AuthenticationServerPostHandler.cs 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318
  1. /*
  2. * Copyright (c) Contributors, http://opensimulator.org/
  3. * See CONTRIBUTORS.TXT for a full list of copyright holders.
  4. *
  5. * Redistribution and use in source and binary forms, with or without
  6. * modification, are permitted provided that the following conditions are met:
  7. * * Redistributions of source code must retain the above copyright
  8. * notice, this list of conditions and the following disclaimer.
  9. * * Redistributions in binary form must reproduce the above copyright
  10. * notice, this list of conditions and the following disclaimer in the
  11. * documentation and/or other materials provided with the distribution.
  12. * * Neither the name of the OpenSimulator Project nor the
  13. * names of its contributors may be used to endorse or promote products
  14. * derived from this software without specific prior written permission.
  15. *
  16. * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
  17. * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
  18. * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  19. * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
  20. * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
  21. * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  22. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
  23. * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  24. * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  25. * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  26. */
  27. using Nini.Config;
  28. using log4net;
  29. using System;
  30. using System.Reflection;
  31. using System.IO;
  32. using System.Net;
  33. using System.Text;
  34. using System.Text.RegularExpressions;
  35. using System.Xml;
  36. using System.Xml.Serialization;
  37. using System.Collections.Generic;
  38. using OpenSim.Server.Base;
  39. using OpenSim.Services.Interfaces;
  40. using OpenSim.Framework;
  41. using OpenSim.Framework.ServiceAuth;
  42. using OpenSim.Framework.Servers.HttpServer;
  43. using OpenMetaverse;
  44. namespace OpenSim.Server.Handlers.Authentication
  45. {
  46. public class AuthenticationServerPostHandler : BaseStreamHandler
  47. {
  48. private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
  49. private IAuthenticationService m_AuthenticationService;
  50. private bool m_AllowGetAuthInfo = false;
  51. private bool m_AllowSetAuthInfo = false;
  52. private bool m_AllowSetPassword = false;
  53. public AuthenticationServerPostHandler(IAuthenticationService service) :
  54. this(service, null, null) {}
  55. public AuthenticationServerPostHandler(IAuthenticationService service, IConfig config, IServiceAuth auth) :
  56. base("POST", "/auth", auth)
  57. {
  58. m_AuthenticationService = service;
  59. if (config != null)
  60. {
  61. m_AllowGetAuthInfo = config.GetBoolean("AllowGetAuthInfo", m_AllowGetAuthInfo);
  62. m_AllowSetAuthInfo = config.GetBoolean("AllowSetAuthInfo", m_AllowSetAuthInfo);
  63. m_AllowSetPassword = config.GetBoolean("AllowSetPassword", m_AllowSetPassword);
  64. }
  65. }
  66. protected override byte[] ProcessRequest(string path, Stream request,
  67. IOSHttpRequest httpRequest, IOSHttpResponse httpResponse)
  68. {
  69. // m_log.Error("[XXX]: Authenticating...");
  70. string[] p = SplitParams(path);
  71. if (p.Length > 0)
  72. {
  73. switch (p[0])
  74. {
  75. case "plain":
  76. string body;
  77. using(StreamReader sr = new StreamReader(request))
  78. body = sr.ReadToEnd();
  79. return DoPlainMethods(body);
  80. case "crypt":
  81. byte[] buffer = new byte[request.Length];
  82. long length = request.Length;
  83. if (length > 16384)
  84. length = 16384;
  85. request.Read(buffer, 0, (int)length);
  86. return DoEncryptedMethods(buffer);
  87. }
  88. }
  89. return Array.Empty<byte>();
  90. }
  91. private byte[] DoPlainMethods(string body)
  92. {
  93. Dictionary<string, object> request =
  94. ServerUtils.ParseQueryString(body);
  95. int lifetime = 30;
  96. if (request.ContainsKey("LIFETIME"))
  97. {
  98. lifetime = Convert.ToInt32(request["LIFETIME"].ToString());
  99. if (lifetime > 30)
  100. lifetime = 30;
  101. }
  102. if (!request.ContainsKey("METHOD"))
  103. return FailureResult();
  104. if (!request.ContainsKey("PRINCIPAL"))
  105. return FailureResult();
  106. string method = request["METHOD"].ToString();
  107. UUID principalID;
  108. string token;
  109. if (!UUID.TryParse(request["PRINCIPAL"].ToString(), out principalID))
  110. return FailureResult();
  111. switch (method)
  112. {
  113. case "authenticate":
  114. if (!request.ContainsKey("PASSWORD"))
  115. return FailureResult();
