diff options
Diffstat (limited to 'src/modules/AuthBackendChallengeResponse/AuthBackendChallengeResponse.cpp')
-rw-r--r-- | src/modules/AuthBackendChallengeResponse/AuthBackendChallengeResponse.cpp | 76 |
1 files changed, 76 insertions, 0 deletions
diff --git a/src/modules/AuthBackendChallengeResponse/AuthBackendChallengeResponse.cpp b/src/modules/AuthBackendChallengeResponse/AuthBackendChallengeResponse.cpp new file mode 100644 index 0000000..39f2672 --- /dev/null +++ b/src/modules/AuthBackendChallengeResponse/AuthBackendChallengeResponse.cpp @@ -0,0 +1,76 @@ +/* + * AuthBackendChallengeResponse.cpp + * + * Copyright (C) 2009 Matthias Schiffer <matthias@gamezock.de> + * + * This program is free software: you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by the + * Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License along + * with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#include "AuthBackendChallengeResponse.h" + +#include <Common/Hash.h> + +namespace Mad { +namespace Modules { +namespace AuthBackendChallengeResponse { + +const std::string AuthBackendChallengeResponse::methodName = "Challenge-Response"; + +AuthBackendChallengeResponse::AuthContextChallengeResponse::AuthContextChallengeResponse(AuthBackendChallengeResponse *backend) : authenticated(false) { + challenge.reserve(20); + + for(int i = 0; i < 20; ++i) + challenge.push_back(backend->randomGenerator()); +} + +boost::shared_ptr<Common::AuthContext> AuthBackendChallengeResponse::authenticate(boost::shared_ptr<Common::AuthProvider> provider, const std::string &subMethod, + const std::string &user, const std::vector<boost::uint8_t> &data, std::vector<boost::uint8_t> &response, + boost::shared_ptr<Common::AuthContext> context) throw(Core::Exception) { + if(context && dynamic_cast<AuthContextChallengeResponse*>(context.get()) == 0) + throw(Core::Exception(Core::Exception::INVALID_INPUT)); + + std::vector<std::string> allowedMethods = getSubMethods(provider); + if(std::find(allowedMethods.begin(), allowedMethods.end(), subMethod) == allowedMethods.end()) + throw(Core::Exception(Core::Exception::INVALID_INPUT)); + + if(!context) { + boost::shared_ptr<AuthContextChallengeResponse> contextCR(new AuthContextChallengeResponse(this)); + context = contextCR; + + response.insert(response.end(), contextCR->challenge.begin(), contextCR->challenge.end()); + } + else { + boost::shared_ptr<AuthContextChallengeResponse> contextCR = boost::dynamic_pointer_cast<AuthContextChallengeResponse>(context); + + std::vector<boost::uint8_t> password = provider->getPassword(user, subMethod); + if(password.empty()) + throw Core::Exception(Core::Exception::AUTHENTICATION); + + password.insert(password.end(), contextCR->challenge.begin(), contextCR->challenge.end()); + + password = Common::Hash::hash(password, subMethod); + + if(password.size() != data.size() || !std::equal(password.begin(), password.end(), data.begin())) + throw Core::Exception(Core::Exception::AUTHENTICATION); + + contextCR->authenticated = true; + } + + + return context; +} + +} +} +} |