aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim
diff options
context:
space:
mode:
authorMelanie2009-09-04 07:03:43 +0100
committerMelanie2009-09-04 07:03:43 +0100
commit11700ba4a4e35cf7512f7f6e8b9b8e54e812f574 (patch)
tree683c464db85a52aa0b176c8f2d9ec91df9f94c1d /OpenSim
parentMore work on new authentication service (diff)
downloadopensim-SC_OLD-11700ba4a4e35cf7512f7f6e8b9b8e54e812f574.zip
opensim-SC_OLD-11700ba4a4e35cf7512f7f6e8b9b8e54e812f574.tar.gz
opensim-SC_OLD-11700ba4a4e35cf7512f7f6e8b9b8e54e812f574.tar.bz2
opensim-SC_OLD-11700ba4a4e35cf7512f7f6e8b9b8e54e812f574.tar.xz
Implement plain password authentication partway. Tested, but no user
functionality yet.
Diffstat (limited to '')
-rw-r--r--OpenSim/Server/Base/ServerUtils.cs29
-rw-r--r--OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs2
-rw-r--r--OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs233
-rw-r--r--OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs15
-rw-r--r--OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs28
-rw-r--r--OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs12
-rw-r--r--OpenSim/Services/Interfaces/IAuthenticationService.cs4
7 files changed, 297 insertions, 26 deletions
diff --git a/OpenSim/Server/Base/ServerUtils.cs b/OpenSim/Server/Base/ServerUtils.cs
index 8d76ffe..0a36bbe 100644
--- a/OpenSim/Server/Base/ServerUtils.cs
+++ b/OpenSim/Server/Base/ServerUtils.cs
@@ -31,6 +31,7 @@ using System.Reflection;
31using System.Xml; 31using System.Xml;
32using System.Xml.Serialization; 32using System.Xml.Serialization;
33using System.Text; 33using System.Text;
34using System.Collections.Generic;
34using log4net; 35using log4net;
35using OpenSim.Framework; 36using OpenSim.Framework;
36 37
@@ -156,5 +157,31 @@ namespace OpenSim.Server.Base
156 return null; 157 return null;
157 } 158 }
158 } 159 }
160
161 public static Dictionary<string, string> ParseQueryString(string query)
162 {
163 Dictionary<string, string> result = new Dictionary<string, string>();
164 string[] terms = query.Split(new char[] {'&'});
165
166 if (terms.Length == 0)
167 return result;
168
169 foreach (string t in terms)
170 {
171 string[] elems = t.Split(new char[] {'='});
172 if (elems.Length == 0)
173 continue;
174
175 string name = System.Web.HttpUtility.UrlDecode(elems[0]);
176 string value = String.Empty;
177
178 if (elems.Length > 1)
179 value = System.Web.HttpUtility.UrlDecode(elems[1]);
180
181 result[name] = value;
182 }
183
184 return result;
185 }
159 } 186 }
160} \ No newline at end of file 187}
diff --git a/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs b/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs
index 03a7980..589dc3b 100644
--- a/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs
+++ b/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs
@@ -54,7 +54,7 @@ namespace OpenSim.Server.Handlers.Authentication
54 Object[] args = new Object[] { config }; 54 Object[] args = new Object[] { config };
55 m_AuthenticationService = ServerUtils.LoadPlugin<IAuthenticationService>(authenticationService, args); 55 m_AuthenticationService = ServerUtils.LoadPlugin<IAuthenticationService>(authenticationService, args);
56 56
57 //server.AddStreamHandler(new AuthenticationServerGetHandler(m_AuthenticationService)); 57 server.AddStreamHandler(new AuthenticationServerPostHandler(m_AuthenticationService));
58 } 58 }
59 } 59 }
60} 60}
diff --git a/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs b/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs
new file mode 100644
index 0000000..6cf7d56
--- /dev/null
+++ b/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs
@@ -0,0 +1,233 @@
1/*
2 * Copyright (c) Contributors, http://opensimulator.org/
3 * See CONTRIBUTORS.TXT for a full list of copyright holders.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are met:
7 * * Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * * Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * * Neither the name of the OpenSimulator Project nor the
13 * names of its contributors may be used to endorse or promote products
14 * derived from this software without specific prior written permission.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
17 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19 * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
20 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
28using Nini.Config;
29using log4net;
30using System;
31using System.Reflection;
32using System.IO;
33using System.Net;
34using System.Text;
35using System.Text.RegularExpressions;
36using System.Xml;
37using System.Xml.Serialization;
38using System.Collections.Generic;
39using OpenSim.Server.Base;
40using OpenSim.Services.Interfaces;
