opensim-development – Blame information for rev 1
?pathlinks?
Rev | Author | Line No. | Line |
---|---|---|---|
1 | eva | 1 | /* |
2 | * Copyright (c) Contributors, http://opensimulator.org/ |
||
3 | * See CONTRIBUTORS.TXT for a full list of copyright holders. |
||
4 | * |
||
5 | * Redistribution and use in source and binary forms, with or without |
||
6 | * modification, are permitted provided that the following conditions are met: |
||
7 | * * Redistributions of source code must retain the above copyright |
||
8 | * notice, this list of conditions and the following disclaimer. |
||
9 | * * Redistributions in binary form must reproduce the above copyright |
||
10 | * notice, this list of conditions and the following disclaimer in the |
||
11 | * documentation and/or other materials provided with the distribution. |
||
12 | * * Neither the name of the OpenSimulator Project nor the |
||
13 | * names of its contributors may be used to endorse or promote products |
||
14 | * derived from this software without specific prior written permission. |
||
15 | * |
||
16 | * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY |
||
17 | * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
||
18 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE |
||
19 | * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY |
||
20 | * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES |
||
21 | * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
||
22 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND |
||
23 | * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
||
24 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS |
||
25 | * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
||
26 | */ |
||
27 | |||
28 | using System; |
||
29 | using System.Collections.Generic; |
||
30 | using OpenMetaverse; |
||
31 | |||
32 | namespace OpenSim.Services.Interfaces |
||
33 | { |
||
34 | public class AuthInfo |
||
35 | { |
||
36 | public UUID PrincipalID { get; set; } |
||
37 | public string AccountType { get; set; } |
||
38 | public string PasswordHash { get; set; } |
||
39 | public string PasswordSalt { get; set; } |
||
40 | public string WebLoginKey { get; set; } |
||
41 | |||
42 | public Dictionary<string, object> ToKeyValuePairs() |
||
43 | { |
||
44 | Dictionary<string, object> result = new Dictionary<string, object>(); |
||
45 | result["PrincipalID"] = PrincipalID; |
||
46 | result["AccountType"] = AccountType; |
||
47 | result["PasswordHash"] = PasswordHash; |
||
48 | result["PasswordSalt"] = PasswordSalt; |
||
49 | result["WebLoginKey"] = WebLoginKey; |
||
50 | |||
51 | return result; |
||
52 | } |
||
53 | } |
||
54 | |||
55 | // Generic Authentication service used for identifying |
||
56 | // and authenticating principals. |
||
57 | // Principals may be clients acting on users' behalf, |
||
58 | // or any other components that need |
||
59 | // verifiable identification. |
||
60 | // |
||
61 | public interface IAuthenticationService |
||
62 | { |
||
63 | ////////////////////////////////////////////////////// |
||
64 | // Authentication |
||
65 | // |
||
66 | // These methods will return a token, which can be used to access |
||
67 | // various services. |
||
68 | // |
||
69 | string Authenticate(UUID principalID, string password, int lifetime); |
||
70 | |||
71 | ////////////////////////////////////////////////////// |
||
72 | // Verification |
||
73 | // |
||
74 | // Allows to verify the authenticity of a token |
||
75 | // |
||
76 | // Tokens expire after 30 minutes and can be refreshed by |
||
77 | // re-verifying. |
||
78 | // |
||
79 | bool Verify(UUID principalID, string token, int lifetime); |
||
80 | |||
81 | ////////////////////////////////////////////////////// |
||
82 | // Teardown |
||
83 | // |
||
84 | // A token can be returned before the timeout. This |
||
85 | // invalidates it and it can not subsequently be used |
||
86 | // or refreshed. |
||
87 | // |
||
88 | bool Release(UUID principalID, string token); |
||
89 | |||
90 | ////////////////////////////////////////////////////// |
||
91 | // SetPassword for a principal |
||
92 | // |
||
93 | // This method exists for the service, but may or may not |
||
94 | // be served remotely. That is, the authentication |
||
95 | // handlers may not include one handler for this, |
||
96 | // because it's a bit risky. Such handlers require |
||
97 | // authentication/authorization. |
||
98 | // |
||
99 | bool SetPassword(UUID principalID, string passwd); |
||
100 | |||
101 | AuthInfo GetAuthInfo(UUID principalID); |
||
102 | |||
103 | bool SetAuthInfo(AuthInfo info); |
||
104 | |||
105 | ////////////////////////////////////////////////////// |
||
106 | // Grid |
||
107 | // |
||
108 | // We no longer need a shared secret between grid |
||
109 | // servers. Anything a server requests from another |
||
110 | // server is either done on behalf of a user, in which |
||
111 | // case there is a token, or on behalf of a region, |
||
112 | // which has a session. So, no more keys. |
||
113 | // If sniffing on the local lan is an issue, admins |
||
114 | // need to take approriate action (IPSec is recommended) |
||
115 | // to secure inter-server traffic. |
||
116 | |||
117 | ////////////////////////////////////////////////////// |
||
118 | // NOTE |
||
119 | // |
||
120 | // Session IDs are not handled here. After obtaining |
||
121 | // a token, the session ID regions use can be |
||
122 | // obtained from the presence service. |
||
123 | } |
||
124 | } |