public async Task <IActionResult> CreateAuthSession([FromBody] AuthSessionRequest authSessionRequest) { var response = await _authService.CreateAuthSession(authSessionRequest); if (response == null) { return(BadRequest()); } return(Ok(response)); }
private Task SendAddonPacket(AuthSessionRequest authRequest) { const int StandardAddonCRC = 0x1c776d01; var response = new AddonInfoResponse(); foreach (var block in authRequest.AddonBlocks) { response.IsAddonStandard.Add(block.Crc == StandardAddonCRC); } return(Send(response)); }
public Task Handshake(AuthSessionRequest authRequest) { if (AuthenticatedIdentity == authRequest.Identity) { return(Task.WhenAll(Send(new AuthSessionResponse() { Response = AuthResponseCode.Success }), SendAddonPacket(authRequest))); } else { throw new SessionStateException($"received {nameof(Handshake)} request for identity {authRequest.Identity} but {nameof(AuthenticatedIdentity)} is {AuthenticatedIdentity}"); } }
private async Task HandleAuthSession(AuthSessionRequest request) { try { // this handler is a little whacky. it can't just send its own response to the client, because the client // expects the response to be encrypted with the session key. so we have a bit of call-and-response here // to manage this var sessionKey = await ShardSession.Authenticate(request); packetCipher.Initialize(sessionKey); await ShardSession.Handshake(request); } catch (SessionException ex) { // TODO: logging Console.WriteLine(ex.Message); authenticationFailed = true; } }
public async Task <BigInteger> Authenticate(AuthSessionRequest authRequest) { if (String.IsNullOrEmpty(authRequest.Identity)) { throw new ArgumentNullException(nameof(authRequest.Identity)); } if (seed == 0) { await Send(new AuthSessionResponse() { Response = AuthResponseCode.Failed }); throw new AuthenticationFailedException("cannot authenticate with a server seed of 0"); } var account = GrainFactory.GetGrain <IAccount>(authRequest.Identity); if (await account.Exists()) { try { var sessionKey = await account.GetSessionKey(); using (var sha1 = new Digester(SHA1.Create())) { var serverDigest = BigIntegers.FromUnsignedByteArray( sha1.CalculateDigest(new byte[][] { Encoding.UTF8.GetBytes(authRequest.Identity), new byte[4], BitConverter.GetBytes(authRequest.ClientSeed), BitConverter.GetBytes(seed), sessionKey.ToByteArray(40), }) ); if (serverDigest == authRequest.ClientDigest) { GetLogger().Info($"{authRequest.Identity} successfully authenticated to {ShardName} {nameof(ShardSession)} {this.GetPrimaryKey()}"); // we can't just Send the Success response here, since the client expects the packet cipher to be initialized at this point AuthenticatedIdentity = authRequest.Identity; return(sessionKey); } else { await Send(new AuthSessionResponse() { Response = AuthResponseCode.Failed }); throw new AuthenticationFailedException($"account {authRequest.Identity} failed authentication proof"); } } } catch (AccountDoesNotExistException) { await Send(new AuthSessionResponse() { Response = AuthResponseCode.UnknownAccount }); throw new AuthenticationFailedException($"account {authRequest.Identity} does not exist"); } catch (AccountStateException) { GetLogger().Warn($"received {nameof(AuthSessionRequest)} with unauthenticated identity {authRequest.Identity}"); await Send(new AuthSessionResponse() { Response = AuthResponseCode.Failed }); throw new AuthenticationFailedException($"account {authRequest.Identity} is not authenticated"); } } else { await Send(new AuthSessionResponse() { Response = AuthResponseCode.UnknownAccount }); throw new AuthenticationFailedException($"account {authRequest.Identity} does not exist"); } }
private void BtnConnect_Click(object sender, RoutedEventArgs e) { var authSessionRequest = new AuthSessionRequest { Login = TxtLogin.Text }; var json = JsonConvert.SerializeObject(authSessionRequest); var request = new HttpRequestMessage { RequestUri = new Uri($"http://localhost:5000/api/session"), Method = HttpMethod.Post, Content = new StringContent(json, Encoding.UTF8, "application/json") }; HttpResponseMessage response = _client.SendAsync(request).Result; if (!response.IsSuccessStatusCode) { AuthStatus.Text = "not authorized"; AuthStatus.Foreground = new SolidColorBrush(Colors.Red); return; } var authSessionResponse = JsonConvert.DeserializeObject <AuthSessionResponse>( response.Content.ReadAsStringAsync().Result); var authRequest = new AuthRequest { Login = TxtLogin.Text }; var keyString = string.Empty; var keyInputDialog = new KeyInputDialog(); if (keyInputDialog.ShowDialog() == true) { keyString = keyInputDialog.Key; } using (RSACryptoServiceProvider RSA = new RSACryptoServiceProvider()) { RSA.ImportParameters(authSessionResponse.PublicRSAParameters.ToRSAParameters()); authRequest.EncryptedPassword = RSA.Encrypt(Encoding.Default.GetBytes(TxtPassword.Text), false); authRequest.EncryptedTelegramKey = RSA.Encrypt(Encoding.Default.GetBytes(keyString), false); } using (RSACryptoServiceProvider RSA = new RSACryptoServiceProvider()) { authRequest.ClientPublicRSAParameters = RSA.ExportParameters(false).ToPublicRSAParameters(); json = JsonConvert.SerializeObject(authRequest); request = new HttpRequestMessage { RequestUri = new Uri($"http://localhost:5000/api/auth"), Method = HttpMethod.Post, Content = new StringContent(json, Encoding.UTF8, "application/json") }; response = _client.SendAsync(request).Result; if (!response.IsSuccessStatusCode) { AuthStatus.Text = "not authorized"; AuthStatus.Foreground = new SolidColorBrush(Colors.Red); return; } var authResponse = JsonConvert.DeserializeObject <AuthResponse>( response.Content.ReadAsStringAsync().Result); _token = authResponse.Token; _sessionKey = RSA.Decrypt(authResponse.EncryptedSessionKey, false); _sessionIV = RSA.Decrypt(authResponse.EncryptedSessionIV, false); AuthStatus.Text = "authorized"; AuthStatus.Foreground = new SolidColorBrush(Colors.Green); } _garbage = string.Empty; }