private TcpMessage HandleInsertItem(TcpConnectedHost host, TcpMessage message)
{
if (!message.HasType(TcpRequestType.InsertItem))
{
return(null);
}
if (!IsAuthenticated(host))
{
throw AuthException.NotLoggedIn();
}
var request = new ObjectTcpMessage <DbItem>(message);
var response = new ObjectTcpMessage <DbItem>(TcpRequestType.List);
var item = request.Item;
if (item != null)
{
_dataService.Insert(item);
response.Add(item); // Send the item back to report assigned Id
}
return(response);
}
private TcpMessage HandleUniqueItemQuery(TcpConnectedHost host, TcpMessage message)
{
if (!message.HasType(TcpRequestType.UniqueItemQuery))
{
return(null);
}
if (!IsAuthenticated(host))
{
throw AuthException.NotLoggedIn();
}
var request = new ParamTcpMessage(message);
var response = new ObjectTcpMessage <DbItem>(TcpRequestType.List);
if (request.HasParam("id"))
{
var id = request.GetParamAsNullableInt("id");
if (id != null)
{
var item = _dataService.GetItem(id.Value);
response.Add(item);
return(response);
}
}
return(TcpMessage.Error("Missing or badly formatted query parameters"));
}
protected override string PrepareOutgoingMessage(TcpConnectedHost host, string message)
{
var client = GetClient(host);
if (client.AESHandler.IsReady && client.EncryptNextMessageSync)
{
message = client.AESHandler.Encrypt(message);
}
else if (client.RSAHandler.IsReady && client.EncryptNextMessageAsync)
{
message = client.RSAHandler.Encrypt(message);
}
if (!client.EncryptNextMessageSync)
{
client.EncryptNextMessageSync = true;
}
if (!client.EncryptNextMessageAsync)
{
client.EncryptNextMessageAsync = true;
}
return(base.PrepareOutgoingMessage(host, message));
}
private TcpMessage HandleMultiRelationQuery(TcpConnectedHost host, TcpMessage message)
{
if (!message.HasType(TcpRequestType.MultiRelationQuery))
{
return(null);
}
if (!IsAuthenticated(host))
{
throw AuthException.NotLoggedIn();
}
var request = new ParamTcpMessage(message);
var response = new ObjectTcpMessage <DbRelation>(TcpRequestType.List);
if (request.HasParam("from_id"))
{
var fromId = request.GetParamAsNullableInt("from_id");
var items = _dataService.GetRelations(fromId);
response.Add(items);
return(response);
}
return(TcpMessage.Error("Missing or badly formatted query parameters"));
}
public DbItem GetUserItem(TcpConnectedHost host)
{
DbItem userItem;
_hostUsers.TryGetValue(host, out userItem);
return(userItem);
}
private TcpMessage HandleLoginRequest(TcpConnectedHost host, TcpMessage message)
{
if (!message.HasType("loginbasic"))
{
return(null);
}
var request = new ParamTcpMessage(message);
var username = request.GetParam("username");
var password = request.GetParam("password");
if (!string.IsNullOrEmpty(username) && !string.IsNullOrEmpty(password))
{
var userItem = _dataService.GetItemByRelation(UsersParentId, username);
if (userItem == null)
{
if (!AutoRegisterUsers)
{
return(TcpMessage.Error("User not found. Automatic registering of users is currently disabled."));
}
// Register
userItem = new DbItem(username);
_dataService.Insert(userItem);
_dataService.Insert(new DbRelation(UsersParentId, username, userItem.Id));
var saltItem = new DbItem(HashHelper.CreateSaltString(10));
_dataService.Insert(saltItem);
_dataService.Insert(new DbRelation(userItem.Id, "salt", saltItem.Id));
var passwordItem = new DbItem(HashHelper.GenerateSaltedHash(password, saltItem.Value));
_dataService.Insert(passwordItem);
_dataService.Insert(new DbRelation(userItem.Id, "password", passwordItem.Id));
}
else
{
// Login
var saltItem = _dataService.GetItemByRelation(userItem.Id, "salt");
