public override byte[] Handle(string path, Stream request, OSHttpRequest httpRequest, OSHttpResponse httpResponse)
{
NameValueCollection query;
try
{
byte[] requestData = httpRequest.GetBody();
string queryString = HttpUtility.UrlDecode(requestData, Encoding.UTF8);
query = HttpUtility.ParseQueryString(queryString);
}
catch (Exception)
{
CableBeachServerState.Log.Error("[CABLE BEACH SERVER]: Failed to parse the permission grant form");
httpResponse.StatusCode = (int)HttpStatusCode.BadRequest;
return Encoding.UTF8.GetBytes("Failed to parse required form parameters");
}
string confirm = OpenAuthHelper.GetQueryValue(query, "confirm");
string requestToken = OpenAuthHelper.GetQueryValue(query, "request_token").Replace(' ', '+');
OAuthRequest oauthRequest;
if (!String.IsNullOrEmpty(confirm) && !String.IsNullOrEmpty(requestToken))
{
if (CableBeachServerState.OAuthCurrentRequests.TryGetValue(requestToken, out oauthRequest))
{
// Cache this permission grant
CableBeachServerState.StorePermissionGrant(httpRequest, oauthRequest.Request.Callback.Authority);
UserAuthorizationResponse oauthResponse = CableBeachServerState.MakeOAuthSuccessResponse(requestToken, oauthRequest);
CableBeachServerState.Log.Info("[CABLE BEACH SERVER]: OAuth confirmation accepted, redirecting to " + oauthRequest.Request.Callback);
return OpenAuthHelper.MakeOpenAuthResponse(httpResponse, CableBeachServerState.OAuthServiceProvider.Channel.PrepareResponse(oauthResponse));
}
else
{
// TODO: We should be redirecting to the callback with a failure parameter set
CableBeachServerState.Log.Warn("[CABLE BEACH SERVER]: Could not find an open request matching request token \"" + requestToken + "\"");
return Encoding.UTF8.GetBytes("Expired or invalid OAuth session");
}
}
else
{
// TODO: We should be redirecting to the callback with a failure parameter set
CableBeachServerState.Log.Warn("[CABLE BEACH SERVER]: OAuth confirmation was denied");
return Encoding.UTF8.GetBytes("Confirmation denied");
}
}
void OpenIDLoginPostHandler(OSHttpRequest httpRequest, OSHttpResponse httpResponse)
{
byte[] requestData = httpRequest.GetBody();
string queryString = HttpUtility.UrlDecode(requestData, System.Text.Encoding.UTF8);
NameValueCollection query = System.Web.HttpUtility.ParseQueryString(queryString);
string openidIdentifier = query["openid_identifier"];
OpenIDLoginFormHandler(httpRequest, httpResponse, openidIdentifier);
}
public HttpStatusCode InventoryPutHandler(OSHttpRequest request, string path, string username, string[] if_headers)
{
// TODO: Figure out ETAG checks
byte[] assetData = request.GetBody();
if (assetData.Length == 0)
return HttpStatusCode.BadRequest;
string localPath = "";
UUID agentID = AgentIDFromRequestPath("inventory", "/", path, ref localPath);
string[] pathParts = localPath.Split('/');
string assetName;
if(localPath.EndsWith("/"))
{
assetName = pathParts[pathParts.Length - 2];
localPath = localPath.Substring(0, localPath.Length - (assetName.Length + 1));
}
else
{
assetName = pathParts[pathParts.Length - 1];
localPath = localPath.Substring(0, localPath.Length - assetName.Length);
}
InventoryNodeBase invObject = PathToInventory(agentID, localPath);
if (invObject != null)
{
if (invObject is InventoryFolderBase)
{
InventoryFolderBase parentFolder = (InventoryFolderBase)invObject;
OpenSim.Framework.AssetMetadata assetMetadata = new OpenSim.Framework.AssetMetadata();
assetMetadata.ContentType = request.Headers["Content-type"];
assetMetadata.CreationDate = DateTime.Now;
assetMetadata.Description = assetName;
assetMetadata.ID = UUID.Random().ToString();
assetMetadata.Name = assetName;
assetMetadata.Temporary = false;
//assetMetadata.SHA256 = OpenMetaverse.Utils.SHA256(assetData);
assetMetadata.SHA1 = OpenMetaverse.Utils.SHA1(assetData);
sbyte type = CableBeachUtils.ContentTypeToSLAssetType(request.Headers["Content-type"]);
AssetBase asset = new AssetBase(UUID.Random(), assetName, type);
asset.Data = assetData;
asset.Metadata = assetMetadata;
