diff options
Diffstat (limited to 'OpenSim')
-rw-r--r-- | OpenSim/Server/Handlers/Authentication/OpenIdServerConnector.cs | 77 | ||||
-rw-r--r-- | OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs (renamed from OpenSim/Grid/UserServer.Modules/OpenIdService.cs) | 37 |
2 files changed, 99 insertions, 15 deletions
diff --git a/OpenSim/Server/Handlers/Authentication/OpenIdServerConnector.cs b/OpenSim/Server/Handlers/Authentication/OpenIdServerConnector.cs new file mode 100644 index 0000000..a0a92ed --- /dev/null +++ b/OpenSim/Server/Handlers/Authentication/OpenIdServerConnector.cs | |||
@@ -0,0 +1,77 @@ | |||
1 | /* | ||
2 | * Copyright (c) Contributors, http://opensimulator.org/ | ||
3 | * See CONTRIBUTORS.TXT for a full list of copyright holders. | ||
4 | * | ||
5 | * Redistribution and use in source and binary forms, with or without | ||
6 | * modification, are permitted provided that the following conditions are met: | ||
7 | * * Redistributions of source code must retain the above copyright | ||
8 | * notice, this list of conditions and the following disclaimer. | ||
9 | * * Redistributions in binary form must reproduce the above copyright | ||
10 | * notice, this list of conditions and the following disclaimer in the | ||
11 | * documentation and/or other materials provided with the distribution. | ||
12 | * * Neither the name of the OpenSimulator Project nor the | ||
13 | * names of its contributors may be used to endorse or promote products | ||
14 | * derived from this software without specific prior written permission. | ||
15 | * | ||
16 | * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY | ||
17 | * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | ||
18 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | ||
19 | * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY | ||
20 | * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | ||
21 | * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
22 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND | ||
23 | * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
24 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS | ||
25 | * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
26 | */ | ||
27 | |||
28 | using System; | ||
29 | using System.Reflection; | ||
30 | using Nini.Config; | ||
31 | using log4net; | ||
32 | using OpenSim.Server.Base; | ||
33 | using OpenSim.Services.Interfaces; | ||
34 | using OpenSim.Framework.Servers.HttpServer; | ||
35 | using OpenSim.Server.Handlers.Base; | ||
36 | |||
37 | namespace OpenSim.Server.Handlers.Authentication | ||
38 | { | ||
39 | public class OpenIdServerConnector : ServiceConnector | ||
40 | { | ||
41 | private static readonly ILog m_log = | ||
42 | LogManager.GetLogger( | ||
43 | MethodBase.GetCurrentMethod().DeclaringType); | ||
44 | |||
45 | private IAuthenticationService m_AuthenticationService; | ||
46 | private IUserAccountService m_UserAccountService; | ||
47 | private string m_ConfigName = "OpenIdService"; | ||
48 | |||
49 | public OpenIdServerConnector(IConfigSource config, IHttpServer server, string configName) : | ||
50 | base(config, server, configName) | ||
51 | { | ||
52 | IConfig serverConfig = config.Configs[m_ConfigName]; | ||
53 | if (serverConfig == null) | ||
54 | throw new Exception(String.Format("No section {0} in config file", m_ConfigName)); | ||
55 | |||
56 | string authService = serverConfig.GetString("AuthenticationServiceModule", | ||
57 | String.Empty); | ||
58 | string userService = serverConfig.GetString("UserAccountServiceModule", | ||
59 | String.Empty); | ||
60 | |||
61 | if (authService == String.Empty || userService == String.Empty) | ||
62 | throw new Exception("No AuthenticationServiceModule or no UserAccountServiceModule in config file for OpenId authentication"); | ||
63 | |||
