IAuthenticationService.cs 4.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124
  1. /*
  2. * Copyright (c) Contributors, http://opensimulator.org/
  3. * See CONTRIBUTORS.TXT for a full list of copyright holders.
  4. *
  5. * Redistribution and use in source and binary forms, with or without
  6. * modification, are permitted provided that the following conditions are met:
  7. * * Redistributions of source code must retain the above copyright
  8. * notice, this list of conditions and the following disclaimer.
  9. * * Redistributions in binary form must reproduce the above copyright
  10. * notice, this list of conditions and the following disclaimer in the
  11. * documentation and/or other materials provided with the distribution.
  12. * * Neither the name of the OpenSimulator Project nor the
  13. * names of its contributors may be used to endorse or promote products
  14. * derived from this software without specific prior written permission.
  15. *
  16. * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
  17. * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
  18. * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  19. * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
  20. * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
  21. * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  22. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
  23. * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  24. * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  25. * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  26. */
  27. using System;
  28. using System.Collections.Generic;
  29. using OpenMetaverse;
  30. namespace OpenSim.Services.Interfaces
  31. {
  32. public class AuthInfo
  33. {
  34. public UUID PrincipalID { get; set; }
  35. public string AccountType { get; set; }
  36. public string PasswordHash { get; set; }
  37. public string PasswordSalt { get; set; }
  38. public string WebLoginKey { get; set; }
  39. public Dictionary<string, object> ToKeyValuePairs()
  40. {
  41. Dictionary<string, object> result = new Dictionary<string, object>();
  42. result["PrincipalID"] = PrincipalID;
  43. result["AccountType"] = AccountType;
  44. result["PasswordHash"] = PasswordHash;
  45. result["PasswordSalt"] = PasswordSalt;
  46. result["WebLoginKey"] = WebLoginKey;
  47. return result;
  48. }
  49. }
  50. // Generic Authentication service used for identifying
  51. // and authenticating principals.
  52. // Principals may be clients acting on users' behalf,
  53. // or any other components that need
  54. // verifiable identification.
  55. //
  56. public interface IAuthenticationService
  57. {
  58. //////////////////////////////////////////////////////
  59. // Authentication
  60. //
  61. // These methods will return a token, which can be used to access
  62. // various services.
  63. //
  64. string Authenticate(UUID principalID, string password, int lifetime);
  65. //////////////////////////////////////////////////////
  66. // Verification
  67. //
  68. // Allows to verify the authenticity of a token
  69. //
  70. // Tokens expire after 30 minutes and can be refreshed by
  71. // re-verifying.
  72. //
  73. bool Verify(UUID principalID, string token, int lifetime);
  74. //////////////////////////////////////////////////////
  75. // Teardown
  76. //
  77. // A token can be returned before the timeout. This
  78. // invalidates it and it can not subsequently be used
  79. // or refreshed.
  80. //
  81. bool Release(UUID principalID, string token);
  82. //////////////////////////////////////////////////////
  83. // SetPassword for a principal
  84. //
  85. // This method exists for the service, but may or may not
  86. // be served remotely. That is, the authentication
  87. // handlers may not include one handler for this,
  88. // because it's a bit risky. Such handlers require
  89. // authentication/authorization.
  90. //
  91. bool SetPassword(UUID principalID, string passwd);
  92. AuthInfo GetAuthInfo(UUID principalID);
  93. bool SetAuthInfo(AuthInfo info);
  94. //////////////////////////////////////////////////////
  95. // Grid
  96. //
  97. // We no longer need a shared secret between grid
  98. // servers. Anything a server requests from another
  99. // server is either done on behalf of a user, in which
  100. // case there is a token, or on behalf of a region,
  101. // which has a session. So, no more keys.
  102. // If sniffing on the local lan is an issue, admins
  103. // need to take approriate action (IPSec is recommended)
  104. // to secure inter-server traffic.
  105. //////////////////////////////////////////////////////
  106. // NOTE
  107. //
  108. // Session IDs are not handled here. After obtaining
  109. // a token, the session ID regions use can be
  110. // obtained from the presence service.
  111. }
  112. }