Exemple #1
0
        private ClientMessage EncodeAuthenticationRequest()
        {
            var serializationService = _client.SerializationService;
            var serializationVersion = serializationService.GetVersion();

            var credentials = _client.CredentialsFactory.NewCredentials();
            var clusterName = _client.ClientConfig.GetClusterName();

            var dllVersion = VersionUtil.GetDllVersion();
            var clientGuid = _client.ClientGuid;

            if (credentials is IPasswordCredentials passwordCredentials)
            {
                return(ClientAuthenticationCodec.EncodeRequest(clusterName, passwordCredentials.Name,
                                                               passwordCredentials.Password, clientGuid, ClientTypeCsharp, serializationVersion, dllVersion, _client.Name,
                                                               _labels));
            }
            byte[] secretBytes;
            if (credentials is ITokenCredentials tokenCredentials)
            {
                secretBytes = tokenCredentials.Token;
            }
            else
            {
                secretBytes = serializationService.ToData(credentials).ToByteArray();
            }
            return(ClientAuthenticationCustomCodec.EncodeRequest(clusterName, secretBytes, clientGuid, ClientTypeCsharp,
                                                                 serializationVersion, dllVersion, _client.Name, _labels));
        }
        private ClientMessage EncodeAuthenticationRequest()
        {
            var serializationService = _client.SerializationService;
            var serializationVersion = serializationService.GetVersion();

            var credentials = _client.CredentialsFactory.NewCredentials();
            var clusterName = _client.Configuration.ClusterName;

            var dllVersion = VersionUtil.GetDllVersion();
            var clientGuid = _client.ClientGuid;

            switch (credentials)
            {
            case IPasswordCredentials passwordCredentials:
                return(ClientAuthenticationCodec.EncodeRequest(clusterName,
                                                               passwordCredentials.Name, passwordCredentials.Password,
                                                               clientGuid, ClientTypeCsharp, serializationVersion, dllVersion, _client.Name, _labels));

            case ITokenCredentials tokenCredentials:
                return(ClientAuthenticationCustomCodec.EncodeRequest(clusterName,
                                                                     tokenCredentials.Token,
                                                                     clientGuid, ClientTypeCsharp, serializationVersion, dllVersion, _client.Name, _labels));

            default:
                return(ClientAuthenticationCustomCodec.EncodeRequest(clusterName,
                                                                     serializationService.ToData(credentials).ToByteArray(),
                                                                     clientGuid, ClientTypeCsharp, serializationVersion, dllVersion, _client.Name, _labels));
            }
        }
Exemple #3
0
        private void ManagerAuthenticator(ClientConnection connection)
        {
            Logger.Finest("Authenticating against the owner node");
            var ss = _client.GetSerializationService();

            string uuid      = null;
            string ownerUuid = null;

            if (_principal != null)
            {
                uuid      = _principal.GetUuid();
                ownerUuid = _principal.GetOwnerUuid();
            }
            ClientMessage request;

            if (_credentials is UsernamePasswordCredentials)
            {
                var usernamePasswordCr = (UsernamePasswordCredentials)_credentials;
                request = ClientAuthenticationCodec.EncodeRequest(usernamePasswordCr.GetUsername(),
                                                                  usernamePasswordCr.GetPassword(), uuid, ownerUuid, true, ClientTypes.Csharp,
                                                                  _client.GetSerializationService().GetVersion(), VersionUtil.GetDllVersion());
            }
            else
            {
                var data = ss.ToData(_credentials);
                request = ClientAuthenticationCustomCodec.EncodeRequest(data, uuid, ownerUuid, false, ClientTypes.Csharp,
                                                                        _client.GetSerializationService().GetVersion(), VersionUtil.GetDllVersion());
            }

            IClientMessage response;

            try
            {
                var invocationService = (ClientInvocationService)_client.GetInvocationService();
                response = ThreadUtil.GetResult(invocationService.InvokeOnConnection(request, connection));
            }
            catch (Exception e)
            {
                throw ExceptionUtil.Rethrow(e);
            }
            var result = ClientAuthenticationCodec.DecodeResponse(response);

            if (result.address == null)
            {
                throw new HazelcastException("Could not resolve address for owner node.");
            }

            var member = new Member(result.address, result.ownerUuid);

