/// <summary> /// Create a renewed Authentication Token on Master server - to be validated on GS /// </summary> /// <param name="userId"> </param> /// <param name="authRequest"></param> /// <returns></returns> public AuthenticationToken CreateAuthenticationToken(string userId, IAuthenticateRequest authRequest) { var token = new AuthenticationToken { ValidToTicks = DateTime.UtcNow.Add(this.ExpirationTime).Ticks, UserId = userId, AuthCookie = new Dictionary<string, object>(), SessionId = Guid.NewGuid().ToString(), Flags = authRequest.Flags, }; return token; }
public virtual AuthenticationToken CreateAuthenticationToken(IAuthenticateRequest authRequest, AuthSettings authSettings, string userId, Dictionary<string, object> authCookie) { var token = new AuthenticationToken { UserId = userId, AuthCookie = authCookie, Flags = authRequest.Flags, }; this.SetupToken(token); return token; }
private void SetupPeer(AuthenticationToken authToken) { this.SetupPeer(authToken.UserId); this.AuthCookie = authToken.AuthCookie != null && authToken.AuthCookie.Count > 0 ? authToken.AuthCookie : null; this.AuthToken = authToken; }
public static bool TryDeserialize(byte[] data, out AuthenticationToken token) { token = null; EventData eventData; if (!serializationProtocol.TryParseEventData(data, out eventData)) { return false; } // code = version switch (eventData.Code) { default: return false; case 1: token = new AuthenticationToken(serializationProtocol, eventData.Parameters); return true; } }
public static AuthenticationToken Deserialize(byte[] data) { EventData eventData; if (!serializationProtocol.TryParseEventData(data, out eventData)) { throw new SerializationException("Could not deserialize authentication token."); } var token = new AuthenticationToken(serializationProtocol, eventData.Parameters); return token; }
public virtual bool AreEqual(AuthenticationToken rhs) { return this.UserId == rhs.UserId && this.SessionId == rhs.SessionId; }
private OperationResponse HandleAuthenticateTokenRequest(AuthenticateRequest request) { OperationResponse operationResponse; var authToken = this.GetValidAuthToken(request, out operationResponse); if (operationResponse != null || authToken == null) { return operationResponse; } this.UserId = authToken.UserId; this.unencryptedAuthToken = authToken; // publish operation response operationResponse = new OperationResponse(request.OperationRequest.OperationCode, new AuthenticateResponse { QueuePosition = 0 }); operationResponse.Parameters.Add((byte)ParameterCode.Token, this.GetEncryptedAuthenticationToken(request)); //operationResponse.Parameters.Add((byte)ParameterCode.Nickname, authToken.Nickname); //operationResponse.Parameters.Add((byte)ParameterCode.UserId, this.UserId); return operationResponse; }
protected virtual void CreateAuthTokenAndSendResponse(CustomAuthenticationResult customAuthResult, AuthenticateRequest authRequest, SendParameters sendParameters, AuthSettings authSettings, OperationResponse operationResponse) { var app = (MasterApplication)ApplicationBase.Instance; this.unencryptedAuthToken = app.TokenCreator.CreateAuthenticationToken( authRequest, authSettings, this.UserId, customAuthResult.AuthCookie); operationResponse.Parameters.Add((byte) ParameterCode.Token, this.GetEncryptedAuthenticationToken(authRequest)); operationResponse.Parameters.Add((byte) ParameterCode.Data, customAuthResult.Data); operationResponse.Parameters.Add((byte)ParameterCode.Nickname, customAuthResult.Nickname); operationResponse.Parameters.Add((byte)ParameterCode.UserId, this.UserId); this.SendOperationResponse(operationResponse, sendParameters); }
public virtual string GetEncryptedAuthenticationToken(AuthenticateRequest request) { var app = (MasterApplication)ApplicationBase.Instance; if (this.unencryptedAuthToken == null) { this.unencryptedAuthToken = app.TokenCreator.CreateAuthenticationToken(this.UserId, request); } return app.TokenCreator.EncryptAuthenticationToken(this.unencryptedAuthToken, true); }
