/[resiprocate]/main/sip/resiprocate/dum/ServerAuthManager.cxx
ViewVC logotype

Annotation of /main/sip/resiprocate/dum/ServerAuthManager.cxx

Parent Directory Parent Directory | Revision Log Revision Log


Revision 4601 - (hide annotations) (download)
Thu May 12 01:10:49 2005 UTC (14 years, 6 months ago) by derek
File size: 6730 byte(s)
merged identity branch(4598) into main--removing identity branch after this
1 derek 2851 #include <cassert>
2    
3 jason 4335 #include "resiprocate/dum/ServerAuthManager.hxx"
4     #include "resiprocate/dum/DialogUsageManager.hxx"
5     #include "resiprocate/os/Logger.hxx"
6     #include "resiprocate/dum/UserAuthInfo.hxx"
7     #include "resiprocate/Helper.hxx"
8    
9 derek 2851 #define RESIPROCATE_SUBSYSTEM Subsystem::DUM
10    
11     using namespace resip;
12    
13 jason 4335 ServerAuthManager::ServerAuthManager(DialogUsageManager& dum) :
14     mDum(dum)
15     {
16     }
17    
18    
19     ServerAuthManager::~ServerAuthManager()
20     {
21     }
22    
23 jason 4378 SipMessage*
24     ServerAuthManager::handleUserAuthInfo(UserAuthInfo* userAuth)
25 derek 2851 {
26 jason 4378 assert(userAuth);
27 jason 4335
28     MessageMap::iterator it = mMessages.find(userAuth->getTransactionId());
29     assert(it != mMessages.end());
30     SipMessage* requestWithAuth = it->second;
31     mMessages.erase(it);
32 jason 4378
33     InfoLog( << "Checking for auth result in realm=" << userAuth->getRealm()
34     << " A1=" << userAuth->getA1());
35    
36 jason 4335 if (userAuth->getA1().empty())
37     {
38     InfoLog (<< "Account does not exist " << userAuth->getUser() << " in " << userAuth->getRealm());
39     SipMessage response;
40 jason 4378 Helper::makeResponse(response, *requestWithAuth, 404, "Account does not exist.");
41 jason 4335 mDum.send(response);
42     delete requestWithAuth;
43 jason 4378 return 0;
44 jason 4335 }
45     else
46     {
47     //!dcm! -- need to handle stale/unit test advancedAuthenticateRequest
48     //!dcm! -- delta? deal with.
49     std::pair<Helper::AuthResult,Data> resPair =
50     Helper::advancedAuthenticateRequest(*requestWithAuth,
51     userAuth->getRealm(),
52     userAuth->getA1(),
53     3000);
54     if (resPair.first == Helper::Authenticated)
55     {
56 jason 4378 InfoLog (<< "Authorized request for " << userAuth->getRealm());
57     return requestWithAuth;
58 jason 4335 }
59     else
60     {
61     InfoLog (<< "Invalid password provided " << userAuth->getUser() << " in " << userAuth->getRealm());
62 derek 4601 InfoLog (<< " a1 hash of password from db was " << userAuth->getA1() );
63 jason 4335
64     SipMessage response;
65 jason 4378 Helper::makeResponse(response, *requestWithAuth, 403, "Invalid password provided");
66 jason 4335 mDum.send(response);
67     delete requestWithAuth;
68 jason 4378 return 0;
69 jason 4335 }
70     }
71 derek 2851 }
72 derek 4601
73    
74     bool
75     ServerAuthManager::useAuthInt() const
76     {
77     return true;
78     }
79    
80    
81 jason 4335 // return true if request has been consumed
82 jason 4378 ServerAuthManager::Result
83     ServerAuthManager::handle(const SipMessage& sipMsg)
84 jason 4335 {
85     //InfoLog( << "trying to do auth" );
86 jason 4378 if (sipMsg.isRequest())
87 jason 4335 {
88 jason 4378 if (!sipMsg.exists(h_ProxyAuthorizations))
89     {
90     //assume TransactionUser has matched/repaired a realm
91     SipMessage* challenge = Helper::makeProxyChallenge(sipMsg,
92     sipMsg.header(h_RequestLine).uri().host(),
93 derek 4601 useAuthInt(),
94     false /*stale*/);
95 jason 4378 InfoLog (<< "Sending challenge to " << sipMsg.brief());
96     mDum.send(*challenge);
97     delete challenge;
98     return Challenged;
99     }
100 jason 4335
101 jason 4378 try
102 jason 4335 {
103 jason 4378 for(Auths::const_iterator it = sipMsg.header(h_ProxyAuthorizations).begin();
