1 files changed, 113 insertions, 0 deletions
diff --git a/OpenSim/Framework/ServiceAuth/BasicHttpAuthentication.cs b/OpenSim/Framework/ServiceAuth/BasicHttpAuthentication.cs
new file mode 100644
index 0000000..512ac4f
--- /dev/null
+++ b/OpenSim/Framework/ServiceAuth/BasicHttpAuthentication.cs
@@ -0,0 +1,113 @@
+/*
+ * Copyright (c) Contributors, http://opensimulator.org/
+ * See CONTRIBUTORS.TXT for a full list of copyright holders.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *     * Redistributions of source code must retain the above copyright
+ *       notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *     * Neither the name of the OpenSimulator Project nor the
+ *       names of its contributors may be used to endorse or promote products
+ *       derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+using System;
+using System.Collections.Generic;
+using System.Collections.Specialized;
+using System.Net;
+using System.Reflection;
+using Nini.Config;
+using log4net;
+namespace OpenSim.Framework.ServiceAuth
+{
+    public class BasicHttpAuthentication : IServiceAuth
+    {
+//        private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
+        public string Name { get { return "BasicHttp"; } }
+        private string m_Username, m_Password;
+        private string m_CredentialsB64;
+//        private string remove_me;
+        public string Credentials
+        {
+            get { return m_CredentialsB64; }
+        }
+        public BasicHttpAuthentication(IConfigSource config, string section)
+        {
+//            remove_me = section;
+            m_Username = Util.GetConfigVarFromSections<string>(config, "HttpAuthUsername", new string[] { "Network", section }, string.Empty);
+            m_Password = Util.GetConfigVarFromSections<string>(config, "HttpAuthPassword", new string[] { "Network", section }, string.Empty); 
+            string str = m_Username + ":" + m_Password;
+            byte[] encData_byte = Util.UTF8.GetBytes(str);
+            m_CredentialsB64 = Convert.ToBase64String(encData_byte);
+//            m_log.DebugFormat("[HTTP BASIC AUTH]: {0} {1} [{2}]", m_Username, m_Password, section);
+        }
+        public void AddAuthorization(NameValueCollection headers)
+        {
+            //m_log.DebugFormat("[HTTP BASIC AUTH]: Adding authorization for {0}", remove_me);
+            headers["Authorization"] = "Basic " + m_CredentialsB64;
+        }
+        public bool Authenticate(string data)
+        {
+            string recovered = Util.Base64ToString(data);
+            if (!String.IsNullOrEmpty(recovered))
+            {
+                string[] parts = recovered.Split(new char[] { ':' });
+                if (parts.Length >= 2)
+                {
+                    return m_Username.Equals(parts[0]) && m_Password.Equals(parts[1]);
+                }
+            }
+            return false;
+        }
+        public bool Authenticate(NameValueCollection requestHeaders, AddHeaderDelegate d, out HttpStatusCode statusCode)
+        {
+//            m_log.DebugFormat("[HTTP BASIC AUTH]: Authenticate in {0}", "BasicHttpAuthentication");
+            string value = requestHeaders.Get("Authorization");
+            if (value != null)
+            {
+                value = value.Trim();
+                if (value.StartsWith("Basic "))
+                {
+                    value = value.Replace("Basic ", string.Empty);
+                    if (Authenticate(value))
+                    {
+                        statusCode = HttpStatusCode.OK;
+                        return true;
+                    }
+                }
+            }
+            d("WWW-Authenticate", "Basic realm = \"Asset Server\"");
+            statusCode = HttpStatusCode.Unauthorized;
+            return false;
+        }
+    }
+}

diff --git a/OpenSim/Framework/ServiceAuth/BasicHttpAuthentication.cs b/OpenSim/Framework/ServiceAuth/BasicHttpAuthentication.cs new file mode 100644 index 0000000..512ac4f --- /dev/null +++ b/OpenSim/Framework/ServiceAuth/BasicHttpAuthentication.cs
@@ -0,0 +1,113 @@
	1	/*
	2	* Copyright (c) Contributors, http://opensimulator.org/
	3	* See CONTRIBUTORS.TXT for a full list of copyright holders.