64 | Object[] args = new Object[] { config }; | ||
65 | m_AuthenticationService = ServerUtils.LoadPlugin<IAuthenticationService>(authService, args); | ||
66 | m_UserAccountService = ServerUtils.LoadPlugin<IUserAccountService>(authService, args); | ||
67 | |||
68 | // Handler for OpenID user identity pages | ||
69 | server.AddStreamHandler(new OpenIdStreamHandler("GET", "/users/", m_UserAccountService, m_AuthenticationService)); | ||
70 | // Handlers for the OpenID endpoint server | ||
71 | server.AddStreamHandler(new OpenIdStreamHandler("POST", "/openid/server/", m_UserAccountService, m_AuthenticationService)); | ||
72 | server.AddStreamHandler(new OpenIdStreamHandler("GET", "/openid/server/", m_UserAccountService, m_AuthenticationService)); | ||
73 | |||
74 | m_log.Info("[OPENID]: OpenId service enabled"); | ||
75 | } | ||
76 | } | ||
77 | } | ||
diff --git a/OpenSim/Grid/UserServer.Modules/OpenIdService.cs b/OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs index 49dfd86..e73961b 100644 --- a/OpenSim/Grid/UserServer.Modules/OpenIdService.cs +++ b/OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs | |||
@@ -36,8 +36,12 @@ using DotNetOpenId.Provider; | |||
36 | using OpenSim.Framework; | 36 | using OpenSim.Framework; |
37 | using OpenSim.Framework.Servers; | 37 | using OpenSim.Framework.Servers; |
38 | using OpenSim.Framework.Servers.HttpServer; | 38 | using OpenSim.Framework.Servers.HttpServer; |
39 | using OpenSim.Server.Handlers.Base; | ||
40 | using OpenSim.Services.Interfaces; | ||
41 | using Nini.Config; | ||
42 | using OpenMetaverse; | ||
39 | 43 | ||
40 | namespace OpenSim.Grid.UserServer.Modules | 44 | namespace OpenSim.Server.Handlers.Authentication |
41 | { | 45 | { |
42 | /// <summary> | 46 | /// <summary> |
43 | /// Temporary, in-memory store for OpenID associations | 47 | /// Temporary, in-memory store for OpenID associations |
@@ -194,15 +198,17 @@ For more information, see <a href='http://openid.net/'>http://openid.net/</a>. | |||
194 | string m_contentType; | 198 | string m_contentType; |
195 | string m_httpMethod; | 199 | string m_httpMethod; |
196 | string m_path; | 200 | string m_path; |
197 | UserLoginService m_loginService; | 201 | IAuthenticationService m_authenticationService; |
202 | IUserAccountService m_userAccountService; | ||
198 | ProviderMemoryStore m_openidStore = new ProviderMemoryStore(); | 203 | ProviderMemoryStore m_openidStore = new ProviderMemoryStore(); |
199 | 204 | ||
200 | /// <summary> | 205 | /// <summary> |
201 | /// Constructor | 206 | /// Constructor |
202 | /// </summary> | 207 | /// </summary> |
203 | public OpenIdStreamHandler(string httpMethod, string path, UserLoginService loginService) | 208 | public OpenIdStreamHandler(string httpMethod, string path, IUserAccountService userService, IAuthenticationService authService) |
204 | { | 209 | { |
205 | m_loginService = loginService; | 210 | m_authenticationService = authService; |
211 | m_userAccountService = userService; | ||
206 | m_httpMethod = httpMethod; | 212 | m_httpMethod = httpMethod; |
207 | m_path = path; | 213 | m_path = path; |
208 | 214 | ||
@@ -235,13 +241,14 @@ For more information, see <a href='http://openid.net/'>http://openid.net/</a>. | |||
235 | IAuthenticationRequest authRequest = (IAuthenticationRequest)provider.Request; | 241 | IAuthenticationRequest authRequest = (IAuthenticationRequest)provider.Request; |
236 | string[] passwordValues = postQuery.GetValues("pass"); | 242 | string[] passwordValues = postQuery.GetValues("pass"); |
237 | 243 | ||
238 | UserProfileData profile; | 244 | UserAccount account; |
239 | if (TryGetProfile(new Uri(authRequest.ClaimedIdentifier.ToString()), out profile)) | 245 | if (TryGetAccount(new Uri(authRequest.ClaimedIdentifier.ToString()), out account)) |
240 | { | 246 | { |
241 | // Check for form POST data | 247 | // Check for form POST data |
