/Aurora/Framework/Services/IAuthenticationService.cs

https://bitbucket.org/VirtualReality/software-testing · C# · 107 lines · 14 code · 8 blank · 85 comment · 0 complexity · bf91893390ba696b7b0a3e92a541e9dd MD5 · raw file

  1. /*
  2. * Copyright (c) Contributors, http://aurora-sim.org/, http://opensimulator.org/
  3. * See CONTRIBUTORS.TXT for a full list of copyright holders.
  4. *
  5. * Redistribution and use in source and binary forms, with or without
  6. * modification, are permitted provided that the following conditions are met:
  7. * * Redistributions of source code must retain the above copyright
  8. * notice, this list of conditions and the following disclaimer.
  9. * * Redistributions in binary form must reproduce the above copyright
  10. * notice, this list of conditions and the following disclaimer in the
  11. * documentation and/or other materials provided with the distribution.
  12. * * Neither the name of the Aurora-Sim Project nor the
  13. * names of its contributors may be used to endorse or promote products
  14. * derived from this software without specific prior written permission.
  15. *
  16. * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
  17. * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
  18. * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  19. * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
  20. * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
  21. * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  22. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
  23. * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  24. * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  25. * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  26. */
  27. using OpenMetaverse;
  28. namespace Aurora.Framework.Services
  29. {
  30. // Generic Authentication service used for identifying
  31. // and authenticating principals.
  32. // Principals may be clients acting on users' behalf,
  33. // or any other components that need
  34. // verifiable identification.
  35. //
  36. public interface IAuthenticationService
  37. {
  38. //////////////////////////////////////////////////////
  39. // Authentication
  40. //
  41. // These methods will return a token, which can be used to access
  42. // various services.
  43. //
  44. string Authenticate(UUID principalID, string authType, string password, int lifetime);
  45. //////////////////////////////////////////////////////
  46. // Verification
  47. //
  48. // Allows to verify the authenticity of a token
  49. //
  50. // Tokens expire after 30 minutes and can be refreshed by
  51. // re-verifying.
  52. //
  53. bool Verify(UUID principalID, string authType, string token, int lifetime);
  54. //////////////////////////////////////////////////////
  55. // Teardown
  56. //
  57. // A token can be returned before the timeout. This
  58. // invalidates it and it can not subsequently be used
  59. // or refreshed.
  60. //
  61. bool Release(UUID principalID, string authType, string token);
  62. //////////////////////////////////////////////////////
  63. // SetPassword for a principal
  64. //
  65. // This method exists for the service, but may or may not
  66. // be served remotely. That is, the authentication
  67. // handlers may not include one handler for this,
  68. // because it's a bit risky. Such handlers require
  69. // authentication/authorization.
  70. //
  71. bool SetPassword(UUID principalID, string authType, string passwd);
  72. bool SetPasswordHashed(UUID UUID, string authType, string passwd);
  73. bool SetPlainPassword(UUID principalID, string authType, string passwd);
  74. /// <summary>
  75. /// Check whether the given principalID has a password set
  76. /// </summary>
  77. /// <param name="principalID"></param>
  78. /// <param name="authType"></param>
  79. /// <returns></returns>
  80. bool CheckExists(UUID principalID, string authType);
  81. //////////////////////////////////////////////////////
  82. // Grid
  83. //
  84. // We no longer need a shared secret between grid
  85. // servers. Anything a server requests from another
  86. // server is either done on behalf of a user, in which
  87. // case there is a token, or on behalf of a region,
  88. // which has a session. So, no more keys.
  89. // If sniffing on the local lan is an issue, admins
  90. // need to take approriate action (IPSec is recommended)
  91. // to secure inter-server traffic.
  92. //////////////////////////////////////////////////////
  93. // NOTE
  94. //
  95. // Session IDs are not handled here. After obtaining
  96. // a token, the session ID regions use can be
  97. // obtained from the presence service.
  98. }
  99. }