void OnInit(SaslInit init)
{
// the client message is specified by RFC4616
// message = [authzid] UTF8NUL authcid UTF8NUL passwd
// authcid and passwd should be prepared [SASLPrep] before
// the verification process.
string password = null;
if (init.InitialResponse.Count > 0)
{
string message = Encoding.UTF8.GetString(init.InitialResponse.Array, init.InitialResponse.Offset, init.InitialResponse.Count);
string[] items = message.Split('\0');
if (items.Length != 3)
{
throw new UnauthorizedAccessException(SaslPlainHandler.InvalidCredential);
}
this.AuthorizationIdentity = items[0];
this.AuthenticationIdentity = items[1];
password = items[2];
}
if (string.IsNullOrEmpty(this.AuthenticationIdentity))
{
throw new UnauthorizedAccessException(SaslPlainHandler.InvalidCredential);
}
if (this.authenticator != null)
{
this.authenticator.AuthenticateAsync(this.AuthenticationIdentity, password).ContinueWith((t) => this.CompleteNegotiation(t), TaskContinuationOptions.ExecuteSynchronously);
}
}
void OnInit(SaslInit init)
{
// the client message is specified by RFC4616
// message = [authzid] UTF8NUL authcid UTF8NUL passwd
// authcid and passwd should be prepared [SASLPrep] before
// the verification process.
string password = null;
if (init.InitialResponse.Count > 0)
{
string message = Encoding.UTF8.GetString(init.InitialResponse.Array, init.InitialResponse.Offset, init.InitialResponse.Count);
string[] items = message.Split('\0');
if (items.Length != 3)
{
throw new UnauthorizedAccessException(SaslPlainHandler.InvalidCredential);
}
this.AuthorizationIdentity = items[0];
this.AuthenticationIdentity = items[1];
password = items[2];
}
if (string.IsNullOrEmpty(this.AuthenticationIdentity))
{
throw new UnauthorizedAccessException(SaslPlainHandler.InvalidCredential);
}
if (this.authenticator != null)
{
this.authenticator.AuthenticateAsync(this.AuthenticationIdentity, password).ContinueWith((t) => this.CompleteNegotiation(t), TaskContinuationOptions.ExecuteSynchronously);
}
}
/// <summary>
/// Server receives the client init that may contain the initial response message.
/// </summary>
void OnSaslInit(SaslInit init)
{
if (this.state != SaslState.WaitingForInit)
{
throw new AmqpException(AmqpErrorCode.IllegalState, AmqpResources.GetString(AmqpResources.AmqpIllegalOperationState, "R:SASL-INIT", this.state));
}
this.state = SaslState.Negotiating;
this.saslHandler = this.provider.GetHandler(init.Mechanism.Value, true);
this.saslHandler.Start(this, init, false);
}
public void Start(SaslNegotiator saslNegotiator, SaslInit init, bool isClient)
{
this.saslNegotiator = saslNegotiator;
try
{
this.OnStart(init, isClient);
}
catch (Exception exception) when(!Fx.IsFatal(exception))
{
this.saslNegotiator.CompleteNegotiation(SaslCode.Sys, exception);
}
}
/// <summary>
/// Starts the SASL negotiation.
/// </summary>
/// <param name="init">The <see cref="SaslInit"/> performative to be sent.</param>
/// <param name="isClient">true if it is the initiator, otherwise false.</param>
protected override void OnStart(SaslInit init, bool isClient)
{
if (isClient)
{
string message = this.GetClientMessage();
init.InitialResponse = new ArraySegment <byte>(Encoding.UTF8.GetBytes(message));
this.Negotiator.WriteFrame(init, true);
}
else
{
this.OnInit(init);
}
}
protected override void OnStart(SaslInit init, bool isClient)
{
if (isClient)
{
this.Negotiator.WriteFrame(init, true);
}
else
{
// need a principal to mark the transport as 'authenticated'
this.SetPrincipal();
this.Negotiator.CompleteNegotiation(SaslCode.Ok, null);
}
}
protected override void OnStart(SaslInit init, bool isClient)
{
if (isClient)
{
string message = this.GetClientMessage();
init.InitialResponse = new ArraySegment<byte>(Encoding.UTF8.GetBytes(message));
this.Negotiator.WriteFrame(init, true);
}
else
{
this.OnInit(init);
}
}
protected override void OnStart(SaslInit init, bool isClient)
{
if (isClient)
{
this.Negotiator.WriteFrame(init, true);
}
else
{
// at this point we should check if the client id is established
// by other means (e.g. cert) and set a Pricipal, but we have
// been using EXTERNAL to do CBS which is anonymous so we cannot
// do the check here without breaking old clients
this.Negotiator.CompleteNegotiation(SaslCode.Ok, null);
}
}
protected override void OnStart(SaslInit init, bool isClient)
{
if (isClient)
{
this.Negotiator.WriteFrame(init, true);
}
else
{
// need a principal to mark the transport as 'authenticated'
this.Principal = new GenericPrincipal(new GenericIdentity("dummy-identity", "dummy-identity"), null);
// at this point we should check if the client id is established
// by other means (e.g. cert) and set a Pricipal, but we have
// been using EXTERNAL to do CBS which is anonymous so we cannot
// do the check here without breaking old clients
this.Negotiator.CompleteNegotiation(SaslCode.Ok, null);
}
}
protected override void OnStart(SaslInit init, bool isClient)
{
if (isClient)
{
this.Negotiator.WriteFrame(init, true);
}
else
{
// need a principal to mark the transport as 'authenticated'
this.Principal = new GenericPrincipal(new GenericIdentity("dummy-identity", "dummy-identity"), null);
// at this point we should check if the client id is established
// by other means (e.g. cert) and set a Pricipal, but we have
// been using EXTERNAL to do CBS which is anonymous so we cannot
// do the check here without breaking old clients
this.Negotiator.CompleteNegotiation(SaslCode.Ok, null);
}
}
/// <summary>
/// Starts the SASL negotiation.