var passwordItem = _dataService.GetItemByRelation(userItem.Id, "password");
if (saltItem == null || saltItem.Value == null || passwordItem == null || passwordItem.Value == null || !HashHelper.ConfirmPassword(passwordItem.Value, password, saltItem.Value))
{
return(TcpMessage.Error("Login failed. Wrong password."));
}
}
_hostUsers[host] = userItem;
var response = new ObjectTcpMessage <DbItem>(TcpRequestType.Ok);
response.Add(userItem);
return(response);
}
return(TcpMessage.Error("Missing or badly formatted login parameters"));
}
private EncryptedClientDataContainer GetClient(TcpConnectedHost host)
{
EncryptedClientDataContainer container;
if (!_clients.TryGetValue(host, out container))
{
container = new EncryptedClientDataContainer();
_clients.Add(host, container);
}
return container;
}
private EncryptedClientDataContainer GetClient(TcpConnectedHost host)
{
EncryptedClientDataContainer container;
if (!_clients.TryGetValue(host, out container))
{
container = new EncryptedClientDataContainer();
_clients.Add(host, container);
}
return(container);
}
protected override string PrepareIncommingMessage(TcpConnectedHost host, string message)
{
var client = GetClient(host);
if (client.AESHandler.IsReady)
message = client.AESHandler.Decrypt(message);
else if (client.RSAHandler.IsReady)
message = _serverCryptographyHandler.Decrypt(message);
return base.PrepareIncommingMessage(host, message);
}
protected override string PrepareIncommingMessage(TcpConnectedHost host, string message)
{
var client = GetClient(host);
if (client.AESHandler.IsReady)
{
message = client.AESHandler.Decrypt(message);
}
else if (client.RSAHandler.IsReady)
{
message = _serverCryptographyHandler.Decrypt(message);
}
return(base.PrepareIncommingMessage(host, message));
}
private TcpMessage HandleAESKeyExchangeRequest(TcpConnectedHost host, TcpMessage message)
{
if (!message.HasType("aeskey"))
{
return(null);
}
var client = GetClient(host);
client.AESHandler.GenerateKey();
return(new TcpMessage("aeskey")
{
Content = client.AESHandler.KeyAsString
});
}
private TcpMessage HandleAESInitializationVectorExchangeRequest(TcpConnectedHost host, TcpMessage message)
{
if (!message.HasType("aesiv"))
{
return(null);
}
var client = GetClient(host);
client.AESHandler.GenerateInitializationVector();
client.EncryptNextMessageSync = false;
return(new TcpMessage("aesiv")
{
Content = client.AESHandler.InitializationVectorAsString
});
}
protected override string PrepareOutgoingMessage(TcpConnectedHost host, string message)
{
var client = GetClient(host);
if (client.AESHandler.IsReady && client.EncryptNextMessageSync)
message = client.AESHandler.Encrypt(message);
else if (client.RSAHandler.IsReady && client.EncryptNextMessageAsync)
message = client.RSAHandler.Encrypt(message);
if (!client.EncryptNextMessageSync)
client.EncryptNextMessageSync = true;
if (!client.EncryptNextMessageAsync)
client.EncryptNextMessageAsync = true;
return base.PrepareOutgoingMessage(host, message);
}
private TcpMessage HandleRSAKeyExchangeRequest(TcpConnectedHost host, TcpMessage message)
{
if (!message.HasType("rsakey"))
{
return(null);
}
var client = GetClient(host);
client.RSAHandler.PublicKey = message.Content;
client.EncryptNextMessageAsync = false;
return(new TcpMessage("rsakey")
{
Content = _serverCryptographyHandler.PublicKey
});
}
private TcpMessage HandleDeleteItem(TcpConnectedHost host, TcpMessage message)
{
if (!message.HasType(TcpRequestType.DeleteItem))
return null;
if (!IsAuthenticated(host))
throw AuthException.NotLoggedIn();
var request = new ObjectTcpMessage<DbItem>(message);
var item = request.Item;
if (item != null)
