From b0bbe861cd0f3eb06de73a371ab961428c549c69 Mon Sep 17 00:00:00 2001 From: Diva Canto Date: Sun, 10 Jan 2010 17:15:02 -0800 Subject: [PATCH] Moved OpenId authentication from user server to Server.Handlers.Authentication. --- .../Authentication/OpenIdServerConnector.cs | 77 +++++++++++++++++++ .../Authentication/OpenIdServerHandler.cs} | 37 +++++---- bin/OpenSim.Server.ini.example | 12 ++- prebuild.xml | 1 + 4 files changed, 110 insertions(+), 17 deletions(-) create mode 100644 OpenSim/Server/Handlers/Authentication/OpenIdServerConnector.cs rename OpenSim/{Grid/UserServer.Modules/OpenIdService.cs => Server/Handlers/Authentication/OpenIdServerHandler.cs} (91%) diff --git a/OpenSim/Server/Handlers/Authentication/OpenIdServerConnector.cs b/OpenSim/Server/Handlers/Authentication/OpenIdServerConnector.cs new file mode 100644 index 0000000000..a0a92edc32 --- /dev/null +++ b/OpenSim/Server/Handlers/Authentication/OpenIdServerConnector.cs @@ -0,0 +1,77 @@ +/* + * Copyright (c) Contributors, http://opensimulator.org/ + * See CONTRIBUTORS.TXT for a full list of copyright holders. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * * Neither the name of the OpenSimulator Project nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY + * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +using System; +using System.Reflection; +using Nini.Config; +using log4net; +using OpenSim.Server.Base; +using OpenSim.Services.Interfaces; +using OpenSim.Framework.Servers.HttpServer; +using OpenSim.Server.Handlers.Base; + +namespace OpenSim.Server.Handlers.Authentication +{ + public class OpenIdServerConnector : ServiceConnector + { + private static readonly ILog m_log = + LogManager.GetLogger( + MethodBase.GetCurrentMethod().DeclaringType); + + private IAuthenticationService m_AuthenticationService; + private IUserAccountService m_UserAccountService; + private string m_ConfigName = "OpenIdService"; + + public OpenIdServerConnector(IConfigSource config, IHttpServer server, string configName) : + base(config, server, configName) + { + IConfig serverConfig = config.Configs[m_ConfigName]; + if (serverConfig == null) + throw new Exception(String.Format("No section {0} in config file", m_ConfigName)); + + string authService = serverConfig.GetString("AuthenticationServiceModule", + String.Empty); + string userService = serverConfig.GetString("UserAccountServiceModule", + String.Empty); + + if (authService == String.Empty || userService == String.Empty) + throw new Exception("No AuthenticationServiceModule or no UserAccountServiceModule in config file for OpenId authentication"); + + Object[] args = new Object[] { config }; + m_AuthenticationService = ServerUtils.LoadPlugin(authService, args); + m_UserAccountService = ServerUtils.LoadPlugin(authService, args); + + // Handler for OpenID user identity pages + server.AddStreamHandler(new OpenIdStreamHandler("GET", "/users/", m_UserAccountService, m_AuthenticationService)); + // Handlers for the OpenID endpoint server + server.AddStreamHandler(new OpenIdStreamHandler("POST", "/openid/server/", m_UserAccountService, m_AuthenticationService)); + server.AddStreamHandler(new OpenIdStreamHandler("GET", "/openid/server/", m_UserAccountService, m_AuthenticationService)); + + m_log.Info("[OPENID]: OpenId service enabled"); + } + } +} diff --git a/OpenSim/Grid/UserServer.Modules/OpenIdService.cs b/OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs similarity index 91% rename from OpenSim/Grid/UserServer.Modules/OpenIdService.cs rename to OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs index 49dfd86ade..e73961bde1 100644 --- a/OpenSim/Grid/UserServer.Modules/OpenIdService.cs +++ b/OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs @@ -36,8 +36,12 @@ using DotNetOpenId.Provider; using OpenSim.Framework; using OpenSim.Framework.Servers; using OpenSim.Framework.Servers.HttpServer; +using OpenSim.Server.Handlers.Base; +using OpenSim.Services.Interfaces; +using Nini.Config; +using OpenMetaverse; -namespace OpenSim.Grid.UserServer.Modules +namespace OpenSim.Server.Handlers.Authentication { /// /// Temporary, in-memory store for OpenID associations @@ -194,15 +198,17 @@ For more information, see http://openid.net/. string m_contentType; string m_httpMethod; string m_path; - UserLoginService m_loginService; + IAuthenticationService m_authenticationService; + IUserAccountService m_userAccountService; ProviderMemoryStore m_openidStore = new ProviderMemoryStore(); /// /// Constructor /// - public OpenIdStreamHandler(string httpMethod, string path, UserLoginService loginService) + public OpenIdStreamHandler(string httpMethod, string path, IUserAccountService userService, IAuthenticationService authService) { - m_loginService = loginService; + m_authenticationService = authService; + m_userAccountService = userService; m_httpMethod = httpMethod; m_path = path; @@ -235,13 +241,14 @@ For more information, see http://openid.net/. IAuthenticationRequest authRequest = (IAuthenticationRequest)provider.Request; string[] passwordValues = postQuery.GetValues("pass"); - UserProfileData profile; - if (TryGetProfile(new Uri(authRequest.ClaimedIdentifier.ToString()), out profile)) + UserAccount account; + if (TryGetAccount(new Uri(authRequest.ClaimedIdentifier.ToString()), out account)) { // Check for form POST data if (passwordValues != null && passwordValues.Length == 1) { - if (profile != null && m_loginService.AuthenticateUser(profile, passwordValues[0])) + if (account != null && + (m_authenticationService.Authenticate(account.PrincipalID, passwordValues[0], 30) != string.Empty)) authRequest.IsAuthenticated = true; else authRequest.IsAuthenticated = false; @@ -250,7 +257,7 @@ For more information, see http://openid.net/. { // Authentication was requested, send the client a login form using (StreamWriter writer = new StreamWriter(response)) - writer.Write(String.Format(LOGIN_PAGE, profile.FirstName, profile.SurName)); + writer.Write(String.Format(LOGIN_PAGE, account.FirstName, account.LastName)); return; } } @@ -283,14 +290,14 @@ For more information, see http://openid.net/. else { // Try and lookup this avatar - UserProfileData profile; - if (TryGetProfile(httpRequest.Url, out profile)) + UserAccount account; + if (TryGetAccount(httpRequest.Url, out account)) { using (StreamWriter writer = new StreamWriter(response)) { // TODO: Print out a full profile page for this avatar writer.Write(String.Format(OPENID_PAGE, httpRequest.Url.Scheme, - httpRequest.Url.Authority, profile.FirstName, profile.SurName)); + httpRequest.Url.Authority, account.FirstName, account.LastName)); } } else @@ -316,7 +323,7 @@ For more information, see http://openid.net/. /// URL to parse for an avatar name /// Profile data for the avatar /// True if the parse and lookup were successful, otherwise false - bool TryGetProfile(Uri requestUrl, out UserProfileData profile) + bool TryGetAccount(Uri requestUrl, out UserAccount account) { if (requestUrl.Segments.Length == 3 && requestUrl.Segments[1] == "users/") { @@ -326,12 +333,12 @@ For more information, see http://openid.net/. if (name.Length == 2) { - profile = m_loginService.GetTheUser(name[0], name[1]); - return (profile != null); + account = m_userAccountService.GetUserAccount(UUID.Zero, name[0], name[1]); + return (account != null); } } - profile = null; + account = null; return false; } } diff --git a/bin/OpenSim.Server.ini.example b/bin/OpenSim.Server.ini.example index b93bbd6db3..c76ac4dcb0 100644 --- a/bin/OpenSim.Server.ini.example +++ b/bin/OpenSim.Server.ini.example @@ -10,7 +10,7 @@ ; * ; * [Startup] -ServiceConnectors = "OpenSim.Server.Handlers.dll:AssetServiceConnector,OpenSim.Server.Handlers.dll:InventoryServiceInConnector,OpenSim.Server.Handlers.dll:FreeswitchServerConnector,OpenSim.Server.Handlers.dll:GridServiceConnector,OpenSim.Server.Handlers.dll:AuthenticationServiceConnector,OpenSim.Server.Handlers.dll:AvatarServiceConnector,OpenSim.Server.Handlers.dll:LLLoginServiceInConnector,OpenSim.Server.Handlers.dll:PresenceServiceConnector,,OpenSim.Server.Handlers.dll:UserAccountServiceConnector" +ServiceConnectors = "OpenSim.Server.Handlers.dll:AssetServiceConnector,OpenSim.Server.Handlers.dll:InventoryServiceInConnector,OpenSim.Server.Handlers.dll:FreeswitchServerConnector,OpenSim.Server.Handlers.dll:GridServiceConnector,OpenSim.Server.Handlers.dll:AuthenticationServiceConnector,OpenSim.Server.Handlers.dll:OpenIdServerConnector,OpenSim.Server.Handlers.dll:AvatarServiceConnector,OpenSim.Server.Handlers.dll:LLLoginServiceInConnector,OpenSim.Server.Handlers.dll:PresenceServiceConnector,,OpenSim.Server.Handlers.dll:UserAccountServiceConnector" ; * This is common for all services, it's the network setup for the entire ; * server instance @@ -66,17 +66,25 @@ ServiceConnectors = "OpenSim.Server.Handlers.dll:AssetServiceConnector,OpenSim.S ; * as an authentication source. ; * [AuthenticationService] + ; for the server connector AuthenticationServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService" + ; for the service StorageProvider = "OpenSim.Data.MySQL.dll" ConnectionString = "Data Source=localhost;Database=opensim;User ID=opensim;Password=opensim123;" +[OpenIdService] + ; for the server connector + AuthenticationServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService" + UserAccountService = "OpenSim.Services.UserAccountService.dll:UserAccountService" + ; * This is the new style user service. ; * "Realm" is the table that is used for user lookup. ; * It defaults to "users", which uses the legacy tables ; * [UserAccountService] - AuthenticationServiceModule = "OpenSim.Services.UserService.dll:UserAccountService" + ; for the server connector LocalServiceModule = "OpenSim.Services.UserAccountService.dll:UserAccountService" + ; for the service StorageProvider = "OpenSim.Data.MySQL.dll" ConnectionString = "Data Source=localhost;Database=opensim;User ID=opensim;Password=opensim123;" ; Realm = "useraccounts" diff --git a/prebuild.xml b/prebuild.xml index 6568bae337..9c326ea40c 100644 --- a/prebuild.xml +++ b/prebuild.xml @@ -1572,6 +1572,7 @@ +