void OnInit(SaslInit init) { // the client message is specified by RFC4616 // message = [authzid] UTF8NUL authcid UTF8NUL passwd // authcid and passwd should be prepared [SASLPrep] before // the verification process. string password = null; if (init.InitialResponse.Count > 0) { string message = Encoding.UTF8.GetString(init.InitialResponse.Array, init.InitialResponse.Offset, init.InitialResponse.Count); string[] items = message.Split('\0'); if (items.Length != 3) { throw new UnauthorizedAccessException(SaslPlainHandler.InvalidCredential); } this.AuthorizationIdentity = items[0]; this.AuthenticationIdentity = items[1]; password = items[2]; } if (string.IsNullOrEmpty(this.AuthenticationIdentity)) { throw new UnauthorizedAccessException(SaslPlainHandler.InvalidCredential); } if (this.authenticator != null) { this.authenticator.AuthenticateAsync(this.AuthenticationIdentity, password).ContinueWith((t) => this.CompleteNegotiation(t), TaskContinuationOptions.ExecuteSynchronously); } }
/// <summary> /// Server receives the client init that may contain the initial response message. /// </summary> void OnSaslInit(SaslInit init) { if (this.state != SaslState.WaitingForInit) { throw new AmqpException(AmqpErrorCode.IllegalState, AmqpResources.GetString(AmqpResources.AmqpIllegalOperationState, "R:SASL-INIT", this.state)); } this.state = SaslState.Negotiating; this.saslHandler = this.provider.GetHandler(init.Mechanism.Value, true); this.saslHandler.Start(this, init, false); }
public void Start(SaslNegotiator saslNegotiator, SaslInit init, bool isClient) { this.saslNegotiator = saslNegotiator; try { this.OnStart(init, isClient); } catch (Exception exception) when(!Fx.IsFatal(exception)) { this.saslNegotiator.CompleteNegotiation(SaslCode.Sys, exception); } }
/// <summary> /// Starts the SASL negotiation. /// </summary> /// <param name="init">The <see cref="SaslInit"/> performative to be sent.</param> /// <param name="isClient">true if it is the initiator, otherwise false.</param> protected override void OnStart(SaslInit init, bool isClient) { if (isClient) { string message = this.GetClientMessage(); init.InitialResponse = new ArraySegment <byte>(Encoding.UTF8.GetBytes(message)); this.Negotiator.WriteFrame(init, true); } else { this.OnInit(init); } }
protected override void OnStart(SaslInit init, bool isClient) { if (isClient) { this.Negotiator.WriteFrame(init, true); } else { // need a principal to mark the transport as 'authenticated' this.SetPrincipal(); this.Negotiator.CompleteNegotiation(SaslCode.Ok, null); } }
protected override void OnStart(SaslInit init, bool isClient) { if (isClient) { string message = this.GetClientMessage(); init.InitialResponse = new ArraySegment<byte>(Encoding.UTF8.GetBytes(message)); this.Negotiator.WriteFrame(init, true); } else { this.OnInit(init); } }
protected override void OnStart(SaslInit init, bool isClient) { if (isClient) { this.Negotiator.WriteFrame(init, true); } else { // at this point we should check if the client id is established // by other means (e.g. cert) and set a Pricipal, but we have // been using EXTERNAL to do CBS which is anonymous so we cannot // do the check here without breaking old clients this.Negotiator.CompleteNegotiation(SaslCode.Ok, null); } }
protected override void OnStart(SaslInit init, bool isClient) { if (isClient) { this.Negotiator.WriteFrame(init, true); } else { // need a principal to mark the transport as 'authenticated' this.Principal = new GenericPrincipal(new GenericIdentity("dummy-identity", "dummy-identity"), null); // at this point we should check if the client id is established // by other means (e.g. cert) and set a Pricipal, but we have // been using EXTERNAL to do CBS which is anonymous so we cannot // do the check here without breaking old clients this.Negotiator.CompleteNegotiation(SaslCode.Ok, null); } }
/// <summary> /// Starts the SASL negotiation. /// </summary> /// <param name="init">The <see cref="SaslInit"/> performative to be sent.</param> /// <param name="isClient">true if it is the initiator, otherwise false.</param> protected override void OnStart(SaslInit init, bool isClient) { if (isClient) { if (this.Identity != null) { init.InitialResponse = new ArraySegment <byte>(Encoding.UTF8.GetBytes(this.Identity)); } this.Negotiator.WriteFrame(init, true); } else { // server side. send outcome this.Negotiator.CompleteNegotiation(SaslCode.Ok, null); } }
public void Start(SaslNegotiator saslNegotiator, SaslInit init, bool isClient) { this.saslNegotiator = saslNegotiator; try { this.OnStart(init, isClient); } catch (Exception exception) { if (Fx.IsFatal(exception)) { throw; } this.saslNegotiator.CompleteNegotiation(SaslCode.Sys, exception); } }
/// <summary> /// Client receives the announced server mechanisms. /// </summary> void OnSaslServerMechanisms(SaslMechanisms mechanisms) { if (this.state != SaslState.WaitingForServerMechanisms) { throw new AmqpException(AmqpErrorCode.IllegalState, AmqpResources.GetString(AmqpResources.AmqpIllegalOperationState, "R:SASL-MECH", this.state)); } string mechanismToUse = null; foreach (string mechanism in this.provider.Mechanisms) { if (mechanisms.SaslServerMechanisms.Contains(new AmqpSymbol(mechanism))) { mechanismToUse = mechanism; break; } if (mechanismToUse != null) { break; } } if (mechanismToUse == null) { throw new AmqpException( AmqpErrorCode.NotFound, AmqpResources.GetString(AmqpResources.AmqpNotSupportMechanism, mechanisms.SaslServerMechanisms.ToString(), string.Join(",", this.provider.Mechanisms))); } this.state = SaslState.Negotiating; this.saslHandler = this.provider.GetHandler(mechanismToUse, true); SaslInit init = new SaslInit(); init.Mechanism = mechanismToUse; this.saslHandler.Start(this, init, true); }
protected abstract void OnStart(SaslInit init, bool isClient);