{
_dataService.Delete(item);
}
return new TcpMessage(TcpRequestType.Ok);
}
private TcpMessage HandleDeleteItem(TcpConnectedHost host, TcpMessage message)
{
if (!message.HasType(TcpRequestType.DeleteItem))
{
return(null);
}
if (!IsAuthenticated(host))
{
throw AuthException.NotLoggedIn();
}
var request = new ObjectTcpMessage <DbItem>(message);
var item = request.Item;
if (item != null)
{
_dataService.Delete(item);
}
return(new TcpMessage(TcpRequestType.Ok));
}
private TcpMessage HandleAESInitializationVectorExchangeRequest(TcpConnectedHost host, TcpMessage message)
{
if (!message.HasType("aesiv"))
return null;
var client = GetClient(host);
client.AESHandler.GenerateInitializationVector();
client.EncryptNextMessageSync = false;
return new TcpMessage("aesiv") { Content = client.AESHandler.InitializationVectorAsString };
}
private TcpMessage HandleInsertRelation(TcpConnectedHost host, TcpMessage message)
{
if (!message.HasType(TcpRequestType.InsertRelation))
return null;
if (!IsAuthenticated(host))
throw AuthException.NotLoggedIn();
var request = new ObjectTcpMessage<DbRelation>(message);
var response = new ObjectTcpMessage<DbRelation>(TcpRequestType.List);
var relation = request.Item;
if (relation != null)
{
_dataService.Insert(relation);
response.Add(relation); // Send the item back to report assigned Id
}
return response;
}
private bool IsAuthenticated(TcpConnectedHost host)
{
return(_authenticationProviders.Any(provider => provider.IsAuthenticated(host)));
}
private TcpMessage HandleUniqueItemQuery(TcpConnectedHost host, TcpMessage message)
{
if (!message.HasType(TcpRequestType.UniqueItemQuery))
return null;
if (!IsAuthenticated(host))
throw AuthException.NotLoggedIn();
var request = new ParamTcpMessage(message);
var response = new ObjectTcpMessage<DbItem>(TcpRequestType.List);
if (request.HasParam("id"))
{
var id = request.GetParamAsNullableInt("id");
if (id != null)
{
var item = _dataService.GetItem(id.Value);
response.Add(item);
return response;
}
}
return TcpMessage.Error("Missing or badly formatted query parameters");
}
private TcpMessage HandleLoginRequest(TcpConnectedHost host, TcpMessage message)
{
if (!message.HasType("loginbasic"))
return null;
var request = new ParamTcpMessage(message);
var username = request.GetParam("username");
var password = request.GetParam("password");
if (!string.IsNullOrEmpty(username) && !string.IsNullOrEmpty(password))
{
var userItem = _dataService.GetItemByRelation(UsersParentId, username);
if (userItem == null)
{
if (!AutoRegisterUsers)
return TcpMessage.Error("User not found. Automatic registering of users is currently disabled.");
// Register
userItem = new DbItem(username);
_dataService.Insert(userItem);
_dataService.Insert(new DbRelation(UsersParentId, username, userItem.Id));
var saltItem = new DbItem(HashHelper.CreateSaltString(10));
_dataService.Insert(saltItem);
_dataService.Insert(new DbRelation(userItem.Id, "salt", saltItem.Id));
var passwordItem = new DbItem(HashHelper.GenerateSaltedHash(password, saltItem.Value));
_dataService.Insert(passwordItem);
_dataService.Insert(new DbRelation(userItem.Id, "password", passwordItem.Id));
}
else
{
// Login
var saltItem = _dataService.GetItemByRelation(userItem.Id, "salt");
var passwordItem = _dataService.GetItemByRelation(userItem.Id, "password");
if (saltItem == null || saltItem.Value == null || passwordItem == null || passwordItem.Value == null || !HashHelper.ConfirmPassword(passwordItem.Value, password, saltItem.Value))
return TcpMessage.Error("Login failed. Wrong password.");
}
_hostUsers[host] = userItem;
