2 files changed, 348 insertions, 0 deletions
diff --git a/OpenSim/Framework/Communications/ISecureInventoryService.cs b/OpenSim/Framework/Communications/ISecureInventoryService.cs
new file mode 100644
index 0000000..0e7861a
--- /dev/null
+++ b/OpenSim/Framework/Communications/ISecureInventoryService.cs
@@ -0,0 +1,125 @@
+/*
+ * Copyright (c) Contributors, http://opensimulator.org/
+ * See CONTRIBUTORS.TXT for a full list of copyright holders.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *     * Redistributions of source code must retain the above copyright
+ *       notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *     * Neither the name of the OpenSim Project nor the
+ *       names of its contributors may be used to endorse or promote products
+ *       derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+using System.Collections.Generic;
+using libsecondlife;
+using OpenSim.Framework.Communications.Cache;
+namespace OpenSim.Framework.Communications
+{
+    /// <summary>
+    /// Defines all the operations one can perform on a user's inventory.
+    /// </summary>
+    public interface ISecureInventoryService
+    {
+        string Host
+        {
+            get;
+        }
+        /// <summary>
+        /// Request the inventory for a user.  This is an asynchronous operation that will call the callback when the
+        /// inventory has been received
+        /// </summary>
+        /// <param name="userID"></param>
+        /// <param name="callback"></param>
+        void RequestInventoryForUser(LLUUID userID, LLUUID session_id, InventoryReceiptCallback callback);
+        /// <summary>
+        /// Add a new folder to the user's inventory
+        /// </summary>
+        /// <param name="folder"></param>
+        /// <returns>true if the folder was successfully added</returns>
+        bool AddFolder(InventoryFolderBase folder, LLUUID session_id);
+        /// <summary>
+        /// Update a folder in the user's inventory
+        /// </summary>
+        /// <param name="folder"></param>
+        /// <returns>true if the folder was successfully updated</returns>
+        bool UpdateFolder(InventoryFolderBase folder, LLUUID session_id);
+        /// <summary>
+        /// Move an inventory folder to a new location
+        /// </summary>
+        /// <param name="folder">A folder containing the details of the new location</param>
+        /// <returns>true if the folder was successfully moved</returns>
+        bool MoveFolder(InventoryFolderBase folder, LLUUID session_id);
+        /// <summary>
+        /// Purge an inventory folder of all its items and subfolders.
+        /// </summary>
+        /// <param name="folder"></param>
+        /// <returns>true if the folder was successfully purged</returns>
+        bool PurgeFolder(InventoryFolderBase folder, LLUUID session_id);
+        /// <summary>
+        /// Add a new item to the user's inventory
+        /// </summary>
+        /// <param name="item"></param>
+        /// <returns>true if the item was successfully added</returns>
+        bool AddItem(InventoryItemBase item, LLUUID session_id);
+        /// <summary>
+        /// Update an item in the user's inventory
+        /// </summary>
+        /// <param name="item"></param>
+        /// <returns>true if the item was successfully updated</returns>
+        bool UpdateItem(InventoryItemBase item, LLUUID session_id);
+        /// <summary>
+        /// Delete an item from the user's inventory
+        /// </summary>
+        /// <param name="item"></param>
+        /// <returns>true if the item was successfully deleted</returns>
+        bool DeleteItem(InventoryItemBase item, LLUUID session_id);
+        /// <summary>
+        /// Create a new inventory for the given user.
+        /// </summary>
+        /// <param name="user"></param>
+        /// <returns>true if the inventory was successfully created, false otherwise</returns>
+        bool CreateNewUserInventory(LLUUID user);
+        bool HasInventoryForUser(LLUUID userID);
+        /// <summary>
+        /// Retrieve the root inventory folder for the given user.
+        /// </summary>
+        /// <param name="userID"></param>
+        /// <returns>null if no root folder was found</returns>
+        InventoryFolderBase RequestRootFolder(LLUUID userID);
+        /// <summary>
+        /// Returns a list of all the folders in a given user's inventory.
