diff options
-rw-r--r-- | OpenSim/Services/AuthenticationService/WebkeyOrPasswordAuthenticationService.cs | 40 |
1 files changed, 19 insertions, 21 deletions
diff --git a/OpenSim/Services/AuthenticationService/WebkeyOrPasswordAuthenticationService.cs b/OpenSim/Services/AuthenticationService/WebkeyOrPasswordAuthenticationService.cs index 0f2fd93..b8bb090 100644 --- a/OpenSim/Services/AuthenticationService/WebkeyOrPasswordAuthenticationService.cs +++ b/OpenSim/Services/AuthenticationService/WebkeyOrPasswordAuthenticationService.cs | |||
@@ -8,58 +8,56 @@ using System.Reflection; | |||
8 | using OpenSim.Data; | 8 | using OpenSim.Data; |
9 | using OpenSim.Framework; | 9 | using OpenSim.Framework; |
10 | using OpenSim.Framework.Console; | 10 | using OpenSim.Framework.Console; |
11 | using OpenSim.Server.Base; | ||
11 | 12 | ||
12 | namespace OpenSim.Services.AuthenticationService | 13 | namespace OpenSim.Services.AuthenticationService |
13 | { | 14 | { |
14 | public class WebkeyOrPasswordAuthenticationService : AuthenticationServiceBase, IAuthenticationService | 15 | public class WebkeyOrPasswordAuthenticationService : AuthenticationServiceBase, IAuthenticationService |
15 | { | 16 | { |
16 | private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); | 17 | private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); |
18 | private IConfigSource config; | ||
17 | public WebkeyOrPasswordAuthenticationService(IConfigSource config) | 19 | public WebkeyOrPasswordAuthenticationService(IConfigSource config) |
18 | : base(config) | 20 | : base(config) |
19 | { | 21 | { |
22 | this.config = config; | ||
20 | } | 23 | } |
21 | 24 | ||
22 | public string Authenticate(UUID principalID, string password, int lifetime) | 25 | public string Authenticate(UUID principalID, string password, int lifetime) |
23 | { | 26 | { |
24 | AuthenticationData data = m_Database.Get(principalID); | 27 | AuthenticationData data = m_Database.Get(principalID); |
28 | IAuthenticationService svc; | ||
29 | Object[] args = new Object[] { config }; | ||
30 | string result = String.Empty; | ||
25 | if (data != null && data.Data != null) | 31 | if (data != null && data.Data != null) |
26 | { | 32 | { |
27 | if (data.Data.ContainsKey("webLoginKey")) | 33 | if (data.Data.ContainsKey("webLoginKey")) |
28 | { | 34 | { |
29 | m_log.InfoFormat("[Authenticate]: Trying a web key authentication"); | 35 | svc = ServerUtils.LoadPlugin<IAuthenticationService>("OpenSim.Services.AuthenticationService.dll", "WebkeyAuthenticationService", args); |
30 | if (new UUID(password) == UUID.Zero) | 36 | result = svc.Authenticate(principalID, password, lifetime); |
37 | if (result == String.Empty) | ||
31 | { | 38 | { |
32 | m_log.InfoFormat("[Authenticate]: NULL_KEY is not a valid web_login_key"); | 39 | m_log.DebugFormat("[Authenticate]: Web Login failed for PrincipalID {0}", principalID); |
33 | } | ||
34 | else | ||
35 | { | ||
36 | string key = data.Data["webLoginKey"].ToString(); | ||
37 | m_log.DebugFormat("[WEB LOGIN AUTH]: got {0} for key in db vs {1}", key, password); | ||
38 | if (key == password) | ||
39 | { | ||
40 | data.Data["webLoginKey"] = UUID.Zero.ToString(); | ||
41 | m_Database.Store(data); | ||
42 | return GetToken(principalID, lifetime); | ||
43 | } | ||
44 | } | 40 | } |
45 | } | 41 | } |
46 | if (data.Data.ContainsKey("passwordHash") && data.Data.ContainsKey("passwordSalt")) | 42 | if (data.Data.ContainsKey("passwordHash") && data.Data.ContainsKey("passwordSalt")) |
47 | { | 43 | { |
48 | m_log.InfoFormat("[Authenticate]: Trying a password authentication"); | 44 | svc = ServerUtils.LoadPlugin<IAuthenticationService>("OpenSim.Services.AuthenticationService.dll", "PasswordAuthenticationService", args); |
49 | string hashed = Util.Md5Hash(password + ":" + data.Data["passwordSalt"].ToString()); | 45 | result = svc.Authenticate(principalID, password, lifetime); |
50 | m_log.DebugFormat("[PASS AUTH]: got {0}; hashed = {1}; stored = {2}", password, hashed, data.Data["passwordHash"].ToString()); | 46 | if (result == String.Empty) |
51 | if (data.Data["passwordHash"].ToString() == hashed) | ||
52 | { | 47 | { |
53 | return GetToken(principalID, lifetime); | 48 | m_log.DebugFormat("[Authenticate]: Password login failed for PrincipalID {0}", principalID); |
54 | } | 49 | } |
55 | } | 50 | } |
56 | m_log.DebugFormat("[AUTH SERVICE]: Both password and webLoginKey-based login failed for PrincipalID {0}", principalID); | 51 | if (result == string.Empty) |
52 | { | ||
53 | m_log.DebugFormat("[AUTH SERVICE]: Both password and webLoginKey-based login failed for PrincipalID {0}", principalID); | ||
54 | } | ||
57 | } | 55 | } |
58 | else | 56 | else |
59 | { | 57 | { |
60 | m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} or its data not found", principalID); | 58 | m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} or its data not found", principalID); |
61 | } | 59 | } |
62 | return string.Empty; | 60 | return result; |
63 | } | 61 | } |
64 | } | 62 | } |
65 | } | 63 | } |