Add optional getauthinfo and setauthinfo authentication service calls.
These are disabled by default, as before. Please only turn these on in secure grids, since they allow the same facilities as the existing SetPassword call (also disabled by default) These facilities can be helpful when integrating external systems, in addition to the existing option of adapting an IAuthenticationService or using WebLoginKeyremove-scene-viewer
parent
b868328d51
commit
4c9400e646
|
@ -158,7 +158,16 @@ namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authentication
|
|||
return m_AuthenticationService.SetPassword(principalID, passwd);
|
||||
}
|
||||
|
||||
#endregion
|
||||
public AuthInfo GetAuthInfo(UUID principalID)
|
||||
{
|
||||
return m_AuthenticationService.GetAuthInfo(principalID);
|
||||
}
|
||||
|
||||
public bool SetAuthInfo(AuthInfo info)
|
||||
{
|
||||
return m_AuthenticationService.SetAuthInfo(info);
|
||||
}
|
||||
|
||||
#endregion
|
||||
}
|
||||
}
|
||||
|
|
|
@ -46,9 +46,12 @@ namespace OpenSim.Server.Handlers.Authentication
|
|||
{
|
||||
public class AuthenticationServerPostHandler : BaseStreamHandler
|
||||
{
|
||||
// private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
|
||||
private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
|
||||
|
||||
private IAuthenticationService m_AuthenticationService;
|
||||
|
||||
private bool m_AllowGetAuthInfo = false;
|
||||
private bool m_AllowSetAuthInfo = false;
|
||||
private bool m_AllowSetPassword = false;
|
||||
|
||||
public AuthenticationServerPostHandler(IAuthenticationService service) :
|
||||
|
@ -61,6 +64,8 @@ namespace OpenSim.Server.Handlers.Authentication
|
|||
|
||||
if (config != null)
|
||||
{
|
||||
m_AllowGetAuthInfo = config.GetBoolean("AllowGetAuthInfo", m_AllowGetAuthInfo);
|
||||
m_AllowSetAuthInfo = config.GetBoolean("AllowSetAuthInfo", m_AllowSetAuthInfo);
|
||||
m_AllowSetPassword = config.GetBoolean("AllowSetPassword", m_AllowSetPassword);
|
||||
}
|
||||
}
|
||||
|
@ -161,6 +166,18 @@ namespace OpenSim.Server.Handlers.Authentication
|
|||
return SuccessResult();
|
||||
|
||||
return FailureResult();
|
||||
|
||||
case "getauthinfo":
|
||||
if (m_AllowGetAuthInfo)
|
||||
return GetAuthInfo(principalID);
|
||||
|
||||
break;
|
||||
|
||||
case "setauthinfo":
|
||||
if (m_AllowSetAuthInfo)
|
||||
return SetAuthInfo(principalID, request);
|
||||
|
||||
break;
|
||||
}
|
||||
|
||||
return FailureResult();
|
||||
|
@ -193,6 +210,54 @@ namespace OpenSim.Server.Handlers.Authentication
|
|||
return DocToBytes(doc);
|
||||
}
|
||||
|
||||
byte[] GetAuthInfo(UUID principalID)
|
||||
{
|
||||
AuthInfo info = m_AuthenticationService.GetAuthInfo(principalID);
|
||||
|
||||
if (info != null)
|
||||
{
|
||||
Dictionary<string, object> result = new Dictionary<string, object>();
|
||||
result["result"] = info.ToKeyValuePairs();
|
||||
|
||||
return ResultToBytes(result);
|
||||
}
|
||||
else
|
||||
{
|
||||
return FailureResult();
|
||||
}
|
||||
}
|
||||
|
||||
byte[] SetAuthInfo(UUID principalID, Dictionary<string, object> request)
|
||||
{
|
||||
AuthInfo existingInfo = m_AuthenticationService.GetAuthInfo(principalID);
|
||||
|
||||
if (existingInfo == null)
|
||||
return FailureResult();
|
||||
|
||||
if (request.ContainsKey("AccountType"))
|
||||
existingInfo.AccountType = request["AccountType"].ToString();
|
||||
|
||||
if (request.ContainsKey("PasswordHash"))
|
||||
existingInfo.PasswordHash = request["PasswordHash"].ToString();
