internal void OnStreamElement(object sender, Node e) { if (m_XmppClient == null) return; if ( m_XmppClient.XmppConnectionState == XmppConnectionState.Securing || m_XmppClient.XmppConnectionState == XmppConnectionState.StartCompression) return; if (e is Features) { Features f = e as Features; if (!m_XmppClient.Authenticated) { // RECV: <stream:features><mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'> // <mechanism>DIGEST-MD5</mechanism><mechanism>PLAIN</mechanism> // </mechanisms> // <register xmlns='http://jabber.org/features/iq-register'/> // </stream:features> // SENT: <auth mechanism="DIGEST-MD5" xmlns="urn:ietf:params:xml:ns:xmpp-sasl"/> // Select a SASL mechanism SaslEventArgs args = new SaslEventArgs(f.Mechanisms); if (OnSaslStart != null) OnSaslStart(this, args); if (args.Auto) { // Library handles the Sasl stuff if (f.Mechanisms!=null) { if (m_XmppClient.UseStartTLS == false && m_XmppClient.UseSSL == false && f.Mechanisms.SupportsMechanism(MechanismType.X_GOOGLE_TOKEN) ) { // This is the only way to connect to GTalk on a unsecure Socket for now // Secure authentication is done over https requests to pass the // authentication credentials on a secure connection args.Mechanism = protocol.sasl.Mechanism.GetMechanismName(MechanismType.X_GOOGLE_TOKEN); } #if !(CF || CF_2) else if (m_XmppClient.UseSso && f.Mechanisms.SupportsMechanism(MechanismType.GSSAPI)) { args.Mechanism = protocol.sasl.Mechanism.GetMechanismName(MechanismType.GSSAPI); string kerbPrinc = f.Mechanisms.GetMechanism(MechanismType.GSSAPI).KerberosPrincipal; if (kerbPrinc != null) m_XmppClient.KerberosPrincipal = f.Mechanisms.GetMechanism(MechanismType.GSSAPI).KerberosPrincipal; } #endif else if (f.Mechanisms.SupportsMechanism(MechanismType.SCRAM_SHA_1)) { args.Mechanism = protocol.sasl.Mechanism.GetMechanismName(MechanismType.SCRAM_SHA_1); } else if (f.Mechanisms.SupportsMechanism(MechanismType.DIGEST_MD5)) { args.Mechanism = protocol.sasl.Mechanism.GetMechanismName(MechanismType.DIGEST_MD5); } else if (f.Mechanisms.SupportsMechanism(MechanismType.PLAIN)) { args.Mechanism = protocol.sasl.Mechanism.GetMechanismName(MechanismType.PLAIN); } else { args.Mechanism = null; } } else { // Hack for Google // TODO: i don't think we need this anymore. This was in an very early version of the gtalk server. args.Mechanism = null; //args.Mechanism = agsXMPP.protocol.sasl.Mechanism.GetMechanismName(agsXMPP.protocol.sasl.MechanismType.PLAIN); } } if (args.Mechanism != null) { m_Mechanism = Factory.SaslFactory.GetMechanism(args.Mechanism); // Set properties for the SASL mechanism m_Mechanism.Username = m_XmppClient.Username; m_Mechanism.Password = m_XmppClient.Password; m_Mechanism.Server = m_XmppClient.Server; m_Mechanism.ExtentedData = args.ExtentedData; // Call Init Method on the mechanism m_Mechanism.Init(m_XmppClient); } else { m_XmppClient.RequestLoginInfo(); } } else if(!m_XmppClient.Binded) { if (f.SupportsBind) { m_XmppClient.DoChangeXmppConnectionState(XmppConnectionState.Binding); BindIq bIq = string.IsNullOrEmpty(m_XmppClient.Resource) ? new BindIq(IqType.set) : new BindIq(IqType.set, m_XmppClient.Resource); m_XmppClient.IqGrabber.SendIq(bIq, BindResult, null); } } } else if (e is Challenge) { if (m_Mechanism != null && !m_XmppClient.Authenticated) { m_Mechanism.Parse(e); } } else if (e is Success) { // SASL authentication was successfull if (OnSaslEnd!=null) OnSaslEnd(this); m_XmppClient.DoChangeXmppConnectionState(XmppConnectionState.Authenticated); m_Mechanism = null; m_XmppClient.Reset(); } else if (e is Failure) { // Authentication failure m_XmppClient.FireOnAuthError(e as Element); } }
/// <summary> /// Configure Sasl not to use auto and PLAIN for authentication /// </summary> /// <param name="sender">object</param> /// <param name="saslEventArgs">SaslEventArgs</param> private void SaslStartHandler(object sender, SaslEventArgs saslEventArgs) { saslEventArgs.Auto = false; saslEventArgs.Mechanism = "PLAIN"; }
private void m_SaslHandler_OnSaslStart(object sender, SaslEventArgs args) { // This acts only as a tunnel to the client if (OnSaslStart!=null) OnSaslStart(this, args); }