aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Server/Handlers/Authentication
diff options
context:
space:
mode:
Diffstat (limited to 'OpenSim/Server/Handlers/Authentication')
-rw-r--r--OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs28
-rw-r--r--OpenSim/Server/Handlers/Authentication/OpenIdServerConnector.cs2
-rw-r--r--OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs11
3 files changed, 22 insertions, 19 deletions
diff --git a/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs b/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs
index 6ee98b3..4f03cf4 100644
--- a/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs
+++ b/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs
@@ -82,11 +82,11 @@ namespace OpenSim.Server.Handlers.Authentication
82 switch (p[0]) 82 switch (p[0])
83 { 83 {
84 case "plain": 84 case "plain":
85 StreamReader sr = new StreamReader(request); 85 string body;
86 string body = sr.ReadToEnd(); 86 using(StreamReader sr = new StreamReader(request))
87 sr.Close(); 87 body = sr.ReadToEnd();
88
89 return DoPlainMethods(body); 88 return DoPlainMethods(body);
89
90 case "crypt": 90 case "crypt":
91 byte[] buffer = new byte[request.Length]; 91 byte[] buffer = new byte[request.Length];
92 long length = request.Length; 92 long length = request.Length;
@@ -132,41 +132,41 @@ namespace OpenSim.Server.Handlers.Authentication
132 case "authenticate": 132 case "authenticate":
133 if (!request.ContainsKey("PASSWORD")) 133 if (!request.ContainsKey("PASSWORD"))
134 return FailureResult(); 134 return FailureResult();
135 135
136 token = m_AuthenticationService.Authenticate(principalID, request["PASSWORD"].ToString(), lifetime); 136 token = m_AuthenticationService.Authenticate(principalID, request["PASSWORD"].ToString(), lifetime);
137 137
138 if (token != String.Empty) 138 if (token != String.Empty)
139 return SuccessResult(token); 139 return SuccessResult(token);
140 return FailureResult(); 140 return FailureResult();
141 141
142 case "setpassword": 142 case "setpassword":
143 if (!m_AllowSetPassword) 143 if (!m_AllowSetPassword)
144 return FailureResult(); 144 return FailureResult();
145 145
146 if (!request.ContainsKey("PASSWORD")) 146 if (!request.ContainsKey("PASSWORD"))
147 return FailureResult(); 147 return FailureResult();
148 148
149 if (m_AuthenticationService.SetPassword(principalID, request["PASSWORD"].ToString())) 149 if (m_AuthenticationService.SetPassword(principalID, request["PASSWORD"].ToString()))
150 return SuccessResult(); 150 return SuccessResult();
151 else 151 else
152 return FailureResult(); 152 return FailureResult();
153 153
154 case "verify": 154 case "verify":
155 if (!request.ContainsKey("TOKEN")) 155 if (!request.ContainsKey("TOKEN"))
156 return FailureResult(); 156 return FailureResult();
157 157
158 if (m_AuthenticationService.Verify(principalID, request["TOKEN"].ToString(), lifetime)) 158 if (m_AuthenticationService.Verify(principalID, request["TOKEN"].ToString(), lifetime))
159 return SuccessResult(); 159 return SuccessResult();
160 160
161 return FailureResult(); 161 return FailureResult();
162 162
163 case "release": 163 case "release":
164 if (!request.ContainsKey("TOKEN")) 164 if (!request.ContainsKey("TOKEN"))
165 return FailureResult(); 165 return FailureResult();
166 166
167 if (m_AuthenticationService.Release(principalID, request["TOKEN"].ToString())) 167 if (m_AuthenticationService.Release(principalID, request["TOKEN"].ToString()))
168 return SuccessResult(); 168 return SuccessResult();
169 169
170 return FailureResult(); 170 return FailureResult();
171 171
172 case "getauthinfo": 172 case "getauthinfo":
diff --git a/OpenSim/Server/Handlers/Authentication/OpenIdServerConnector.cs b/OpenSim/Server/Handlers/Authentication/OpenIdServerConnector.cs
index 6464399..ac8ff52 100644
