opensim-development – Blame information for rev 1

Subversion Repositories:
Rev:
Rev Author Line No. Line
1 eva 1 /*
2 * Copyright (c) Contributors, http://opensimulator.org/
3 * See CONTRIBUTORS.TXT for a full list of copyright holders.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are met:
7 * * Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * * Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * * Neither the name of the OpenSimulator Project nor the
13 * names of its contributors may be used to endorse or promote products
14 * derived from this software without specific prior written permission.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
17 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19 * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
20 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27  
28 using Nini.Config;
29 using log4net;
30 using System;
31 using System.Reflection;
32 using System.IO;
33 using System.Net;
34 using System.Text;
35 using System.Text.RegularExpressions;
36 using System.Xml;
37 using System.Xml.Serialization;
38 using System.Collections.Generic;
39 using OpenSim.Server.Base;
40 using OpenSim.Services.Interfaces;
41 using OpenSim.Framework;
42 using OpenSim.Framework.Servers.HttpServer;
43 using OpenMetaverse;
44  
45 namespace OpenSim.Server.Handlers.Authentication
46 {
47 public class AuthenticationServerPostHandler : BaseStreamHandler
48 {
49 private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
50  
51 private IAuthenticationService m_AuthenticationService;
52  
53 private bool m_AllowGetAuthInfo = false;
54 private bool m_AllowSetAuthInfo = false;
55 private bool m_AllowSetPassword = false;
56  
57 public AuthenticationServerPostHandler(IAuthenticationService service) :
58 this(service, null) {}
59  
60 public AuthenticationServerPostHandler(IAuthenticationService service, IConfig config) :
61 base("POST", "/auth")
62 {
63 m_AuthenticationService = service;
64  
65 if (config != null)
66 {
67 m_AllowGetAuthInfo = config.GetBoolean("AllowGetAuthInfo", m_AllowGetAuthInfo);
68 m_AllowSetAuthInfo = config.GetBoolean("AllowSetAuthInfo", m_AllowSetAuthInfo);
69 m_AllowSetPassword = config.GetBoolean("AllowSetPassword", m_AllowSetPassword);
70 }
71 }
72  
73 protected override byte[] ProcessRequest(string path, Stream request,
74 IOSHttpRequest httpRequest, IOSHttpResponse httpResponse)
75 {
76 string[] p = SplitParams(path);
77  
78 if (p.Length > 0)
79 {
80 switch (p[0])
81 {
82 case "plain":
83 StreamReader sr = new StreamReader(request);
84 string body = sr.ReadToEnd();
85 sr.Close();
86  
87 return DoPlainMethods(body);
88 case "crypt":
89 byte[] buffer = new byte[request.Length];
90 long length = request.Length;
91 if (length > 16384)
92 length = 16384;
93 request.Read(buffer, 0, (int)length);
94  
95 return DoEncryptedMethods(buffer);
96 }
97 }
98 return new byte[0];
99 }
100  
101 private byte[] DoPlainMethods(string body)
102 {
103 Dictionary<string, object> request =
104 ServerUtils.ParseQueryString(body);
105  
106 int lifetime = 30;
107  
108 if (request.ContainsKey("LIFETIME"))
109 {
110 lifetime = Convert.ToInt32(request["LIFETIME"].ToString());
111 if (lifetime > 30)
112 lifetime = 30;
113 }
114  
115 if (!request.ContainsKey("METHOD"))
116 return FailureResult();
117 if (!request.ContainsKey("PRINCIPAL"))
118 return FailureResult();
119  
120 string method = request["METHOD"].ToString();
121  
122 UUID principalID;
123 string token;
124  
125 if (!UUID.TryParse(request["PRINCIPAL"].ToString(), out principalID))
126 return FailureResult();
127  
128 switch (method)
129 {
130 case "authenticate":
131 if (!request.ContainsKey("PASSWORD"))
132 return FailureResult();
133  
134 token = m_AuthenticationService.Authenticate(principalID, request["PASSWORD"].ToString(), lifetime);
135  
136 if (token != String.Empty)
137 return SuccessResult(token);
138 return FailureResult();
139  
140 case "setpassword":
141 if (!m_AllowSetPassword)
142 return FailureResult();
143  
144 if (!request.ContainsKey("PASSWORD"))
145 return FailureResult();
146  
147 if (m_AuthenticationService.SetPassword(principalID, request["PASSWORD"].ToString()))
148 return SuccessResult();
149 else
150 return FailureResult();
151  
152 case "verify":
153 if (!request.ContainsKey("TOKEN"))
154 return FailureResult();
155  
