/// <summary> /// Authenticates a username and password using a specific <see cref="IConnection"/> instance. The password will /// be encrypted before being sent to the server. /// </summary> /// <param name="connection">An implementation of <see cref="IConnection"/> which represents a TCP connection to a Couchbase Server.</param> /// <param name="username">The username or bucket name to authentic against.</param> /// <param name="password">The password to authenticate against.</param> /// <returns>True if succesful.</returns> public bool Authenticate(IConnection connection, string username, string password) { var authenticated = false; Username = username; Password = password ?? string.Empty; var temp = connection; Log.Debug(m => m("Authenticating socket {0}", temp.Identity)); var operation = new SaslStart(MechanismType, null, _converter); var result = _ioStrategy.Execute(operation, connection); if (result.Status == ResponseStatus.AuthenticationContinue) { var challenge = result.Message; var reply = ComputeResponse(challenge); operation = new SaslStep(MechanismType, reply, _converter); result = _ioStrategy.Execute(operation, connection); authenticated = result.Status == ResponseStatus.Success && result.Value.Equals("Authenticated"); Log.Debug(m => m("Authentication for socket {0} succeeded.", temp.Identity)); } if (result.Status == ResponseStatus.AuthenticationError) { Log.Debug(m => m("Authentication for socket {0} failed: {1}", temp.Identity, result.Value)); } return(authenticated); }
protected async Task <string> SaslStep(IConnection connection, string message, CancellationToken token) { using var op = new SaslStep { Key = "SCRAM-SHA1",//MechanismType.GetDescription(), Content = message, Transcoder = Transcoder, Timeout = Timeout }; return(await SendAsync(op, connection, token).ConfigureAwait(false)); }
protected async Task <string> SaslStep(IConnection connection, string message, IInternalSpan span, CancellationToken token) { using var childSpan = Tracer.InternalSpan(OperationNames.SaslStep, span); using var op = new SaslStep() { Key = "SCRAM-SHA1",//MechanismType.GetDescription(), Content = message, Transcoder = Transcoder, Timeout = Timeout, Span = childSpan, }; return(await SendAsync(op, connection, token).ConfigureAwait(false)); }
protected async Task <string> SaslStep(IConnection connection, string message, IRequestSpan span, CancellationToken token) { using var childSpan = span.ChildSpan(OuterRequestSpans.ServiceSpan.Internal.SaslStep); using var op = new SaslStep() { Key = "SCRAM-SHA1",//MechanismType.GetDescription(), Content = message, Timeout = Timeout, Span = childSpan, }; OperationConfigurator.Configure(op, SaslOptions.Instance); return(await SendAsync(op, connection, token).ConfigureAwait(false)); }
/// <summary> /// Authenticates a username and password using a specific <see cref="IConnection"/> instance. The password will /// be encrypted before being sent to the server. /// </summary> /// <param name="connection">An implementation of <see cref="IConnection"/> which represents a TCP connection to a Couchbase Server.</param> /// <param name="username">The username or bucket name to authentic against.</param> /// <param name="password">The password to authenticate against.</param> /// <returns>True if succesful.</returns> public bool Authenticate(IConnection connection, string username, string password) { var authenticated = false; Username = username; Password = password ?? string.Empty; var temp = connection; Log.Debug(m => m("Authenticating socket {0}", temp.Identity)); var operation = new SaslStart(MechanismType, null, _converter); var result = _ioStrategy.Execute(operation, connection); if (result.Status == ResponseStatus.AuthenticationContinue) { var challenge = result.Message; var reply = ComputeResponse(challenge); operation = new SaslStep(MechanismType, reply, _converter); result = _ioStrategy.Execute(operation, connection); } //even if the request succeeded, if the body doesn't contain 'Authenticated' then auth failed. authenticated = result.Status == ResponseStatus.Success && result.Value.Equals("Authenticated"); if (result.Status == ResponseStatus.AuthenticationError) { var tempResult = result; Log.Debug(m => m("Authentication for socket {0} failed: {1}", temp.Identity, tempResult.Message)); } else if (result.Status != ResponseStatus.Success) { var tempResult = result; Log.Debug(m => m("Authentication for socket {0} failed for a non-auth related reason: {1} - {2}", temp.Identity, tempResult.Message, tempResult.Status)); if (operation.Exception != null) { Log.Debug(m => m("Throwing exception for connection {0}", temp.Identity)); throw operation.Exception; } } else { Log.Debug(m => m("Authentication for socket {0} succeeded.", temp.Identity)); } return(authenticated); }
