Exemplo n.º 1
0
        /// <summary>
        /// RPC endpoint for clients to actually authenticate after requesting authentication and
        /// computing a signature from the authentication challenge.
        /// </summary>
        /// <seealso cref="M:WampSharp.Cra.IWampCraProcedures.Auth(string)"/>
        public WampCraPermissions Auth(string signature)
        {
            ValidateAuthState();

            CheckSignature(signature);
            // At this point, the client has successfully authenticated!

            // Get the permissions we determined earlier
            WampCraPermissions perms = mPendingAuth.Permissions;

            // Delete auth request and mark client as authenticated
            string authKey = mPendingAuth.AuthInfo.authkey;

            mAuthenticated = true;
            mPendingAuth   = null;

            // TODO: If implementing a pending auth timeout, here is where you would cancel it
            // TODO: (_clientAuthTimeoutCall in autobahn python)

            RaiseOnAuthenticated(authKey, perms);

            // Return permissions to client
            mPermissions.AddPermissions(perms);
            return(perms);
        }
Exemplo n.º 2
0
        public void AddPermissions(WampCraPermissions permissions)
        {
            foreach (WampRpcPermissions rpc in permissions.rpc)
            {
                AddRpcPermission(rpc);
            }

            foreach (WampPubSubPermissions pubsub in permissions.pubsub)
            {
                AddPubSubPermission(pubsub);
            }
        }
Exemplo n.º 3
0
 private void RaiseOnAuthenticated(string authKey, WampCraPermissions perms)
 {
     // Fire authentication callback
     try
     {
         OnAuthenticated(authKey, perms);
     }
     catch (WampRpcCallException e)
     {
         mAuthenticated = false;
         throw;
     }
     catch (Exception e)
     {
         mAuthenticated = false;
         ThrowHelper.InvalidSignature(e);
     }
 }
Exemplo n.º 4
0
        /// <summary>
        /// RPC endpoint for clients to initiate the authentication handshake.
        /// </summary>
        /// <seealso cref="M:WampSharp.Cra.IWampCraProcedures.AuthReq(string,IDictionary{string,string})"/>
        public string AuthReq(string authKey, IDictionary <string, string> extra)
        {
            ValidateAuthReqStatus(authKey);

            string authSecret = GetAuthReqSecret(authKey);

            // each authentication request gets a unique authid, which can only be used (later) once!
            string authid = mIdGenerator.Generate();

            //check extra
            if (extra == null)
            {
                extra = new Dictionary <string, string>();
            }

            Dictionary <string, string> extraAuth = new Dictionary <string, string>(extra);

            WampCraPermissions permissions = GetAuthReqPermissions(authKey, extraAuth);

            WampCraChallenge info =
                new WampCraChallenge(authid, authKey, DateTime.UtcNow, mClientSessionId, extra, permissions, extraAuth);

            mAuthKey = authKey;

            if (string.IsNullOrEmpty(authKey))
            {
                // anonymous session
                mPendingAuth = new WampCraPendingAuth(info, null, permissions);
                return(null);
            }

            // authenticated session
            string infoser = mFormatter.Serialize(info).ToString();
            string sig     = WampCraHelpers.AuthSignature(infoser, authSecret, info.authextra);

            mPendingAuth = new WampCraPendingAuth(info, sig, permissions);
            return(infoser);
        }
Exemplo n.º 5
0
        private WampCraPermissions GetAuthReqPermissions(string authKey, Dictionary <string, string> extraAuth)
        {
            WampCraPermissions permissions;

            try
            {
                permissions = GetAuthPermissions(authKey, extraAuth);
            }
            catch (WampRpcCallException e)
            {
                throw;
            }
            catch (Exception e)
            {
                throw new WampRpcCallException("http://api.wamp.ws/error#auth-permissions-error", e.Message, null);
            }

            if (permissions == null)
            {
                permissions = new WampCraPermissions();
            }

            return(permissions);
        }
Exemplo n.º 6
0
 public WampCraChallenge(string authId, string authKey, DateTime timestamp, string sessionId, IDictionary <string, string> extra, WampCraPermissions permissions = null, IDictionary <string, string> authextra = null)
 {
     this.authid      = authId;
     this.authkey     = authKey;
     this.timestamp   = timestamp;
     this.sessionid   = sessionId;
     this.extra       = extra;
     this.permissions = permissions ?? new WampCraPermissions();
     this.authextra   = authextra;
 }
Exemplo n.º 7
0
 /// <summary>
 /// Called after the user is successfully authenticated.  This call is the last opportunity for
 /// you to set the WampPermissions, as these will be used to determine rpc and pub/sub operations
 /// for the remainder of this session.
 /// </summary>
 /// <remarks>
 /// NOTE: Throwing an exception here could put you in a bad state.  We'll send an error to the
 /// client, and make them unauthenticated in this case.
 /// </remarks>
 /// <param name="authKey">Authentication key, such as user name or application name.</param>
 /// <param name="permissions">The permissions initially granted in the call to
 /// GetAuthPermissions(). You could change these, and the updated copy is what will be returned
 /// to the client from its call to auth().</param>
 public abstract void OnAuthenticated(string authKey, WampCraPermissions permissions);