Add optional getauthinfo and setauthinfo authentication service calls.

These are disabled by default, as before.  Please only turn these on in secure grids, since they allow the same facilities as the existing SetPassword call (also disabled by default)
These facilities can be helpful when integrating external systems, in addition to the existing option of adapting an IAuthenticationService or using WebLoginKey
0.7.2-post-fixes
Justin Clark-Casey (justincc) 2011-10-24 21:34:44 +01:00
parent 73c201449f
commit aa4637db47
9 changed files with 193 additions and 5 deletions

View File

@ -158,7 +158,16 @@ namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authentication
return m_AuthenticationService.SetPassword(principalID, passwd); return m_AuthenticationService.SetPassword(principalID, passwd);
} }
#endregion public AuthInfo GetAuthInfo(UUID principalID)
{
return m_AuthenticationService.GetAuthInfo(principalID);
}
public bool SetAuthInfo(AuthInfo info)
{
return m_AuthenticationService.SetAuthInfo(info);
}
#endregion
} }
} }

View File

@ -46,9 +46,12 @@ namespace OpenSim.Server.Handlers.Authentication
{ {
public class AuthenticationServerPostHandler : BaseStreamHandler public class AuthenticationServerPostHandler : BaseStreamHandler
{ {
// private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
private IAuthenticationService m_AuthenticationService; private IAuthenticationService m_AuthenticationService;
private bool m_AllowGetAuthInfo = false;
private bool m_AllowSetAuthInfo = false;
private bool m_AllowSetPassword = false; private bool m_AllowSetPassword = false;
public AuthenticationServerPostHandler(IAuthenticationService service) : public AuthenticationServerPostHandler(IAuthenticationService service) :
@ -61,6 +64,8 @@ namespace OpenSim.Server.Handlers.Authentication
if (config != null) if (config != null)
{ {
m_AllowGetAuthInfo = config.GetBoolean("AllowGetAuthInfo", m_AllowGetAuthInfo);
m_AllowSetAuthInfo = config.GetBoolean("AllowSetAuthInfo", m_AllowSetAuthInfo);
m_AllowSetPassword = config.GetBoolean("AllowSetPassword", m_AllowSetPassword); m_AllowSetPassword = config.GetBoolean("AllowSetPassword", m_AllowSetPassword);
} }
} }
@ -161,6 +166,18 @@ namespace OpenSim.Server.Handlers.Authentication
return SuccessResult(); return SuccessResult();
return FailureResult(); return FailureResult();
case "getauthinfo":
if (m_AllowGetAuthInfo)
return GetAuthInfo(principalID);
break;
case "setauthinfo":
if (m_AllowSetAuthInfo)
return SetAuthInfo(principalID, request);
break;
} }
return FailureResult(); return FailureResult();
@ -193,6 +210,54 @@ namespace OpenSim.Server.Handlers.Authentication
return DocToBytes(doc); return DocToBytes(doc);
} }
byte[] GetAuthInfo(UUID principalID)
{
AuthInfo info = m_AuthenticationService.GetAuthInfo(principalID);
if (info != null)
{
Dictionary<string, object> result = new Dictionary<string, object>();
result["result"] = info.ToKeyValuePairs();
return ResultToBytes(result);
}
else
{
return FailureResult();
}
}
byte[] SetAuthInfo(UUID principalID, Dictionary<string, object> request)
{
AuthInfo existingInfo = m_AuthenticationService.GetAuthInfo(principalID);
if (existingInfo == null)
return FailureResult();
if (request.ContainsKey("AccountType"))
existingInfo.AccountType = request["AccountType"].ToString();
if (request.ContainsKey("PasswordHash"))
existingInfo.PasswordHash = request["PasswordHash"].ToString();
if (request.ContainsKey("PasswordSalt"))
existingInfo.PasswordSalt = request["PasswordSalt"].ToString();
if (request.ContainsKey("WebLoginKey"))
existingInfo.WebLoginKey = request["WebLoginKey"].ToString();
if (!m_AuthenticationService.SetAuthInfo(existingInfo))
{
m_log.ErrorFormat(
"[AUTHENTICATION SERVER POST HANDLER]: Authentication info store failed for account {0} {1} {2}",
existingInfo.PrincipalID);
return FailureResult();
}
return SuccessResult();
}
private byte[] FailureResult() private byte[] FailureResult()
{ {
XmlDocument doc = new XmlDocument(); XmlDocument doc = new XmlDocument();
@ -252,5 +317,12 @@ namespace OpenSim.Server.Handlers.Authentication
return ms.GetBuffer(); return ms.GetBuffer();
} }
private byte[] ResultToBytes(Dictionary<string, object> result)
{
string xmlString = ServerUtils.BuildXmlResponse(result);
UTF8Encoding encoding = new UTF8Encoding();
return encoding.GetBytes(xmlString);
}
} }
} }

View File

@ -356,7 +356,5 @@ namespace OpenSim.Server.Handlers.UserAccounts
UTF8Encoding encoding = new UTF8Encoding(); UTF8Encoding encoding = new UTF8Encoding();
return encoding.GetBytes(xmlString); return encoding.GetBytes(xmlString);
} }
} }
} }