            _principal = new ClientPrincipal(result.uuid, result.ownerUuid);

            connection.Member = member;
            connection.SetOwner();
            connection.ConnectedServerVersionStr = result.serverHazelcastVersion;
        }
        // tries to authenticate
        // returns a result if successful
        // returns null if failed due to credentials (may want to retry)
        // throws if anything else went wrong
        private async ValueTask <AuthenticationResult> TryAuthenticateAsync(MemberConnection client, string clusterName, Guid clusterClientId, string clusterClientName, ISet <string> labels, ICredentialsFactory credentialsFactory, CancellationToken cancellationToken)
        {
            const string clientType = "CSP"; // CSharp

            var serializationVersion = _serializationService.GetVersion();
            var clientVersion        = ClientVersion;
            var credentials          = credentialsFactory.NewCredentials();

            ClientMessage requestMessage;

            switch (credentials)
            {
            case IPasswordCredentials passwordCredentials:
                requestMessage = ClientAuthenticationCodec.EncodeRequest(clusterName, passwordCredentials.Name, passwordCredentials.Password, clusterClientId, clientType, serializationVersion, clientVersion, clusterClientName, labels);
                break;

            case ITokenCredentials tokenCredentials:
                requestMessage = ClientAuthenticationCustomCodec.EncodeRequest(clusterName, tokenCredentials.GetToken(), clusterClientId, clientType, serializationVersion, clientVersion, clusterClientName, labels);
                break;

            default:
                var bytes = _serializationService.ToData(credentials).ToByteArray();
                requestMessage = ClientAuthenticationCustomCodec.EncodeRequest(clusterName, bytes, clusterClientId, clientType, serializationVersion, clientVersion, clusterClientName, labels);
                break;
            }

            cancellationToken.ThrowIfCancellationRequested();

            HConsole.WriteLine(this, "Send auth request");
            var responseMessage = await client.SendAsync(requestMessage).CfAwait();

            HConsole.WriteLine(this, "Rcvd auth response");
            var response = ClientAuthenticationCodec.DecodeResponse(responseMessage);

            HConsole.WriteLine(this, "Auth response is: " + (AuthenticationStatus)response.Status);

            return((AuthenticationStatus)response.Status switch
            {
                AuthenticationStatus.Authenticated
                => new AuthenticationResult(response.ClusterId, response.MemberUuid, response.Address, response.ServerHazelcastVersion, response.FailoverSupported, response.PartitionCount, response.SerializationVersion, credentials.Name),

                AuthenticationStatus.CredentialsFailed
                => null,     // could want to retry

                AuthenticationStatus.NotAllowedInCluster
                => throw new AuthenticationException("Client is not allowed in cluster."),

                AuthenticationStatus.SerializationVersionMismatch
                => throw new AuthenticationException("Serialization mismatch."),

                _ => throw new AuthenticationException($"Received unsupported status code {response.Status}.")
            });
        private void ClusterAuthenticator(ClientConnection connection)
        {
            var ss             = _client.GetSerializationService();
            var clusterService = (ClientClusterService)_client.GetClientClusterService();
            var principal      = clusterService.GetPrincipal();

            var           uuid      = principal.GetUuid();
            var           ownerUuid = principal.GetOwnerUuid();
            ClientMessage request;

            var usernamePasswordCr = _credentials as UsernamePasswordCredentials;

            if (usernamePasswordCr != null)
            {
                request = ClientAuthenticationCodec.EncodeRequest(usernamePasswordCr.GetUsername(),
                                                                  usernamePasswordCr.GetPassword(), uuid, ownerUuid, false,
                                                                  ClientTypes.Csharp, _client.GetSerializationService().GetVersion(), VersionUtil.GetDllVersion());
            }
            else
            {
                var data = ss.ToData(_credentials);
                request = ClientAuthenticationCustomCodec.EncodeRequest(data, uuid, ownerUuid, false,
                                                                        ClientTypes.Csharp, _client.GetSerializationService().GetVersion(), VersionUtil.GetDllVersion());
            }

