/// <summary>
/// Start an authorization action on the default context by polling the backend socket of a ZActor.
/// </summary>
/// <param name="backend">ZActor backend socket.</param>
/// <param name="cancellor">Thread cancellation called when ZActor is disposed.</param>
/// <param name="args">Arguments given to the ZActor. If the first object in this list is a a ZCertStore
/// this ZCertStore is used for ZCert handling.</param>
public static void Action0(ZSocket backend, System.Threading.CancellationTokenSource cancellor, object[] args)
{
ZCertStore certStore = args != null && args.Length > 0 && args[0] is ZCertStore ? args[0] as ZCertStore : null;
using (ZAuth self = new ZAuth(backend, certStore))
{
Run(cancellor, self);
}
}
/// <summary>
/// Send a ZAP reply to the handler socket
/// </summary>
/// <param name="status_code"></param>
/// <param name="status_text"></param>
/// <param name="metadata"></param>
/// <returns></returns>
public int RequestReply(string status_code, string status_text, byte[] metadata)
{
if (Verbose)
{
ZAuth.Info(string.Format("zauth: - ZAP reply status_code={0} status_text={1}", status_code, status_text));
}
ZMessage msg = new ZMessage();
msg.Add(new ZFrame("1.0"));
msg.Add(new ZFrame(Sequence));
msg.Add(new ZFrame(status_code));
msg.Add(new ZFrame(status_text));
msg.Add(new ZFrame(UserId != null ? UserId : ""));
// rc = zmsg_addmem(msg, metadata, metasize);
msg.Add(new ZFrame(metadata));
handler.SendMessage(msg);
return(0);
}
private static void Run(System.Threading.CancellationTokenSource cancellor, ZAuth self)
{
while (!self.Terminated && !cancellor.IsCancellationRequested)
{
ZMessage[] msg;
ZError error;
// we only poll for 50 ms so we can look at the cancellation flags from time to time...
TimeSpan?wait = TimeSpan.FromMilliseconds(50);
if (self.sockets.PollIn(self.pollers, out msg, out error, wait))
{
if (msg != null && msg.Length == 2)
{
if (msg[PIPE] != null)
{
// process self
self.HandlePipe(msg[PIPE]);
}
if (msg[HANDLER] != null)
{
// process authorization
self.Authenticate(msg[HANDLER]);
}
}
}
else
{
if (error == ZError.ETERM)
{
break;
}
if (error != ZError.EAGAIN)
{
throw new ZException(error);
}
}
}
}
/// <summary>
/// Receive a valid ZAP request from the handler socket
/// </summary>
/// <param name="handler"></param>
/// <param name="request"></param>
/// <param name="verbose"></param>
public ZAP(ZSocket handler, ZMessage request, bool verbose)
{
// Store handler socket so we can send a reply easily
this.handler = handler;
Verbose = verbose;
if (request.Count == 0)
{
return;
}
// Get all standard frames off the handler socket
Version = request.Pop().ReadLine();
Sequence = request.Pop().ReadLine();
Domain = request.Pop().ReadLine();
Address = request.Pop().ReadLine();
Identity = request.Pop().ReadLine();
Mechanism = request.Pop().ReadLine();
Mechanism = string.IsNullOrEmpty(Mechanism) ? "" : Mechanism;
Version = string.IsNullOrEmpty(Version) ? "" : Version;
Sequence = string.IsNullOrEmpty(Sequence) ? "" : Sequence;
Domain = string.IsNullOrEmpty(Domain) ? "" : Domain;
Address = string.IsNullOrEmpty(Address) ? "" : Address;
Identity = string.IsNullOrEmpty(Identity) ? "" : Identity;
// If the version is wrong, we're linked with a bogus libzmq, so die
if (Version != "1.0")
{
return;
}
// Get mechanism-specific frames
if (Mechanism == "PLAIN")
{
Username = request.Pop().ReadLine();
Password = request.Pop().ReadLine();
Username = string.IsNullOrEmpty(Username) ? "" : Username;
Password = string.IsNullOrEmpty(Password) ? "" : Password;
}
else
if (Mechanism == "CURVE")
{
ZFrame frame = request.Pop();
if (frame.Length != 32)
{
return;
}
ZCert cert = new ZCert(frame.Read(), new byte[32]);
ClientTxt = cert.PublicTxt;
}
else
if (Mechanism == "GSSAPI")
{
Principal = request.Pop().ReadLine();
}
if (Verbose)
{
ZAuth.Info(string.Format("zauth: ZAP request mechanism={0} ipaddress={1}", Mechanism, Address));
}
}