clockwerk-opensim – Blame information for rev 1

Subversion Repositories:
Rev:
Rev Author Line No. Line
1 vero 1 /*
2 * Copyright (c) Contributors, http://opensimulator.org/
3 * See CONTRIBUTORS.TXT for a full list of copyright holders.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are met:
7 * * Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * * Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * * Neither the name of the OpenSimulator Project nor the
13 * names of its contributors may be used to endorse or promote products
14 * derived from this software without specific prior written permission.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
17 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19 * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
20 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27  
28 using System;
29 using System.Collections.Generic;
30 using OpenMetaverse;
31 using OpenSim.Services.Interfaces;
32 using log4net;
33 using Nini.Config;
34 using System.Reflection;
35 using OpenSim.Data;
36 using OpenSim.Framework;
37 using OpenSim.Framework.Console;
38  
39 namespace OpenSim.Services.AuthenticationService
40 {
41 // Generic Authentication service used for identifying
42 // and authenticating principals.
43 // Principals may be clients acting on users' behalf,
44 // or any other components that need
45 // verifiable identification.
46 //
47 public class PasswordAuthenticationService :
48 AuthenticationServiceBase, IAuthenticationService
49 {
50 private static readonly ILog m_log =
51 LogManager.GetLogger(
52 MethodBase.GetCurrentMethod().DeclaringType);
53  
54 public PasswordAuthenticationService(IConfigSource config) :
55 base(config)
56 {
57 }
58  
59 public string Authenticate(UUID principalID, string password, int lifetime)
60 {
61 AuthenticationData data = m_Database.Get(principalID);
62  
63 if (data == null)
64 {
65 m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} not found", principalID);
66 return String.Empty;
67 }
68 else if (data.Data == null)
69 {
70 m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} data not found", principalID);
71 return String.Empty;
72 }
73 else if (!data.Data.ContainsKey("passwordHash") || !data.Data.ContainsKey("passwordSalt"))
74 {
75 m_log.DebugFormat(
76 "[AUTH SERVICE]: PrincipalID {0} data didn't contain either passwordHash or passwordSalt", principalID);
77 return String.Empty;
78 }
79 else
80 {
81 string hashed = Util.Md5Hash(password + ":" + data.Data["passwordSalt"].ToString());
82  
83 m_log.DebugFormat("[PASS AUTH]: got {0}; hashed = {1}; stored = {2}", password, hashed, data.Data["passwordHash"].ToString());
84  
85 if (data.Data["passwordHash"].ToString() == hashed)
86 {
87 return GetToken(principalID, lifetime);
88 }
89 else
90 {
91 m_log.DebugFormat(
92 "[AUTH SERVICE]: Salted hash {0} of given password did not match salted hash of {1} for PrincipalID {2}. Authentication failure.",
93 hashed, data.Data["passwordHash"], principalID);
94 return String.Empty;
95 }
96 }
97 }
98 }
99 }