41using OpenSim.Framework;
42using OpenSim.Framework.Servers.HttpServer;
43using OpenMetaverse;
44
45namespace OpenSim.Server.Handlers.Authentication
46{
47 public class AuthenticationServerPostHandler : BaseStreamHandler
48 {
49 // private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
50
51 private IAuthenticationService m_AuthenticationService;
52
53 public AuthenticationServerPostHandler(IAuthenticationService service) :
54 base("POST", "/auth")
55 {
56 m_AuthenticationService = service;
57 }
58
59 public override byte[] Handle(string path, Stream request,
60 OSHttpRequest httpRequest, OSHttpResponse httpResponse)
61 {
62 string[] p = SplitParams(path);
63
64 if (p.Length > 0)
65 {
66 switch (p[0])
67 {
68 case "plain":
69 StreamReader sr = new StreamReader(request);
70 string body = sr.ReadToEnd();
71 sr.Close();
72
73 return DoPlainMethods(body);
74 case "crypt":
75 byte[] buffer = new byte[request.Length];
76 long length = request.Length;
77 if (length > 16384)
78 length = 16384;
79 request.Read(buffer, 0, (int)length);
80
81 return DoEncryptedMethods(buffer);
82 }
83 }
84 return new byte[0];
85 }
86
87 private byte[] DoPlainMethods(string body)
88 {
89 Dictionary<string, string> request =
90 ServerUtils.ParseQueryString(body);
91
92 int lifetime = 30;
93
94 if (request.ContainsKey("LIFETIME"))
95 {
96 lifetime = Convert.ToInt32(request["LIFETIME"]);
97 if (lifetime > 30)
98 lifetime = 30;
99 }
100
101 if (!request.ContainsKey("METHOD"))
102 return FailureResult();
103 if (!request.ContainsKey("PRINCIPAL"))
104 return FailureResult();
105
106 string method = request["METHOD"];
107
108 UUID principalID;
109 string token;
110
111 if (!UUID.TryParse(request["PRINCIPAL"], out principalID))
112 return FailureResult();
113
114 switch (method)
115 {
116 case "authenticate":
117 if (!request.ContainsKey("PASSWORD"))
118 return FailureResult();
119
120 token = m_AuthenticationService.Authenticate(principalID, request["PASSWORD"], lifetime);
121
122 if (token != String.Empty)
123 return SuccessResult(token);
124 return FailureResult();
125 case "verify":
126 if (!request.ContainsKey("TOKEN"))
127 return FailureResult();
128
129 if (m_AuthenticationService.Verify(principalID, request["TOKEN"], lifetime))
130 return SuccessResult();
131
132 return FailureResult();
133 case "release":
134 if (!request.ContainsKey("TOKEN"))
135 return FailureResult();
136
137 if (m_AuthenticationService.Release(principalID, request["TOKEN"]))
138 return SuccessResult();
139
140 return FailureResult();
141 }
142
143 return FailureResult();
144 }
145
146 private byte[] DoEncryptedMethods(byte[] ciphertext)
147 {
148 return new byte[0];
149 }
150
151 private byte[] SuccessResult()
152 {
153 XmlDocument doc = new XmlDocument();
154
155 XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration,
156 "", "");
157
158 doc.AppendChild(xmlnode);
159
160 XmlElement rootElement = doc.CreateElement("", "Authentication",
161 "");
162
163 doc.AppendChild(rootElement);
164
165 XmlElement result = doc.CreateElement("", "Result", "");
166 result.AppendChild(doc.CreateTextNode("Success"));
167
168 rootElement.AppendChild(result);
169
170 return DocToBytes(doc);
171 }
172
173 private byte[] FailureResult()
174 {
175 XmlDocument doc = new XmlDocument();
176
177 XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration,
178 "", "");
179
180 doc.AppendChild(xmlnode);
181
182 XmlElement rootElement = doc.CreateElement("", "Authentication",
183 "");
184
185 doc.AppendChild(rootElement);
186
187 XmlElement result = doc.CreateElement("", "Result", "");
188 result.AppendChild(doc.CreateTextNode("Failure"));
189
190 rootElement.AppendChild(result);
191
192 return DocToBytes(doc);
193 }
194
195 private byte[] SuccessResult(string token)
196 {
197 XmlDocument doc = new XmlDocument();
198
199 XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration,
200 "", "");
201
202 doc.AppendChild(xmlnode);
203
204 XmlElement rootElement = doc.CreateElement("", "Authentication",
205 "");
206
207 doc.AppendChild(rootElement);
208
209 XmlElement result = doc.CreateElement("", "Result", "");
210 result.AppendChild(doc.CreateTextNode("Success"));
211
212 rootElement.AppendChild(result);
213
214 XmlElement t = doc.CreateElement("", "Token", "");
215 t.AppendChild(doc.CreateTextNode(token));
216
217 rootElement.AppendChild(t);
218
219 return DocToBytes(doc);
220 }
221
222 private byte[] DocToBytes(XmlDocument doc)
223 {
224 MemoryStream ms = new MemoryStream();
225 XmlTextWriter xw = new XmlTextWriter(ms, null);
226 xw.Formatting = Formatting.Indented;
227 doc.WriteTo(xw);
228 xw.Flush();
229
230 return ms.GetBuffer();
231 }
232 }
233}
diff --git a/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs b/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs
index 200268b..dab0598 100644
--- a/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs
+++ b/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs
@@ -95,6 +95,16 @@ namespace OpenSim.Services.AuthenticationService
95 return new byte[0]; 95 return new byte[0];
96 } 96 }
97 97
98 public bool Verify(UUID principalID, string token, int lifetime)
99 {
100 return false;
101 }
102
103 public bool VerifyEncrypted(byte[] cyphertext, byte[] key)
104 {
105 return false;
106 }
107
98 public virtual bool Release(UUID principalID, string token) 108 public virtual bool Release(UUID principalID, string token)
99 { 109 {
100 return false; 110 return false;
@@ -104,5 +114,10 @@ namespace OpenSim.Services.AuthenticationService
104 { 114 {
105 return false; 115 return false;
106 } 116 }
117
118 protected string GetToken(UUID principalID, int lifetime)
119 {
120 return "OK";
121 }
107 } 122 }
108} 123}
diff --git a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
index 83ce0d0..7fdbbf6 100644
--- a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
+++ b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
@@ -56,8 +56,24 @@ namespace OpenSim.Services.AuthenticationService
56 { 56 {
57 } 57 }
58 58
59 public string Authenticate(UUID principalID, string password) 59 public string Authenticate(UUID principalID, string password, int lifetime)
60 { 60 {
61 AuthenticationData data = m_Database.Get(principalID);
62
63 if (!data.Data.ContainsKey("passwordHash") ||
64 !data.Data.ContainsKey("passwordSalt"))
65 {
66 return String.Empty;
67 }
68
69 string hashed = Util.Md5Hash(Util.Md5Hash(password) + ":" +
70 data.Data["passwordSalt"].ToString());
71
72 if (data.Data["passwordHash"].ToString() == hashed)
73 {
74 return GetToken(principalID, lifetime);
75 }
76
61 return String.Empty; 77 return String.Empty;
62 } 78 }
63 79
@@ -65,15 +81,5 @@ namespace OpenSim.Services.AuthenticationService
65 { 81 {
66 return new byte[0]; 82 return new byte[0];
67 } 83 }
68
69 public bool Verify(UUID principalID, string token)
70 {
71 return false;
72 }
73
74 public bool VerifyEncrypted(byte[] cyphertext, byte[] key)
75 {
76 return false;
77 }
78 } 84 }
79} 85}
diff --git a/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs b/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs
index af55df0..0118c91 100644
--- a/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs
+++ b/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs
@@ -52,7 +52,7 @@ namespace OpenSim.Services.AuthenticationService
52 { 52 {
53 } 53 }
54 54
55 public string Authenticate(UUID principalID, string password) 55 public string Authenticate(UUID principalID, string password, int lifetime)
56 { 56 {
57 return String.Empty; 57 return String.Empty;
58 } 58 }
@@ -61,15 +61,5 @@ namespace OpenSim.Services.AuthenticationService
61 { 61 {
62 return new byte[0]; 62 return new byte[0];
63 } 63 }
64
65 public bool Verify(UUID principalID, string token)
66 {
67 return false;
68 }
69
70 public bool VerifyEncrypted(byte[] cyphertext, byte[] key)
71 {
72 return false;
73 }
74 } 64 }
75} 65}
diff --git a/OpenSim/Services/Interfaces/IAuthenticationService.cs b/OpenSim/Services/Interfaces/IAuthenticationService.cs
index f042c93..b448a14 100644
--- a/OpenSim/Services/Interfaces/IAuthenticationService.cs
+++ b/OpenSim/Services/Interfaces/IAuthenticationService.cs
@@ -70,7 +70,7 @@ namespace OpenSim.Services.Interfaces
70 // the public key of the peer, which the connector must have 70 // the public key of the peer, which the connector must have
71 // obtained using a remote GetPublicKey call. 71 // obtained using a remote GetPublicKey call.
72 // 72 //
73 string Authenticate(UUID principalID, string password); 73 string Authenticate(UUID principalID, string password, int lifetime);
74 byte[] AuthenticateEncrypted(byte[] cyphertext, byte[] key); 74 byte[] AuthenticateEncrypted(byte[] cyphertext, byte[] key);
75 75
76 ////////////////////////////////////////////////////// 76 //////////////////////////////////////////////////////
@@ -85,7 +85,7 @@ namespace OpenSim.Services.Interfaces
85 // must be used to refresh. Unencrypted verification is still 85 // must be used to refresh. Unencrypted verification is still
86 // performed, but doesn't refresh token lifetime. 86 // performed, but doesn't refresh token lifetime.
87 // 87 //
88 bool Verify(UUID principalID, string token); 88 bool Verify(UUID principalID, string token, int lifetime);
89 bool VerifyEncrypted(byte[] cyphertext, byte[] key); 89 bool VerifyEncrypted(byte[] cyphertext, byte[] key);
90 90
91 ////////////////////////////////////////////////////// 91 //////////////////////////////////////////////////////