Fully implement unencrypted auth token operations

author: Melanie 2009-09-04 07:48:09 +0100
committer: Melanie 2009-09-04 07:48:09 +0100
commit: ac40c7a74c15e0f61ba5bfcb4c6a6fb39993a87c (patch)
tree: cc15d7ddc6423775d14b7d829400e6cf14e730e5 /OpenSim
parent: Merge branch 'master' of ssh://melanie@opensimulator.org/var/git/opensim (diff)
download: opensim-SC_OLD-ac40c7a74c15e0f61ba5bfcb4c6a6fb39993a87c.zip
opensim-SC_OLD-ac40c7a74c15e0f61ba5bfcb4c6a6fb39993a87c.tar.gz
opensim-SC_OLD-ac40c7a74c15e0f61ba5bfcb4c6a6fb39993a87c.tar.bz2
opensim-SC_OLD-ac40c7a74c15e0f61ba5bfcb4c6a6fb39993a87c.tar.xz
3 files changed, 64 insertions, 3 deletions
diff --git a/OpenSim/Data/IAuthenticationData.cs b/OpenSim/Data/IAuthenticationData.cs
index f848716..7753e04 100644
--- a/OpenSim/Data/IAuthenticationData.cs
+++ b/OpenSim/Data/IAuthenticationData.cs
@@ -48,5 +48,9 @@ namespace OpenSim.Data
        bool Store(AuthenticationData data);
        bool SetDataItem(UUID principalID, string item, string value);
+        bool SetToken(UUID principalID, string token, int lifetime);
+        bool CheckToken(UUID principalID, string token, int lifetime);
    }
 }
diff --git a/OpenSim/Data/MySQL/MySQLAuthenticationData.cs b/OpenSim/Data/MySQL/MySQLAuthenticationData.cs
index 19575ec..1ee64ce 100644
--- a/OpenSim/Data/MySQL/MySQLAuthenticationData.cs
+++ b/OpenSim/Data/MySQL/MySQLAuthenticationData.cs
@@ -39,6 +39,7 @@ namespace OpenSim.Data.MySQL
    {
        private string m_Realm;
        private List<string> m_ColumnNames = null;
+        private int m_LastExpire = 0;
        public MySqlAuthenticationData(string connectionString, string realm)
                : base(connectionString)
@@ -153,5 +154,56 @@ namespace OpenSim.Data.MySQL
            return false;
        }
+        public bool SetToken(UUID principalID, string token, int lifetime)
+        {
+            if (System.Environment.TickCount - m_LastExpire > 30000)
+                DoExpire();
+            MySqlCommand cmd = new MySqlCommand("insert into tokens (UUID, token, validity) values (?principalID, ?token, date_add(now(), interval ?lifetime minute))");
+            cmd.Parameters.AddWithValue("?principalID", principalID.ToString());
+            cmd.Parameters.AddWithValue("?token", token);
+            cmd.Parameters.AddWithValue("?lifetime", lifetime.ToString());
+            if (ExecuteNonQuery(cmd) > 0)
+            {
+                cmd.Dispose();
+                return true;
+            }
+            cmd.Dispose();
+            return false;
+        }
+        public bool CheckToken(UUID principalID, string token, int lifetime)
+        {
+            if (System.Environment.TickCount - m_LastExpire > 30000)
+                DoExpire();
+            MySqlCommand cmd = new MySqlCommand("update tokens set validity = date_add(now(), interval ?lifetime minute) where UUID = ?principalID and token = ?token and validity > now()");
+            cmd.Parameters.AddWithValue("?principalID", principalID.ToString());
+            cmd.Parameters.AddWithValue("?token", token);
+            cmd.Parameters.AddWithValue("?lifetime", lifetime.ToString());
+            if (ExecuteNonQuery(cmd) > 0)
+            {
+                cmd.Dispose();
+                return true;
+            }
+            cmd.Dispose();
+            return false;
+        }
+        private void DoExpire()
+        {