242 | if (passwordValues != null && passwordValues.Length == 1) | 248 | if (passwordValues != null && passwordValues.Length == 1) |
243 | { | 249 | { |
244 | if (profile != null && m_loginService.AuthenticateUser(profile, passwordValues[0])) | 250 | if (account != null && |
251 | (m_authenticationService.Authenticate(account.PrincipalID, passwordValues[0], 30) != string.Empty)) | ||
245 | authRequest.IsAuthenticated = true; | 252 | authRequest.IsAuthenticated = true; |
246 | else | 253 | else |
247 | authRequest.IsAuthenticated = false; | 254 | authRequest.IsAuthenticated = false; |
@@ -250,7 +257,7 @@ For more information, see <a href='http://openid.net/'>http://openid.net/</a>. | |||
250 | { | 257 | { |
251 | // Authentication was requested, send the client a login form | 258 | // Authentication was requested, send the client a login form |
252 | using (StreamWriter writer = new StreamWriter(response)) | 259 | using (StreamWriter writer = new StreamWriter(response)) |
253 | writer.Write(String.Format(LOGIN_PAGE, profile.FirstName, profile.SurName)); | 260 | writer.Write(String.Format(LOGIN_PAGE, account.FirstName, account.LastName)); |
254 | return; | 261 | return; |
255 | } | 262 | } |
256 | } | 263 | } |
@@ -283,14 +290,14 @@ For more information, see <a href='http://openid.net/'>http://openid.net/</a>. | |||
283 | else | 290 | else |
284 | { | 291 | { |
285 | // Try and lookup this avatar | 292 | // Try and lookup this avatar |
286 | UserProfileData profile; | 293 | UserAccount account; |
287 | if (TryGetProfile(httpRequest.Url, out profile)) | 294 | if (TryGetAccount(httpRequest.Url, out account)) |
288 | { | 295 | { |
289 | using (StreamWriter writer = new StreamWriter(response)) | 296 | using (StreamWriter writer = new StreamWriter(response)) |
290 | { | 297 | { |
291 | // TODO: Print out a full profile page for this avatar | 298 | // TODO: Print out a full profile page for this avatar |
292 | writer.Write(String.Format(OPENID_PAGE, httpRequest.Url.Scheme, | 299 | writer.Write(String.Format(OPENID_PAGE, httpRequest.Url.Scheme, |
293 | httpRequest.Url.Authority, profile.FirstName, profile.SurName)); | 300 | httpRequest.Url.Authority, account.FirstName, account.LastName)); |
294 | } | 301 | } |
295 | } | 302 | } |
296 | else | 303 | else |
@@ -316,7 +323,7 @@ For more information, see <a href='http://openid.net/'>http://openid.net/</a>. | |||
316 | /// <param name="requestUrl">URL to parse for an avatar name</param> | 323 | /// <param name="requestUrl">URL to parse for an avatar name</param> |
317 | /// <param name="profile">Profile data for the avatar</param> | 324 | /// <param name="profile">Profile data for the avatar</param> |
318 | /// <returns>True if the parse and lookup were successful, otherwise false</returns> | 325 | /// <returns>True if the parse and lookup were successful, otherwise false</returns> |
319 | bool TryGetProfile(Uri requestUrl, out UserProfileData profile) | 326 | bool TryGetAccount(Uri requestUrl, out UserAccount account) |
320 | { | 327 | { |
321 | if (requestUrl.Segments.Length == 3 && requestUrl.Segments[1] == "users/") | 328 | if (requestUrl.Segments.Length == 3 && requestUrl.Segments[1] == "users/") |
322 | { | 329 | { |
@@ -326,12 +333,12 @@ For more information, see <a href='http://openid.net/'>http://openid.net/</a>. | |||
326 | 333 | ||
327 | if (name.Length == 2) | 334 | if (name.Length == 2) |
328 | { | 335 | { |
329 | profile = m_loginService.GetTheUser(name[0], name[1]); | 336 | account = m_userAccountService.GetUserAccount(UUID.Zero, name[0], name[1]); |
330 | return (profile != null); | 337 | return (account != null); |
331 | } | 338 | } |
332 | } | 339 | } |
333 | 340 | ||
334 | profile = null; | 341 | account = null; |
335 | return false; | 342 | return false; |
336 | } | 343 | } |
337 | } | 344 | } |