You can now specify a client must require a secure channel to authenticate. If this is set,
{Client.setRequireSecureAuth} then if the client fails to create a secure channel with the server,
an auth request with no credentials will be sent. The supplied Authenticator will need to handle
this situation to send the appropriate response back to the client (ie: tell it to download the
latest version).
git-svn-id: svn+ssh://src.earth.threerings.net/narya/trunk@6480 542714f4-19e9-0310-aa3c-eee0fc999fb1
This commit is contained in:
@@ -40,6 +40,29 @@ import com.threerings.presents.util.SecureUtil;
|
||||
*/
|
||||
public class AESAuthRequest extends AuthRequest
|
||||
{
|
||||
/**
|
||||
* Creates an auth request, secured if able, unsecured if not.
|
||||
*/
|
||||
public static AuthRequest createAuthRequest (
|
||||
Credentials creds, String version, String[] bootGroups, boolean requireSecureAuth)
|
||||
{
|
||||
return createAuthRequest(creds, version, bootGroups, requireSecureAuth, null, null);
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates an auth request, secured if able, unsecured if not.
|
||||
*/
|
||||
public static AuthRequest createAuthRequest (
|
||||
Credentials creds, String version, String[] bootGroups, boolean requireSecureAuth,
|
||||
PublicKeyCredentials pkcreds, SecureResponse resp)
|
||||
{
|
||||
byte[] secret = resp == null ? null : resp.getCodeBytes(pkcreds);
|
||||
if (pkcreds == null || secret == null) {
|
||||
return new AuthRequest(requireSecureAuth ? null : creds, version, bootGroups);
|
||||
}
|
||||
return new AESAuthRequest(secret, creds, version, bootGroups);
|
||||
}
|
||||
|
||||
/**
|
||||
* Zero argument constructor used when unserializing an instance.
|
||||
*/
|
||||
|
||||
@@ -70,15 +70,11 @@ public class SecureResponse extends AuthResponse
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a request based on the secure response.
|
||||
* Returns the code bytes or null for a failed state.
|
||||
*/
|
||||
public AuthRequest createAuthRequest (
|
||||
PublicKeyCredentials pkcreds, Credentials creds, String version, String[] bootGroups)
|
||||
public byte[] getCodeBytes (PublicKeyCredentials pkcreds)
|
||||
{
|
||||
if (_data.code.equals(FAILED_TO_SECURE)) {
|
||||
return new AuthRequest(creds, version, bootGroups);
|
||||
}
|
||||
byte[] secret = SecureUtil.xorBytes(StringUtil.unhexlate(_data.code), pkcreds.getSecret());
|
||||
return new AESAuthRequest(secret, creds, version, bootGroups);
|
||||
return pkcreds == null || _data.code == null || _data.code.equals(FAILED_TO_SECURE) ?
|
||||
null : SecureUtil.xorBytes(StringUtil.unhexlate(_data.code), pkcreds.getSecret());
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user