+            MySqlCommand cmd = new MySqlCommand("delete from tokens where validity < now()");
+            ExecuteNonQuery(cmd);
+            cmd.Dispose();
+            m_LastExpire = System.Environment.TickCount;
+        }
    }
 }
diff --git a/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs b/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs
index dab0598..5056db3 100644
--- a/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs
+++ b/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs
@@ -97,7 +97,7 @@ namespace OpenSim.Services.AuthenticationService
        public bool Verify(UUID principalID, string token, int lifetime)
        {
-            return false;
+            return m_Database.CheckToken(principalID, token, lifetime);
        }
        public bool VerifyEncrypted(byte[] cyphertext, byte[] key)
@@ -107,7 +107,7 @@ namespace OpenSim.Services.AuthenticationService
        public virtual bool Release(UUID principalID, string token)
        {
-            return false;
+            return m_Database.CheckToken(principalID, token, 0);
        }
        public virtual bool ReleaseEncrypted(byte[] cyphertext, byte[] key)
@@ -117,7 +117,12 @@ namespace OpenSim.Services.AuthenticationService
        protected string GetToken(UUID principalID, int lifetime)
        {
-            return "OK";
+            UUID token = UUID.Random();
+            if (m_Database.SetToken(principalID, token.ToString(), lifetime))
+                return token.ToString();
+            return String.Empty;
        }
    }
 }
author	Melanie	2009-09-04 07:48:09 +0100
committer	Melanie	2009-09-04 07:48:09 +0100
commit	ac40c7a74c15e0f61ba5bfcb4c6a6fb39993a87c (patch)
tree	cc15d7ddc6423775d14b7d829400e6cf14e730e5 /OpenSim
parent	Merge branch 'master' of ssh://melanie@opensimulator.org/var/git/opensim (diff)
download	opensim-SC_OLD-ac40c7a74c15e0f61ba5bfcb4c6a6fb39993a87c.zip opensim-SC_OLD-ac40c7a74c15e0f61ba5bfcb4c6a6fb39993a87c.tar.gz opensim-SC_OLD-ac40c7a74c15e0f61ba5bfcb4c6a6fb39993a87c.tar.bz2 opensim-SC_OLD-ac40c7a74c15e0f61ba5bfcb4c6a6fb39993a87c.tar.xz

diff --git a/OpenSim/Data/IAuthenticationData.cs b/OpenSim/Data/IAuthenticationData.cs index f848716..7753e04 100644 --- a/OpenSim/Data/IAuthenticationData.cs +++ b/OpenSim/Data/IAuthenticationData.cs
@@ -48,5 +48,9 @@ namespace OpenSim.Data
48	bool Store(AuthenticationData data);	48	bool Store(AuthenticationData data);
49		49
50	bool SetDataItem(UUID principalID, string item, string value);	50	bool SetDataItem(UUID principalID, string item, string value);
		51
		52	bool SetToken(UUID principalID, string token, int lifetime);
		53
		54	bool CheckToken(UUID principalID, string token, int lifetime);
51	}	55	}
52	}	56	}


diff --git a/OpenSim/Data/MySQL/MySQLAuthenticationData.cs b/OpenSim/Data/MySQL/MySQLAuthenticationData.cs index 19575ec..1ee64ce 100644 --- a/OpenSim/Data/MySQL/MySQLAuthenticationData.cs +++ b/OpenSim/Data/MySQL/MySQLAuthenticationData.cs
@@ -39,6 +39,7 @@ namespace OpenSim.Data.MySQL
39	{	39	{
40	private string m_Realm;	40	private string m_Realm;
41	private List<string> m_ColumnNames = null;	41	private List<string> m_ColumnNames = null;
		42	private int m_LastExpire = 0;
42		43
43	public MySqlAuthenticationData(string connectionString, string realm)	44	public MySqlAuthenticationData(string connectionString, string realm)
44	: base(connectionString)	45	: base(connectionString)
