internal ManagementServiceAuthenticator(IAuthenticationMechanism parentAuthenticationMechanism, string networkAddress)
{
ApiVersion = parentAuthenticationMechanism.ApiVersion;
IgnoreSsl = parentAuthenticationMechanism.IgnoreSsl;
ValidationCallback = parentAuthenticationMechanism.ValidationCallback;
NetworkAddress = networkAddress;
}
/// <inheritdoc />
protected override void OnStatusChanged(SecurityStatus from, SecurityStatus to)
{
if (to == SecurityStatus.Unauthenticated)
{
_filteredAuthenticationMechanism = null;
_selectedAuthenticationMechanism = null;
foreach (var authenticationMechanism in SelectedHost.AuthenticationMechanisms)
{
authenticationMechanism.Reset();
}
}
else if (to == SecurityStatus.Authenticated)
{
_selectedAuthorizationMechanism = null;
_filteredAuthorizationMechanism = null;
foreach (var authorizationMechanism in SelectedHost.AuthorizationMechanisms)
{
authorizationMechanism.Reset(SelectedAuthenticationMechanism);
}
if (from == SecurityStatus.Unauthenticated || from == SecurityStatus.NeedSecurityData)
{
// Successfull AUTH or ADAT
_selectedAuthenticationMechanism = _filteredAuthenticationMechanism;
}
}
else if (to == SecurityStatus.Authorized)
{
_selectedAuthorizationMechanism = _filteredAuthorizationMechanism;
}
}
public SafeguardConnection(IAuthenticationMechanism authenticationMechanism)
{
_authenticationMechanism = authenticationMechanism;
var safeguardCoreUrl = $"https://{_authenticationMechanism.NetworkAddress}/service/core/v{_authenticationMechanism.ApiVersion}";
_coreClient = new RestClient(safeguardCoreUrl);
var safeguardApplianceUrl = $"https://{_authenticationMechanism.NetworkAddress}/service/appliance/v{_authenticationMechanism.ApiVersion}";
_applianceClient = new RestClient(safeguardApplianceUrl);
var safeguardNotificationUrl = $"https://{_authenticationMechanism.NetworkAddress}/service/notification/v{_authenticationMechanism.ApiVersion}";
_notificationClient = new RestClient(safeguardNotificationUrl);
if (authenticationMechanism.IgnoreSsl)
{
_coreClient.RemoteCertificateValidationCallback += (sender, certificate, chain, errors) => true;
_applianceClient.RemoteCertificateValidationCallback += (sender, certificate, chain, errors) => true;
_notificationClient.RemoteCertificateValidationCallback += (sender, certificate, chain, errors) => true;
}
else if (authenticationMechanism.ValidationCallback != null)
{
_coreClient.RemoteCertificateValidationCallback += authenticationMechanism.ValidationCallback;
_applianceClient.RemoteCertificateValidationCallback += authenticationMechanism.ValidationCallback;
_notificationClient.RemoteCertificateValidationCallback += authenticationMechanism.ValidationCallback;
}
_lazyStreamingRequest = new Lazy <IStreamingRequest>(() =>
{
return(new StreamingRequest(_authenticationMechanism, () => _disposed));
});
}
private async Task <IFtpResponse> HandleAuthAsync(string argument, CancellationToken cancellationToken)
{
var authenticationMechanism = SelectedHost.AuthenticationMechanisms
.SingleOrDefault(x => x.CanHandle(argument));
if (authenticationMechanism == null)
{
return(new FtpResponse(504, T("Unsupported security mechanism")));
}
_filteredAuthenticationMechanism = authenticationMechanism;
return(await authenticationMechanism.HandleAuthAsync(argument, cancellationToken).ConfigureAwait(false));
}
internal SafeguardManagementServiceConnection(IAuthenticationMechanism parentAuthenticationMechanism, string networkAddress)
: base(new ManagementServiceAuthenticator(parentAuthenticationMechanism, networkAddress))
{
var safeguardManagementUrl = $"https://{_authenticationMechanism.NetworkAddress}/service/management/v{_authenticationMechanism.ApiVersion}";
_managementClient = new RestClient(safeguardManagementUrl);
if (_authenticationMechanism.IgnoreSsl)
{
_managementClient.RemoteCertificateValidationCallback += (sender, certificate, chain, errors) => true;
}
else if (_authenticationMechanism.ValidationCallback != null)
{
_managementClient.RemoteCertificateValidationCallback += _authenticationMechanism.ValidationCallback;
}
}
public override async Task ExecuteAsync(SmtpSession smtpSession, CancellationToken token)
{
string[] parts = Arguments.Split(new [] { ' ' }, 2);
if (parts == null || parts.Length == 0 || parts.Length > 2)
{
await smtpSession.SendReplyAsync(ReplyCode.InvalidArguments, "Expected mechanism and optional initial response", token);
return;
}
string mechanismName = parts[0];
IAuthenticationMechanism mechanism = smtpSession.ImplementationFactory.Authentication.Get(mechanismName);
if (mechanism == null)
{
await smtpSession.SendReplyAsync(ReplyCode.InvalidArguments, "Unknown mechanism", token);
return;
}
var authSession = mechanism.CreateSession(smtpSession);
UserData userData;
try
{
userData = await authSession.AuthenticateAsync(smtpSession.UserStore, token, false);
}
catch (ArgumentException)
{
await smtpSession.SendReplyAsync(ReplyCode.InvalidArguments, "Invalid arguments", token);
return;
}
smtpSession.AuthenticatedUser = userData;
await smtpSession.SendReplyAsync(ReplyCode.AuthenticationComplete, "Authentication unsuccessful", token);
}
/// <inheritdoc />
public void Activate(IAuthenticationMechanism authenticationMechanism)
{
_selectedAuthenticationMechanism = _filteredAuthenticationMechanism =
_preselectedAuthenticationMechanism = authenticationMechanism;
SetStatus(SecurityStatus.Authenticated);
}
internal StreamingRequest(IAuthenticationMechanism authenticationMechanism, Func <bool> isDisposed)
{
_authenticationMechanism = authenticationMechanism;
_isDisposed = isDisposed;
_lazyHttpClient = new Lazy <HttpClient>(() => CreateHttpClient(_progressMessageHandler));
}
/// <inheritdoc /> public abstract void Reset(IAuthenticationMechanism authenticationMechanism);