+        /// </summary>
+        /// <param name="userId"></param>
+        /// <returns>A flat list of the user's inventory folder tree,
+        /// null if there is no inventory for this user</returns>
+        List<InventoryFolderBase> GetInventorySkeleton(LLUUID userId);
+    }
+}
diff --git a/OpenSim/Framework/Servers/RestSessionService.cs b/OpenSim/Framework/Servers/RestSessionService.cs
new file mode 100644
index 0000000..3c79844
--- /dev/null
+++ b/OpenSim/Framework/Servers/RestSessionService.cs
@@ -0,0 +1,223 @@
+using System;
+using System.IO;
+using System.Net;
+using System.Collections.Generic;
+using System.Text;
+using System.Xml;
+using System.Xml.Serialization;
+namespace OpenSim.Framework.Servers
+{
+    public class RestSessionObject<TRequest>
+    {
+        private string sid;
+        private string aid;
+        private TRequest request_body;
+        public string SessionID
+        {
+            get { return sid; }
+            set { sid = value; }
+        }
+        public string AvatarID
+        {
+            get { return aid; }
+            set { aid = value; }
+        }
+        public TRequest Body
+        {
+            get { return request_body; }
+            set { request_body = value; }
+        }
+    }
+    public class SynchronousRestSessionObjectPoster<TRequest, TResponse>
+    {
+        public static TResponse BeginPostObject(string verb, string requestUrl, TRequest obj, string sid, string aid)
+        {
+            RestSessionObject<TRequest> sobj = new RestSessionObject<TRequest>();
+            sobj.SessionID = sid;
+            sobj.AvatarID = aid;
+            sobj.Body = obj;
+            Type type = typeof(RestSessionObject<TRequest>);
+            WebRequest request = WebRequest.Create(requestUrl);
+            request.Method = verb;
+            request.ContentType = "text/xml";
+            MemoryStream buffer = new MemoryStream();
+            XmlWriterSettings settings = new XmlWriterSettings();
+            settings.Encoding = Encoding.UTF8;
+            using (XmlWriter writer = XmlWriter.Create(buffer, settings))
+            {
+                XmlSerializer serializer = new XmlSerializer(type);
+                serializer.Serialize(writer, sobj);
+                writer.Flush();
+            }
+            int length = (int)buffer.Length;
+            request.ContentLength = length;
+            Stream requestStream = request.GetRequestStream();
+            requestStream.Write(buffer.ToArray(), 0, length);
+            TResponse deserial = default(TResponse);
+            using (WebResponse resp = request.GetResponse())
+            {
+                XmlSerializer deserializer = new XmlSerializer(typeof(TResponse));
+                deserial = (TResponse)deserializer.Deserialize(resp.GetResponseStream());
+            }
+            return deserial;
+        }
+    }
+    public class RestSessionObjectPosterResponse<TRequest, TResponse>
+    {
+        public ReturnResponse<TResponse> ResponseCallback;
+        public void BeginPostObject(string requestUrl, TRequest obj, string sid, string aid)
+        {
+            BeginPostObject("POST", requestUrl, obj, sid, aid);
+        }
+        public void BeginPostObject(string verb, string requestUrl, TRequest obj, string sid, string aid)
+        {
+            RestSessionObject<TRequest> sobj = new RestSessionObject<TRequest>();
+            sobj.SessionID = sid;
+            sobj.AvatarID = aid;
+            sobj.Body = obj;
+            Type type = typeof(RestSessionObject<TRequest>);
+            WebRequest request = WebRequest.Create(requestUrl);
+            request.Method = verb;
+            request.ContentType = "text/xml";
+            MemoryStream buffer = new MemoryStream();
+            XmlWriterSettings settings = new XmlWriterSettings();
+            settings.Encoding = Encoding.UTF8;
+            using (XmlWriter writer = XmlWriter.Create(buffer, settings))
+            {
+                XmlSerializer serializer = new XmlSerializer(type);
+                serializer.Serialize(writer, sobj);
+                writer.Flush();
+            }
+            int length = (int)buffer.Length;
+            request.ContentLength = length;
+            Stream requestStream = request.GetRequestStream();
+            requestStream.Write(buffer.ToArray(), 0, length);
+            // IAsyncResult result = request.BeginGetResponse(AsyncCallback, request);
+            request.BeginGetResponse(AsyncCallback, request);
+        }
+        private void AsyncCallback(IAsyncResult result)
+        {
+            WebRequest request = (WebRequest)result.AsyncState;
+            using (WebResponse resp = request.EndGetResponse(result))
+            {
+                TResponse deserial;
+                XmlSerializer deserializer = new XmlSerializer(typeof(TResponse));
+                Stream stream = resp.GetResponseStream();
+                // This is currently a bad debug stanza since it gobbles us the response...