  116. token = m_AuthenticationService.Authenticate(principalID, request["PASSWORD"].ToString(), lifetime);
  117. if (token != String.Empty)
  118. return SuccessResult(token);
  119. return FailureResult();
  120. case "setpassword":
  121. if (!m_AllowSetPassword)
  122. return FailureResult();
  123. if (!request.ContainsKey("PASSWORD"))
  124. return FailureResult();
  125. if (m_AuthenticationService.SetPassword(principalID, request["PASSWORD"].ToString()))
  126. return SuccessResult();
  127. else
  128. return FailureResult();
  129. case "verify":
  130. if (!request.ContainsKey("TOKEN"))
  131. return FailureResult();
  132. if (m_AuthenticationService.Verify(principalID, request["TOKEN"].ToString(), lifetime))
  133. return SuccessResult();
  134. return FailureResult();
  135. case "release":
  136. if (!request.ContainsKey("TOKEN"))
  137. return FailureResult();
  138. if (m_AuthenticationService.Release(principalID, request["TOKEN"].ToString()))
  139. return SuccessResult();
  140. return FailureResult();
  141. case "getauthinfo":
  142. if (m_AllowGetAuthInfo)
  143. return GetAuthInfo(principalID);
  144. break;
  145. case "setauthinfo":
  146. if (m_AllowSetAuthInfo)
  147. return SetAuthInfo(principalID, request);
  148. break;
  149. }
  150. return FailureResult();
  151. }
  152. private byte[] DoEncryptedMethods(byte[] ciphertext)
  153. {
  154. return Array.Empty<byte>();
  155. }
  156. private byte[] SuccessResult()
  157. {
  158. XmlDocument doc = new XmlDocument();
  159. XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration,
  160. "", "");
  161. doc.AppendChild(xmlnode);
  162. XmlElement rootElement = doc.CreateElement("", "ServerResponse",
  163. "");
  164. doc.AppendChild(rootElement);
  165. XmlElement result = doc.CreateElement("", "Result", "");
  166. result.AppendChild(doc.CreateTextNode("Success"));
  167. rootElement.AppendChild(result);
  168. return Util.DocToBytes(doc);
  169. }
  170. byte[] GetAuthInfo(UUID principalID)
  171. {
  172. AuthInfo info = m_AuthenticationService.GetAuthInfo(principalID);
  173. if (info != null)
  174. {
  175. Dictionary<string, object> result = new Dictionary<string, object>();
  176. result["result"] = info.ToKeyValuePairs();
  177. return ResultToBytes(result);
  178. }
  179. else
  180. {
  181. return FailureResult();
  182. }
  183. }
  184. byte[] SetAuthInfo(UUID principalID, Dictionary<string, object> request)
  185. {
  186. AuthInfo existingInfo = m_AuthenticationService.GetAuthInfo(principalID);
  187. if (existingInfo == null)
  188. return FailureResult();
  189. if (request.ContainsKey("AccountType"))
  190. existingInfo.AccountType = request["AccountType"].ToString();
  191. if (request.ContainsKey("PasswordHash"))
  192. existingInfo.PasswordHash = request["PasswordHash"].ToString();
  193. if (request.ContainsKey("PasswordSalt"))
  194. existingInfo.PasswordSalt = request["PasswordSalt"].ToString();
  195. if (request.ContainsKey("WebLoginKey"))
  196. existingInfo.WebLoginKey = request["WebLoginKey"].ToString();
  197. if (!m_AuthenticationService.SetAuthInfo(existingInfo))
  198. {
  199. m_log.ErrorFormat(
  200. "[AUTHENTICATION SERVER POST HANDLER]: Authentication info store failed for account {0} {1} {2}",
  201. existingInfo.PrincipalID);
  202. return FailureResult();
  203. }
  204. return SuccessResult();
  205. }
  206. private byte[] FailureResult()
  207. {
  208. XmlDocument doc = new XmlDocument();
  209. XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration,
  210. "", "");
  211. doc.AppendChild(xmlnode);
  212. XmlElement rootElement = doc.CreateElement("", "ServerResponse",
  213. "");
  214. doc.AppendChild(rootElement);
  215. XmlElement result = doc.CreateElement("", "Result", "");
  216. result.AppendChild(doc.CreateTextNode("Failure"));
  217. rootElement.AppendChild(result);
  218. return Util.DocToBytes(doc);
  219. }
  220. private byte[] SuccessResult(string token)
  221. {
  222. XmlDocument doc = new XmlDocument();
  223. XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration,
  224. "", "");
  225. doc.AppendChild(xmlnode);
  226. XmlElement rootElement = doc.CreateElement("", "ServerResponse",
  227. "");
  228. doc.AppendChild(rootElement);
  229. XmlElement result = doc.CreateElement("", "Result", "");
  230. result.AppendChild(doc.CreateTextNode("Success"));
  231. rootElement.AppendChild(result);
  232. XmlElement t = doc.CreateElement("", "Token", "");
  233. t.AppendChild(doc.CreateTextNode(token));
  234. rootElement.AppendChild(t);
  235. return Util.DocToBytes(doc);
  236. }
  237. private byte[] ResultToBytes(Dictionary<string, object> result)
  238. {
  239. string xmlString = ServerUtils.BuildXmlResponse(result);
  240. return Util.UTF8NoBomEncoding.GetBytes(xmlString);
  241. }
  242. }
  243. }