|
||||
|
||||
if (request.ContainsKey("PasswordSalt"))
|
||||
existingInfo.PasswordSalt = request["PasswordSalt"].ToString();
|
||||
|
||||
if (request.ContainsKey("WebLoginKey"))
|
||||
existingInfo.WebLoginKey = request["WebLoginKey"].ToString();
|
||||
|
||||
if (!m_AuthenticationService.SetAuthInfo(existingInfo))
|
||||
{
|
||||
m_log.ErrorFormat(
|
||||
"[AUTHENTICATION SERVER POST HANDLER]: Authentication info store failed for account {0} {1} {2}",
|
||||
existingInfo.PrincipalID);
|
||||
|
||||
return FailureResult();
|
||||
}
|
||||
|
||||
return SuccessResult();
|
||||
}
|
||||
|
||||
private byte[] FailureResult()
|
||||
{
|
||||
XmlDocument doc = new XmlDocument();
|
||||
|
@ -252,5 +317,12 @@ namespace OpenSim.Server.Handlers.Authentication
|
|||
|
||||
return ms.GetBuffer();
|
||||
}
|
||||
|
||||
private byte[] ResultToBytes(Dictionary<string, object> result)
|
||||
{
|
||||
string xmlString = ServerUtils.BuildXmlResponse(result);
|
||||
UTF8Encoding encoding = new UTF8Encoding();
|
||||
return encoding.GetBytes(xmlString);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -356,7 +356,5 @@ namespace OpenSim.Server.Handlers.UserAccounts
|
|||
UTF8Encoding encoding = new UTF8Encoding();
|
||||
return encoding.GetBytes(xmlString);
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
}
|
||||
|
|
|
@ -30,9 +30,10 @@ using OpenMetaverse;
|
|||
using log4net;
|
||||
using Nini.Config;
|
||||
using System.Reflection;
|
||||
using OpenSim.Services.Base;
|
||||
using OpenSim.Data;
|
||||
using OpenSim.Framework;
|
||||
using OpenSim.Services.Base;
|
||||
using OpenSim.Services.Interfaces;
|
||||
|
||||
namespace OpenSim.Services.AuthenticationService
|
||||
{
|
||||
|
@ -126,6 +127,50 @@ namespace OpenSim.Services.AuthenticationService
|
|||
m_log.InfoFormat("[AUTHENTICATION DB]: Set password for principalID {0}", principalID);
|
||||
return true;
|
||||
}
|
||||
|
||||
public virtual AuthInfo GetAuthInfo(UUID principalID)
|
||||
{
|
||||
AuthenticationData data = m_Database.Get(principalID);
|
||||
|
||||
if (data == null)
|
||||
{
|
||||
return null;
|
||||
}
|
||||
else
|
||||
{
|
||||
AuthInfo info
|
||||
= new AuthInfo()
|
||||
{
|
||||
PrincipalID = data.PrincipalID,
|
||||
AccountType = data.Data["accountType"] as string,
|
||||
PasswordHash = data.Data["passwordHash"] as string,
|
||||
PasswordSalt = data.Data["passwordSalt"] as string,
|
||||
WebLoginKey = data.Data["webLoginKey"] as string
|
||||
};
|
||||
|
||||
return info;
|
||||
}
|
||||
}
|
||||
|
||||
public virtual bool SetAuthInfo(AuthInfo info)
|
||||
{
|
||||
AuthenticationData auth = new AuthenticationData();
|
||||
auth.PrincipalID = info.PrincipalID;
|
||||
auth.Data = new System.Collections.Generic.Dictionary<string, object>();
|
||||
auth.Data["accountType"] = info.AccountType;
|
||||
auth.Data["webLoginKey"] = info.WebLoginKey;
|
||||
auth.Data["passwordHash"] = info.PasswordHash;
|
||||
auth.Data["passwordSalt"] = info.PasswordSalt;
|
||||
|
||||
if (!m_Database.Store(auth))
|
||||
{
|
||||
m_log.ErrorFormat("[AUTHENTICATION DB]: Failed to store authentication info.");
|
||||
return false;
|
||||
}
|
||||
|
||||
m_log.DebugFormat("[AUTHENTICATION DB]: Set authentication info for principalID {0}", info.PrincipalID);
|
||||
return true;
|
||||
}
|
||||
|
||||
protected string GetToken(UUID principalID, int lifetime)
|
||||
{
|
||||
|
|
|
@ -151,5 +151,17 @@ namespace OpenSim.Services.Connectors
|
|||
