Revamping/cleanup of how we handle authentication usernames as well as chained
authenticators and chained session factories. We can share a lot more code this way and the implicit requirement that the default authenticator/factory had to be configured before anyone else configured a chanied author/factory is gone. The other big change is that Credentials doesn't require a username (UsernamePasswordCreds inherits that username so most derived classes don't notice any difference). Instead we require that a canonical authentication username be determined and configured in AuthingConnection during the authentication process. This canonical username is then used to resolve the client session and map everything in the client manager. This is pretty much exactly what was going on before except that we were doing it all in an ad hoc way by jamming a new name into Credentials during the authentication process and also doing jiggery pokery in PresentsSession.assignStartingUsername. That all goes away and/or becomes cleaner and more explicit. This is going to impact some Yohoho jiggery pokery, which I will shortly commit a patch for, but we're going to need to test it. Omelets, eggs, etc. git-svn-id: svn+ssh://src.earth.threerings.net/narya/trunk@5828 542714f4-19e9-0310-aa3c-eee0fc999fb1
This commit is contained in:
@@ -23,47 +23,17 @@ package com.threerings.presents.net;
|
||||
|
||||
import com.threerings.io.Streamable;
|
||||
|
||||
import com.threerings.util.Name;
|
||||
|
||||
/**
|
||||
* Credentials are supplied by the client implementation and sent along to the server during the
|
||||
* authentication process. To provide support for a variety of authentication methods, the
|
||||
* credentials class is meant to be subclassed for the particular method (ie. password, auth
|
||||
* digest, etc.) in use in a given system.
|
||||
*
|
||||
* <p> All credentials must provide a username as the username is used to associate network
|
||||
* connections with sessions.
|
||||
*
|
||||
* <p> All derived classes should provide a no argument constructor so that they can be
|
||||
* instantiated prior to reconstruction from a data input stream.
|
||||
*/
|
||||
public abstract class Credentials implements Streamable
|
||||
{
|
||||
/**
|
||||
* Constructs a credentials instance with the specified username.
|
||||
*/
|
||||
public Credentials (Name username)
|
||||
{
|
||||
_username = username;
|
||||
}
|
||||
|
||||
/**
|
||||
* Constructs a blank credentials instance in preparation for unserializing from the network.
|
||||
*/
|
||||
public Credentials ()
|
||||
{
|
||||
}
|
||||
|
||||
public Name getUsername ()
|
||||
{
|
||||
return _username;
|
||||
}
|
||||
|
||||
public void setUsername (Name name)
|
||||
{
|
||||
_username = name;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a string to use in a hash on the datagram contents to authenticate client datagrams.
|
||||
*/
|
||||
@@ -71,39 +41,4 @@ public abstract class Credentials implements Streamable
|
||||
{
|
||||
return "";
|
||||
}
|
||||
|
||||
@Override
|
||||
public int hashCode ()
|
||||
{
|
||||
return _username.hashCode();
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean equals (Object other)
|
||||
{
|
||||
if (other instanceof Credentials) {
|
||||
return _username.equals(((Credentials)other)._username);
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString ()
|
||||
{
|
||||
StringBuilder buf = new StringBuilder("[");
|
||||
toString(buf);
|
||||
return buf.append("]").toString();
|
||||
}
|
||||
|
||||
/**
|
||||
* An easily extensible method via which derived classes can add to {@link #toString()}'s
|
||||
* output.
|
||||
*/
|
||||
protected void toString (StringBuilder buf)
|
||||
{
|
||||
buf.append("username=").append(_username);
|
||||
}
|
||||
|
||||
protected Name _username;
|
||||
}
|
||||
|
||||
@@ -0,0 +1,75 @@
|
||||
//
|
||||
// $Id$
|
||||
//
|
||||
// Narya library - tools for developing networked games
|
||||
// Copyright (C) 2002-2009 Three Rings Design, Inc., All Rights Reserved
|
||||
// http://www.threerings.net/code/narya/
|
||||
//
|
||||
// This library is free software; you can redistribute it and/or modify it
|
||||
// under the terms of the GNU Lesser General Public License as published
|
||||
// by the Free Software Foundation; either version 2.1 of the License, or
|
||||
// (at your option) any later version.
