MySQLAuthenticationData.cs 8.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227
  1. /*
  2. * Copyright (c) Contributors, http://opensimulator.org/
  3. * See CONTRIBUTORS.TXT for a full list of copyright holders.
  4. *
  5. * Redistribution and use in source and binary forms, with or without
  6. * modification, are permitted provided that the following conditions are met:
  7. * * Redistributions of source code must retain the above copyright
  8. * notice, this list of conditions and the following disclaimer.
  9. * * Redistributions in binary form must reproduce the above copyright
  10. * notice, this list of conditions and the following disclaimer in the
  11. * documentation and/or other materials provided with the distribution.
  12. * * Neither the name of the OpenSimulator Project nor the
  13. * names of its contributors may be used to endorse or promote products
  14. * derived from this software without specific prior written permission.
  15. *
  16. * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
  17. * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
  18. * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  19. * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
  20. * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
  21. * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  22. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
  23. * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  24. * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  25. * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  26. */
  27. using System;
  28. using System.Collections;
  29. using System.Collections.Generic;
  30. using System.Reflection;
  31. using System.Data;
  32. using OpenMetaverse;
  33. using OpenSim.Framework;
  34. using MySql.Data.MySqlClient;
  35. namespace OpenSim.Data.MySQL
  36. {
  37. public class MySqlAuthenticationData : MySqlFramework, IAuthenticationData
  38. {
  39. private string m_Realm;
  40. private List<string> m_ColumnNames;
  41. private int m_LastExpire;
  42. // private string m_connectionString;
  43. protected virtual Assembly Assembly
  44. {
  45. get { return GetType().Assembly; }
  46. }
  47. public MySqlAuthenticationData(string connectionString, string realm)
  48. : base(connectionString)
  49. {
  50. m_Realm = realm;
  51. m_connectionString = connectionString;
  52. using (MySqlConnection dbcon = new MySqlConnection(m_connectionString))
  53. {
  54. dbcon.Open();
  55. Migration m = new Migration(dbcon, Assembly, "AuthStore");
  56. m.Update();
  57. }
  58. }
  59. public AuthenticationData Get(UUID principalID)
  60. {
  61. AuthenticationData ret = new AuthenticationData();
  62. ret.Data = new Dictionary<string, object>();
  63. using (MySqlConnection dbcon = new MySqlConnection(m_connectionString))
  64. {
  65. dbcon.Open();
  66. using (MySqlCommand cmd
  67. = new MySqlCommand("select * from `" + m_Realm + "` where UUID = ?principalID", dbcon))
  68. {
  69. cmd.Parameters.AddWithValue("?principalID", principalID.ToString());
  70. IDataReader result = cmd.ExecuteReader();
  71. if (result.Read())
  72. {
  73. ret.PrincipalID = principalID;
  74. CheckColumnNames(result);
  75. foreach (string s in m_ColumnNames)
  76. {
  77. if (s == "UUID")
  78. continue;
  79. ret.Data[s] = result[s].ToString();
  80. }
  81. return ret;
  82. }
  83. else
  84. {
  85. return null;
  86. }
  87. }
  88. }
  89. }
  90. private void CheckColumnNames(IDataReader result)
  91. {
  92. if (m_ColumnNames != null)
  93. return;
  94. List<string> columnNames = new List<string>();
  95. DataTable schemaTable = result.GetSchemaTable();
  96. foreach (DataRow row in schemaTable.Rows)
  97. columnNames.Add(row["ColumnName"].ToString());
  98. m_ColumnNames = columnNames;
  99. }
  100. public bool Store(AuthenticationData data)
  101. {
  102. if (data.Data.ContainsKey("UUID"))
  103. data.Data.Remove("UUID");
  104. string[] fields = new List<string>(data.Data.Keys).ToArray();
  105. using (MySqlCommand cmd = new MySqlCommand())
  106. {
  107. string update = "update `"+m_Realm+"` set ";
  108. bool first = true;
  109. foreach (string field in fields)
  110. {
  111. if (!first)
  112. update += ", ";
  113. update += "`" + field + "` = ?"+field;
  114. first = false;
  115. cmd.Parameters.AddWithValue("?"+field, data.Data[field]);
  116. }
  117. update += " where UUID = ?principalID";
  118. cmd.CommandText = update;
  119. cmd.Parameters.AddWithValue("?principalID", data.PrincipalID.ToString());
  120. if (ExecuteNonQuery(cmd) < 1)
  121. {
  122. string insert = "insert into `" + m_Realm + "` (`UUID`, `" +
  123. String.Join("`, `", fields) +
  124. "`) values (?principalID, ?" + String.Join(", ?", fields) + ")";
  125. cmd.CommandText = insert;
  126. if (ExecuteNonQuery(cmd) < 1)
  127. return false;
  128. }
  129. }
  130. return true;
  131. }
  132. public bool SetDataItem(UUID principalID, string item, string value)
  133. {
  134. using (MySqlCommand cmd
  135. = new MySqlCommand("update `" + m_Realm + "` set `" + item + "` = ?" + item + " where UUID = ?UUID"))
  136. {
  137. cmd.Parameters.AddWithValue("?"+item, value);
  138. cmd.Parameters.AddWithValue("?UUID", principalID.ToString());
  139. if (ExecuteNonQuery(cmd) > 0)
  140. return true;
  141. }
  142. return false;
  143. }
  144. public bool SetToken(UUID principalID, string token, int lifetime)
  145. {
  146. if (System.Environment.TickCount - m_LastExpire > 30000)
  147. DoExpire();
  148. using (MySqlCommand cmd
  149. = new MySqlCommand(
  150. "insert into tokens (UUID, token, validity) values (?principalID, ?token, date_add(now(), interval ?lifetime minute))"))
  151. {
  152. cmd.Parameters.AddWithValue("?principalID", principalID.ToString());
  153. cmd.Parameters.AddWithValue("?token", token);
  154. cmd.Parameters.AddWithValue("?lifetime", lifetime.ToString());
  155. if (ExecuteNonQuery(cmd) > 0)
  156. return true;
  157. }
  158. return false;
  159. }
  160. public bool CheckToken(UUID principalID, string token, int lifetime)
  161. {
  162. if (System.Environment.TickCount - m_LastExpire > 30000)
  163. DoExpire();
  164. using (MySqlCommand cmd
  165. = new MySqlCommand(
  166. "update tokens set validity = date_add(now(), interval ?lifetime minute) where UUID = ?principalID and token = ?token and validity > now()"))
  167. {
  168. cmd.Parameters.AddWithValue("?principalID", principalID.ToString());
  169. cmd.Parameters.AddWithValue("?token", token);
  170. cmd.Parameters.AddWithValue("?lifetime", lifetime.ToString());
  171. if (ExecuteNonQuery(cmd) > 0)
  172. return true;
  173. }
  174. return false;
  175. }
  176. private void DoExpire()
  177. {
  178. using (MySqlCommand cmd = new MySqlCommand("delete from tokens where validity < now()"))
  179. {
  180. ExecuteNonQuery(cmd);
  181. }
  182. m_LastExpire = System.Environment.TickCount;
  183. }
  184. }
  185. }