--- a/OpenSim/Server/Handlers/Authentication/OpenIdServerConnector.cs
+++ b/OpenSim/Server/Handlers/Authentication/OpenIdServerConnector.cs
@@ -41,7 +41,7 @@ namespace OpenSim.Server.Handlers.Authentication
41 private static readonly ILog m_log = 41 private static readonly ILog m_log =
42 LogManager.GetLogger( 42 LogManager.GetLogger(
43 MethodBase.GetCurrentMethod().DeclaringType); 43 MethodBase.GetCurrentMethod().DeclaringType);
44 44
45 private IAuthenticationService m_AuthenticationService; 45 private IAuthenticationService m_AuthenticationService;
46 private IUserAccountService m_UserAccountService; 46 private IUserAccountService m_UserAccountService;
47 private string m_ConfigName = "OpenIdService"; 47 private string m_ConfigName = "OpenIdService";
diff --git a/OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs b/OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs
index b201dc7..254b82f 100644
--- a/OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs
+++ b/OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs
@@ -178,14 +178,14 @@ namespace OpenSim.Server.Handlers.Authentication
178"; 178";
179 179
180 /// <summary>Page shown for an invalid OpenID identity</summary> 180 /// <summary>Page shown for an invalid OpenID identity</summary>
181 const string INVALID_OPENID_PAGE = 181 const string INVALID_OPENID_PAGE =
182@"<html><head><title>Identity not found</title></head> 182@"<html><head><title>Identity not found</title></head>
183<body>Invalid OpenID identity</body></html>"; 183<body>Invalid OpenID identity</body></html>";
184 184
185 /// <summary>Page shown if the OpenID endpoint is requested directly</summary> 185 /// <summary>Page shown if the OpenID endpoint is requested directly</summary>
186 const string ENDPOINT_PAGE = 186 const string ENDPOINT_PAGE =
187@"<html><head><title>OpenID Endpoint</title></head><body> 187@"<html><head><title>OpenID Endpoint</title></head><body>
188This is an OpenID server endpoint, not a human-readable resource. 188This is an OpenID server endpoint, not a human-readable resource.
189For more information, see <a href='http://openid.net/'>http://openid.net/</a>. 189For more information, see <a href='http://openid.net/'>http://openid.net/</a>.
190</body></html>"; 190</body></html>";
191 191
@@ -222,7 +222,10 @@ For more information, see <a href='http://openid.net/'>http://openid.net/</a>.
222 222
223 try 223 try
224 { 224 {
225 NameValueCollection postQuery = HttpUtility.ParseQueryString(new StreamReader(httpRequest.InputStream).ReadToEnd()); 225 string forPost;
226 using(StreamReader sr = new StreamReader(httpRequest.InputStream))
227 forPost = sr.ReadToEnd();
228 NameValueCollection postQuery = HttpUtility.ParseQueryString(forPost);
226 NameValueCollection getQuery = HttpUtility.ParseQueryString(httpRequest.Url.Query); 229 NameValueCollection getQuery = HttpUtility.ParseQueryString(httpRequest.Url.Query);
227 NameValueCollection openIdQuery = (postQuery.GetValues("openid.mode") != null ? postQuery : getQuery); 230 NameValueCollection openIdQuery = (postQuery.GetValues("openid.mode") != null ? postQuery : getQuery);
228 231
@@ -241,7 +244,7 @@ For more information, see <a href='http://openid.net/'>http://openid.net/</a>.
241 // Check for form POST data 244 // Check for form POST data
242 if (passwordValues != null && passwordValues.Length == 1) 245 if (passwordValues != null && passwordValues.Length == 1)
243 { 246 {
244 if (account != null && 247 if (account != null &&
245 (m_authenticationService.Authenticate(account.PrincipalID,Util.Md5Hash(passwordValues[0]), 30) != string.Empty)) 248 (m_authenticationService.Authenticate(account.PrincipalID,Util.Md5Hash(passwordValues[0]), 30) != string.Empty))
246 authRequest.IsAuthenticated = true; 249 authRequest.IsAuthenticated = true;
247 else 250 else