/// <summary>
/// Is called by SIP proxy or registrar server when it needs to authenticate user.
/// </summary>
/// <param name="auth">Authentication context.</param>
/// <returns></returns>
internal SIP_AuthenticateEventArgs OnAuthenticate(Auth_HttpDigest auth)
{
SIP_AuthenticateEventArgs eArgs = new SIP_AuthenticateEventArgs(auth);
if (this.Authenticate != null)
{
this.Authenticate(eArgs);
}
return(eArgs);
}
/// <summary>
/// Authenticates SIP request. This method also sends all needed replys to request sender.
/// </summary>
/// <param name="e">Request event arguments.</param>
/// <param name="userName">If authentication sucessful, then authenticated user name is stored to this variable.</param>
/// <returns>Returns true if request was authenticated.</returns>
internal bool AuthenticateRequest(SIP_RequestReceivedEventArgs e, out string userName)
{
userName = null;
SIP_t_Credentials credentials = SIP_Utils.GetCredentials(e.Request, m_pStack.Realm);
// No credentials for our realm.
if (credentials == null)
{
SIP_Response notAuthenticatedResponse = m_pStack.CreateResponse(SIP_ResponseCodes.x407_Proxy_Authentication_Required, e.Request);
notAuthenticatedResponse.ProxyAuthenticate.Add(new Auth_HttpDigest(m_pStack.Realm, m_pStack.DigestNonceManager.CreateNonce(), m_Opaque).ToChallange());
e.ServerTransaction.SendResponse(notAuthenticatedResponse);
return(false);
}
Auth_HttpDigest auth = new Auth_HttpDigest(credentials.AuthData, e.Request.RequestLine.Method);
// Check opaque validity.
if (auth.Opaque != m_Opaque)
{
SIP_Response notAuthenticatedResponse = m_pStack.CreateResponse(SIP_ResponseCodes.x407_Proxy_Authentication_Required + ": Opaque value won't match !", e.Request);
notAuthenticatedResponse.ProxyAuthenticate.Add(new Auth_HttpDigest(m_pStack.Realm, m_pStack.DigestNonceManager.CreateNonce(), m_Opaque).ToChallange());
// Send response
e.ServerTransaction.SendResponse(notAuthenticatedResponse);
return(false);
}
// Check nonce validity.
if (!m_pStack.DigestNonceManager.NonceExists(auth.Nonce))
{
SIP_Response notAuthenticatedResponse = m_pStack.CreateResponse(SIP_ResponseCodes.x407_Proxy_Authentication_Required + ": Invalid nonce value !", e.Request);
notAuthenticatedResponse.ProxyAuthenticate.Add(new Auth_HttpDigest(m_pStack.Realm, m_pStack.DigestNonceManager.CreateNonce(), m_Opaque).ToChallange());
// Send response
e.ServerTransaction.SendResponse(notAuthenticatedResponse);
return(false);
}
// Valid nonce, consume it so that nonce can't be used any more.
else
{
m_pStack.DigestNonceManager.RemoveNonce(auth.Nonce);
}
SIP_AuthenticateEventArgs eArgs = this.OnAuthenticate(auth);
// Authenticate failed.
if (!eArgs.Authenticated)
{
SIP_Response notAuthenticatedResponse = m_pStack.CreateResponse(SIP_ResponseCodes.x407_Proxy_Authentication_Required + ": Authentication failed.", e.Request);
notAuthenticatedResponse.ProxyAuthenticate.Add(new Auth_HttpDigest(m_pStack.Realm, m_pStack.DigestNonceManager.CreateNonce(), m_Opaque).ToChallange());
// Send response
e.ServerTransaction.SendResponse(notAuthenticatedResponse);
return(false);
}
userName = auth.UserName;
return(true);
}