+                //                StreamReader reader = new StreamReader(stream);
+                //                m_log.DebugFormat("[REST OBJECT POSTER RESPONSE]: Received {0}", reader.ReadToEnd());
+                deserial = (TResponse)deserializer.Deserialize(stream);
+                if (deserial != null && ResponseCallback != null)
+                {
+                    ResponseCallback(deserial);
+                }
+            }
+        }
+    }
+    public delegate bool CheckIdentityMethod(string sid, string aid);
+    public class RestDeserialiseSecureHandler<TRequest, TResponse> : BaseRequestHandler, IStreamHandler
+        where TRequest : new()
+    {
+        private RestDeserialiseMethod<TRequest, TResponse> m_method;
+        private CheckIdentityMethod m_smethod;
+        public RestDeserialiseSecureHandler(string httpMethod, string path, RestDeserialiseMethod<TRequest, TResponse> method, CheckIdentityMethod smethod)
+            : base(httpMethod, path)
+        {
+            m_smethod = smethod;
+            m_method = method;
+        }
+        public void Handle(string path, Stream request, Stream responseStream,
+                           OSHttpRequest httpRequest, OSHttpResponse httpResponse)
+        {
+            RestSessionObject<TRequest> deserial;
+            using (XmlTextReader xmlReader = new XmlTextReader(request))
+            {
+                XmlSerializer deserializer = new XmlSerializer(typeof(RestSessionObject<TRequest>));
+                deserial = (RestSessionObject<TRequest>)deserializer.Deserialize(xmlReader);
+            }
+            TResponse response = default(TResponse);
+            if (m_smethod(deserial.SessionID, deserial.AvatarID))
+            {
+                response = m_method(deserial.Body);
+            }
+            using (XmlWriter xmlWriter = XmlTextWriter.Create(responseStream))
+            {
+                XmlSerializer serializer = new XmlSerializer(typeof(TResponse));
+                serializer.Serialize(xmlWriter, response);
+            }
+        }
+    }
+    public delegate bool CheckTrustedSourceMethod(IPEndPoint peer);
+    public class RestDeserialiseTrustedHandler<TRequest, TResponse> : BaseRequestHandler, IStreamHandler
+        where TRequest : new()
+    {
+        private RestDeserialiseMethod<TRequest, TResponse> m_method;
+        private CheckTrustedSourceMethod m_tmethod;
+        public RestDeserialiseTrustedHandler(string httpMethod, string path, RestDeserialiseMethod<TRequest, TResponse> method, CheckTrustedSourceMethod tmethod)
+            : base(httpMethod, path)
+        {
+            m_tmethod = tmethod;
+            m_method = method;
+        }
+        public void Handle(string path, Stream request, Stream responseStream,
+                           OSHttpRequest httpRequest, OSHttpResponse httpResponse)
+        {
+            TRequest deserial;
+            using (XmlTextReader xmlReader = new XmlTextReader(request))
+            {
+                XmlSerializer deserializer = new XmlSerializer(typeof(TRequest));
+                deserial = (TRequest)deserializer.Deserialize(xmlReader);
+            }
+            TResponse response = default(TResponse);
+            if (m_tmethod(httpRequest.RemoteIPEndPoint))
+            {
+                response = m_method(deserial);
+            }
+            using (XmlWriter xmlWriter = XmlTextWriter.Create(responseStream))
+            {
+                XmlSerializer serializer = new XmlSerializer(typeof(TResponse));
+                serializer.Serialize(xmlWriter, response);
+            }
+        }
+    }
+}

diff --git a/OpenSim/Framework/Communications/ISecureInventoryService.cs b/OpenSim/Framework/Communications/ISecureInventoryService.cs new file mode 100644 index 0000000..0e7861a --- /dev/null +++ b/OpenSim/Framework/Communications/ISecureInventoryService.cs
@@ -0,0 +1,125 @@
	1	/*
	2	* Copyright (c) Contributors, http://opensimulator.org/
	3	* See CONTRIBUTORS.TXT for a full list of copyright holders.
	4	*
	5	* Redistribution and use in source and binary forms, with or without
	6	* modification, are permitted provided that the following conditions are met:
	7	* * Redistributions of source code must retain the above copyright
	8	* notice, this list of conditions and the following disclaimer.
