Beispiel #1
0
        private static AuthenticationToken GetValidAuthToken(string tokenString,
                                                             ClientPeer peer, AuthTokenFactory tokenFactory, out ErrorCode errorCode, out string errorMsg)
        {
            errorCode = ErrorCode.Ok;
            errorMsg  = string.Empty;

            if (tokenFactory == null)
            {
                log.ErrorFormat(logSetupCountGuard, "AuthOnInitHandler: Token factory is NOT setup.AuthTokenKey not specified in config. p:{0}", peer);

                errorCode = ErrorCode.InvalidAuthentication;
                errorMsg  = ErrorMessages.AuthTokenTypeNotSupported;

                return(null);
            }

            // validate the authentication token
            if (string.IsNullOrEmpty(tokenString))
            {
                if (log.IsDebugEnabled)
                {
                    log.DebugFormat("failed to get token. tokenString is empty. p:{0}", peer);
                }

                errorCode = ErrorCode.InvalidAuthentication;
                errorMsg  = ErrorMessages.AuthTokenMissing;

                return(null);
            }

            AuthenticationToken authToken;

            if (!tokenFactory.DecryptAuthenticationToken(tokenString, out authToken, out errorMsg))
            {
                log.WarnFormat(canNotDecryptLogGuard, "AuthOnInitHandler: Could not decrypt authenticaton token. ErrorMsg:{0}, Token: {1}, p:{2}",
                               errorMsg, tokenString, peer);

                errorCode = ErrorCode.InvalidAuthentication;
                errorMsg  = ErrorMessages.AuthTokenTypeNotSupported;

                return(null);
            }

            if (authToken.ExpireAtTicks < DateTime.UtcNow.Ticks)
            {
                if (log.IsDebugEnabled)
                {
                    log.DebugFormat("failed to get token. token is expired. p:{0}", peer);
                }

                errorCode = ErrorCode.InvalidAuthentication;
                errorMsg  = ErrorMessages.AuthTokenExpired;

                return(null);
            }

            return(authToken);
        }
        private void SetupTokenCreator()
        {
            string sharedKey = Settings.Default.AuthTokenKey;
            if (string.IsNullOrEmpty(sharedKey))
            {
                log.WarnFormat("AuthTokenKey not specified in config. Authentication tokens are not supported");
                return;
            }

            int expirationTimeSeconds = Settings.Default.AuthTokenExpiration;
            //if (expirationTimeSeconds <= 0)
            //{
            //    log.ErrorFormat("Authentication token expiration to low: expiration={0} seconds", expirationTimeSeconds);
            //}

            var expiration = TimeSpan.FromSeconds(expirationTimeSeconds);
            this.TokenCreator = new AuthTokenFactory();
            this.TokenCreator.Initialize(sharedKey, expiration);

            log.InfoFormat("TokenCreator intialized with an expiration of {0}", expiration);
        }
Beispiel #3
0
        public static AuthenticationToken DoAuthUsingInitObject(string token, ClientPeer peer, InitRequest initRequest, AuthTokenFactory tokenFactory, out ErrorCode errorCode, out string errorMsg)
        {
            if (log.IsDebugEnabled)
            {
                log.DebugFormat("Peer performs auth using init object. p:{0}", peer);
            }

            var authToken = GetValidAuthToken(token, peer, tokenFactory, out errorCode, out errorMsg);

            if (authToken == null)
            {
                return(null);
            }

            errorCode = SetupEncryption(authToken, out errorMsg, peer, initRequest);

            if (errorCode != ErrorCode.Ok)
            {
                return(null);
            }

            return(authToken);
        }