public override byte[] Handle(string path, Stream request, OSHttpRequest httpRequest, OSHttpResponse httpResponse) { NameValueCollection query; try { byte[] requestData = httpRequest.GetBody(); string queryString = HttpUtility.UrlDecode(requestData, Encoding.UTF8); query = HttpUtility.ParseQueryString(queryString); } catch (Exception) { CableBeachServerState.Log.Error("[CABLE BEACH SERVER]: Failed to parse the permission grant form"); httpResponse.StatusCode = (int)HttpStatusCode.BadRequest; return Encoding.UTF8.GetBytes("Failed to parse required form parameters"); } string confirm = OpenAuthHelper.GetQueryValue(query, "confirm"); string requestToken = OpenAuthHelper.GetQueryValue(query, "request_token").Replace(' ', '+'); OAuthRequest oauthRequest; if (!String.IsNullOrEmpty(confirm) && !String.IsNullOrEmpty(requestToken)) { if (CableBeachServerState.OAuthCurrentRequests.TryGetValue(requestToken, out oauthRequest)) { // Cache this permission grant CableBeachServerState.StorePermissionGrant(httpRequest, oauthRequest.Request.Callback.Authority); UserAuthorizationResponse oauthResponse = CableBeachServerState.MakeOAuthSuccessResponse(requestToken, oauthRequest); CableBeachServerState.Log.Info("[CABLE BEACH SERVER]: OAuth confirmation accepted, redirecting to " + oauthRequest.Request.Callback); return OpenAuthHelper.MakeOpenAuthResponse(httpResponse, CableBeachServerState.OAuthServiceProvider.Channel.PrepareResponse(oauthResponse)); } else { // TODO: We should be redirecting to the callback with a failure parameter set CableBeachServerState.Log.Warn("[CABLE BEACH SERVER]: Could not find an open request matching request token \"" + requestToken + "\""); return Encoding.UTF8.GetBytes("Expired or invalid OAuth session"); } } else { // TODO: We should be redirecting to the callback with a failure parameter set CableBeachServerState.Log.Warn("[CABLE BEACH SERVER]: OAuth confirmation was denied"); return Encoding.UTF8.GetBytes("Confirmation denied"); } }
void OpenIDLoginPostHandler(OSHttpRequest httpRequest, OSHttpResponse httpResponse) { byte[] requestData = httpRequest.GetBody(); string queryString = HttpUtility.UrlDecode(requestData, System.Text.Encoding.UTF8); NameValueCollection query = System.Web.HttpUtility.ParseQueryString(queryString); string openidIdentifier = query["openid_identifier"]; OpenIDLoginFormHandler(httpRequest, httpResponse, openidIdentifier); }
public HttpStatusCode InventoryPutHandler(OSHttpRequest request, string path, string username, string[] if_headers) { // TODO: Figure out ETAG checks byte[] assetData = request.GetBody(); if (assetData.Length == 0) return HttpStatusCode.BadRequest; string localPath = ""; UUID agentID = AgentIDFromRequestPath("inventory", "/", path, ref localPath); string[] pathParts = localPath.Split('/'); string assetName; if(localPath.EndsWith("/")) { assetName = pathParts[pathParts.Length - 2]; localPath = localPath.Substring(0, localPath.Length - (assetName.Length + 1)); } else { assetName = pathParts[pathParts.Length - 1]; localPath = localPath.Substring(0, localPath.Length - assetName.Length); } InventoryNodeBase invObject = PathToInventory(agentID, localPath); if (invObject != null) { if (invObject is InventoryFolderBase) { InventoryFolderBase parentFolder = (InventoryFolderBase)invObject; OpenSim.Framework.AssetMetadata assetMetadata = new OpenSim.Framework.AssetMetadata(); assetMetadata.ContentType = request.Headers["Content-type"]; assetMetadata.CreationDate = DateTime.Now; assetMetadata.Description = assetName; assetMetadata.ID = UUID.Random().ToString(); assetMetadata.Name = assetName; assetMetadata.Temporary = false; //assetMetadata.SHA256 = OpenMetaverse.Utils.SHA256(assetData); assetMetadata.SHA1 = OpenMetaverse.Utils.SHA1(assetData); sbyte type = CableBeachUtils.ContentTypeToSLAssetType(request.Headers["Content-type"]); AssetBase asset = new AssetBase(UUID.Random(), assetName, type); asset.Data = assetData; asset.Metadata = assetMetadata; string ret = m_AssetService.Store(asset); // Check if asset was created if (m_AssetService.GetMetadata(assetMetadata.ID) != null) { InventoryItemBase inventoryItem = new InventoryItemBase(); inventoryItem.AssetID = new UUID(assetMetadata.ID); inventoryItem.AssetType = parentFolder.Type; // TODO: conversion from long to int migth not be sufficient here inventoryItem.CreationDate = (int) DateTime.Now.Ticks; inventoryItem.CreatorId = agentID.ToString(); inventoryItem.Owner = agentID; inventoryItem.CurrentPermissions = 2147483647; inventoryItem.NextPermissions = 2147483647; inventoryItem.BasePermissions = 2147483647; inventoryItem.EveryOnePermissions = 2147483647; inventoryItem.GroupPermissions = 2147483647; inventoryItem.InvType = (int)CableBeachMessages.InventoryType.Object; inventoryItem.GroupOwned = false; inventoryItem.Description = assetMetadata.Description; inventoryItem.ID = UUID.Random(); inventoryItem.Name = assetMetadata.Name; inventoryItem.Folder = parentFolder.ID; inventoryItem.SalePrice = 0; if (m_InventoryService.AddItem(inventoryItem)) return HttpStatusCode.Created; //if (m_InventoryService.UpdateItem( } else { // failed asset creation, dont create inventory item either sender, send error back //return HttpStatusCode.PreconditionFailed & HttpStatusCode.InternalServerError; return HttpStatusCode.InternalServerError; } } } return HttpStatusCode.InternalServerError; }
void OpenIDServerPostHandler(OSHttpRequest httpRequest, OSHttpResponse httpResponse) { IRequest openidRequest = CableBeachState.Provider.GetRequest(OpenAuthHelper.GetRequestInfo(httpRequest)); if (openidRequest != null) { if (openidRequest is DotNetOpenAuth.OpenId.Provider.IAuthenticationRequest) { DotNetOpenAuth.OpenId.Provider.IAuthenticationRequest authRequest = (DotNetOpenAuth.OpenId.Provider.IAuthenticationRequest)openidRequest; ClaimsRequest claimsRequest = openidRequest.GetExtension<ClaimsRequest>(); byte[] postBody = httpRequest.GetBody(); if (authRequest.IsDirectedIdentity) { NameValueCollection postData = null; string first = null, last = null, pass = null; // Get the firstname, lastname, and password from the POST data if (postBody.Length > 0) { postData = HttpUtility.ParseQueryString(Encoding.UTF8.GetString(postBody, 0, postBody.Length), Encoding.UTF8); if (postData != null) { first = postData["first"]; last = postData["last"]; pass = postData["pass"]; } } if (!DoAuthentication(httpResponse, authRequest, claimsRequest, first, last, pass)) { m_log.Debug("[CABLE BEACH IDP]: (GET) Sending directed provider login form"); CableBeachState.SendProviderDirectedLoginTemplate(httpResponse, authRequest.Realm.ToString(), httpRequest, postData); } } else { // Identity already selected Uri claimedIdentity = (UriIdentifier)authRequest.ClaimedIdentifier; // Try and lookup this avatar UserProfileData profile; if (CableBeachState.TryGetProfile(claimedIdentity, out profile)) { NameValueCollection postData = null; string pass = null; // Get the password from the POST data if (postBody.Length > 0) { postData = HttpUtility.ParseQueryString(Encoding.UTF8.GetString(postBody, 0, postBody.Length), Encoding.UTF8); pass = (postData != null) ? postData["pass"] : null; } if (!DoAuthentication(httpResponse, authRequest, claimsRequest, profile, pass)) { m_log.Debug("[CABLE BEACH IDP]: (POST) Sending provider login form for " + profile.Name); CableBeachState.SendProviderLoginTemplate(httpResponse, profile.FirstName, profile.SurName, profile.ID, authRequest.Realm.ToString(), httpRequest, postData); } } else { m_log.Error("[CABLE BEACH IDP]: (POST) Attempted a non-directed login with an unknown identifier " + authRequest.ClaimedIdentifier); } } } if (openidRequest.IsResponseReady) OpenAuthHelper.OpenAuthResponseToHttp(httpResponse, CableBeachState.Provider.PrepareResponse(openidRequest)); } else { m_log.Warn("[CABLE BEACH IDP]: Got a POST to a URL with missing or invalid OpenID data: " + httpRequest.Url); OpenAuthHelper.AddToBody(httpResponse, ENDPOINT_PAGE); } }