Moved OpenId authentication from user server to Server.Handlers.Authentication.

slimupdates
Diva Canto 2010-01-10 17:15:02 -08:00
parent 68b7307f4f
commit b0bbe861cd
4 changed files with 110 additions and 17 deletions

View File

@ -0,0 +1,77 @@
/*
* Copyright (c) Contributors, http://opensimulator.org/
* See CONTRIBUTORS.TXT for a full list of copyright holders.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
* * Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* * Neither the name of the OpenSimulator Project nor the
* names of its contributors may be used to endorse or promote products
* derived from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
using System;
using System.Reflection;
using Nini.Config;
using log4net;
using OpenSim.Server.Base;
using OpenSim.Services.Interfaces;
using OpenSim.Framework.Servers.HttpServer;
using OpenSim.Server.Handlers.Base;
namespace OpenSim.Server.Handlers.Authentication
{
public class OpenIdServerConnector : ServiceConnector
{
private static readonly ILog m_log =
LogManager.GetLogger(
MethodBase.GetCurrentMethod().DeclaringType);
private IAuthenticationService m_AuthenticationService;
private IUserAccountService m_UserAccountService;
private string m_ConfigName = "OpenIdService";
public OpenIdServerConnector(IConfigSource config, IHttpServer server, string configName) :
base(config, server, configName)
{
IConfig serverConfig = config.Configs[m_ConfigName];
if (serverConfig == null)
throw new Exception(String.Format("No section {0} in config file", m_ConfigName));
string authService = serverConfig.GetString("AuthenticationServiceModule",
String.Empty);
string userService = serverConfig.GetString("UserAccountServiceModule",
String.Empty);
if (authService == String.Empty || userService == String.Empty)
throw new Exception("No AuthenticationServiceModule or no UserAccountServiceModule in config file for OpenId authentication");
Object[] args = new Object[] { config };
m_AuthenticationService = ServerUtils.LoadPlugin<IAuthenticationService>(authService, args);
m_UserAccountService = ServerUtils.LoadPlugin<IUserAccountService>(authService, args);
// Handler for OpenID user identity pages
server.AddStreamHandler(new OpenIdStreamHandler("GET", "/users/", m_UserAccountService, m_AuthenticationService));
// Handlers for the OpenID endpoint server
server.AddStreamHandler(new OpenIdStreamHandler("POST", "/openid/server/", m_UserAccountService, m_AuthenticationService));
server.AddStreamHandler(new OpenIdStreamHandler("GET", "/openid/server/", m_UserAccountService, m_AuthenticationService));
m_log.Info("[OPENID]: OpenId service enabled");
}
}
}