	9	* * Redistributions in binary form must reproduce the above copyright
	10	* notice, this list of conditions and the following disclaimer in the
	11	* documentation and/or other materials provided with the distribution.
	12	* * Neither the name of the OpenSim Project nor the
	13	* names of its contributors may be used to endorse or promote products
	14	* derived from this software without specific prior written permission.
	15	*
	16	* THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
	17	* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
	18	* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
	19	* DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
	20	* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
	21	* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	22	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
	23	* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	24	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
	25	* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	26	*/
	27
	28	using System.Collections.Generic;
	29	using libsecondlife;
	30	using OpenSim.Framework.Communications.Cache;
	31
	32	namespace OpenSim.Framework.Communications
	33	{
	34
	35	/// <summary>
	36	/// Defines all the operations one can perform on a user's inventory.
	37	/// </summary>
	38	public interface ISecureInventoryService
	39	{
	40	string Host
	41	{
	42	get;
	43	}
	44	/// <summary>
	45	/// Request the inventory for a user. This is an asynchronous operation that will call the callback when the
	46	/// inventory has been received
	47	/// </summary>
	48	/// <param name="userID"></param>
	49	/// <param name="callback"></param>
	50	void RequestInventoryForUser(LLUUID userID, LLUUID session_id, InventoryReceiptCallback callback);
	51
	52	/// <summary>
	53	/// Add a new folder to the user's inventory
	54	/// </summary>
	55	/// <param name="folder"></param>
	56	/// <returns>true if the folder was successfully added</returns>
	57	bool AddFolder(InventoryFolderBase folder, LLUUID session_id);
	58
	59	/// <summary>
	60	/// Update a folder in the user's inventory
	61	/// </summary>
	62	/// <param name="folder"></param>
	63	/// <returns>true if the folder was successfully updated</returns>
	64	bool UpdateFolder(InventoryFolderBase folder, LLUUID session_id);
	65
	66	/// <summary>
	67	/// Move an inventory folder to a new location
	68	/// </summary>
	69	/// <param name="folder">A folder containing the details of the new location</param>
	70	/// <returns>true if the folder was successfully moved</returns>
	71	bool MoveFolder(InventoryFolderBase folder, LLUUID session_id);
	72
	73	/// <summary>
	74	/// Purge an inventory folder of all its items and subfolders.
	75	/// </summary>
	76	/// <param name="folder"></param>
	77	/// <returns>true if the folder was successfully purged</returns>
	78	bool PurgeFolder(InventoryFolderBase folder, LLUUID session_id);
	79
	80	/// <summary>
	81	/// Add a new item to the user's inventory
	82	/// </summary>
	83	/// <param name="item"></param>
	84	/// <returns>true if the item was successfully added</returns>
	85	bool AddItem(InventoryItemBase item, LLUUID session_id);
	86
	87	/// <summary>
	88	/// Update an item in the user's inventory
	89	/// </summary>
	90	/// <param name="item"></param>
	91	/// <returns>true if the item was successfully updated</returns>
	92	bool UpdateItem(InventoryItemBase item, LLUUID session_id);
	93
	94	/// <summary>
	95	/// Delete an item from the user's inventory
	96	/// </summary>
	97	/// <param name="item"></param>
	98	/// <returns>true if the item was successfully deleted</returns>
	99	bool DeleteItem(InventoryItemBase item, LLUUID session_id);
	100
	101	/// <summary>
	102	/// Create a new inventory for the given user.
	103	/// </summary>
	104	/// <param name="user"></param>
	105	/// <returns>true if the inventory was successfully created, false otherwise</returns>
	106	bool CreateNewUserInventory(LLUUID user);
	107
	108	bool HasInventoryForUser(LLUUID userID);
	109
	110	/// <summary>
	111	/// Retrieve the root inventory folder for the given user.
	112	/// </summary>
	113	/// <param name="userID"></param>
	114	/// <returns>null if no root folder was found</returns>
	115	InventoryFolderBase RequestRootFolder(LLUUID userID);
	116
	117	/// <summary>
	118	/// Returns a list of all the folders in a given user's inventory.
