From d9184eceab5ff9087801b0f0d447dec2f5227a50 Mon Sep 17 00:00:00 2001
From: "Justin Clark-Casey (justincc)" <jjustincc@googlemail.com>
Date: Wed, 19 Oct 2011 19:01:57 +0100
Subject: [PATCH] Add option to allow remote http calls to setpassword in the
 AuthenticationService.

This is switched on by setting AllowSetPassword = true in the [AuthenticationService] section of Robust.ini or Robust.HG.ini
Default is false as before.
---
 .../AuthenticationServerConnector.cs          |  2 +-
 .../AuthenticationServerPostHandler.cs        | 65 +++++++++++++------
 bin/Robust.HG.ini.example                     |  8 ++-
 bin/Robust.ini.example                        |  8 ++-
 4 files changed, 57 insertions(+), 26 deletions(-)

diff --git a/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs b/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs
index adb1e5b480..848a037aa6 100644
--- a/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs
+++ b/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs
@@ -58,7 +58,7 @@ namespace OpenSim.Server.Handlers.Authentication
             Object[] args = new Object[] { config };
             m_AuthenticationService = ServerUtils.LoadPlugin<IAuthenticationService>(authenticationService, args);
 
-            server.AddStreamHandler(new AuthenticationServerPostHandler(m_AuthenticationService));
+            server.AddStreamHandler(new AuthenticationServerPostHandler(m_AuthenticationService, serverConfig));
         }
     }
 }
diff --git a/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs b/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs
index 47bc860207..ae719451b7 100644
--- a/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs
+++ b/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs
@@ -49,11 +49,20 @@ namespace OpenSim.Server.Handlers.Authentication
         // private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
 
         private IAuthenticationService m_AuthenticationService;
+        private bool m_AllowSetPassword = false;
 
         public AuthenticationServerPostHandler(IAuthenticationService service) :
+                this(service, null) {}
+
+        public AuthenticationServerPostHandler(IAuthenticationService service, IConfig config) :
                 base("POST", "/auth")
         {
             m_AuthenticationService = service;
+
+            if (config != null)
+            {
+                m_AllowSetPassword = config.GetBoolean("AllowSetPassword", m_AllowSetPassword);
+            }
         }
 
         public override byte[] Handle(string path, Stream request,
@@ -113,31 +122,45 @@ namespace OpenSim.Server.Handlers.Authentication
 
             switch (method)
             {
-            case "authenticate":
-                if (!request.ContainsKey("PASSWORD"))
+                case "authenticate":
+                    if (!request.ContainsKey("PASSWORD"))
+                        return FailureResult();
+                    
+                    token = m_AuthenticationService.Authenticate(principalID, request["PASSWORD"].ToString(), lifetime);
+    
+                    if (token != String.Empty)
+                        return SuccessResult(token);
                     return FailureResult();
-                
-                token = m_AuthenticationService.Authenticate(principalID, request["PASSWORD"].ToString(), lifetime);
+    
+                case "setpassword":
+                    if (!m_AllowSetPassword)
+                        return FailureResult();
 
-                if (token != String.Empty)
-                    return SuccessResult(token);
-                return FailureResult();
-            case "verify":
-                if (!request.ContainsKey("TOKEN"))
+                    if (!request.ContainsKey("PASSWORD"))
+                        return FailureResult();
+    
+                    if (m_AuthenticationService.SetPassword(principalID, request["PASSWORD"].ToString()))
+                        return SuccessResult();
+                    else
+                        return FailureResult();
+    
+                case "verify":
+                    if (!request.ContainsKey("TOKEN"))
+                        return FailureResult();
+                    
+                    if (m_AuthenticationService.Verify(principalID, request["TOKEN"].ToString(), lifetime))
+                        return SuccessResult();
+    
                     return FailureResult();
-                
-                if (m_AuthenticationService.Verify(principalID, request["TOKEN"].ToString(), lifetime))
-                    return SuccessResult();
-
-                return FailureResult();
-            case "release":
-                if (!request.ContainsKey("TOKEN"))
+    
+                case "release":
+                    if (!request.ContainsKey("TOKEN"))
+                        return FailureResult();
+    
+                    if (m_AuthenticationService.Release(principalID, request["TOKEN"].ToString()))
+                        return SuccessResult();
+    
                     return FailureResult();
-
-                if (m_AuthenticationService.Release(principalID, request["TOKEN"].ToString()))
-                    return SuccessResult();
-
-                return FailureResult();
             }
 
             return FailureResult();
diff --git a/bin/Robust.HG.ini.example b/bin/Robust.HG.ini.example
index 5958fc1aea..aed1d330ad 100644
--- a/bin/Robust.HG.ini.example
+++ b/bin/Robust.HG.ini.example
@@ -146,6 +146,10 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003
     LocalServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService"
     ; Realm = "useraccounts"
 
+    ;; Allow the service to process HTTP setpassword calls.
+    ;; Default is false.
+    ; AllowSetPassword = false
+
 [OpenIdService]
     ; for the server connector
     AuthenticationServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService"
@@ -173,11 +177,11 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003
     ;; Default is false
     ; CreateDefaultAvatarEntries = false
 
-    ;; Allow the service to process HTTP create user calls.
+    ;; Allow the service to process HTTP createuser calls.
     ;; Default is false.
     ; AllowCreateUser = false
 
-    ;; Allow the service to process HTTP set account calls.
+    ;; Allow the service to process HTTP setaccount calls.
     ;; Default is false.
     ; AllowSetAccount = false
 
diff --git a/bin/Robust.ini.example b/bin/Robust.ini.example
index 2c8770ab56..522cc5646b 100644
--- a/bin/Robust.ini.example
+++ b/bin/Robust.ini.example
@@ -129,6 +129,10 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003
     ; for the server connector
     LocalServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService"
 
+    ;; Allow the service to process HTTP setpassword calls.
+    ;; Default is false.
+    ; AllowSetPassword = false
+
 [OpenIdService]
     ; for the server connector
     AuthenticationServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService"
@@ -156,11 +160,11 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003
     ;; Default is false
     ; CreateDefaultAvatarEntries = false
 
-    ;; Allow the service to process HTTP create user calls.
+    ;; Allow the service to process HTTP createuser calls.
     ;; Default is false.
     ; AllowCreateUser = false
 
-    ;; Allow the service to process HTTP set account calls.
+    ;; Allow the service to process HTTP setaccount calls.
     ;; Default is false.
     ; AllowSetAccount = false