View File

@ -36,8 +36,12 @@ using DotNetOpenId.Provider;
using OpenSim.Framework; using OpenSim.Framework;
using OpenSim.Framework.Servers; using OpenSim.Framework.Servers;
using OpenSim.Framework.Servers.HttpServer; using OpenSim.Framework.Servers.HttpServer;
using OpenSim.Server.Handlers.Base;
using OpenSim.Services.Interfaces;
using Nini.Config;
using OpenMetaverse;
namespace OpenSim.Grid.UserServer.Modules namespace OpenSim.Server.Handlers.Authentication
{ {
/// <summary> /// <summary>
/// Temporary, in-memory store for OpenID associations /// Temporary, in-memory store for OpenID associations
@ -194,15 +198,17 @@ For more information, see <a href='http://openid.net/'>http://openid.net/</a>.
string m_contentType; string m_contentType;
string m_httpMethod; string m_httpMethod;
string m_path; string m_path;
UserLoginService m_loginService; IAuthenticationService m_authenticationService;
IUserAccountService m_userAccountService;
ProviderMemoryStore m_openidStore = new ProviderMemoryStore(); ProviderMemoryStore m_openidStore = new ProviderMemoryStore();
/// <summary> /// <summary>
/// Constructor /// Constructor
/// </summary> /// </summary>
public OpenIdStreamHandler(string httpMethod, string path, UserLoginService loginService) public OpenIdStreamHandler(string httpMethod, string path, IUserAccountService userService, IAuthenticationService authService)
{ {
m_loginService = loginService; m_authenticationService = authService;
m_userAccountService = userService;
m_httpMethod = httpMethod; m_httpMethod = httpMethod;
m_path = path; m_path = path;
@ -235,13 +241,14 @@ For more information, see <a href='http://openid.net/'>http://openid.net/</a>.
IAuthenticationRequest authRequest = (IAuthenticationRequest)provider.Request; IAuthenticationRequest authRequest = (IAuthenticationRequest)provider.Request;
string[] passwordValues = postQuery.GetValues("pass"); string[] passwordValues = postQuery.GetValues("pass");
UserProfileData profile; UserAccount account;
if (TryGetProfile(new Uri(authRequest.ClaimedIdentifier.ToString()), out profile)) if (TryGetAccount(new Uri(authRequest.ClaimedIdentifier.ToString()), out account))
{ {
// Check for form POST data // Check for form POST data
if (passwordValues != null && passwordValues.Length == 1) if (passwordValues != null && passwordValues.Length == 1)
{ {
if (profile != null && m_loginService.AuthenticateUser(profile, passwordValues[0])) if (account != null &&
(m_authenticationService.Authenticate(account.PrincipalID, passwordValues[0], 30) != string.Empty))
authRequest.IsAuthenticated = true; authRequest.IsAuthenticated = true;
else else
authRequest.IsAuthenticated = false; authRequest.IsAuthenticated = false;
@ -250,7 +257,7 @@ For more information, see <a href='http://openid.net/'>http://openid.net/</a>.
{ {
// Authentication was requested, send the client a login form // Authentication was requested, send the client a login form
using (StreamWriter writer = new StreamWriter(response)) using (StreamWriter writer = new StreamWriter(response))
writer.Write(String.Format(LOGIN_PAGE, profile.FirstName, profile.SurName)); writer.Write(String.Format(LOGIN_PAGE, account.FirstName, account.LastName));
return; return;
} }
} }
@ -283,14 +290,14 @@ For more information, see <a href='http://openid.net/'>http://openid.net/</a>.
else else
{ {
// Try and lookup this avatar // Try and lookup this avatar
UserProfileData profile; UserAccount account;
if (TryGetProfile(httpRequest.Url, out profile)) if (TryGetAccount(httpRequest.Url, out account))
{ {
using (StreamWriter writer = new StreamWriter(response)) using (StreamWriter writer = new StreamWriter(response))
{ {
// TODO: Print out a full profile page for this avatar // TODO: Print out a full profile page for this avatar
writer.Write(String.Format(OPENID_PAGE, httpRequest.Url.Scheme, writer.Write(String.Format(OPENID_PAGE, httpRequest.Url.Scheme,
httpRequest.Url.Authority, profile.FirstName, profile.SurName)); httpRequest.Url.Authority, account.FirstName, account.LastName));
} }
} }
else else
@ -316,7 +323,7 @@ For more information, see <a href='http://openid.net/'>http://openid.net/</a>.
/// <param name="requestUrl">URL to parse for an avatar name</param> /// <param name="requestUrl">URL to parse for an avatar name</param>
/// <param name="profile">Profile data for the avatar</param> /// <param name="profile">Profile data for the avatar</param>
/// <returns>True if the parse and lookup were successful, otherwise false</returns> /// <returns>True if the parse and lookup were successful, otherwise false</returns>
bool TryGetProfile(Uri requestUrl, out UserProfileData profile) bool TryGetAccount(Uri requestUrl, out UserAccount account)
{ {
if (requestUrl.Segments.Length == 3 && requestUrl.Segments[1] == "users/") if (requestUrl.Segments.Length == 3 && requestUrl.Segments[1] == "users/")
{ {
@ -326,12 +333,12 @@ For more information, see <a href='http://openid.net/'>http://openid.net/</a>.
if (name.Length == 2) if (name.Length == 2)
{ {
profile = m_loginService.GetTheUser(name[0], name[1]); account = m_userAccountService.GetUserAccount(UUID.Zero, name[0], name[1]);
return (profile != null); return (account != null);
} }
} }
profile = null; account = null;
return false; return false;
} }
} }

