Пример #1
0
        private void checkAuthCode(Team team, SessionAuth auth)
        {
            string authCode = (auth.AuthCode != null) ? auth.AuthCode.ToLower() : "";
            string hex      = getAuthCode(auth.GetAuthString(), team.Secret);

            if (hex != authCode)
            {
                //log.Warn(string.Format("AuthCode mismatch: expected={0}, auth={1}", hex, auth));
                throw new AuthException("AuthCode mismatch");
            }
        }
Пример #2
0
        public void Authenticate(SessionAuth auth, SessionAuthOptions options)
        {
            Team   team     = _teamReg.GetTeam(auth.TeamName);
            string authCode = "";

            if (team.Authenticate)
            {
                authCode = checkAuthCode(team, auth);
                if (!options.IsLoginFlow)
                {
                    lock (_replayDetector)
                    {
                        _replayDetector.CheckAndStore(authCode);
                    }
                }
            }
            ClientCode clientCode = auth.GetClientCode();

            if (options.IsLoginFlow)
            {
                if (auth.SessionId != 0 || auth.SequenceNumber != 0)
                {
                    throw new AuthException("For login calls, SessionId and SequenceNumber must be zero.");
                }
            }
            else
            {
                lock (_sessions)
                {
                    ClientSession session;
                    if (!_sessions.TryGetValue(clientCode, out session))
                    {
                        session = new ClientSession(auth.SessionId, clientCode);
                        _sessions[clientCode] = session;
                    }
                    if (session.SessionId != auth.SessionId)
                    {
                        session.Restart(auth.SessionId);
                    }
                    session.Update();
                }
            }
        }
Пример #3
0
        public void Authenticate(SessionAuth auth, SessionAuthOptions options)
        {
            Team team = _teamReg.GetTeam(auth.TeamName);

            if (team.Authenticate)
            {
                checkAuthCode(team, auth);
            }
            ClientCode clientCode = auth.GetClientCode();

            if (options.IsLoginFlow)
            {
                if (auth.SessionId != 0 || auth.SequenceNumber != 0)
                {
                    throw new AuthException("For login calls, SessionId and SequenceNumber must be zero.");
                }
            }
            else
            {
                lock (_sessions)
                {
                    ClientSession session;
                    if (!_sessions.TryGetValue(clientCode, out session))
                    {
                        throw new AuthException("No active session for this client. Login first.");
                    }
                    if (session.SessionId != auth.SessionId)
                    {
                        throw new AuthException("Stale session id. Relogin or stop.");
                    }
                    if (team.Authenticate)
                    {
                        _replayDetector.CheckAndStore(auth.SessionId, auth.SequenceNumber);
                    }
                    session.Update(auth.SequenceNumber);
                }
            }
        }