/// <summary> /// Authenticates a username and password using a specific <see cref="IConnection"/> instance. The password will /// be encrypted before being sent to the server. /// </summary> /// <param name="connection">An implementation of <see cref="IConnection"/> which represents a TCP connection to a Couchbase Server.</param> /// <param name="username">The username or bucket name to authentic against.</param> /// <param name="password">The password to authenticate against.</param> /// <returns>True if succesful.</returns> public bool Authenticate(IConnection connection, string username, string password) { Username = username; Password = password ?? string.Empty; var temp = connection; var operation = new SaslStart(MechanismType, (VBucket)null, _transcoder, SaslFactory.DefaultTimeout); Log.Debug("Authenticating socket {0} with opaque {1}", temp.Identity, operation.Opaque); var result = Execute(operation, connection); if (result.Status == ResponseStatus.AuthenticationContinue) { var challenge = result.Value; var reply = ComputeResponse(challenge); operation = new SaslStep(MechanismType, reply, _transcoder, SaslFactory.DefaultTimeout); result = Execute(operation, connection); } if (result.Status == ResponseStatus.AuthenticationError) { var tempResult = result; Log.Debug("Authentication for socket {0} failed: {1}", temp.Identity, tempResult.Message); } else if (result.Status != ResponseStatus.Success) { var tempResult = result; Log.Debug("Authentication for socket {0} failed for a non-auth related reason: {1} - {2}", temp.Identity, tempResult.Message, tempResult.Status); if (operation.Exception != null) { Log.Debug("Throwing exception for connection {0}", temp.Identity); throw operation.Exception; } } else { Log.Debug("Authentication for socket {0} succeeded.", temp.Identity); } return(result.Status == ResponseStatus.Success); }
public bool Authenticate(IConnection connection, string username, string password) { var authenticated = false; ClientFirstMessage = "n,,n=" + username + ",r=" + ClientNonce; ClientFirstMessageBare = ClientFirstMessage.Substring(3); Log.Debug("Client First Message {0} - {1}: {2} [U:{3}|P:{4}", connection.EndPoint, connection.Identity, ClientFirstMessage, username, password); var authOp = new SaslStart(MechanismType, ClientFirstMessage, _transcoder, SaslFactory.DefaultTimeout); var serverFirstResult = Execute(authOp, connection); if (serverFirstResult.Status == ResponseStatus.AuthenticationContinue) { Log.Debug("Server First Message {0} - {1}: {2}", connection.EndPoint, connection.Identity, serverFirstResult.Message); //get the server nonce, salt and iterationcount from the server var serverFirstMessage = DecodeResponse(serverFirstResult.Value); ServerNonce = serverFirstMessage["r"]; Salt = Convert.FromBase64String(serverFirstMessage["s"]); IterationCount = Convert.ToInt32(serverFirstMessage["i"]); //normalize and salt the password using the salt and iteration count var normalizedPassword = password.Normalize(NormalizationForm.FormKC); SaltedPassword = GetSaltedPassword(normalizedPassword); //build the final client message ClientFinalMessageNoProof = "c=biws,r=" + ServerNonce; ClientFinalMessage = ClientFinalMessageNoProof + ",p=" + Convert.ToBase64String(GetClientProof()); Log.Debug("Client Final Message {0} - {1}: {2}", connection.EndPoint, connection.Identity, ClientFinalMessage); //send the final client message authOp = new SaslStep(MechanismType, ClientFinalMessage, _transcoder, SaslFactory.DefaultTimeout); var serverFinalResult = Execute(authOp, connection); Log.Debug("Server Final Message {0} - {1}: {2}", connection.EndPoint, connection.Identity, serverFinalResult.Message); authenticated = serverFinalResult.Status == ResponseStatus.Success; } return(authenticated); }