View File

@ -10,7 +10,7 @@
; * ; *
; * ; *
[Startup] [Startup]
ServiceConnectors = "OpenSim.Server.Handlers.dll:AssetServiceConnector,OpenSim.Server.Handlers.dll:InventoryServiceInConnector,OpenSim.Server.Handlers.dll:FreeswitchServerConnector,OpenSim.Server.Handlers.dll:GridServiceConnector,OpenSim.Server.Handlers.dll:AuthenticationServiceConnector,OpenSim.Server.Handlers.dll:AvatarServiceConnector,OpenSim.Server.Handlers.dll:LLLoginServiceInConnector,OpenSim.Server.Handlers.dll:PresenceServiceConnector,,OpenSim.Server.Handlers.dll:UserAccountServiceConnector" ServiceConnectors = "OpenSim.Server.Handlers.dll:AssetServiceConnector,OpenSim.Server.Handlers.dll:InventoryServiceInConnector,OpenSim.Server.Handlers.dll:FreeswitchServerConnector,OpenSim.Server.Handlers.dll:GridServiceConnector,OpenSim.Server.Handlers.dll:AuthenticationServiceConnector,OpenSim.Server.Handlers.dll:OpenIdServerConnector,OpenSim.Server.Handlers.dll:AvatarServiceConnector,OpenSim.Server.Handlers.dll:LLLoginServiceInConnector,OpenSim.Server.Handlers.dll:PresenceServiceConnector,,OpenSim.Server.Handlers.dll:UserAccountServiceConnector"
; * This is common for all services, it's the network setup for the entire ; * This is common for all services, it's the network setup for the entire
; * server instance ; * server instance
@ -66,17 +66,25 @@ ServiceConnectors = "OpenSim.Server.Handlers.dll:AssetServiceConnector,OpenSim.S
; * as an authentication source. ; * as an authentication source.
; * ; *
[AuthenticationService] [AuthenticationService]
; for the server connector
AuthenticationServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService" AuthenticationServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService"
; for the service
StorageProvider = "OpenSim.Data.MySQL.dll" StorageProvider = "OpenSim.Data.MySQL.dll"
ConnectionString = "Data Source=localhost;Database=opensim;User ID=opensim;Password=opensim123;" ConnectionString = "Data Source=localhost;Database=opensim;User ID=opensim;Password=opensim123;"
[OpenIdService]
; for the server connector
AuthenticationServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService"
UserAccountService = "OpenSim.Services.UserAccountService.dll:UserAccountService"
; * This is the new style user service. ; * This is the new style user service.
; * "Realm" is the table that is used for user lookup. ; * "Realm" is the table that is used for user lookup.
; * It defaults to "users", which uses the legacy tables ; * It defaults to "users", which uses the legacy tables
; * ; *
[UserAccountService] [UserAccountService]
AuthenticationServiceModule = "OpenSim.Services.UserService.dll:UserAccountService" ; for the server connector
LocalServiceModule = "OpenSim.Services.UserAccountService.dll:UserAccountService" LocalServiceModule = "OpenSim.Services.UserAccountService.dll:UserAccountService"
; for the service
StorageProvider = "OpenSim.Data.MySQL.dll" StorageProvider = "OpenSim.Data.MySQL.dll"
ConnectionString = "Data Source=localhost;Database=opensim;User ID=opensim;Password=opensim123;" ConnectionString = "Data Source=localhost;Database=opensim;User ID=opensim;Password=opensim123;"
; Realm = "useraccounts" ; Realm = "useraccounts"

View File

@ -1572,6 +1572,7 @@
<Reference name="XMLRPC.dll" /> <Reference name="XMLRPC.dll" />
<Reference name="Nini.dll" /> <Reference name="Nini.dll" />
<Reference name="log4net.dll"/> <Reference name="log4net.dll"/>
<Reference name="DotNetOpenId.dll"/>
<Files> <Files>
<Match pattern="*.cs" recurse="true"> <Match pattern="*.cs" recurse="true">