string ret = m_AssetService.Store(asset);
// Check if asset was created
if (m_AssetService.GetMetadata(assetMetadata.ID) != null)
{
InventoryItemBase inventoryItem = new InventoryItemBase();
inventoryItem.AssetID = new UUID(assetMetadata.ID);
inventoryItem.AssetType = parentFolder.Type;
// TODO: conversion from long to int migth not be sufficient here
inventoryItem.CreationDate = (int) DateTime.Now.Ticks;
inventoryItem.CreatorId = agentID.ToString();
inventoryItem.Owner = agentID;
inventoryItem.CurrentPermissions = 2147483647;
inventoryItem.NextPermissions = 2147483647;
inventoryItem.BasePermissions = 2147483647;
inventoryItem.EveryOnePermissions = 2147483647;
inventoryItem.GroupPermissions = 2147483647;
inventoryItem.InvType = (int)CableBeachMessages.InventoryType.Object;
inventoryItem.GroupOwned = false;
inventoryItem.Description = assetMetadata.Description;
inventoryItem.ID = UUID.Random();
inventoryItem.Name = assetMetadata.Name;
inventoryItem.Folder = parentFolder.ID;
inventoryItem.SalePrice = 0;
if (m_InventoryService.AddItem(inventoryItem))
return HttpStatusCode.Created;
//if (m_InventoryService.UpdateItem(
}
else
{ // failed asset creation, dont create inventory item either sender, send error back
//return HttpStatusCode.PreconditionFailed & HttpStatusCode.InternalServerError;
return HttpStatusCode.InternalServerError;
}
}
}
return HttpStatusCode.InternalServerError;
}
void OpenIDServerPostHandler(OSHttpRequest httpRequest, OSHttpResponse httpResponse)
{
IRequest openidRequest = CableBeachState.Provider.GetRequest(OpenAuthHelper.GetRequestInfo(httpRequest));
if (openidRequest != null)
{
if (openidRequest is DotNetOpenAuth.OpenId.Provider.IAuthenticationRequest)
{
DotNetOpenAuth.OpenId.Provider.IAuthenticationRequest authRequest = (DotNetOpenAuth.OpenId.Provider.IAuthenticationRequest)openidRequest;
ClaimsRequest claimsRequest = openidRequest.GetExtension<ClaimsRequest>();
byte[] postBody = httpRequest.GetBody();
if (authRequest.IsDirectedIdentity)
{
NameValueCollection postData = null;
string first = null, last = null, pass = null;
// Get the firstname, lastname, and password from the POST data
if (postBody.Length > 0)
{
postData = HttpUtility.ParseQueryString(Encoding.UTF8.GetString(postBody, 0, postBody.Length), Encoding.UTF8);
if (postData != null)
{
first = postData["first"];
last = postData["last"];
pass = postData["pass"];
}
}
if (!DoAuthentication(httpResponse, authRequest, claimsRequest, first, last, pass))
{
m_log.Debug("[CABLE BEACH IDP]: (GET) Sending directed provider login form");
CableBeachState.SendProviderDirectedLoginTemplate(httpResponse, authRequest.Realm.ToString(), httpRequest, postData);
}
}
else
{
// Identity already selected
Uri claimedIdentity = (UriIdentifier)authRequest.ClaimedIdentifier;
// Try and lookup this avatar
UserProfileData profile;
if (CableBeachState.TryGetProfile(claimedIdentity, out profile))
{
NameValueCollection postData = null;
string pass = null;
// Get the password from the POST data
if (postBody.Length > 0)
{
postData = HttpUtility.ParseQueryString(Encoding.UTF8.GetString(postBody, 0, postBody.Length), Encoding.UTF8);
pass = (postData != null) ? postData["pass"] : null;
}
if (!DoAuthentication(httpResponse, authRequest, claimsRequest, profile, pass))
{
m_log.Debug("[CABLE BEACH IDP]: (POST) Sending provider login form for " + profile.Name);
CableBeachState.SendProviderLoginTemplate(httpResponse, profile.FirstName, profile.SurName, profile.ID, authRequest.Realm.ToString(),
httpRequest, postData);
}
}
else
{
m_log.Error("[CABLE BEACH IDP]: (POST) Attempted a non-directed login with an unknown identifier " + authRequest.ClaimedIdentifier);
}
}
}
if (openidRequest.IsResponseReady)
OpenAuthHelper.OpenAuthResponseToHttp(httpResponse, CableBeachState.Provider.PrepareResponse(openidRequest));
}
else
{
m_log.Warn("[CABLE BEACH IDP]: Got a POST to a URL with missing or invalid OpenID data: " + httpRequest.Url);
OpenAuthHelper.AddToBody(httpResponse, ENDPOINT_PAGE);
}
}