|
||||
//
|
||||
// This library is distributed in the hope that it will be useful,
|
||||
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
// Lesser General Public License for more details.
|
||||
//
|
||||
// You should have received a copy of the GNU Lesser General Public
|
||||
// License along with this library; if not, write to the Free Software
|
||||
// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
|
||||
package com.threerings.presents.net;
|
||||
|
||||
import com.samskivert.util.StringUtil;
|
||||
|
||||
/**
|
||||
* Credentials used by service clients (peers, bureaus, etc.). A service would extend this class
|
||||
* (so that their service clients can be identified by class name).
|
||||
*/
|
||||
public abstract class ServiceCreds extends Credentials
|
||||
{
|
||||
/** The id of the service client that is authenticating. */
|
||||
public String clientId;
|
||||
|
||||
/**
|
||||
* Creates credentials for the specified client.
|
||||
*/
|
||||
public ServiceCreds (String clientId, String sharedSecret)
|
||||
{
|
||||
this.clientId = clientId;
|
||||
_authToken = createAuthToken(clientId, sharedSecret);
|
||||
}
|
||||
|
||||
/**
|
||||
* Used when unserializing an instance from the network.
|
||||
*/
|
||||
public ServiceCreds ()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Validates that these credentials were created with the supplied shared secret.
|
||||
*/
|
||||
public boolean areValid (String sharedSecret)
|
||||
{
|
||||
return createAuthToken(clientId, sharedSecret).equals(_authToken);
|
||||
}
|
||||
|
||||
@Override // from Object
|
||||
public String toString ()
|
||||
{
|
||||
return getClass().getSimpleName() + "[id=" + clientId + ", token=" + _authToken + "]";
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a unique password for the specified node using the supplied shared secret.
|
||||
*/
|
||||
protected static String createAuthToken (String clientId, String sharedSecret)
|
||||
{
|
||||
return StringUtil.md5hex(clientId + sharedSecret);
|
||||
}
|
||||
|
||||
/** A token created by a call to {@link #createAuthToken}. */
|
||||
protected String _authToken;
|
||||
}
|
||||
@@ -24,7 +24,7 @@ package com.threerings.presents.net;
|
||||
import com.threerings.util.Name;
|
||||
|
||||
/**
|
||||
* Extends the basic credentials with a password.
|
||||
* Credentials that use a username and (hashed) password.
|
||||
*/
|
||||
public class UsernamePasswordCreds extends Credentials
|
||||
{
|
||||
@@ -33,7 +33,6 @@ public class UsernamePasswordCreds extends Credentials
|
||||
*/
|
||||
public UsernamePasswordCreds ()
|
||||
{
|
||||
super();
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -41,10 +40,15 @@ public class UsernamePasswordCreds extends Credentials
|
||||
*/
|
||||
public UsernamePasswordCreds (Name username, String password)
|
||||
{
|
||||
super(username);
|
||||
_username = username;
|
||||
_password = password;
|
||||
}
|
||||
|
||||
public Name getUsername ()
|
||||
{
|
||||
return _username;
|
||||
}
|
||||
|
||||
public String getPassword ()
|
||||
{
|
||||
return _password;
|
||||
@@ -57,29 +61,22 @@ public class UsernamePasswordCreds extends Credentials
|
||||
}
|
||||
|
||||
@Override
|
||||
public int hashCode ()
|
||||
public String toString ()
|
||||
{
|
||||
return super.hashCode() ^ _password.hashCode();
|
||||
StringBuilder buf = new StringBuilder("[");
|
||||
toString(buf);
|
||||
return buf.append("]").toString();
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean equals (Object other)
|
||||
{
|
||||
if (other instanceof UsernamePasswordCreds) {
|
||||
UsernamePasswordCreds upcreds = (UsernamePasswordCreds)other;
|
||||
return super.equals(other) &&
|
||||
_password.equals(upcreds._password);
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
/**
|
||||
* An easily extensible method via which derived classes can add to {@link #toString}'s output.
|
||||
*/
|
||||
protected void toString (StringBuilder buf)
|
||||
{
|
||||
super.toString(buf);
|
||||
buf.append("username=").append(_username);
|
||||
buf.append(", password=").append(_password);
|
||||
}
|
||||
|
||||
protected Name _username;
|
||||
protected String _password;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user