104     it != sipMsg.header(h_ProxyAuthorizations).end(); it++)
105 jason 4335 {
106 jason 4378 if (mDum.isMyDomain(it->param(p_realm)))
107     {
108     InfoLog (<< "Requesting credential for "
109     << it->param(p_username) << " @ " << it->param(p_realm));
110    
111     requestCredential(it->param(p_username),
112     it->param(p_realm),
113     sipMsg.getTransactionId());
114     mMessages[sipMsg.getTransactionId()] = static_cast<SipMessage*>(sipMsg.clone());
115     return RequestedCredentials;
116     }
117 jason 4335 }
118 jason 4378
119     InfoLog (<< "Didn't find matching realm ");
120     SipMessage response;
121     Helper::makeResponse(response, sipMsg, 404, "Account does not exist");
122     mDum.send(response);
123     return Rejected;
124 jason 4335 }
125 jason 4378 catch(BaseException& e)
126     {
127     InfoLog (<< "Invalid auth header provided " << e);
128     SipMessage response;
129     Helper::makeResponse(response, sipMsg, 400, "Invalid auth header");
130     mDum.send(response);
131     return Rejected;
132     }
133 jason 4335 }
134 jason 4378 return Skipped;
135 jason 4335 }
136    
137    
138    
139    
140    
141    
142 derek 4062 /* ====================================================================
143     * The Vovida Software License, Version 1.0
144     *
145     * Copyright (c) 2000 Vovida Networks, Inc. All rights reserved.
146     *
147     * Redistribution and use in source and binary forms, with or without
148     * modification, are permitted provided that the following conditions
149     * are met:
150     *
151     * 1. Redistributions of source code must retain the above copyright
152     * notice, this list of conditions and the following disclaimer.
153     *
154     * 2. Redistributions in binary form must reproduce the above copyright
155     * notice, this list of conditions and the following disclaimer in
156     * the documentation and/or other materials provided with the
157     * distribution.
158     *
159     * 3. The names "VOCAL", "Vovida Open Communication Application Library",
160     * and "Vovida Open Communication Application Library (VOCAL)" must
161     * not be used to endorse or promote products derived from this
162     * software without prior written permission. For written
163     * permission, please contact vocal@vovida.org.
164     *
165     * 4. Products derived from this software may not be called "VOCAL", nor
166     * may "VOCAL" appear in their name, without prior written
167     * permission of Vovida Networks, Inc.
168     *
169     * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED
170     * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
171     * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND
172     * NON-INFRINGEMENT ARE DISCLAIMED. IN NO EVENT SHALL VOVIDA
173     * NETWORKS, INC. OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT DAMAGES
174     * IN EXCESS OF $1,000, NOR FOR ANY INDIRECT, INCIDENTAL, SPECIAL,
175     * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
176     * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
177     * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
178     * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
179     * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
180     * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
181     * DAMAGE.
182     *
183     * ====================================================================
184     *
185     * This software consists of voluntary contributions made by Vovida
186     * Networks, Inc. and many individuals on behalf of Vovida Networks,
187     * Inc. For more information on Vovida Networks, Inc., please see
188     * <http://www.vovida.org/>.
189     *
190     */

Properties

Name Value
svn:eol-style LF

webmaster AT resiprocate DOT org
ViewVC Help
Powered by ViewVC 1.1.27