	4	*
	5	* Redistribution and use in source and binary forms, with or without
	6	* modification, are permitted provided that the following conditions are met:
	7	* * Redistributions of source code must retain the above copyright
	8	* notice, this list of conditions and the following disclaimer.
	9	* * Redistributions in binary form must reproduce the above copyright
	10	* notice, this list of conditions and the following disclaimer in the
	11	* documentation and/or other materials provided with the distribution.
	12	* * Neither the name of the OpenSimulator Project nor the
	13	* names of its contributors may be used to endorse or promote products
	14	* derived from this software without specific prior written permission.
	15	*
	16	* THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
	17	* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
	18	* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
	19	* DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
	20	* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
	21	* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	22	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
	23	* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	24	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
	25	* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	26	*/
	27
	28	using System;
	29	using System.Collections.Generic;
	30	using System.Collections.Specialized;
	31	using System.Net;
	32	using System.Reflection;
	33
	34	using Nini.Config;
	35	using log4net;
	36
	37	namespace OpenSim.Framework.ServiceAuth
	38	{
	39	public class BasicHttpAuthentication : IServiceAuth
	40	{
	41	// private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
	42
	43	public string Name { get { return "BasicHttp"; } }
	44
	45	private string m_Username, m_Password;
	46	private string m_CredentialsB64;
	47
	48	// private string remove_me;
	49
	50	public string Credentials
	51	{
	52	get { return m_CredentialsB64; }
	53	}
	54
	55	public BasicHttpAuthentication(IConfigSource config, string section)
	56	{
	57	// remove_me = section;
	58	m_Username = Util.GetConfigVarFromSections<string>(config, "HttpAuthUsername", new string[] { "Network", section }, string.Empty);
	59	m_Password = Util.GetConfigVarFromSections<string>(config, "HttpAuthPassword", new string[] { "Network", section }, string.Empty);
	60	string str = m_Username + ":" + m_Password;
	61	byte[] encData_byte = Util.UTF8.GetBytes(str);
	62
	63	m_CredentialsB64 = Convert.ToBase64String(encData_byte);
	64	// m_log.DebugFormat("[HTTP BASIC AUTH]: {0} {1} [{2}]", m_Username, m_Password, section);
	65	}
	66
	67	public void AddAuthorization(NameValueCollection headers)
	68	{
	69	//m_log.DebugFormat("[HTTP BASIC AUTH]: Adding authorization for {0}", remove_me);
	70	headers["Authorization"] = "Basic " + m_CredentialsB64;
	71	}
	72
	73	public bool Authenticate(string data)
	74	{
	75	string recovered = Util.Base64ToString(data);
	76	if (!String.IsNullOrEmpty(recovered))
	77	{
	78	string[] parts = recovered.Split(new char[] { ':' });
	79	if (parts.Length >= 2)
	80	{
	81	return m_Username.Equals(parts[0]) && m_Password.Equals(parts[1]);
	82	}
	83	}
	84
	85	return false;
	86	}
	87
	88	public bool Authenticate(NameValueCollection requestHeaders, AddHeaderDelegate d, out HttpStatusCode statusCode)
	89	{
	90	// m_log.DebugFormat("[HTTP BASIC AUTH]: Authenticate in {0}", "BasicHttpAuthentication");
	91
	92	string value = requestHeaders.Get("Authorization");
	93	if (value != null)
	94	{
	95	value = value.Trim();
	96	if (value.StartsWith("Basic "))
	97	{
	98	value = value.Replace("Basic ", string.Empty);
	99	if (Authenticate(value))
	100	{
	101	statusCode = HttpStatusCode.OK;
	102	return true;
	103	}
	104	}
	105	}
	106
	107	d("WWW-Authenticate", "Basic realm = \"Asset Server\"");
	108
	109	statusCode = HttpStatusCode.Unauthorized;
	110	return false;
	111	}
	112	}
	113	}