Add optional getauthinfo and setauthinfo authentication service calls.
These are disabled by default, as before. Please only turn these on in secure grids, since they allow the same facilities as the existing SetPassword call (also disabled by default) These facilities can be helpful when integrating external systems, in addition to the existing option of adapting an IAuthenticationService or using WebLoginKey0.7.2-post-fixes
parent
73c201449f
commit
aa4637db47
|
@ -158,7 +158,16 @@ namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authentication
|
||||||
return m_AuthenticationService.SetPassword(principalID, passwd);
|
return m_AuthenticationService.SetPassword(principalID, passwd);
|
||||||
}
|
}
|
||||||
|
|
||||||
#endregion
|
public AuthInfo GetAuthInfo(UUID principalID)
|
||||||
|
{
|
||||||
|
return m_AuthenticationService.GetAuthInfo(principalID);
|
||||||
|
}
|
||||||
|
|
||||||
|
public bool SetAuthInfo(AuthInfo info)
|
||||||
|
{
|
||||||
|
return m_AuthenticationService.SetAuthInfo(info);
|
||||||
|
}
|
||||||
|
|
||||||
|
#endregion
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -46,9 +46,12 @@ namespace OpenSim.Server.Handlers.Authentication
|
||||||
{
|
{
|
||||||
public class AuthenticationServerPostHandler : BaseStreamHandler
|
public class AuthenticationServerPostHandler : BaseStreamHandler
|
||||||
{
|
{
|
||||||
// private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
|
private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
|
||||||
|
|
||||||
private IAuthenticationService m_AuthenticationService;
|
private IAuthenticationService m_AuthenticationService;
|
||||||
|
|
||||||
|
private bool m_AllowGetAuthInfo = false;
|
||||||
|
private bool m_AllowSetAuthInfo = false;
|
||||||
private bool m_AllowSetPassword = false;
|
private bool m_AllowSetPassword = false;
|
||||||
|
|
||||||
public AuthenticationServerPostHandler(IAuthenticationService service) :
|
public AuthenticationServerPostHandler(IAuthenticationService service) :
|
||||||
|
@ -61,6 +64,8 @@ namespace OpenSim.Server.Handlers.Authentication
|
||||||
|
|
||||||
if (config != null)
|
if (config != null)
|
||||||
{
|
{
|
||||||
|
m_AllowGetAuthInfo = config.GetBoolean("AllowGetAuthInfo", m_AllowGetAuthInfo);
|
||||||
|
m_AllowSetAuthInfo = config.GetBoolean("AllowSetAuthInfo", m_AllowSetAuthInfo);
|
||||||
m_AllowSetPassword = config.GetBoolean("AllowSetPassword", m_AllowSetPassword);
|
m_AllowSetPassword = config.GetBoolean("AllowSetPassword", m_AllowSetPassword);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -161,6 +166,18 @@ namespace OpenSim.Server.Handlers.Authentication
|
||||||
return SuccessResult();
|
return SuccessResult();
|
||||||
|
|
||||||
return FailureResult();
|
return FailureResult();
|
||||||
|
|
||||||
|
case "getauthinfo":
|
||||||
|
if (m_AllowGetAuthInfo)
|
||||||
|
return GetAuthInfo(principalID);
|
||||||
|
|
||||||
|
break;
|
||||||
|
|
||||||
|
case "setauthinfo":
|
||||||
|
if (m_AllowSetAuthInfo)
|
||||||
|
return SetAuthInfo(principalID, request);
|
||||||
|
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
return FailureResult();
|
return FailureResult();
|
||||||
|
@ -193,6 +210,54 @@ namespace OpenSim.Server.Handlers.Authentication
|
||||||
return DocToBytes(doc);
|
return DocToBytes(doc);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
byte[] GetAuthInfo(UUID principalID)
|
||||||
|
{
|
||||||
|
AuthInfo info = m_AuthenticationService.GetAuthInfo(principalID);
|
||||||
|
|
||||||
|
if (info != null)
|
||||||
|
{
|
||||||
|
Dictionary<string, object> result = new Dictionary<string, object>();
|
||||||
|
result["result"] = info.ToKeyValuePairs();
|
||||||
|
|
||||||
|
return ResultToBytes(result);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
return FailureResult();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
byte[] SetAuthInfo(UUID principalID, Dictionary<string, object> request)
|
||||||
|
{
|
||||||
|
AuthInfo existingInfo = m_AuthenticationService.GetAuthInfo(principalID);
|
||||||
|
|
||||||
|
if (existingInfo == null)
|
||||||
|
return FailureResult();
|
||||||
|
|
||||||
|
if (request.ContainsKey("AccountType"))
|
||||||
|
existingInfo.AccountType = request["AccountType"].ToString();
|
||||||
|
|
||||||
|
if (request.ContainsKey("PasswordHash"))
|
||||||
|
existingInfo.PasswordHash = request["PasswordHash"].ToString();
|
||||||
|
|
||||||
|
if (request.ContainsKey("PasswordSalt"))
|
||||||
|