	119	/// </summary>
	120	/// <param name="userId"></param>
	121	/// <returns>A flat list of the user's inventory folder tree,
	122	/// null if there is no inventory for this user</returns>
	123	List<InventoryFolderBase> GetInventorySkeleton(LLUUID userId);
	124	}
	125	}


diff --git a/OpenSim/Framework/Servers/RestSessionService.cs b/OpenSim/Framework/Servers/RestSessionService.cs new file mode 100644 index 0000000..3c79844 --- /dev/null +++ b/OpenSim/Framework/Servers/RestSessionService.cs
@@ -0,0 +1,223 @@
	1	using System;
	2	using System.IO;
	3	using System.Net;
	4	using System.Collections.Generic;
	5	using System.Text;
	6	using System.Xml;
	7	using System.Xml.Serialization;
	8
	9	namespace OpenSim.Framework.Servers
	10	{
	11	public class RestSessionObject<TRequest>
	12	{
	13	private string sid;
	14	private string aid;
	15	private TRequest request_body;
	16
	17	public string SessionID
	18	{
	19	get { return sid; }
	20	set { sid = value; }
	21	}
	22
	23	public string AvatarID
	24	{
	25	get { return aid; }
	26	set { aid = value; }
	27	}
	28
	29	public TRequest Body
	30	{
	31	get { return request_body; }
	32	set { request_body = value; }
	33	}
	34	}
	35
	36	public class SynchronousRestSessionObjectPoster<TRequest, TResponse>
	37	{
	38	public static TResponse BeginPostObject(string verb, string requestUrl, TRequest obj, string sid, string aid)
	39	{
	40	RestSessionObject<TRequest> sobj = new RestSessionObject<TRequest>();
	41	sobj.SessionID = sid;
	42	sobj.AvatarID = aid;
	43	sobj.Body = obj;
	44
	45	Type type = typeof(RestSessionObject<TRequest>);
	46
	47	WebRequest request = WebRequest.Create(requestUrl);
	48	request.Method = verb;
	49	request.ContentType = "text/xml";
	50
	51	MemoryStream buffer = new MemoryStream();
	52
	53	XmlWriterSettings settings = new XmlWriterSettings();
	54	settings.Encoding = Encoding.UTF8;
	55
	56	using (XmlWriter writer = XmlWriter.Create(buffer, settings))
	57	{
	58	XmlSerializer serializer = new XmlSerializer(type);
	59	serializer.Serialize(writer, sobj);
	60	writer.Flush();
	61	}
	62
	63	int length = (int)buffer.Length;
	64	request.ContentLength = length;
	65
	66	Stream requestStream = request.GetRequestStream();
	67	requestStream.Write(buffer.ToArray(), 0, length);
	68	TResponse deserial = default(TResponse);
	69	using (WebResponse resp = request.GetResponse())
	70	{
	71	XmlSerializer deserializer = new XmlSerializer(typeof(TResponse));
	72	deserial = (TResponse)deserializer.Deserialize(resp.GetResponseStream());
	73	}
	74	return deserial;
	75	}
	76	}
	77
	78	public class RestSessionObjectPosterResponse<TRequest, TResponse>
	79	{
	80
	81	public ReturnResponse<TResponse> ResponseCallback;
	82
	83	public void BeginPostObject(string requestUrl, TRequest obj, string sid, string aid)
	84	{
	85	BeginPostObject("POST", requestUrl, obj, sid, aid);
	86	}
	87
	88	public void BeginPostObject(string verb, string requestUrl, TRequest obj, string sid, string aid)
	89	{
	90	RestSessionObject<TRequest> sobj = new RestSessionObject<TRequest>();
	91	sobj.SessionID = sid;
	92	sobj.AvatarID = aid;
	93	sobj.Body = obj;
	94
	95	Type type = typeof(RestSessionObject<TRequest>);
	96
	97	WebRequest request = WebRequest.Create(requestUrl);
	98	request.Method = verb;
	99	request.ContentType = "text/xml";
	100
	101	MemoryStream buffer = new MemoryStream();
	102
	103	XmlWriterSettings settings = new XmlWriterSettings();
	104	settings.Encoding = Encoding.UTF8;
	105
	106	using (XmlWriter writer = XmlWriter.Create(buffer, settings))
	107	{
	108	XmlSerializer serializer = new XmlSerializer(type);
	109	serializer.Serialize(writer, sobj);
	110	writer.Flush();
	111	}
	112
	113	int length = (int)buffer.Length;
	114	request.ContentLength = length;
	115
	116	Stream requestStream = request.GetRequestStream();
	117	requestStream.Write(buffer.ToArray(), 0, length);
	118	// IAsyncResult result = request.BeginGetResponse(AsyncCallback, request);
	119	request.BeginGetResponse(AsyncCallback, request);
	120	}
	121
	122	private void AsyncCallback(IAsyncResult result)
	123	{
	124	WebRequest request = (WebRequest)result.AsyncState;
	125	using (WebResponse resp = request.EndGetResponse(result))
	126	{
	127	TResponse deserial;
	128	XmlSerializer deserializer = new XmlSerializer(typeof(TResponse));
	129	Stream stream = resp.GetResponseStream();
	130
	131	// This is currently a bad debug stanza since it gobbles us the response...
