From 11700ba4a4e35cf7512f7f6e8b9b8e54e812f574 Mon Sep 17 00:00:00 2001 From: Melanie Date: Fri, 4 Sep 2009 07:03:43 +0100 Subject: Implement plain password authentication partway. Tested, but no user functionality yet. --- OpenSim/Server/Base/ServerUtils.cs | 29 ++- .../AuthenticationServerConnector.cs | 2 +- .../AuthenticationServerPostHandler.cs | 233 +++++++++++++++++++++ 3 files changed, 262 insertions(+), 2 deletions(-) create mode 100644 OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs (limited to 'OpenSim/Server') diff --git a/OpenSim/Server/Base/ServerUtils.cs b/OpenSim/Server/Base/ServerUtils.cs index 8d76ffe..0a36bbe 100644 --- a/OpenSim/Server/Base/ServerUtils.cs +++ b/OpenSim/Server/Base/ServerUtils.cs @@ -31,6 +31,7 @@ using System.Reflection; using System.Xml; using System.Xml.Serialization; using System.Text; +using System.Collections.Generic; using log4net; using OpenSim.Framework; @@ -156,5 +157,31 @@ namespace OpenSim.Server.Base return null; } } + + public static Dictionary ParseQueryString(string query) + { + Dictionary result = new Dictionary(); + string[] terms = query.Split(new char[] {'&'}); + + if (terms.Length == 0) + return result; + + foreach (string t in terms) + { + string[] elems = t.Split(new char[] {'='}); + if (elems.Length == 0) + continue; + + string name = System.Web.HttpUtility.UrlDecode(elems[0]); + string value = String.Empty; + + if (elems.Length > 1) + value = System.Web.HttpUtility.UrlDecode(elems[1]); + + result[name] = value; + } + + return result; + } } -} \ No newline at end of file +} diff --git a/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs b/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs index 03a7980..589dc3b 100644 --- a/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs +++ b/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs @@ -54,7 +54,7 @@ namespace OpenSim.Server.Handlers.Authentication Object[] args = new Object[] { config }; m_AuthenticationService = ServerUtils.LoadPlugin(authenticationService, args); - //server.AddStreamHandler(new AuthenticationServerGetHandler(m_AuthenticationService)); + server.AddStreamHandler(new AuthenticationServerPostHandler(m_AuthenticationService)); } } } diff --git a/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs b/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs new file mode 100644 index 0000000..6cf7d56 --- /dev/null +++ b/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs @@ -0,0 +1,233 @@ +/* + * Copyright (c) Contributors, http://opensimulator.org/ + * See CONTRIBUTORS.TXT for a full list of copyright holders. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * * Neither the name of the OpenSimulator Project nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY + * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +using Nini.Config; +using log4net; +using System; +using System.Reflection; +using System.IO; +using System.Net; +using System.Text; +using System.Text.RegularExpressions; +using System.Xml; +using System.Xml.Serialization; +using System.Collections.Generic; +using OpenSim.Server.Base; +using OpenSim.Services.Interfaces; +using OpenSim.Framework; +using OpenSim.Framework.Servers.HttpServer; +using OpenMetaverse; + +namespace OpenSim.Server.Handlers.Authentication +{ + public class AuthenticationServerPostHandler : BaseStreamHandler + { + // private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); + + private IAuthenticationService m_AuthenticationService; + + public AuthenticationServerPostHandler(IAuthenticationService service) : + base("POST", "/auth") + { + m_AuthenticationService = service; + } + + public override byte[] Handle(string path, Stream request, + OSHttpRequest httpRequest, OSHttpResponse httpResponse) + { + string[] p = SplitParams(path); + + if (p.Length > 0) + { + switch (p[0]) + { + case "plain": + StreamReader sr = new StreamReader(request); + string body = sr.ReadToEnd(); + sr.Close(); + + return DoPlainMethods(body); + case "crypt": + byte[] buffer = new byte[request.Length]; + long length = request.Length; + if (length > 16384) + length = 16384; + request.Read(buffer, 0, (int)length); + + return DoEncryptedMethods(buffer); + } + } + return new byte[0]; + } + + private byte[] DoPlainMethods(string body) + { + Dictionary request = + ServerUtils.ParseQueryString(body); + + int lifetime = 30; + + if (request.ContainsKey("LIFETIME")) + { + lifetime = Convert.ToInt32(request["LIFETIME"]); + if (lifetime > 30) + lifetime = 30; + } + + if (!request.ContainsKey("METHOD")) + return FailureResult(); + if (!request.ContainsKey("PRINCIPAL")) + return FailureResult(); + + string method = request["METHOD"]; + + UUID principalID; + string token; + + if (!UUID.TryParse(request["PRINCIPAL"], out principalID)) + return FailureResult(); + + switch (method) + { + case "authenticate": + if (!request.ContainsKey("PASSWORD")) + return FailureResult(); + + token = m_AuthenticationService.Authenticate(principalID, request["PASSWORD"], lifetime); + + if (token != String.Empty) + return SuccessResult(token); + return FailureResult(); + case "verify": + if (!request.ContainsKey("TOKEN")) + return FailureResult(); + + if (m_AuthenticationService.Verify(principalID, request["TOKEN"], lifetime)) + return SuccessResult(); + + return FailureResult(); + case "release": + if (!request.ContainsKey("TOKEN")) + return FailureResult(); + + if (m_AuthenticationService.Release(principalID, request["TOKEN"])) + return SuccessResult(); + + return FailureResult(); + } + + return FailureResult(); + } + + private byte[] DoEncryptedMethods(byte[] ciphertext) + { + return new byte[0]; + } + + private byte[] SuccessResult() + { + XmlDocument doc = new XmlDocument(); + + XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration, + "", ""); + + doc.AppendChild(xmlnode); + + XmlElement rootElement = doc.CreateElement("", "Authentication", + ""); + + doc.AppendChild(rootElement); + + XmlElement result = doc.CreateElement("", "Result", ""); + result.AppendChild(doc.CreateTextNode("Success")); + + rootElement.AppendChild(result); + + return DocToBytes(doc); + } + + private byte[] FailureResult() + { + XmlDocument doc = new XmlDocument(); + + XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration, + "", ""); + + doc.AppendChild(xmlnode); + + XmlElement rootElement = doc.CreateElement("", "Authentication", + ""); + + doc.AppendChild(rootElement); + + XmlElement result = doc.CreateElement("", "Result", ""); + result.AppendChild(doc.CreateTextNode("Failure")); + + rootElement.AppendChild(result); + + return DocToBytes(doc); + } + + private byte[] SuccessResult(string token) + { + XmlDocument doc = new XmlDocument(); + + XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration, + "", ""); + + doc.AppendChild(xmlnode); + + XmlElement rootElement = doc.CreateElement("", "Authentication", + ""); + + doc.AppendChild(rootElement); + + XmlElement result = doc.CreateElement("", "Result", ""); + result.AppendChild(doc.CreateTextNode("Success")); + + rootElement.AppendChild(result); + + XmlElement t = doc.CreateElement("", "Token", ""); + t.AppendChild(doc.CreateTextNode(token)); + + rootElement.AppendChild(t); + + return DocToBytes(doc); + } + + private byte[] DocToBytes(XmlDocument doc) + { + MemoryStream ms = new MemoryStream(); + XmlTextWriter xw = new XmlTextWriter(ms, null); + xw.Formatting = Formatting.Indented; + doc.WriteTo(xw); + xw.Flush(); + + return ms.GetBuffer(); + } + } +} -- cgit v1.1