existingInfo.PasswordSalt = request["PasswordSalt"].ToString();
|
||||||
|
|
||||||
|
if (request.ContainsKey("WebLoginKey"))
|
||||||
|
existingInfo.WebLoginKey = request["WebLoginKey"].ToString();
|
||||||
|
|
||||||
|
if (!m_AuthenticationService.SetAuthInfo(existingInfo))
|
||||||
|
{
|
||||||
|
m_log.ErrorFormat(
|
||||||
|
"[AUTHENTICATION SERVER POST HANDLER]: Authentication info store failed for account {0} {1} {2}",
|
||||||
|
existingInfo.PrincipalID);
|
||||||
|
|
||||||
|
return FailureResult();
|
||||||
|
}
|
||||||
|
|
||||||
|
return SuccessResult();
|
||||||
|
}
|
||||||
|
|
||||||
private byte[] FailureResult()
|
private byte[] FailureResult()
|
||||||
{
|
{
|
||||||
XmlDocument doc = new XmlDocument();
|
XmlDocument doc = new XmlDocument();
|
||||||
|
@ -252,5 +317,12 @@ namespace OpenSim.Server.Handlers.Authentication
|
||||||
|
|
||||||
return ms.GetBuffer();
|
return ms.GetBuffer();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private byte[] ResultToBytes(Dictionary<string, object> result)
|
||||||
|
{
|
||||||
|
string xmlString = ServerUtils.BuildXmlResponse(result);
|
||||||
|
UTF8Encoding encoding = new UTF8Encoding();
|
||||||
|
return encoding.GetBytes(xmlString);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -356,7 +356,5 @@ namespace OpenSim.Server.Handlers.UserAccounts
|
||||||
UTF8Encoding encoding = new UTF8Encoding();
|
UTF8Encoding encoding = new UTF8Encoding();
|
||||||
return encoding.GetBytes(xmlString);
|
return encoding.GetBytes(xmlString);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -30,9 +30,10 @@ using OpenMetaverse;
|
||||||
using log4net;
|
using log4net;
|
||||||
using Nini.Config;
|
using Nini.Config;
|
||||||
using System.Reflection;
|
using System.Reflection;
|
||||||
using OpenSim.Services.Base;
|
|
||||||
using OpenSim.Data;
|
using OpenSim.Data;
|
||||||
using OpenSim.Framework;
|
using OpenSim.Framework;
|
||||||
|
using OpenSim.Services.Base;
|
||||||
|
using OpenSim.Services.Interfaces;
|
||||||
|
|
||||||
namespace OpenSim.Services.AuthenticationService
|
namespace OpenSim.Services.AuthenticationService
|
||||||
{
|
{
|
||||||
|
@ -126,6 +127,50 @@ namespace OpenSim.Services.AuthenticationService
|
||||||
m_log.InfoFormat("[AUTHENTICATION DB]: Set password for principalID {0}", principalID);
|
m_log.InfoFormat("[AUTHENTICATION DB]: Set password for principalID {0}", principalID);
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public virtual AuthInfo GetAuthInfo(UUID principalID)
|
||||||
|
{
|
||||||
|
AuthenticationData data = m_Database.Get(principalID);
|
||||||
|
|
||||||
|
if (data == null)
|
||||||
|
{
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
AuthInfo info
|
||||||
|
= new AuthInfo()
|
||||||
|
{
|
||||||
|
PrincipalID = data.PrincipalID,
|
||||||
|
AccountType = data.Data["accountType"] as string,
|
||||||
|
PasswordHash = data.Data["passwordHash"] as string,
|
||||||
|
PasswordSalt = data.Data["passwordSalt"] as string,
|
||||||
|
WebLoginKey = data.Data["webLoginKey"] as string
|
||||||
|
};
|
||||||
|
|
||||||
|
return info;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public virtual bool SetAuthInfo(AuthInfo info)
|
||||||
|
{
|
||||||
|
AuthenticationData auth = new AuthenticationData();
|
||||||
|
auth.PrincipalID = info.PrincipalID;
|
||||||
|
auth.Data = new System.Collections.Generic.Dictionary<string, object>();
|
||||||
|
auth.Data["accountType"] = info.AccountType;
|
||||||
|
auth.Data["webLoginKey"] = info.WebLoginKey;
|
||||||
|
auth.Data["passwordHash"] = info.PasswordHash;
|
||||||
|
auth.Data["passwordSalt"] = info.PasswordSalt;
|
||||||
|
|
||||||
|
if (!m_Database.Store(auth))
|
||||||
|
{
|
||||||
|
m_log.ErrorFormat("[AUTHENTICATION DB]: Failed to store authentication info.");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
m_log.DebugFormat("[AUTHENTICATION DB]: Set authentication info for principalID {0}", info.PrincipalID);
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
protected string GetToken(UUID principalID, int lifetime)
|
protected string GetToken(UUID principalID, int lifetime)
|
||||||
{
|
{
|
||||||
|
|
|
@ -151,5 +151,17 @@ namespace OpenSim.Services.Connectors
|
||||||
// nope, we don't do this
|
// nope, we don't do this
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public AuthInfo GetAuthInfo(UUID principalID)
|
||||||
|
{
|
||||||
|
// not done from remote simulators
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
public bool SetAuthInfo(AuthInfo info)
