From aa4637db476c35f64cb86ec0601f7da93e42bb78 Mon Sep 17 00:00:00 2001 From: "Justin Clark-Casey (justincc)" Date: Mon, 24 Oct 2011 21:34:44 +0100 Subject: [PATCH] Add optional getauthinfo and setauthinfo authentication service calls. These are disabled by default, as before. Please only turn these on in secure grids, since they allow the same facilities as the existing SetPassword call (also disabled by default) These facilities can be helpful when integrating external systems, in addition to the existing option of adapting an IAuthenticationService or using WebLoginKey --- .../LocalAuthenticationServiceConnector.cs | 11 ++- .../AuthenticationServerPostHandler.cs | 74 ++++++++++++++++++- .../UserAccountServerPostHandler.cs | 2 - .../AuthenticationServiceBase.cs | 47 +++++++++++- .../AuthenticationServiceConnector.cs | 12 +++ .../SimianAuthenticationServiceConnector.cs | 10 +++ .../Interfaces/IAuthenticationService.cs | 26 +++++++ bin/Robust.HG.ini.example | 8 ++ bin/Robust.ini.example | 8 ++ 9 files changed, 193 insertions(+), 5 deletions(-) diff --git a/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authentication/LocalAuthenticationServiceConnector.cs b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authentication/LocalAuthenticationServiceConnector.cs index acc362b95a..9484a5a282 100644 --- a/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authentication/LocalAuthenticationServiceConnector.cs +++ b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authentication/LocalAuthenticationServiceConnector.cs @@ -158,7 +158,16 @@ namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authentication return m_AuthenticationService.SetPassword(principalID, passwd); } - #endregion + public AuthInfo GetAuthInfo(UUID principalID) + { + return m_AuthenticationService.GetAuthInfo(principalID); + } + public bool SetAuthInfo(AuthInfo info) + { + return m_AuthenticationService.SetAuthInfo(info); + } + + #endregion } } diff --git a/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs b/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs index ae719451b7..4d1b0ff997 100644 --- a/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs +++ b/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs @@ -46,9 +46,12 @@ namespace OpenSim.Server.Handlers.Authentication { public class AuthenticationServerPostHandler : BaseStreamHandler { - // private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); + private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); private IAuthenticationService m_AuthenticationService; + + private bool m_AllowGetAuthInfo = false; + private bool m_AllowSetAuthInfo = false; private bool m_AllowSetPassword = false; public AuthenticationServerPostHandler(IAuthenticationService service) : @@ -61,6 +64,8 @@ namespace OpenSim.Server.Handlers.Authentication if (config != null) { + m_AllowGetAuthInfo = config.GetBoolean("AllowGetAuthInfo", m_AllowGetAuthInfo); + m_AllowSetAuthInfo = config.GetBoolean("AllowSetAuthInfo", m_AllowSetAuthInfo); m_AllowSetPassword = config.GetBoolean("AllowSetPassword", m_AllowSetPassword); } } @@ -161,6 +166,18 @@ namespace OpenSim.Server.Handlers.Authentication return SuccessResult(); return FailureResult(); + + case "getauthinfo": + if (m_AllowGetAuthInfo) + return GetAuthInfo(principalID); + + break; + + case "setauthinfo": + if (m_AllowSetAuthInfo) + return SetAuthInfo(principalID, request); + + break; } return FailureResult(); @@ -193,6 +210,54 @@ namespace OpenSim.Server.Handlers.Authentication return DocToBytes(doc); } + byte[] GetAuthInfo(UUID principalID) + { + AuthInfo info = m_AuthenticationService.GetAuthInfo(principalID); + + if (info != null) + { + Dictionary result = new Dictionary(); + result["result"] = info.ToKeyValuePairs(); + + return ResultToBytes(result); + } + else + { + return FailureResult(); + } + } + + byte[] SetAuthInfo(UUID principalID, Dictionary request) + { + AuthInfo