1
0

IAuthenticationService.cs 5.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125
  1. /*
  2. * Copyright (c) Contributors, http://opensimulator.org/
  3. * See CONTRIBUTORS.TXT for a full list of copyright holders.
  4. *
  5. * Redistribution and use in source and binary forms, with or without
  6. * modification, are permitted provided that the following conditions are met:
  7. * * Redistributions of source code must retain the above copyright
  8. * notice, this list of conditions and the following disclaimer.
  9. * * Redistributions in binary form must reproduce the above copyright
  10. * notice, this list of conditions and the following disclaimer in the
  11. * documentation and/or other materials provided with the distribution.
  12. * * Neither the name of the OpenSimulator Project nor the
  13. * names of its contributors may be used to endorse or promote products
  14. * derived from this software without specific prior written permission.
  15. *
  16. * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
  17. * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
  18. * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  19. * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
  20. * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
  21. * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  22. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
  23. * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  24. * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  25. * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  26. */
  27. using System;
  28. using System.Collections.Generic;
  29. using OpenMetaverse;
  30. namespace OpenSim.Services.Interfaces
  31. {
  32. public class AuthInfo
  33. {
  34. public UUID PrincipalID { get; set; }
  35. public string AccountType { get; set; }
  36. public string PasswordHash { get; set; }
  37. public string PasswordSalt { get; set; }
  38. public string WebLoginKey { get; set; }
  39. public Dictionary<string, object> ToKeyValuePairs()
  40. {
  41. Dictionary<string, object> result = new Dictionary<string, object>();
  42. result["PrincipalID"] = PrincipalID;
  43. result["AccountType"] = AccountType;
  44. result["PasswordHash"] = PasswordHash;
  45. result["PasswordSalt"] = PasswordSalt;
  46. result["WebLoginKey"] = WebLoginKey;
  47. return result;
  48. }
  49. }
  50. // Generic Authentication service used for identifying
  51. // and authenticating principals.
  52. // Principals may be clients acting on users' behalf,
  53. // or any other components that need
  54. // verifiable identification.
  55. //
  56. public interface IAuthenticationService
  57. {
  58. //////////////////////////////////////////////////////
  59. // Authentication
  60. //
  61. // These methods will return a token, which can be used to access
  62. // various services.
  63. //
  64. string Authenticate(UUID principalID, string password, int lifetime);
  65. string Authenticate(UUID principalID, string password, int lifetime, out UUID realID);
  66. //////////////////////////////////////////////////////
  67. // Verification
  68. //
  69. // Allows to verify the authenticity of a token
  70. //
  71. // Tokens expire after 30 minutes and can be refreshed by
  72. // re-verifying.
  73. //
  74. bool Verify(UUID principalID, string token, int lifetime);
  75. //////////////////////////////////////////////////////
  76. // Teardown
  77. //
  78. // A token can be returned before the timeout. This
  79. // invalidates it and it can not subsequently be used
  80. // or refreshed.
  81. //
  82. bool Release(UUID principalID, string token);
  83. //////////////////////////////////////////////////////
  84. // SetPassword for a principal
  85. //
  86. // This method exists for the service, but may or may not
  87. // be served remotely. That is, the authentication
  88. // handlers may not include one handler for this,
  89. // because it's a bit risky. Such handlers require
  90. // authentication/authorization.
  91. //
  92. bool SetPassword(UUID principalID, string passwd);
  93. AuthInfo GetAuthInfo(UUID principalID);
  94. bool SetAuthInfo(AuthInfo info);
  95. //////////////////////////////////////////////////////
  96. // Grid
  97. //
  98. // We no longer need a shared secret between grid
  99. // servers. Anything a server requests from another
  100. // server is either done on behalf of a user, in which
  101. // case there is a token, or on behalf of a region,
  102. // which has a session. So, no more keys.
  103. // If sniffing on the local lan is an issue, admins
  104. // need to take approriate action (IPSec is recommended)
  105. // to secure inter-server traffic.
  106. //////////////////////////////////////////////////////
  107. // NOTE
  108. //
  109. // Session IDs are not handled here. After obtaining
  110. // a token, the session ID regions use can be
  111. // obtained from the presence service.
  112. }
  113. }