From df9c59a19e2be052f562e2965b31940d15913f16 Mon Sep 17 00:00:00 2001 From: icedream Date: Thu, 15 May 2014 05:32:21 +0200 Subject: [PATCH] Fixing session authentication stuff. --- .../SessionAuthenticationClient.cs | 16 +++++--- .../SessionAuthenticationServer.cs | 37 +++++++++++-------- 2 files changed, 31 insertions(+), 22 deletions(-) diff --git a/src/libnpsharp/Authentication/SessionAuthenticationClient.cs b/src/libnpsharp/Authentication/SessionAuthenticationClient.cs index 22a7176..84f9ae5 100644 --- a/src/libnpsharp/Authentication/SessionAuthenticationClient.cs +++ b/src/libnpsharp/Authentication/SessionAuthenticationClient.cs @@ -15,9 +15,9 @@ namespace NPSharp.Authentication public class SessionAuthenticationClient { private readonly string _host; + private readonly ILog _log; private readonly string _path; private readonly ushort _port; - private readonly ILog _log; /// /// Initializes a new instance of the class. @@ -89,7 +89,7 @@ namespace NPSharp.Authentication Path = _path }.Uri; - var req = (HttpWebRequest)WebRequest.Create(uri); + var req = (HttpWebRequest) WebRequest.Create(uri); req.Method = "POST"; req.ContentType = "application/x-www-form-urlencoded"; req.AllowAutoRedirect = true; @@ -105,8 +105,8 @@ namespace NPSharp.Authentication // (ok|fail)#text#userid#username#email#sessiontoken var rx = new Regex( - "^(?ok|fail)#(?.+)#(?[0-9]+)#(?.+)#(?.+)#(?[^#]+)[#]*$"); - var resp = (HttpWebResponse)req.GetResponse(); + "^(?ok|fail)#(?[^#]+)#(?[0-9]+)#(?[^#]*)#(?[^#]*)#(?[^#]*)[#]*$"); + var resp = (HttpWebResponse) req.GetResponse(); using (var respStream = resp.GetResponseStream()) { if (respStream == null) @@ -116,6 +116,7 @@ namespace NPSharp.Authentication while (!respReader.EndOfStream) { var line = respReader.ReadLine(); + _log.DebugFormat("Received authentication response: {0}", line); // No answer? if (string.IsNullOrEmpty(line)) @@ -123,7 +124,10 @@ namespace NPSharp.Authentication // DW response line found? if (!rx.IsMatch(line)) + { + _log.WarnFormat("Extra data in authentication response: {0}", line); continue; + } // This is a DW response line, analyze var rxm = rx.Match(line); @@ -160,7 +164,7 @@ namespace NPSharp.Authentication Path = _path }.Uri; - var req = (HttpWebRequest)WebRequest.Create(uri); + var req = (HttpWebRequest) WebRequest.Create(uri); req.Method = "POST"; req.ContentType = "application/x-www-form-urlencoded"; req.AllowAutoRedirect = true; @@ -177,7 +181,7 @@ namespace NPSharp.Authentication var rx = new Regex( "^(?ok|fail)#(?.+)#(?[0-9]+)#(?.+)#(?.+)#(?[^#]+)[#]*$"); - var resp = (HttpWebResponse)req.GetResponse(); + var resp = (HttpWebResponse) req.GetResponse(); using (var respStream = resp.GetResponseStream()) { if (respStream == null) diff --git a/src/libnpsharp/Authentication/SessionAuthenticationServer.cs b/src/libnpsharp/Authentication/SessionAuthenticationServer.cs index 09b71e3..aba65e0 100644 --- a/src/libnpsharp/Authentication/SessionAuthenticationServer.cs +++ b/src/libnpsharp/Authentication/SessionAuthenticationServer.cs @@ -13,7 +13,8 @@ using uhttpsharp.RequestProviders; namespace NPSharp.Authentication { /// - /// Represents a session authentication server which uses the HTTP protocol to send out session tokens to authenticating NP clients. + /// Represents a session authentication server which uses the HTTP protocol to send out session tokens to + /// authenticating NP clients. /// public class SessionAuthenticationServer { @@ -21,7 +22,7 @@ namespace NPSharp.Authentication private HttpServer _http; /// - /// Constructs a new session authentication server. + /// Constructs a new session authentication server. /// public SessionAuthenticationServer() { @@ -30,12 +31,12 @@ namespace NPSharp.Authentication } /// - /// Support oldskool "user&&pass" authentication format. + /// Support oldskool "user&&pass" authentication format. /// public bool SupportOldAuthentication { get; set; } /// - /// Will be triggered whenever a client tries to authenticate via this server. + /// Will be triggered whenever a client tries to authenticate via this server. /// public event Func Authenticating; @@ -48,7 +49,7 @@ namespace NPSharp.Authentication } /// - /// Starts the authentication server. + /// Starts the authentication server. /// /// The port on which the authentication server should listen on. public void Start(ushort port = 12003) @@ -74,7 +75,7 @@ namespace NPSharp.Authentication } /// - /// Stops the authentication server. + /// Stops the authentication server. /// public void Stop() { @@ -125,6 +126,8 @@ namespace NPSharp.Authentication sar = new SessionAuthenticationResult {Reason = @"Internal server error"}; } + _authServer._log.DebugFormat("/authenticate reply is {0}", sar); + context.Response = new HttpResponse(HttpResponseCode.Ok, sar.ToString(), !sar.Success && context.Request.Headers.KeepAliveConnection()); return Task.Factory.GetCompleted(); @@ -135,47 +138,49 @@ namespace NPSharp.Authentication public class SessionAuthenticationResult { /// - /// true if authentication was successful, otherwise false. + /// true if authentication was successful, otherwise false. /// public bool Success { get; set; } /// - /// Reason for the given success state. Use this especially in authentication fail cases. + /// Reason for the given success state. Use this especially in authentication fail cases. /// public string Reason { get; set; } /// - /// If authenticated set this to the user's unique ID. + /// If authenticated set this to the user's unique ID. /// public uint UserID { get; set; } /// - /// If authenticated set this to the user's session token. + /// If authenticated set this to the user's session token. /// public string SessionToken { get; set; } /// - /// If authenticated set this to the actual correctly spelled username. + /// If authenticated set this to the actual correctly spelled username. /// public string UserName { get; set; } /// - /// If authenticated set this to the user's e-mail address. + /// If authenticated set this to the user's e-mail address. /// public string UserMail { get; set; } /// - /// Returns the response line as it should be sent out to the client. + /// Returns the response line as it should be sent out to the client. /// public override string ToString() { + // Response will be in this syntax: + // (ok|fail)#text#userid#username#email#sessiontoken return String.Join("#", Success ? "ok" : "fail", String.IsNullOrEmpty(Reason) ? (Success ? "Success" : "Unknown error") : Reason, UserID, - UserName, - UserMail, - SessionToken, + string.IsNullOrEmpty(UserName) ? "Anonymous" : UserName, + string.IsNullOrEmpty(UserMail) ? "anonymous@localhost" : UserMail, + string.IsNullOrEmpty(SessionToken) ? "0" : SessionToken, String.Empty); } }