/// </summary>
/// <param name="init">The <see cref="SaslInit"/> performative to be sent.</param>
/// <param name="isClient">true if it is the initiator, otherwise false.</param>
protected override void OnStart(SaslInit init, bool isClient)
{
if (isClient)
{
if (this.Identity != null)
{
init.InitialResponse = new ArraySegment <byte>(Encoding.UTF8.GetBytes(this.Identity));
}
this.Negotiator.WriteFrame(init, true);
}
else
{
// server side. send outcome
this.Negotiator.CompleteNegotiation(SaslCode.Ok, null);
}
}
public void Start(SaslNegotiator saslNegotiator, SaslInit init, bool isClient)
{
this.saslNegotiator = saslNegotiator;
try
{
this.OnStart(init, isClient);
}
catch (Exception exception)
{
if (Fx.IsFatal(exception))
{
throw;
}
this.saslNegotiator.CompleteNegotiation(SaslCode.Sys, exception);
}
}
/// <summary>
/// Client receives the announced server mechanisms.
/// </summary>
void OnSaslServerMechanisms(SaslMechanisms mechanisms)
{
if (this.state != SaslState.WaitingForServerMechanisms)
{
throw new AmqpException(AmqpErrorCode.IllegalState, AmqpResources.GetString(AmqpResources.AmqpIllegalOperationState, "R:SASL-MECH", this.state));
}
string mechanismToUse = null;
foreach (string mechanism in this.provider.Mechanisms)
{
if (mechanisms.SaslServerMechanisms.Contains(new AmqpSymbol(mechanism)))
{
mechanismToUse = mechanism;
break;
}
if (mechanismToUse != null)
{
break;
}
}
if (mechanismToUse == null)
{
throw new AmqpException(
AmqpErrorCode.NotFound,
AmqpResources.GetString(AmqpResources.AmqpNotSupportMechanism, mechanisms.SaslServerMechanisms.ToString(), string.Join(",", this.provider.Mechanisms)));
}
this.state = SaslState.Negotiating;
this.saslHandler = this.provider.GetHandler(mechanismToUse, true);
SaslInit init = new SaslInit();
init.Mechanism = mechanismToUse;
this.saslHandler.Start(this, init, true);
}
protected abstract void OnStart(SaslInit init, bool isClient);
/// <summary>
/// Client receives the announced server mechanisms.
/// </summary>
void OnSaslServerMechanisms(SaslMechanisms mechanisms)
{
if (this.state != SaslState.WaitingForServerMechanisms)
{
throw new AmqpException(AmqpErrorCode.IllegalState, AmqpResources.GetString(AmqpResources.AmqpIllegalOperationState, "R:SASL-MECH", this.state));
}
string mechanismToUse = null;
foreach (string mechanism in this.provider.Mechanisms)
{
if (mechanisms.SaslServerMechanisms.Contains(new AmqpSymbol(mechanism)))
{
mechanismToUse = mechanism;
break;
}
if (mechanismToUse != null)
{
break;
}
}
if (mechanismToUse == null)
{
throw new AmqpException(
AmqpErrorCode.NotFound,
AmqpResources.GetString(AmqpResources.AmqpNotSupportMechanism, mechanisms.SaslServerMechanisms.ToString(), string.Join(",", this.provider.Mechanisms)));
}
this.state = SaslState.Negotiating;
this.saslHandler = this.provider.GetHandler(mechanismToUse, true);
SaslInit init = new SaslInit();
init.Mechanism = mechanismToUse;
this.saslHandler.Start(this, init, true);
}
/// <summary>
/// Server receives the client init that may contain the initial response message.
/// </summary>
void OnSaslInit(SaslInit init)
{
if (this.state != SaslState.WaitingForInit)
{
throw new AmqpException(AmqpErrorCode.IllegalState, AmqpResources.GetString(AmqpResources.AmqpIllegalOperationState, "R:SASL-INIT", this.state));
}
this.state = SaslState.Negotiating;
this.saslHandler = this.provider.GetHandler(init.Mechanism.Value, true);
this.saslHandler.Start(this, init, false);
}
protected abstract void OnStart(SaslInit init, bool isClient);
