Skip to content

Commit

Permalink
Working on server/server auth
Browse files Browse the repository at this point in the history
ddaeschler committed Nov 5, 2014
1 parent 002b0d6 commit ba198f6
Showing 5 changed files with 74 additions and 30 deletions.
11 changes: 9 additions & 2 deletions node/src/csauthenticated.cpp
Original file line number Diff line number Diff line change
@@ -118,9 +118,16 @@ namespace sopmq {
ctx->waitingResponses++;
node->operations().send_proxy_publish(message, [=](intra::operation_result<ProxyPublishResponseMessage_ptr> result){

if (--ctx->waitingResponses == 0)
try
{
//we have the result from both, combine and send the message stamp
if (--ctx->waitingResponses == 0)
{
//we have the result from both, combine and send the message stamp
}
}
catch (const std::runtime_error& e)
{

}
});
}
68 changes: 40 additions & 28 deletions node/src/csunauthenticated.cpp
Original file line number Diff line number Diff line change
@@ -70,15 +70,8 @@ namespace sopmq {

LOG_SRC(debug) << "handle_get_challenge_message()";

if (message->has_type())
{
_authType = message->type();
this->generate_challenge_response(_conn, message->identity().id());
}
else
{
_conn->handle_error(network_error("GetChallengeMessage had no type specified"));
}
_authType = message->type();
this->generate_challenge_response(_conn, message->identity().id());
}

void csunauthenticated::generate_challenge_response(connection_in::ptr conn, std::uint32_t replyTo)
@@ -102,6 +95,25 @@ namespace sopmq {
std::bind(&csunauthenticated::handle_write_result, shared_from_this(), _1));
_conn->read_message(_dispatcher, std::bind(&csunauthenticated::handle_read_result, shared_from_this(), _1));
}

void csunauthenticated::successful_auth(AnswerChallengeMessage_ptr message)
{
AuthAckMessage_ptr response = messageutil::make_message<AuthAckMessage>(_conn->get_next_id(), message->identity().id());
response->set_authorized(true);
_conn->send_message(message::MT_AUTH_ACK, response, std::bind(&csunauthenticated::handle_write_result,
shared_from_this(), _1));
csauthenticated::ptr authstate = std::make_shared<csauthenticated>(_ioService, _conn, _ring);
_conn->change_state(authstate);
}

void csunauthenticated::failed_auth(AnswerChallengeMessage_ptr message)
{
_closeAfterTransmission = true;
AuthAckMessage_ptr response = messageutil::make_message<AuthAckMessage>(_conn->get_next_id(), message->identity().id());
response->set_authorized(false);
_conn->send_message(message::MT_AUTH_ACK, response, std::bind(&csunauthenticated::handle_write_result,
shared_from_this(), _1));
}

void csunauthenticated::handle_answer_challenge_message(const shared::net::network_operation_result&, AnswerChallengeMessage_ptr message)
{
@@ -118,44 +130,44 @@ namespace sopmq {
{
//user is good to go
_ioService.post([=] {
AuthAckMessage_ptr response = messageutil::make_message<AuthAckMessage>(self->_conn->get_next_id(), message->identity().id());
response->set_authorized(true);
self->_conn->send_message(message::MT_AUTH_ACK, response, std::bind(&csunauthenticated::handle_write_result,
self, _1));
csauthenticated::ptr authstate = std::make_shared<csauthenticated>(_ioService, self->_conn, self->_ring);
self->_conn->change_state(authstate);
self->successful_auth(message);
});
}
else
{
//no good
_ioService.post([=] {
_closeAfterTransmission = true;
AuthAckMessage_ptr response = messageutil::make_message<AuthAckMessage>(self->_conn->get_next_id(), message->identity().id());
response->set_authorized(false);
self->_conn->send_message(message::MT_AUTH_ACK, response, std::bind(&csunauthenticated::handle_write_result,
self, _1));
self->failed_auth(message);
});
}
};

//short circuit for unit tests
if (! settings::instance().unitTestUsername.empty())
if (_authType == GetChallengeMessage_Type_CLIENT && !settings::instance().unitTestUsername.empty())
{
//check that the user trying to log in is using the unittest username
if (message->uname_hash() == util::sha256_hex_string(settings::instance().unitTestUsername))
{
AuthAckMessage_ptr response = messageutil::make_message<AuthAckMessage>(self->_conn->get_next_id(), message->identity().id());
response->set_authorized(true);
self->_conn->send_message(message::MT_AUTH_ACK, response, std::bind(&csunauthenticated::handle_write_result,
self, _1));
csauthenticated::ptr authstate = std::make_shared<csauthenticated>(_ioService, self->_conn, self->_ring);
self->_conn->change_state(authstate);
self->successful_auth(message);
return;
}
}

user_account::is_authorized(message->uname_hash(), _challenge, message->challenge_response(), authCallback);
if (_authType == GetChallengeMessage_Type_CLIENT)
{
user_account::is_authorized(message->uname_hash(), _challenge, message->challenge_response(), authCallback);
}
else
{
if (message->challenge_response() == util::sha256_hex_string(settings::instance().ring_key_hash() + _challenge))
{
self->successful_auth(message);
}
else
{
self->failed_auth(message);
}
}
}

void csunauthenticated::handle_read_result(const shared::net::network_operation_result& result)
6 changes: 6 additions & 0 deletions node/src/csunauthenticated.h
Original file line number Diff line number Diff line change
@@ -45,6 +45,9 @@ namespace sopmq {
public boost::noncopyable,
public std::enable_shared_from_this<csunauthenticated>
{
public:
typedef std::shared_ptr<csunauthenticated> ptr;

public:
csunauthenticated(boost::asio::io_service& ioService, connection_in::ptr conn,
const ring& ring);
@@ -85,6 +88,9 @@ namespace sopmq {

void handle_write_result(const shared::net::network_operation_result& result);

void successful_auth(AnswerChallengeMessage_ptr message);

void failed_auth(AnswerChallengeMessage_ptr message);
};
}
}
9 changes: 9 additions & 0 deletions node/src/settings.cpp
Original file line number Diff line number Diff line change
@@ -16,6 +16,9 @@
*/

#include "settings.h"
#include "util.h"

using sopmq::shared::util;

namespace sopmq {
namespace node {
@@ -43,6 +46,12 @@ namespace sopmq {
return inst;
}

const std::string& settings::ring_key_hash() const
{
static std::string hash = util::sha256_hex_string(this->ringKey);

return hash;
}
}
}

10 changes: 10 additions & 0 deletions node/src/settings.h
Original file line number Diff line number Diff line change
@@ -120,6 +120,16 @@ namespace sopmq {
///
std::string unitTestUsername;

///
/// The shared secret used to authenticate nodes to the ring
///
std::string ringKey;

///
/// Returns the sha256 hash of the ringKey setting
///
const std::string& ring_key_hash() const;

private:
settings();
~settings();

0 comments on commit ba198f6

Please sign in to comment.