            IClientMessage response;

            try
            {
                var future = ((ClientInvocationService)_client.GetInvocationService()).InvokeOnConnection(request,
                                                                                                          connection);
                response = ThreadUtil.GetResult(future);
            }
            catch (Exception e)
            {
                throw ExceptionUtil.Rethrow(e);
            }
            var rp = ClientAuthenticationCodec.DecodeResponse(response);

            if (rp.address == null)
            {
                throw new HazelcastException("Could not resolve address for member.");
            }

            var member = _client.GetClientClusterService().GetMember(rp.address);

            if (member == null)
            {
                throw new HazelcastException("Node with address '" + rp.address + "' was not found in the member list");
            }
            connection.Member = member;
        }
Exemple #6
0
        private void Authenticate(ClientConnection connection, bool isOwnerConnection)
        {
            if (Logger.IsFinestEnabled())
            {
                Logger.Finest(string.Format("Authenticating against the {0} node", isOwnerConnection?"owner":"non-owner"));
            }
            string uuid      = null;
            string ownerUuid = null;

            if (ClientPrincipal != null)
            {
                uuid      = ClientPrincipal.GetUuid();
                ownerUuid = ClientPrincipal.GetOwnerUuid();
            }

            var           ss = _client.GetSerializationService();
            ClientMessage request;
            var           credentials = _credentialsFactory.NewCredentials();

            LastCredentials = credentials;
            if (credentials.GetType() == typeof(UsernamePasswordCredentials))
            {
                var usernamePasswordCr = (UsernamePasswordCredentials)credentials;
                request = ClientAuthenticationCodec.EncodeRequest(usernamePasswordCr.Username, usernamePasswordCr.Password, uuid,
                                                                  ownerUuid, isOwnerConnection, ClientTypes.Csharp, ss.GetVersion(), VersionUtil.GetDllVersion());
            }
            else
            {
                var data = ss.ToData(credentials);
                request = ClientAuthenticationCustomCodec.EncodeRequest(data, uuid, ownerUuid, isOwnerConnection,
                                                                        ClientTypes.Csharp, ss.GetVersion(), VersionUtil.GetDllVersion());
            }

            IClientMessage response;

            try
            {
                var invocationService = (ClientInvocationService)_client.GetInvocationService();
                response = ThreadUtil.GetResult(invocationService.InvokeOnConnection(request, connection), _heartbeatTimeout);
            }
            catch (Exception e)
            {
                var ue = ExceptionUtil.Rethrow(e);
                Logger.Finest("Member returned an exception during authentication.", ue);
                throw ue;
            }
            var result = ClientAuthenticationCodec.DecodeResponse(response);

            if (result.address == null)
            {
                throw new HazelcastException("Could not resolve address for member.");
            }
            switch (result.status)
            {
            case AuthenticationStatus.Authenticated:
                if (isOwnerConnection)
                {
                    var member = new Member(result.address, result.ownerUuid);
                    ClientPrincipal   = new ClientPrincipal(result.uuid, result.ownerUuid);
                    connection.Member = member;
                    connection.SetOwner();
                    connection.ConnectedServerVersionStr = result.serverHazelcastVersion;
                }
                else
                {
                    var member = _client.GetClientClusterService().GetMember(result.address);
                    if (member == null)
                    {
                        throw new HazelcastException(string.Format("Node with address '{0}' was not found in the member list",
                                                                   result.address));
                    }
                    connection.Member = member;
                }
                break;

            case AuthenticationStatus.CredentialsFailed:
                throw new AuthenticationException("Invalid credentials! Principal: " + ClientPrincipal);

            case AuthenticationStatus.SerializationVersionMismatch:
                throw new InvalidOperationException("Server serialization version does not match to client");

            default:
                throw new AuthenticationException("Authentication status code not supported. status: " + result.status);
            }
        }