// nope, we don't do this
|
||||
return false;
|
||||
}
|
||||
|
||||
public AuthInfo GetAuthInfo(UUID principalID)
|
||||
{
|
||||
// not done from remote simulators
|
||||
return null;
|
||||
}
|
||||
|
||||
public bool SetAuthInfo(AuthInfo info)
|
||||
{
|
||||
// not done from remote simulators
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -236,6 +236,16 @@ namespace OpenSim.Services.Connectors.SimianGrid
|
|||
return false;
|
||||
}
|
||||
|
||||
public AuthInfo GetAuthInfo(UUID principalID)
|
||||
{
|
||||
throw new NotImplementedException();
|
||||
}
|
||||
|
||||
public bool SetAuthInfo(AuthInfo info)
|
||||
{
|
||||
throw new NotImplementedException();
|
||||
}
|
||||
|
||||
private bool CheckPassword(UUID userID, string password, string simianGridCredential, out string authorizeResult)
|
||||
{
|
||||
if (simianGridCredential.Contains(":"))
|
||||
|
|
|
@ -26,10 +26,32 @@
|
|||
*/
|
||||
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using OpenMetaverse;
|
||||
|
||||
namespace OpenSim.Services.Interfaces
|
||||
{
|
||||
public class AuthInfo
|
||||
{
|
||||
public UUID PrincipalID { get; set; }
|
||||
public string AccountType { get; set; }
|
||||
public string PasswordHash { get; set; }
|
||||
public string PasswordSalt { get; set; }
|
||||
public string WebLoginKey { get; set; }
|
||||
|
||||
public Dictionary<string, object> ToKeyValuePairs()
|
||||
{
|
||||
Dictionary<string, object> result = new Dictionary<string, object>();
|
||||
result["PrincipalID"] = PrincipalID;
|
||||
result["AccountType"] = AccountType;
|
||||
result["PasswordHash"] = PasswordHash;
|
||||
result["PasswordSalt"] = PasswordSalt;
|
||||
result["WebLoginKey"] = WebLoginKey;
|
||||
|
||||
return result;
|
||||
}
|
||||
}
|
||||
|
||||
// Generic Authentication service used for identifying
|
||||
// and authenticating principals.
|
||||
// Principals may be clients acting on users' behalf,
|
||||
|
@ -76,6 +98,10 @@ namespace OpenSim.Services.Interfaces
|
|||
//
|
||||
bool SetPassword(UUID principalID, string passwd);
|
||||
|
||||
AuthInfo GetAuthInfo(UUID principalID);
|
||||
|
||||
bool SetAuthInfo(AuthInfo info);
|
||||
|
||||
//////////////////////////////////////////////////////
|
||||
// Grid
|
||||
//
|
||||
|
|
|
@ -146,6 +146,14 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003
|
|||
LocalServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService"
|
||||
; Realm = "useraccounts"
|
||||
|
||||
;; Allow the service to process HTTP getauthinfo calls.
|
||||
;; Default is false.
|
||||
; AllowGetAuthInfo = false
|
||||
|
||||
;; Allow the service to process HTTP setauthinfo calls.
|
||||
;; Default is false.
|
||||
; AllowSetAuthInfo = false
|
||||
|
||||
;; Allow the service to process HTTP setpassword calls.
|
||||
;; Default is false.
|
||||
; AllowSetPassword = false
|
||||
|
|
|
@ -129,6 +129,14 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003
|
|||
; for the server connector
|
||||
LocalServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService"
|
||||
|
||||
;; Allow the service to process HTTP getauthinfo calls.
|
||||
;; Default is false.
|
||||
; AllowGetAuthInfo = false
|
||||
|
||||
;; Allow the service to process HTTP setauthinfo calls.
|
||||
;; Default is false.
|
||||
; AllowSetAuthInfo = false
|
||||
|
||||
;; Allow the service to process HTTP setpassword calls.
|
||||
;; Default is false.
|
||||
; AllowSetPassword = false
|
||||
|
|
Loading…
Reference in New Issue