var response = new ObjectTcpMessage<DbItem>(TcpRequestType.Ok);
response.Add(userItem);
return response;
}
return TcpMessage.Error("Missing or badly formatted login parameters");
}
public bool IsAuthenticated(TcpConnectedHost host)
{
return GetUserItem(host) != null;
}
public DbItem GetUserItem(TcpConnectedHost host)
{
DbItem userItem;
_hostUsers.TryGetValue(host, out userItem);
return userItem;
}
private TcpMessage HandleRSAKeyExchangeRequest(TcpConnectedHost host, TcpMessage message)
{
if (!message.HasType("rsakey"))
return null;
var client = GetClient(host);
client.RSAHandler.PublicKey = message.Content;
client.EncryptNextMessageAsync = false;
return new TcpMessage("rsakey") { Content = _serverCryptographyHandler.PublicKey };
}
private bool IsAuthenticated(TcpConnectedHost host)
{
return _authenticationProviders.Any(provider => provider.IsAuthenticated(host));
}
private TcpMessage HandleUniqueRelationQuery(TcpConnectedHost host, TcpMessage message)
{
if (!message.HasType(TcpRequestType.UniqueRelationQuery))
return null;
if (!IsAuthenticated(host))
throw AuthException.NotLoggedIn();
var request = new ParamTcpMessage(message);
var response = new ObjectTcpMessage<DbRelation>(TcpRequestType.List);
if (request.HasParam("from_id") && request.HasParam("identifier"))
{
var fromId = request.GetParamAsNullableInt("from_id");
var identifier = request.GetParam("identifier");
var relation = _dataService.GetRelation(fromId, identifier);
response.Add(relation);
return response;
}
return TcpMessage.Error("Missing or badly formatted query parameters");
}
protected virtual string PrepareOutgoingMessage(TcpConnectedHost host, string message)
{
return(message);
}
public bool IsAuthenticated(TcpConnectedHost host)
{
return(GetUserItem(host) != null);
}
private void HandleDataClientComm(object client)
{
var tcpClient = (System.Net.Sockets.TcpClient)client;
var addressSplits = tcpClient.Client.RemoteEndPoint.ToString().Split(':');
var host = new TcpConnectedHost
{
TcpClient = tcpClient,
IPAddress = addressSplits[0]
};
if (!IsAllowed(host.IPAddress))
{
Debug.WriteLine("Client refused access to data channel. IP: " + host.IPAddress);
tcpClient.Close();
return;
}
Debug.WriteLine("Client connected to data channel. IP: " + host.IPAddress);
var stream = OnPrepareStream(host.TcpClient.GetStream());
_connectedDataClients.AddLast(host);
while (true)
{
var rawRequest = TcpProtocolHelper.Read(stream);
if (rawRequest == null)
{
break;
}
rawRequest = PrepareIncommingMessage(host, rawRequest);
Debug.WriteLine(DateTime.Now.ToLongTimeString() + " [R] " + rawRequest);
TcpMessage response = null;
var request = TcpMessage.FromRaw(rawRequest);
foreach (var handler in _dataRequestHandlers)
{
try
{
response = handler.Invoke(host, request);
if (response != null)
{
break;
}
}
catch (Exception e)
{
response = TcpMessage.Error(e.ToString());
break;
}
}
if (response == null)
{
response = TcpMessage.Error("Could not handle request");
}
var responseMessage = response.ToString();
Debug.WriteLine(DateTime.Now.ToLongTimeString() + " [S] " + responseMessage);
responseMessage = PrepareOutgoingMessage(host, responseMessage);
var success = TcpProtocolHelper.Write(stream, responseMessage);
if (!success)
{
break;
}
}
Debug.WriteLine("Client disconnected from data channel. IP: " + host.IPAddress);
tcpClient.Close();
}
private TcpMessage HandleAESKeyExchangeRequest(TcpConnectedHost host, TcpMessage message)
{
if (!message.HasType("aeskey"))
return null;
var client = GetClient(host);
client.AESHandler.GenerateKey();
return new TcpMessage("aeskey") { Content = client.AESHandler.KeyAsString };
}