View File

@ -30,9 +30,10 @@ using OpenMetaverse;
using log4net; using log4net;
using Nini.Config; using Nini.Config;
using System.Reflection; using System.Reflection;
using OpenSim.Services.Base;
using OpenSim.Data; using OpenSim.Data;
using OpenSim.Framework; using OpenSim.Framework;
using OpenSim.Services.Base;
using OpenSim.Services.Interfaces;
namespace OpenSim.Services.AuthenticationService namespace OpenSim.Services.AuthenticationService
{ {
@ -127,6 +128,50 @@ namespace OpenSim.Services.AuthenticationService
return true; return true;
} }
public virtual AuthInfo GetAuthInfo(UUID principalID)
{
AuthenticationData data = m_Database.Get(principalID);
if (data == null)
{
return null;
}
else
{
AuthInfo info
= new AuthInfo()
{
PrincipalID = data.PrincipalID,
AccountType = data.Data["accountType"] as string,
PasswordHash = data.Data["passwordHash"] as string,
PasswordSalt = data.Data["passwordSalt"] as string,
WebLoginKey = data.Data["webLoginKey"] as string
};
return info;
}
}
public virtual bool SetAuthInfo(AuthInfo info)
{
AuthenticationData auth = new AuthenticationData();
auth.PrincipalID = info.PrincipalID;
auth.Data = new System.Collections.Generic.Dictionary<string, object>();
auth.Data["accountType"] = info.AccountType;
auth.Data["webLoginKey"] = info.WebLoginKey;
auth.Data["passwordHash"] = info.PasswordHash;
auth.Data["passwordSalt"] = info.PasswordSalt;
if (!m_Database.Store(auth))
{
m_log.ErrorFormat("[AUTHENTICATION DB]: Failed to store authentication info.");
return false;
}
m_log.DebugFormat("[AUTHENTICATION DB]: Set authentication info for principalID {0}", info.PrincipalID);
return true;
}
protected string GetToken(UUID principalID, int lifetime) protected string GetToken(UUID principalID, int lifetime)
{ {
UUID token = UUID.Random(); UUID token = UUID.Random();

View File

@ -151,5 +151,17 @@ namespace OpenSim.Services.Connectors
// nope, we don't do this // nope, we don't do this
return false; return false;
} }
public AuthInfo GetAuthInfo(UUID principalID)
{
// not done from remote simulators
return null;
}
public bool SetAuthInfo(AuthInfo info)
{
// not done from remote simulators
return false;
}
} }
} }

View File

@ -236,6 +236,16 @@ namespace OpenSim.Services.Connectors.SimianGrid
return false; return false;
} }
public AuthInfo GetAuthInfo(UUID principalID)
{
throw new NotImplementedException();
}
public bool SetAuthInfo(AuthInfo info)
{
throw new NotImplementedException();
}
private bool CheckPassword(UUID userID, string password, string simianGridCredential, out string authorizeResult) private bool CheckPassword(UUID userID, string password, string simianGridCredential, out string authorizeResult)
{ {
if (simianGridCredential.Contains(":")) if (simianGridCredential.Contains(":"))

View File

@ -26,10 +26,32 @@
*/ */
using System; using System;
using System.Collections.Generic;
using OpenMetaverse; using OpenMetaverse;
namespace OpenSim.Services.Interfaces namespace OpenSim.Services.Interfaces
{ {
public class AuthInfo
{
public UUID PrincipalID { get; set; }
public string AccountType { get; set; }
public string PasswordHash { get; set; }
public string PasswordSalt { get; set; }
public string WebLoginKey { get; set; }
public Dictionary<string, object> ToKeyValuePairs()
{
Dictionary<string, object> result = new Dictionary<string, object>();
result["PrincipalID"] = PrincipalID;
result["AccountType"] = AccountType;
result["PasswordHash"] = PasswordHash;
result["PasswordSalt"] = PasswordSalt;
result["WebLoginKey"] = WebLoginKey;
return result;
}
}
// Generic Authentication service used for identifying // Generic Authentication service used for identifying
// and authenticating principals. // and authenticating principals.
// Principals may be clients acting on users' behalf, // Principals may be clients acting on users' behalf,
@ -76,6 +98,10 @@ namespace OpenSim.Services.Interfaces
// //
bool SetPassword(UUID principalID, string passwd); bool SetPassword(UUID principalID, string passwd);
AuthInfo GetAuthInfo(UUID principalID);
bool SetAuthInfo(AuthInfo info);
////////////////////////////////////////////////////// //////////////////////////////////////////////////////
// Grid // Grid
// //

View File

@ -146,6 +146,14 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003
LocalServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService" LocalServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService"
; Realm = "useraccounts" ; Realm = "useraccounts"
;; Allow the service to process HTTP getauthinfo calls.
;; Default is false.
; AllowGetAuthInfo = false
;; Allow the service to process HTTP setauthinfo calls.
;; Default is false.
; AllowSetAuthInfo = false
;; Allow the service to process HTTP setpassword calls. ;; Allow the service to process HTTP setpassword calls.
;; Default is false. ;; Default is false.
; AllowSetPassword = false ; AllowSetPassword = false

View File

@ -129,6 +129,14 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003
; for the server connector ; for the server connector
LocalServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService" LocalServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService"
;; Allow the service to process HTTP getauthinfo calls.
;; Default is false.
; AllowGetAuthInfo = false
;; Allow the service to process HTTP setauthinfo calls.
;; Default is false.
; AllowSetAuthInfo = false
;; Allow the service to process HTTP setpassword calls. ;; Allow the service to process HTTP setpassword calls.
;; Default is false. ;; Default is false.
; AllowSetPassword = false ; AllowSetPassword = false