From 854e90be061166d1619a74cbfdc7e384fc700125 Mon Sep 17 00:00:00 2001
From: Matthias Schiffer <matthias@gamezock.de>
Date: Thu, 27 Aug 2009 13:45:20 +0200
Subject: =?UTF-8?q?ChallengeResponseAuthenticator=20hinzugef=C3=BCgt;=20Pa?=
 =?UTF-8?q?sswordAuthenticator=20=C3=BCberarbeitet?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../ChallengeResponseAuthenticator.cpp             | 136 +++++++++++++++++++++
 1 file changed, 136 insertions(+)
 create mode 100644 src/Client/Authenticators/ChallengeResponseAuthenticator.cpp

(limited to 'src/Client/Authenticators/ChallengeResponseAuthenticator.cpp')

diff --git a/src/Client/Authenticators/ChallengeResponseAuthenticator.cpp b/src/Client/Authenticators/ChallengeResponseAuthenticator.cpp
new file mode 100644
index 0000000..375a708
--- /dev/null
+++ b/src/Client/Authenticators/ChallengeResponseAuthenticator.cpp
@@ -0,0 +1,136 @@
+/*
+ * ChallengeResponseAuthenticator.cpp
+ *
+ * Copyright (C) 2009 Matthias Schiffer <matthias@gamezock.de>
+ *
+ * This program is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published by the
+ * Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ * See the GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along
+ * with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "ChallengeResponseAuthenticator.h"
+
+#include <Common/Hash.h>
+#include <Common/RequestManager.h>
+#include <Common/Requests/AuthMethodRequest.h>
+
+namespace Mad {
+namespace Client {
+namespace Authenticators {
+
+void ChallengeResponseAuthenticator::ChallengeResponseAuthRequest::sendRequest() {
+  Common::XmlPacket packet;
+  packet.setType("Authenticate");
+  packet.set("method", "Challenge-Response");
+  packet.set("subMethod", hash);
+
+  packet.set("user", username);
+
+  sendPacket(packet);
+}
+
+void ChallengeResponseAuthenticator::ChallengeResponseAuthRequest::handlePacket(boost::shared_ptr<const Common::XmlPacket> packet) {
+  if(packet->getType() == "Error") {
+    signalFinished(Core::Exception(packet->get<const std::string&>("Where"), static_cast<Core::Exception::ErrorCode>(packet->get<long>("ErrorCode")),
+        packet->get<long>("SubCode"), packet->get<long>("SubSubCode")));
+    return;
+  }
+
+  if(!hasResponded) {
+    if(packet->getType() != "Continue") {
+      signalFinished(Core::Exception(Core::Exception::UNEXPECTED_PACKET));
+      return; // TODO Logging
+    }
+
+    Common::XmlPacket ret;
+    ret.setType("Authenticate");
+    ret.set("method", "Challenge-Response");
+    ret.set("subMethod", hash);
+
+    ret.set("user", username);
+
+    std::vector<boost::uint8_t> hashedPassword = Common::Hash::hash(std::vector<boost::uint8_t>(password.begin(), password.end()), hash);
+    const std::vector<boost::uint8_t> &challenge = packet->get<const std::vector<boost::uint8_t>&>("data");
+
+    hashedPassword.insert(hashedPassword.end(), challenge.begin(), challenge.end());
+
+    ret.set("data", Common::Hash::hash(hashedPassword, hash));
+
+    sendPacket(ret);
+
+    hasResponded = true;
+  }
+  else {
+    if(packet->getType() != "OK") {
+      signalFinished(Core::Exception(Core::Exception::UNEXPECTED_PACKET));
+      return; // TODO Logging
+    }
+
+    signalFinished(packet);
+  }
+}
+
+void ChallengeResponseAuthenticator::authenticate(Common::Application *application, Common::Connection *con, const std::string &username, const std::string &password) throw (Core::Exception) {
+  std::string hash;
+
+  {
+    boost::shared_ptr<Common::Requests::AuthMethodRequest> request(new Common::Requests::AuthMethodRequest(application));
+
+    application->getRequestManager()->sendRequest(con, request);
+    request->wait();
+
+    std::pair<boost::shared_ptr<const Common::XmlPacket>, Core::Exception> result = request->getResult();
+
+    if(!result.first || result.second)
+      throw result.second;
+
+    const Common::XmlPacket::List *methods = result.first->getList("methods");
+
+    for(Common::XmlPacket::List::const_iterator method = methods->begin(); method != methods->end(); ++method) {
+      if(method->get<const std::string&>("name") != "Challenge-Response")
+        continue;
+
+      const Common::XmlPacket::List *subMethods = method->getList("subMethods");
+
+      for(Common::XmlPacket::List::const_iterator subMethod = subMethods->begin(); subMethod != subMethods->end(); ++subMethod) {
+        if(Common::Hash::isHashSupported(subMethod->get<const std::string&>("name"))) {
+          hash = subMethod->get<const std::string&>("name");
+          break;
+        }
+      }
+
+      break;
+    }
+
+    if(hash.empty())
+      throw Core::Exception(Core::Exception::NOT_AVAILABLE);
+  }
+
+  application->logf(Core::LoggerBase::LOG_VERBOSE, "Authenticating with method 'Challenge-Response' using hash '%s'...", hash.c_str());
+
+  boost::shared_ptr<ChallengeResponseAuthRequest> request(new ChallengeResponseAuthRequest(application, username, password, hash));
+
+  application->getRequestManager()->sendRequest(con, request);
+  request->wait();
+
+  std::pair<boost::shared_ptr<const Common::XmlPacket>, Core::Exception> result = request->getResult();
+
+  if(!result.first || result.second)
+    throw result.second;
+
+  if(result.first->getType() != "OK")
+    throw Core::Exception(Core::Exception::NOT_AVAILABLE);
+}
+
+}
+}
+}
-- 
cgit v1.2.3