// tries to authenticate // returns a result if successful // returns null if failed due to credentials (may want to retry) // throws if anything else went wrong private async ValueTask <AuthenticationResult> TryAuthenticateAsync(MemberConnection client, string clusterName, Guid clusterClientId, string clusterClientName, ISet <string> labels, ICredentialsFactory credentialsFactory, CancellationToken cancellationToken) { const string clientType = "CSP"; // CSharp var serializationVersion = _serializationService.GetVersion(); var clientVersion = ClientVersion; var credentials = credentialsFactory.NewCredentials(); ClientMessage requestMessage; switch (credentials) { case IPasswordCredentials passwordCredentials: requestMessage = ClientAuthenticationCodec.EncodeRequest(clusterName, passwordCredentials.Name, passwordCredentials.Password, clusterClientId, clientType, serializationVersion, clientVersion, clusterClientName, labels); break; case ITokenCredentials tokenCredentials: requestMessage = ClientAuthenticationCustomCodec.EncodeRequest(clusterName, tokenCredentials.GetToken(), clusterClientId, clientType, serializationVersion, clientVersion, clusterClientName, labels); break; default: var bytes = _serializationService.ToData(credentials).ToByteArray(); requestMessage = ClientAuthenticationCustomCodec.EncodeRequest(clusterName, bytes, clusterClientId, clientType, serializationVersion, clientVersion, clusterClientName, labels); break; } cancellationToken.ThrowIfCancellationRequested(); HConsole.WriteLine(this, "Send auth request"); var responseMessage = await client.SendAsync(requestMessage).CfAwait(); HConsole.WriteLine(this, "Rcvd auth response"); var response = ClientAuthenticationCodec.DecodeResponse(responseMessage); HConsole.WriteLine(this, "Auth response is: " + (AuthenticationStatus)response.Status); return((AuthenticationStatus)response.Status switch { AuthenticationStatus.Authenticated => new AuthenticationResult(response.ClusterId, response.MemberUuid, response.Address, response.ServerHazelcastVersion, response.FailoverSupported, response.PartitionCount, response.SerializationVersion, credentials.Name), AuthenticationStatus.CredentialsFailed => null, // could want to retry AuthenticationStatus.NotAllowedInCluster => throw new AuthenticationException("Client is not allowed in cluster."), AuthenticationStatus.SerializationVersionMismatch => throw new AuthenticationException("Serialization mismatch."), _ => throw new AuthenticationException($"Received unsupported status code {response.Status}.") });
private void Authenticate(ClientConnection connection, bool isOwnerConnection) { if (Logger.IsFinestEnabled()) { Logger.Finest(string.Format("Authenticating against the {0} node", isOwnerConnection?"owner":"non-owner")); } string uuid = null; string ownerUuid = null; if (ClientPrincipal != null) { uuid = ClientPrincipal.GetUuid(); ownerUuid = ClientPrincipal.GetOwnerUuid(); } var ss = _client.GetSerializationService(); ClientMessage request; var credentials = _credentialsFactory.NewCredentials(); LastCredentials = credentials; if (credentials.GetType() == typeof(UsernamePasswordCredentials)) { var usernamePasswordCr = (UsernamePasswordCredentials)credentials; request = ClientAuthenticationCodec.EncodeRequest(usernamePasswordCr.Username, usernamePasswordCr.Password, uuid, ownerUuid, isOwnerConnection, ClientTypes.Csharp, ss.GetVersion(), VersionUtil.GetDllVersion()); } else { var data = ss.ToData(credentials); request = ClientAuthenticationCustomCodec.EncodeRequest(data, uuid, ownerUuid, isOwnerConnection, ClientTypes.Csharp, ss.GetVersion(), VersionUtil.GetDllVersion()); } IClientMessage response; try { var invocationService = (ClientInvocationService)_client.GetInvocationService(); response = ThreadUtil.GetResult(invocationService.InvokeOnConnection(request, connection), _heartbeatTimeout); } catch (Exception e) { var ue = ExceptionUtil.Rethrow(e); Logger.Finest("Member returned an exception during authentication.", ue); throw ue; } var result = ClientAuthenticationCodec.DecodeResponse(response); if (result.address == null) { throw new HazelcastException("Could not resolve address for member."); } switch (result.status) { case AuthenticationStatus.Authenticated: if (isOwnerConnection) { var member = new Member(result.address, result.ownerUuid); ClientPrincipal = new ClientPrincipal(result.uuid, result.ownerUuid); connection.Member = member; connection.SetOwner(); connection.ConnectedServerVersionStr = result.serverHazelcastVersion; } else { var member = _client.GetClientClusterService().GetMember(result.address); if (member == null) { throw new HazelcastException(string.Format("Node with address '{0}' was not found in the member list", result.address)); } connection.Member = member; } break; case AuthenticationStatus.CredentialsFailed: throw new AuthenticationException("Invalid credentials! Principal: " + ClientPrincipal); case AuthenticationStatus.SerializationVersionMismatch: throw new InvalidOperationException("Server serialization version does not match to client"); default: throw new AuthenticationException("Authentication status code not supported. status: " + result.status); } }