Inicio Explorar Axuda
Iniciar sesión
GwynethLlewelyn
/
OpenSim-Test
1
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0
Árbore: 2f66a82cbe
Ramas Etiquetas
OpenSim-Test
/
OpenSim
/
Framework
/
ServiceAuth
/
BasicHttpAuthentication.cs

BasicHttpAuthentication.cs 4.5 KB
Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113 
  1. /*
    2. 

  2.  * Copyright (c) Contributors, http://opensimulator.org/
    3. 

  3.  * See CONTRIBUTORS.TXT for a full list of copyright holders.
    4. 

  4.  *
    5. 

  5.  * Redistribution and use in source and binary forms, with or without
    6. 

  6.  * modification, are permitted provided that the following conditions are met:
    7. 

  7.  *     * Redistributions of source code must retain the above copyright
    8. 

  8.  *       notice, this list of conditions and the following disclaimer.
    9. 

  9.  *     * Redistributions in binary form must reproduce the above copyright
    10. 

  10.  *       notice, this list of conditions and the following disclaimer in the
    11. 

  11.  *       documentation and/or other materials provided with the distribution.
    12. 

  12.  *     * Neither the name of the OpenSimulator Project nor the
    13. 

  13.  *       names of its contributors may be used to endorse or promote products
    14. 

  14.  *       derived from this software without specific prior written permission.
    15. 

  15.  *
    16. 

  16.  * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
    17. 

  17.  * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
    18. 

  18.  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
    19. 

  19.  * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
    20. 

  20.  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
    21. 

  21.  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
    22. 

  22.  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
    23. 

  23.  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
    24. 

  24.  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
    25. 

  25.  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    26. 

  26.  */
    27. 

  27. 

  28. using System;
    29. 

  29. using System.Collections.Generic;
    30. 

  30. using System.Collections.Specialized;
    31. 

  31. using System.Net;
    32. 

  32. using System.Reflection;
    33. 

  33. 

  34. using Nini.Config;
    35. 

  35. using log4net;
    36. 

  36. 

  37. namespace OpenSim.Framework.ServiceAuth
    38. 

  38. {
    39. 

  39.     public class BasicHttpAuthentication : IServiceAuth
    40. 

  40.     {
    41. 

  41. //        private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
    42. 

  42. 

  43.         public string Name { get { return "BasicHttp"; } }
    44. 

  44. 

  45.         private string m_Username, m_Password;
    46. 

  46.         private string m_CredentialsB64;
    47. 

  47. 

  48. //        private string remove_me;
    49. 

  49. 

  50.         public string Credentials
    51. 

  51.         {
    52. 

  52.             get { return m_CredentialsB64; }
    53. 

  53.         }
    54. 

  54. 

  55.         public BasicHttpAuthentication(IConfigSource config, string section)
    56. 

  56.         {
    57. 

  57. //            remove_me = section;
    58. 

  58.             m_Username = Util.GetConfigVarFromSections<string>(config, "HttpAuthUsername", new string[] { "Network", section }, string.Empty);
    59. 

  59.             m_Password = Util.GetConfigVarFromSections<string>(config, "HttpAuthPassword", new string[] { "Network", section }, string.Empty);
    60. 

  60.             string str = m_Username + ":" + m_Password;
    61. 

  61.             byte[] encData_byte = Util.UTF8.GetBytes(str);
    62. 

  62. 

  63.             m_CredentialsB64 = Convert.ToBase64String(encData_byte);
    64. 

  64. //            m_log.DebugFormat("[HTTP BASIC AUTH]: {0} {1} [{2}]", m_Username, m_Password, section);
    65. 

  65.         }
    66. 

  66. 

  67.         public void AddAuthorization(NameValueCollection headers)
    68. 

  68.         {
    69. 

  69.             //m_log.DebugFormat("[HTTP BASIC AUTH]: Adding authorization for {0}", remove_me);
    70. 

  70.             headers["Authorization"] = "Basic " + m_CredentialsB64;
    71. 

  71.         }
    72. 

  72. 

  73.         public bool Authenticate(string data)
    74. 

  74.         {
    75. 

  75.             string recovered = Util.Base64ToString(data);
    76. 

  76.             if (!String.IsNullOrEmpty(recovered))
    77. 

  77.             {
    78. 

  78.                 string[] parts = recovered.Split(new char[] { ':' });
    79. 

  79.                 if (parts.Length >= 2)
    80. 

  80.                 {
    81. 

  81.                     return m_Username.Equals(parts[0]) && m_Password.Equals(parts[1]);
    82. 

  82.                 }
    83. 

  83.             }
    84. 

  84. 

  85.             return false;
    86. 

  86.         }
    87. 

  87. 

  88.         public bool Authenticate(NameValueCollection requestHeaders, AddHeaderDelegate d, out HttpStatusCode statusCode)
    89. 

  89.         {
    90. 

  90. //            m_log.DebugFormat("[HTTP BASIC AUTH]: Authenticate in {0}", "BasicHttpAuthentication");
    91. 

  91. 

  92.             string value = requestHeaders.Get("Authorization");
    93. 

  93.             if (value != null)
    94. 

  94.             {
    95. 

  95.                 value = value.Trim();
    96. 

  96.                 if (value.StartsWith("Basic "))
    97. 

  97.                 {
    98. 

  98.                     value = value.Replace("Basic ", string.Empty);
    99. 

  99.                     if (Authenticate(value))
    100. 

  100.                     {
    101. 

  101.                         statusCode = HttpStatusCode.OK;
    102. 

  102.                         return true;
    103. 

  103.                     }
    104. 

  104.                 }
    105. 

  105.             }
    106. 

  106. 

  107.             d("WWW-Authenticate", "Basic realm = \"Asset Server\"");
    108. 

  108. 

  109.             statusCode = HttpStatusCode.Unauthorized;
    110. 

  110.             return false;
    111. 

  111.         }
    112. 

  112.     }
    113. 

  113. }
    114.