/// <summary>
/// RPC endpoint for clients to actually authenticate after requesting authentication and
/// computing a signature from the authentication challenge.
/// </summary>
/// <seealso cref="M:WampSharp.Cra.IWampCraProcedures.Auth(string)"/>
public WampCraPermissions Auth(string signature)
{
ValidateAuthState();
CheckSignature(signature);
// At this point, the client has successfully authenticated!
// Get the permissions we determined earlier
WampCraPermissions perms = mPendingAuth.Permissions;
// Delete auth request and mark client as authenticated
string authKey = mPendingAuth.AuthInfo.authkey;
mAuthenticated = true;
mPendingAuth = null;
// TODO: If implementing a pending auth timeout, here is where you would cancel it
// TODO: (_clientAuthTimeoutCall in autobahn python)
RaiseOnAuthenticated(authKey, perms);
// Return permissions to client
mPermissions.AddPermissions(perms);
return(perms);
}
public void AddPermissions(WampCraPermissions permissions)
{
foreach (WampRpcPermissions rpc in permissions.rpc)
{
AddRpcPermission(rpc);
}
foreach (WampPubSubPermissions pubsub in permissions.pubsub)
{
AddPubSubPermission(pubsub);
}
}
private void RaiseOnAuthenticated(string authKey, WampCraPermissions perms)
{
// Fire authentication callback
try
{
OnAuthenticated(authKey, perms);
}
catch (WampRpcCallException e)
{
mAuthenticated = false;
throw;
}
catch (Exception e)
{
mAuthenticated = false;
ThrowHelper.InvalidSignature(e);
}
}
/// <summary>
/// RPC endpoint for clients to initiate the authentication handshake.
/// </summary>
/// <seealso cref="M:WampSharp.Cra.IWampCraProcedures.AuthReq(string,IDictionary{string,string})"/>
public string AuthReq(string authKey, IDictionary <string, string> extra)
{
ValidateAuthReqStatus(authKey);
string authSecret = GetAuthReqSecret(authKey);
// each authentication request gets a unique authid, which can only be used (later) once!
string authid = mIdGenerator.Generate();
//check extra
if (extra == null)
{
extra = new Dictionary <string, string>();
}
Dictionary <string, string> extraAuth = new Dictionary <string, string>(extra);
WampCraPermissions permissions = GetAuthReqPermissions(authKey, extraAuth);
WampCraChallenge info =
new WampCraChallenge(authid, authKey, DateTime.UtcNow, mClientSessionId, extra, permissions, extraAuth);
mAuthKey = authKey;
if (string.IsNullOrEmpty(authKey))
{
// anonymous session
mPendingAuth = new WampCraPendingAuth(info, null, permissions);
return(null);
}
// authenticated session
string infoser = mFormatter.Serialize(info).ToString();
string sig = WampCraHelpers.AuthSignature(infoser, authSecret, info.authextra);
mPendingAuth = new WampCraPendingAuth(info, sig, permissions);
return(infoser);
}
private WampCraPermissions GetAuthReqPermissions(string authKey, Dictionary <string, string> extraAuth)
{
WampCraPermissions permissions;
try
{
permissions = GetAuthPermissions(authKey, extraAuth);
}
catch (WampRpcCallException e)
{
throw;
}
catch (Exception e)
{
throw new WampRpcCallException("http://api.wamp.ws/error#auth-permissions-error", e.Message, null);
}
if (permissions == null)
{
permissions = new WampCraPermissions();
}
return(permissions);
}
public WampCraChallenge(string authId, string authKey, DateTime timestamp, string sessionId, IDictionary <string, string> extra, WampCraPermissions permissions = null, IDictionary <string, string> authextra = null)
{
this.authid = authId;
this.authkey = authKey;
this.timestamp = timestamp;
this.sessionid = sessionId;
this.extra = extra;
this.permissions = permissions ?? new WampCraPermissions();
this.authextra = authextra;
}
/// <summary> /// Called after the user is successfully authenticated. This call is the last opportunity for /// you to set the WampPermissions, as these will be used to determine rpc and pub/sub operations /// for the remainder of this session. /// </summary> /// <remarks> /// NOTE: Throwing an exception here could put you in a bad state. We'll send an error to the /// client, and make them unauthenticated in this case. /// </remarks> /// <param name="authKey">Authentication key, such as user name or application name.</param> /// <param name="permissions">The permissions initially granted in the call to /// GetAuthPermissions(). You could change these, and the updated copy is what will be returned /// to the client from its call to auth().</param> public abstract void OnAuthenticated(string authKey, WampCraPermissions permissions);