|
||||||
|
{
|
||||||
|
// not done from remote simulators
|
||||||
|
return false;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -236,6 +236,16 @@ namespace OpenSim.Services.Connectors.SimianGrid
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public AuthInfo GetAuthInfo(UUID principalID)
|
||||||
|
{
|
||||||
|
throw new NotImplementedException();
|
||||||
|
}
|
||||||
|
|
||||||
|
public bool SetAuthInfo(AuthInfo info)
|
||||||
|
{
|
||||||
|
throw new NotImplementedException();
|
||||||
|
}
|
||||||
|
|
||||||
private bool CheckPassword(UUID userID, string password, string simianGridCredential, out string authorizeResult)
|
private bool CheckPassword(UUID userID, string password, string simianGridCredential, out string authorizeResult)
|
||||||
{
|
{
|
||||||
if (simianGridCredential.Contains(":"))
|
if (simianGridCredential.Contains(":"))
|
||||||
|
|
|
@ -26,10 +26,32 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
using System;
|
using System;
|
||||||
|
using System.Collections.Generic;
|
||||||
using OpenMetaverse;
|
using OpenMetaverse;
|
||||||
|
|
||||||
namespace OpenSim.Services.Interfaces
|
namespace OpenSim.Services.Interfaces
|
||||||
{
|
{
|
||||||
|
public class AuthInfo
|
||||||
|
{
|
||||||
|
public UUID PrincipalID { get; set; }
|
||||||
|
public string AccountType { get; set; }
|
||||||
|
public string PasswordHash { get; set; }
|
||||||
|
public string PasswordSalt { get; set; }
|
||||||
|
public string WebLoginKey { get; set; }
|
||||||
|
|
||||||
|
public Dictionary<string, object> ToKeyValuePairs()
|
||||||
|
{
|
||||||
|
Dictionary<string, object> result = new Dictionary<string, object>();
|
||||||
|
result["PrincipalID"] = PrincipalID;
|
||||||
|
result["AccountType"] = AccountType;
|
||||||
|
result["PasswordHash"] = PasswordHash;
|
||||||
|
result["PasswordSalt"] = PasswordSalt;
|
||||||
|
result["WebLoginKey"] = WebLoginKey;
|
||||||
|
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// Generic Authentication service used for identifying
|
// Generic Authentication service used for identifying
|
||||||
// and authenticating principals.
|
// and authenticating principals.
|
||||||
// Principals may be clients acting on users' behalf,
|
// Principals may be clients acting on users' behalf,
|
||||||
|
@ -76,6 +98,10 @@ namespace OpenSim.Services.Interfaces
|
||||||
//
|
//
|
||||||
bool SetPassword(UUID principalID, string passwd);
|
bool SetPassword(UUID principalID, string passwd);
|
||||||
|
|
||||||
|
AuthInfo GetAuthInfo(UUID principalID);
|
||||||
|
|
||||||
|
bool SetAuthInfo(AuthInfo info);
|
||||||
|
|
||||||
//////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////
|
||||||
// Grid
|
// Grid
|
||||||
//
|
//
|
||||||
|
|
|
@ -146,6 +146,14 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003
|
||||||
LocalServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService"
|
LocalServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService"
|
||||||
; Realm = "useraccounts"
|
; Realm = "useraccounts"
|
||||||
|
|
||||||
|
;; Allow the service to process HTTP getauthinfo calls.
|
||||||
|
;; Default is false.
|
||||||
|
; AllowGetAuthInfo = false
|
||||||
|
|
||||||
|
;; Allow the service to process HTTP setauthinfo calls.
|
||||||
|
;; Default is false.
|
||||||
|
; AllowSetAuthInfo = false
|
||||||
|
|
||||||
;; Allow the service to process HTTP setpassword calls.
|
;; Allow the service to process HTTP setpassword calls.
|
||||||
;; Default is false.
|
;; Default is false.
|
||||||
; AllowSetPassword = false
|
; AllowSetPassword = false
|
||||||
|
|
|
@ -129,6 +129,14 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003
|
||||||
; for the server connector
|
; for the server connector
|
||||||
LocalServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService"
|
LocalServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService"
|
||||||
|
|
||||||
|
;; Allow the service to process HTTP getauthinfo calls.
|
||||||
|
;; Default is false.
|
||||||
|
; AllowGetAuthInfo = false
|
||||||
|
|
||||||
|
;; Allow the service to process HTTP setauthinfo calls.
|
||||||
|
;; Default is false.
|
||||||
|
; AllowSetAuthInfo = false
|
||||||
|
|
||||||
;; Allow the service to process HTTP setpassword calls.
|
;; Allow the service to process HTTP setpassword calls.
|
||||||
;; Default is false.
|
;; Default is false.
|
||||||
; AllowSetPassword = false
|
; AllowSetPassword = false
|
||||||
|
|
Loading…
Reference in New Issue