Revamping/cleanup of how we handle authentication usernames as well as chained

authenticators and chained session factories. We can share a lot more code this
way and the implicit requirement that the default authenticator/factory had to
be configured before anyone else configured a chanied author/factory is gone.

The other big change is that Credentials doesn't require a username
(UsernamePasswordCreds inherits that username so most derived classes don't
notice any difference). Instead we require that a canonical authentication
username be determined and configured in AuthingConnection during the
authentication process. This canonical username is then used to resolve the
client session and map everything in the client manager.

This is pretty much exactly what was going on before except that we were doing
it all in an ad hoc way by jamming a new name into Credentials during the
authentication process and also doing jiggery pokery in
PresentsSession.assignStartingUsername. That all goes away and/or becomes
cleaner and more explicit.

This is going to impact some Yohoho jiggery pokery, which I will shortly commit
a patch for, but we're going to need to test it. Omelets, eggs, etc.


git-svn-id: svn+ssh://src.earth.threerings.net/narya/trunk@5828 542714f4-19e9-0310-aa3c-eee0fc999fb1
This commit is contained in:
Michael Bayne
2009-06-20 00:56:01 +00:00
parent 7d125bec73
commit a1aa2d77ae
35 changed files with 622 additions and 656 deletions
@@ -23,47 +23,17 @@ package com.threerings.presents.net;
import com.threerings.io.Streamable;
import com.threerings.util.Name;
/**
* Credentials are supplied by the client implementation and sent along to the server during the
* authentication process. To provide support for a variety of authentication methods, the
* credentials class is meant to be subclassed for the particular method (ie. password, auth
* digest, etc.) in use in a given system.
*
* <p> All credentials must provide a username as the username is used to associate network
* connections with sessions.
*
* <p> All derived classes should provide a no argument constructor so that they can be
* instantiated prior to reconstruction from a data input stream.
*/
public abstract class Credentials implements Streamable
{
/**
* Constructs a credentials instance with the specified username.
*/
public Credentials (Name username)
{
_username = username;
}
/**
* Constructs a blank credentials instance in preparation for unserializing from the network.
*/
public Credentials ()
{
}
public Name getUsername ()
{
return _username;
}
public void setUsername (Name name)
{
_username = name;
}
/**
* Returns a string to use in a hash on the datagram contents to authenticate client datagrams.
*/
@@ -71,39 +41,4 @@ public abstract class Credentials implements Streamable
{
return "";
}
@Override
public int hashCode ()
{
return _username.hashCode();
}
@Override
public boolean equals (Object other)
{
if (other instanceof Credentials) {
return _username.equals(((Credentials)other)._username);
} else {
return false;
}
}
@Override
public String toString ()
{
StringBuilder buf = new StringBuilder("[");
toString(buf);
return buf.append("]").toString();
}
/**
* An easily extensible method via which derived classes can add to {@link #toString()}'s
* output.
*/
protected void toString (StringBuilder buf)
{
buf.append("username=").append(_username);
}
protected Name _username;
}
@@ -0,0 +1,75 @@
//
// $Id$
//
// Narya library - tools for developing networked games
// Copyright (C) 2002-2009 Three Rings Design, Inc., All Rights Reserved
// http://www.threerings.net/code/narya/
//
// This library is free software; you can redistribute it and/or modify it
// under the terms of the GNU Lesser General Public License as published
// by the Free Software Foundation; either version 2.1 of the License, or
// (at your option) any later version.
//
// This library is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
// Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public
// License along with this library; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
package com.threerings.presents.net;
import com.samskivert.util.StringUtil;
/**
* Credentials used by service clients (peers, bureaus, etc.). A service would extend this class
* (so that their service clients can be identified by class name).
*/
public abstract class ServiceCreds extends Credentials
{
/** The id of the service client that is authenticating. */
public String clientId;
/**
* Creates credentials for the specified client.
*/
public ServiceCreds (String clientId, String sharedSecret)
{
this.clientId = clientId;
_authToken = createAuthToken(clientId, sharedSecret);
}
/**
* Used when unserializing an instance from the network.
*/
public ServiceCreds ()
{
}
/**
* Validates that these credentials were created with the supplied shared secret.
*/
public boolean areValid (String sharedSecret)
{
return createAuthToken(clientId, sharedSecret).equals(_authToken);
}
@Override // from Object
public String toString ()
{
return getClass().getSimpleName() + "[id=" + clientId + ", token=" + _authToken + "]";
}
/**
* Creates a unique password for the specified node using the supplied shared secret.
*/
protected static String createAuthToken (String clientId, String sharedSecret)
{
return StringUtil.md5hex(clientId + sharedSecret);
}
/** A token created by a call to {@link #createAuthToken}. */
protected String _authToken;
}
@@ -24,7 +24,7 @@ package com.threerings.presents.net;
import com.threerings.util.Name;
/**
* Extends the basic credentials with a password.
* Credentials that use a username and (hashed) password.
*/
public class UsernamePasswordCreds extends Credentials
{
@@ -33,7 +33,6 @@ public class UsernamePasswordCreds extends Credentials
*/
public UsernamePasswordCreds ()
{
super();
}
/**
@@ -41,10 +40,15 @@ public class UsernamePasswordCreds extends Credentials
*/
public UsernamePasswordCreds (Name username, String password)
{
super(username);
_username = username;
_password = password;
}
public Name getUsername ()
{
return _username;
}
public String getPassword ()
{
return _password;
@@ -57,29 +61,22 @@ public class UsernamePasswordCreds extends Credentials
}
@Override
public int hashCode ()
public String toString ()
{
return super.hashCode() ^ _password.hashCode();
StringBuilder buf = new StringBuilder("[");
toString(buf);
return buf.append("]").toString();
}
@Override
public boolean equals (Object other)
{
if (other instanceof UsernamePasswordCreds) {
UsernamePasswordCreds upcreds = (UsernamePasswordCreds)other;
return super.equals(other) &&
_password.equals(upcreds._password);
} else {
return false;
}
}
@Override
/**
* An easily extensible method via which derived classes can add to {@link #toString}'s output.
*/
protected void toString (StringBuilder buf)
{
super.toString(buf);
buf.append("username=").append(_username);
buf.append(", password=").append(_password);
}
protected Name _username;
protected String _password;
}