private PopCommandResult LookupAppropriateCredential(ICredentialsByHost credentials,
string username,
PopAuthenticationMechanism authenticationMechanism,
out NetworkCredential credential)
{
credential = credentials.LookupCredential(connection, username, authenticationMechanism);
if (credential == null)
return new PopCommandResult(PopCommandResultCode.RequestError,
string.Format("credential not found for {0};AUTH={1}@{2}:{3}", username, authenticationMechanism, connection.Host, connection.Port));
else
return null;
}
internal void UpdateAuthority(string username, PopAuthenticationMechanism authType)
{
authority.Scheme = connection.IsSecurePortConnection ? PopUri.UriSchemePops : PopUri.UriSchemePop;
authority.Host = connection.Host;
authority.Port = connection.Port;
authority.UserName = username;
authority.AuthType = authType;
TraceInfo("authority: {0}", authority);
}
/// <summary>sends AUTH command</summary>
/// <remarks>valid in authorization state</remarks>
public PopCommandResult Auth(ICredentialsByHost credentials, PopAuthenticationMechanism authenticationMechanism)
{
return Auth(credentials, null, authenticationMechanism);
}
/// <summary>sends AUTH command</summary>
/// <remarks>valid in authorization state</remarks>
public PopCommandResult Auth(ICredentialsByHost credentials, string username, PopAuthenticationMechanism authenticationMechanism)
{
if (credentials == null)
throw new ArgumentNullException("credentials");
if (authenticationMechanism == null)
throw new ArgumentNullException("authenticationMechanism");
var ret = RejectNonConnectedOrGetAuthenticatedResult();
if (ret != null)
return ret;
// TODO: check Request.Arguments, not here
if (handlesIncapableAsException)
CheckServerCapability(authenticationMechanism);
NetworkCredential credential;
ret = LookupAppropriateCredential(credentials, username, authenticationMechanism, out credential);
if (ret != null)
return ret;
using (var t = new AuthTransaction(connection, credential)) {
t.RequestArguments["mechanism"] = (string)authenticationMechanism;
if (ProcessTransaction(t).Succeeded) {
UpdateAuthority(credential.UserName, authenticationMechanism);
TransitStateTo(PopSessionState.Transaction);
}
return t.Result;
}
}
private static PopCommandResult AuthenticateWithSuppliedMechanism(PopSession session,
ICredentialsByHost credentials,
string username,
PopAuthenticationMechanism authMechanism)
{
/*
* http://tools.ietf.org/html/rfc2384
* 4. POP User Name and Authentication Mechanism
*
* An authentication mechanism can be expressed by adding ";AUTH=<enc-
* auth-type>" to the end of the user name. If the authentication
* mechanism name is not preceded by a "+", it is a SASL POP [SASL]
* mechanism. If it is preceded by a "+", it is either "APOP" or an
* extension mechanism.
*
* When an <enc-auth-type> is specified, the client SHOULD request
* appropriate credentials from that mechanism and use the "AUTH",
* "APOP", or extension command instead of the "USER" command. If no
* user name is specified, one SHOULD be obtained from the mechanism or
* requested from the user as appropriate.
*
*
* If an <enc-auth-type> other than ";AUTH=*" is specified, the client
* SHOULD NOT use a different mechanism without explicit user
* permission.
*/
return session.Auth(credentials, username, authMechanism);
}