156 if (m_AuthenticationService.Verify(principalID, request["TOKEN"].ToString(), lifetime))
157 return SuccessResult();
158  
159 return FailureResult();
160  
161 case "release":
162 if (!request.ContainsKey("TOKEN"))
163 return FailureResult();
164  
165 if (m_AuthenticationService.Release(principalID, request["TOKEN"].ToString()))
166 return SuccessResult();
167  
168 return FailureResult();
169  
170 case "getauthinfo":
171 if (m_AllowGetAuthInfo)
172 return GetAuthInfo(principalID);
173  
174 break;
175  
176 case "setauthinfo":
177 if (m_AllowSetAuthInfo)
178 return SetAuthInfo(principalID, request);
179  
180 break;
181 }
182  
183 return FailureResult();
184 }
185  
186 private byte[] DoEncryptedMethods(byte[] ciphertext)
187 {
188 return new byte[0];
189 }
190  
191 private byte[] SuccessResult()
192 {
193 XmlDocument doc = new XmlDocument();
194  
195 XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration,
196 "", "");
197  
198 doc.AppendChild(xmlnode);
199  
200 XmlElement rootElement = doc.CreateElement("", "ServerResponse",
201 "");
202  
203 doc.AppendChild(rootElement);
204  
205 XmlElement result = doc.CreateElement("", "Result", "");
206 result.AppendChild(doc.CreateTextNode("Success"));
207  
208 rootElement.AppendChild(result);
209  
210 return DocToBytes(doc);
211 }
212  
213 byte[] GetAuthInfo(UUID principalID)
214 {
215 AuthInfo info = m_AuthenticationService.GetAuthInfo(principalID);
216  
217 if (info != null)
218 {
219 Dictionary<string, object> result = new Dictionary<string, object>();
220 result["result"] = info.ToKeyValuePairs();
221  
222 return ResultToBytes(result);
223 }
224 else
225 {
226 return FailureResult();
227 }
228 }
229  
230 byte[] SetAuthInfo(UUID principalID, Dictionary<string, object> request)
231 {
232 AuthInfo existingInfo = m_AuthenticationService.GetAuthInfo(principalID);
233  
234 if (existingInfo == null)
235 return FailureResult();
236  
237 if (request.ContainsKey("AccountType"))
238 existingInfo.AccountType = request["AccountType"].ToString();
239  
240 if (request.ContainsKey("PasswordHash"))
241 existingInfo.PasswordHash = request["PasswordHash"].ToString();
242  
243 if (request.ContainsKey("PasswordSalt"))
244 existingInfo.PasswordSalt = request["PasswordSalt"].ToString();
245  
246 if (request.ContainsKey("WebLoginKey"))
247 existingInfo.WebLoginKey = request["WebLoginKey"].ToString();
248  
249 if (!m_AuthenticationService.SetAuthInfo(existingInfo))
250 {
251 m_log.ErrorFormat(
252 "[AUTHENTICATION SERVER POST HANDLER]: Authentication info store failed for account {0} {1} {2}",
253 existingInfo.PrincipalID);
254  
255 return FailureResult();
256 }
257  
258 return SuccessResult();
259 }
260  
261 private byte[] FailureResult()
262 {
263 XmlDocument doc = new XmlDocument();
264  
265 XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration,
266 "", "");
267  
268 doc.AppendChild(xmlnode);
269  
270 XmlElement rootElement = doc.CreateElement("", "ServerResponse",
271 "");
272  
273 doc.AppendChild(rootElement);
274  
275 XmlElement result = doc.CreateElement("", "Result", "");
276 result.AppendChild(doc.CreateTextNode("Failure"));
277  
278 rootElement.AppendChild(result);
279  
280 return DocToBytes(doc);
281 }
282  
283 private byte[] SuccessResult(string token)
284 {
285 XmlDocument doc = new XmlDocument();
286  
287 XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration,
288 "", "");
289  
290 doc.AppendChild(xmlnode);
291  
292 XmlElement rootElement = doc.CreateElement("", "ServerResponse",
293 "");
294  
295 doc.AppendChild(rootElement);
296  
297 XmlElement result = doc.CreateElement("", "Result", "");
298 result.AppendChild(doc.CreateTextNode("Success"));
299  
300 rootElement.AppendChild(result);
301  
302 XmlElement t = doc.CreateElement("", "Token", "");
303 t.AppendChild(doc.CreateTextNode(token));
304  
305 rootElement.AppendChild(t);
306  
307 return DocToBytes(doc);
308 }
309  
310 private byte[] DocToBytes(XmlDocument doc)
311 {
312 MemoryStream ms = new MemoryStream();
313 XmlTextWriter xw = new XmlTextWriter(ms, null);
314 xw.Formatting = Formatting.Indented;
315 doc.WriteTo(xw);
316 xw.Flush();
317  
318 return ms.GetBuffer();
319 }
320  
321 private byte[] ResultToBytes(Dictionary<string, object> result)
322 {
323 string xmlString = ServerUtils.BuildXmlResponse(result);
324 return Util.UTF8NoBomEncoding.GetBytes(xmlString);
325 }
326 }
327 }