existingInfo = m_AuthenticationService.GetAuthInfo(principalID); + + if (existingInfo == null) + return FailureResult(); + + if (request.ContainsKey("AccountType")) + existingInfo.AccountType = request["AccountType"].ToString(); + + if (request.ContainsKey("PasswordHash")) + existingInfo.PasswordHash = request["PasswordHash"].ToString(); + + if (request.ContainsKey("PasswordSalt")) + existingInfo.PasswordSalt = request["PasswordSalt"].ToString(); + + if (request.ContainsKey("WebLoginKey")) + existingInfo.WebLoginKey = request["WebLoginKey"].ToString(); + + if (!m_AuthenticationService.SetAuthInfo(existingInfo)) + { + m_log.ErrorFormat( + "[AUTHENTICATION SERVER POST HANDLER]: Authentication info store failed for account {0} {1} {2}", + existingInfo.PrincipalID); + + return FailureResult(); + } + + return SuccessResult(); + } + private byte[] FailureResult() { XmlDocument doc = new XmlDocument(); @@ -252,5 +317,12 @@ namespace OpenSim.Server.Handlers.Authentication return ms.GetBuffer(); } + + private byte[] ResultToBytes(Dictionary result) + { + string xmlString = ServerUtils.BuildXmlResponse(result); + UTF8Encoding encoding = new UTF8Encoding(); + return encoding.GetBytes(xmlString); + } } } diff --git a/OpenSim/Server/Handlers/UserAccounts/UserAccountServerPostHandler.cs b/OpenSim/Server/Handlers/UserAccounts/UserAccountServerPostHandler.cs index f987383553..5ab4caf81f 100644 --- a/OpenSim/Server/Handlers/UserAccounts/UserAccountServerPostHandler.cs +++ b/OpenSim/Server/Handlers/UserAccounts/UserAccountServerPostHandler.cs @@ -356,7 +356,5 @@ namespace OpenSim.Server.Handlers.UserAccounts UTF8Encoding encoding = new UTF8Encoding(); return encoding.GetBytes(xmlString); } - - } } diff --git a/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs b/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs index edc1097818..229f5578f7 100644 --- a/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs +++ b/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs @@ -30,9 +30,10 @@ using OpenMetaverse; using log4net; using Nini.Config; using System.Reflection; -using OpenSim.Services.Base; using OpenSim.Data; using OpenSim.Framework; +using OpenSim.Services.Base; +using OpenSim.Services.Interfaces; namespace OpenSim.Services.AuthenticationService { @@ -126,6 +127,50 @@ namespace OpenSim.Services.AuthenticationService m_log.InfoFormat("[AUTHENTICATION DB]: Set password for principalID {0}", principalID); return true; } + + public virtual AuthInfo GetAuthInfo(UUID principalID) + { + AuthenticationData data = m_Database.Get(principalID); + + if (data == null) + { + return null; + } + else + { + AuthInfo info + = new AuthInfo() + { + PrincipalID = data.PrincipalID, + AccountType = data.Data["accountType"] as string, + PasswordHash = data.Data["passwordHash"] as string, + PasswordSalt = data.Data["passwordSalt"] as string, + WebLoginKey = data.Data["webLoginKey"] as string + }; + + return info; + } + } + + public virtual bool SetAuthInfo(AuthInfo info) + { + AuthenticationData auth = new AuthenticationData(); + auth.PrincipalID = info.PrincipalID; + auth.Data = new System.Collections.Generic.Dictionary(); + auth.Data["accountType"] = info.AccountType; + auth.Data["webLoginKey"] = info.WebLoginKey; + auth.Data["passwordHash"] = info.PasswordHash; + auth.Data["passwordSalt"] = info.PasswordSalt; + + if (!m_Database.Store(auth)) + { + m_log.ErrorFormat("[AUTHENTICATION DB]: Failed to store authentication info."); + return false; + } + + m_log.DebugFormat("[AUTHENTICATION DB]: Set authentication info for principalID {0}", info.PrincipalID); + return true; + } protected string GetToken(UUID principalID, int lifetime) { diff --git a/OpenSim/Services/Connectors/Authentication/AuthenticationServiceConnector.cs b/OpenSim/Services/Connectors/Authentication/AuthenticationServiceConnector.cs index c04e7a4971..2b77154a7b 100644 --- a/OpenSim/Services/Connectors/Authentication/AuthenticationServiceConnector.cs +++ b/OpenSim/Services/Connectors/Authentication/AuthenticationServiceConnector.cs @@ -151,5 +151,17 @@ namespace OpenSim.Services.Connectors // nope, we don't do this return false; } + + public AuthInfo GetAuthInfo(UUID principalID) + { + // not done from remote simulators + return null; + } + + public bool SetAuthInfo(AuthInfo info) + { + // not done from remote simulators + return false; + } } } diff --git a/OpenSim/Services/Connectors/SimianGrid/SimianAuthenticationServiceConnector.cs b/OpenSim/Services/Connectors/SimianGrid/SimianAuthenticationServiceConnector.cs index 51a09f82da..69f6ed2eac 100644 --- a/OpenSim/Services/Connectors/SimianGrid/SimianAuthenticationServiceConnector.cs +++ b/OpenSim/Services/Connectors/SimianGrid/SimianAuthenticationServiceConnector.cs @@ -236,6 +236,16 @@ namespace OpenSim.Services.Connectors.SimianGrid return false; } + public AuthInfo GetAuthInfo(UUID principalID) + { + throw new NotImplementedException(); + } + + public bool SetAuthInfo(AuthInfo info) + { + throw new NotImplementedException(); + } + private bool CheckPassword(UUID userID, string password, string simianGridCredential, out string authorizeResult) { if (simianGridCredential.Contains(":")) diff --git a/OpenSim/Services/Interfaces/IAuthenticationService.cs b/OpenSim/Services/Interfaces/IAuthenticationService.cs index 9de261ba8e..cee8bc09c7 100644 --- a/OpenSim/Services/Interfaces/IAuthenticationService.cs +++ b/OpenSim/Services/Interfaces/IAuthenticationService.cs @@ -26,10 +26,32 @@ */ using System; +using System.Collections.Generic; using OpenMetaverse; namespace OpenSim.Services.Interfaces { + public class AuthInfo + { + public UUID PrincipalID { get; set; } + public string AccountType { get; set; } + public string PasswordHash { get; set; } + public string PasswordSalt { get; set; } + public string WebLoginKey { get; set; } + + public Dictionary ToKeyValuePairs() + { + Dictionary result = new Dictionary(); + result["PrincipalID"] = PrincipalID; + result["AccountType"] = AccountType; + result["PasswordHash"] = PasswordHash; + result["PasswordSalt"] = PasswordSalt; + result["WebLoginKey"] = WebLoginKey; + + return result; + } + } + // Generic Authentication service used for identifying // and authenticating principals. // Principals may be clients acting on users' behalf, @@ -76,6 +98,10 @@ namespace OpenSim.Services.Interfaces // bool SetPassword(UUID principalID, string passwd); + AuthInfo GetAuthInfo(UUID principalID); + + bool SetAuthInfo(AuthInfo info); + ////////////////////////////////////////////////////// // Grid // diff --git a/bin/Robust.HG.ini.example b/bin/Robust.HG.ini.example index aed1d330ad..a23063d4c8 100644 --- a/bin/Robust.HG.ini.example +++ b/bin/Robust.HG.ini.example @@ -146,6 +146,14 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003 LocalServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService" ; Realm = "useraccounts" + ;; Allow the service to process HTTP getauthinfo calls. + ;; Default is false. + ; AllowGetAuthInfo = false + + ;; Allow the service to process HTTP setauthinfo calls. + ;; Default is false. + ; AllowSetAuthInfo = false + ;; Allow the service to process HTTP setpassword calls. ;; Default is false. ; AllowSetPassword = false diff --git a/bin/Robust.ini.example b/bin/Robust.ini.example index 522cc5646b..897cfde6f9 100644 --- a/bin/Robust.ini.example +++ b/bin/Robust.ini.example @@ -129,6 +129,14 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003 ; for the server connector LocalServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService" + ;; Allow the service to process HTTP getauthinfo calls. + ;; Default is false. + ; AllowGetAuthInfo = false + + ;; Allow the service to process HTTP setauthinfo calls. + ;; Default is false. + ; AllowSetAuthInfo = false + ;; Allow the service to process HTTP setpassword calls. ;; Default is false. ; AllowSetPassword = false