@@ -153,5 +154,56 @@ namespace OpenSim.Data.MySQL
153		154
154	return false;	155	return false;
155	}	156	}
		157
		158	public bool SetToken(UUID principalID, string token, int lifetime)
		159	{
		160	if (System.Environment.TickCount - m_LastExpire > 30000)
		161	DoExpire();
		162
		163	MySqlCommand cmd = new MySqlCommand("insert into tokens (UUID, token, validity) values (?principalID, ?token, date_add(now(), interval ?lifetime minute))");
		164	cmd.Parameters.AddWithValue("?principalID", principalID.ToString());
		165	cmd.Parameters.AddWithValue("?token", token);
		166	cmd.Parameters.AddWithValue("?lifetime", lifetime.ToString());
		167
		168	if (ExecuteNonQuery(cmd) > 0)
		169	{
		170	cmd.Dispose();
		171	return true;
		172	}
		173
		174	cmd.Dispose();
		175	return false;
		176	}
		177
		178	public bool CheckToken(UUID principalID, string token, int lifetime)
		179	{
		180	if (System.Environment.TickCount - m_LastExpire > 30000)
		181	DoExpire();
		182
		183	MySqlCommand cmd = new MySqlCommand("update tokens set validity = date_add(now(), interval ?lifetime minute) where UUID = ?principalID and token = ?token and validity > now()");
		184	cmd.Parameters.AddWithValue("?principalID", principalID.ToString());
		185	cmd.Parameters.AddWithValue("?token", token);
		186	cmd.Parameters.AddWithValue("?lifetime", lifetime.ToString());
		187
		188	if (ExecuteNonQuery(cmd) > 0)
		189	{
		190	cmd.Dispose();
		191	return true;
		192	}
		193
		194	cmd.Dispose();
		195
		196	return false;
		197	}
		198
		199	private void DoExpire()
		200	{
		201	MySqlCommand cmd = new MySqlCommand("delete from tokens where validity < now()");
		202	ExecuteNonQuery(cmd);
		203
		204	cmd.Dispose();
		205
		206	m_LastExpire = System.Environment.TickCount;
		207	}
156	}	208	}
157	}	209	}


diff --git a/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs b/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs index dab0598..5056db3 100644 --- a/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs +++ b/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs
@@ -97,7 +97,7 @@ namespace OpenSim.Services.AuthenticationService
97		97
98	public bool Verify(UUID principalID, string token, int lifetime)	98	public bool Verify(UUID principalID, string token, int lifetime)
99	{	99	{
100	return false;	100	return m_Database.CheckToken(principalID, token, lifetime);
101	}	101	}
102		102
103	public bool VerifyEncrypted(byte[] cyphertext, byte[] key)	103	public bool VerifyEncrypted(byte[] cyphertext, byte[] key)
@@ -107,7 +107,7 @@ namespace OpenSim.Services.AuthenticationService
107		107
108	public virtual bool Release(UUID principalID, string token)	108	public virtual bool Release(UUID principalID, string token)
109	{	109	{
110	return false;	110	return m_Database.CheckToken(principalID, token, 0);
111	}	111	}
112		112
113	public virtual bool ReleaseEncrypted(byte[] cyphertext, byte[] key)	113	public virtual bool ReleaseEncrypted(byte[] cyphertext, byte[] key)
@@ -117,7 +117,12 @@ namespace OpenSim.Services.AuthenticationService
117		117
118	protected string GetToken(UUID principalID, int lifetime)	118	protected string GetToken(UUID principalID, int lifetime)
119	{	119	{
120	return "OK";	120	UUID token = UUID.Random();
		121
		122	if (m_Database.SetToken(principalID, token.ToString(), lifetime))
		123	return token.ToString();
		124
		125	return String.Empty;
121	}	126	}
122	}	127	}
123	}	128	}