212	rootElement.AppendChild(result);
		213
		214	XmlElement t = doc.CreateElement("", "Token", "");
		215	t.AppendChild(doc.CreateTextNode(token));
		216
		217	rootElement.AppendChild(t);
		218
		219	return DocToBytes(doc);
		220	}
		221
		222	private byte[] DocToBytes(XmlDocument doc)
		223	{
		224	MemoryStream ms = new MemoryStream();
		225	XmlTextWriter xw = new XmlTextWriter(ms, null);
		226	xw.Formatting = Formatting.Indented;
		227	doc.WriteTo(xw);
		228	xw.Flush();
		229
		230	return ms.GetBuffer();
		231	}
		232	}
		233	}