	132	// StreamReader reader = new StreamReader(stream);
	133	// m_log.DebugFormat("[REST OBJECT POSTER RESPONSE]: Received {0}", reader.ReadToEnd());
	134
	135	deserial = (TResponse)deserializer.Deserialize(stream);
	136
	137	if (deserial != null && ResponseCallback != null)
	138	{
	139	ResponseCallback(deserial);
	140	}
	141	}
	142	}
	143	}
	144
	145	public delegate bool CheckIdentityMethod(string sid, string aid);
	146
	147	public class RestDeserialiseSecureHandler<TRequest, TResponse> : BaseRequestHandler, IStreamHandler
	148	where TRequest : new()
	149	{
	150	private RestDeserialiseMethod<TRequest, TResponse> m_method;
	151	private CheckIdentityMethod m_smethod;
	152
	153	public RestDeserialiseSecureHandler(string httpMethod, string path, RestDeserialiseMethod<TRequest, TResponse> method, CheckIdentityMethod smethod)
	154	: base(httpMethod, path)
	155	{
	156	m_smethod = smethod;
	157	m_method = method;
	158	}
	159
	160	public void Handle(string path, Stream request, Stream responseStream,
	161	OSHttpRequest httpRequest, OSHttpResponse httpResponse)
	162	{
	163	RestSessionObject<TRequest> deserial;
	164	using (XmlTextReader xmlReader = new XmlTextReader(request))
	165	{
	166	XmlSerializer deserializer = new XmlSerializer(typeof(RestSessionObject<TRequest>));
	167	deserial = (RestSessionObject<TRequest>)deserializer.Deserialize(xmlReader);
	168	}
	169
	170	TResponse response = default(TResponse);
	171	if (m_smethod(deserial.SessionID, deserial.AvatarID))
	172	{
	173	response = m_method(deserial.Body);
	174	}
	175
	176	using (XmlWriter xmlWriter = XmlTextWriter.Create(responseStream))
	177	{
	178	XmlSerializer serializer = new XmlSerializer(typeof(TResponse));
	179	serializer.Serialize(xmlWriter, response);
	180	}
	181	}
	182	}
	183
	184	public delegate bool CheckTrustedSourceMethod(IPEndPoint peer);
	185
	186	public class RestDeserialiseTrustedHandler<TRequest, TResponse> : BaseRequestHandler, IStreamHandler
	187	where TRequest : new()
	188	{
	189	private RestDeserialiseMethod<TRequest, TResponse> m_method;
	190	private CheckTrustedSourceMethod m_tmethod;
	191
	192	public RestDeserialiseTrustedHandler(string httpMethod, string path, RestDeserialiseMethod<TRequest, TResponse> method, CheckTrustedSourceMethod tmethod)
	193	: base(httpMethod, path)
	194	{
	195	m_tmethod = tmethod;
	196	m_method = method;
	197	}
	198
	199	public void Handle(string path, Stream request, Stream responseStream,
	200	OSHttpRequest httpRequest, OSHttpResponse httpResponse)
	201	{
	202	TRequest deserial;
	203	using (XmlTextReader xmlReader = new XmlTextReader(request))
	204	{
	205	XmlSerializer deserializer = new XmlSerializer(typeof(TRequest));
	206	deserial = (TRequest)deserializer.Deserialize(xmlReader);
	207	}
	208
	209	TResponse response = default(TResponse);
	210	if (m_tmethod(httpRequest.RemoteIPEndPoint))
	211	{
	212	response = m_method(deserial);
	213	}
	214
	215	using (XmlWriter xmlWriter = XmlTextWriter.Create(responseStream))
	216	{
	217	XmlSerializer serializer = new XmlSerializer(typeof(TResponse));
	218	serializer.Serialize(xmlWriter, response);
	219	}
	220	}
	221	}
	222
	223	}