private static ErrorCode SetupEncryption(AuthenticationToken token, out string errorMsg, ClientPeer peer, InitRequest initRequest) { if (log.IsDebugEnabled) { log.DebugFormat("setting up encryption. p:{0}", peer); } var encryptionDataDict = token.EncryptionData; errorMsg = string.Empty; if (encryptionDataDict == null) { if (log.IsWarnEnabled) { log.WarnFormat(logSetupCountGuard, "AuthOnInitHandler: expected encryption data not provided. appId:{0}/{1}, p:{2}", token.ApplicationId, token.ApplicationVersion, peer); } errorMsg = string.Format(ErrorMessages.InvalidEncryptionData, "expected encryption data not provided"); return(ErrorCode.InvalidEncryptionParameters); } var encryptionData = new EncryptionData(peer.Protocol, encryptionDataDict); if (!encryptionData.IsValid) { if (log.IsWarnEnabled) { log.WarnFormat(logSetupCountGuard, "AuthOnInitHandler: Invalid encryption data. ErrorMsg:{4}. appId:{0}/{1}, data:{2}, p:{3}", token.ApplicationId, token.ApplicationVersion, JsonConvert.SerializeObject(encryptionDataDict), peer, encryptionData.GetErrorMessage()); } errorMsg = string.Format(ErrorMessages.InvalidEncryptionData, encryptionData.GetErrorMessage()); return(ErrorCode.InvalidEncryptionParameters); } var mode = (EncryptionModes)encryptionData.EncryptionMode; try { switch (mode) { case EncryptionModes.PayloadEncryption: case EncryptionModes.PayloadEncryptionWithIV: case EncryptionModes.PayloadEncryptionWithIVHMAC: SetupUserDataEncryptionWithoutDH(encryptionData, peer); break; case EncryptionModes.DatagramEncyption: case EncryptionModes.DatagramEncyptionWithRandomInitialNumbers: case EncryptionModes.DatagramEncyptionGCMWithRandomInitialNumbers: if (peer.NetworkProtocol != NetworkProtocolType.Udp) { errorMsg = ErrorMessages.EncryptionModeMismatch; return(ErrorCode.InvalidEncryptionParameters); } SetupUdpEncryption(encryptionData, peer, initRequest); break; default: { if (log.IsWarnEnabled) { log.WarnFormat(logSetupCountGuard, $"AuthOnInitHandler: Unknown encryption mode: '{mode}'. appId:{0}/{1}, data:{2}, p:{3}", token.ApplicationId, token.ApplicationVersion, JsonConvert.SerializeObject(encryptionDataDict), peer); } errorMsg = string.Format(ErrorMessages.InvalidEncryptionData, $"Unknown Encryption mode {mode}"); return(ErrorCode.InvalidEncryptionParameters); } } } catch (Exception e) { errorMsg = e.ToString(); var msg = string.Format("AuthOnInitHandler: Exception during encryption setup. appId:{0}/{1}, Data: {2}, p:{3}", token.ApplicationId, token.ApplicationVersion, JsonConvert.SerializeObject(encryptionDataDict), peer); log.Error(logExceptionCountGuard, msg, e); return(ErrorCode.InvalidEncryptionParameters); } return(ErrorCode.Ok); }
public virtual bool DecryptAuthenticationToken(string authTokenEncrypted, out AuthenticationToken authToken) { try { var tokenData = Convert.FromBase64String(authTokenEncrypted); tokenData = this.CryptoProvider.Decrypt(tokenData); return AuthenticationToken.TryDeserialize(tokenData, out authToken); } catch (Exception ex) { if (log.IsDebugEnabled) { log.DebugFormat("DecryptAuthenticationToken failed: {0}", ex); } authToken = null; return false; } }
protected virtual void SetupToken(AuthenticationToken token) { token.ValidToTicks = DateTime.UtcNow.Add(this.ExpirationTime).Ticks; token.SessionId = DateTime.UtcNow.ToString(CultureInfo.InvariantCulture); }
public virtual string EncryptAuthenticationToken(AuthenticationToken token, bool renew) { if (renew) { token.ValidToTicks = DateTime.UtcNow.Add(this.ExpirationTime).Ticks; } var tokenData = token.Serialize(); tokenData = this.CryptoProvider.Encrypt(tokenData); return Convert.ToBase64String(tokenData); }