void CAeonEngine::MsgGetTables (const SArchonMessage &Msg, const CHexeSecurityCtx *pSecurityCtx)
// MsgGetTables
//
// Aeon.getTables
{
int i;
if (!m_bReady)
{
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, ERR_NOT_READY, Msg);
return;
}
// Get a list of all tables
TArray<CAeonTable *> AllTables;
GetTables(&AllTables);
// Return an array of table descriptors
CComplexArray *pArray = new CComplexArray;
for (i = 0; i < AllTables.GetCount(); i++)
{
if (pSecurityCtx && !pSecurityCtx->IsNamespaceAccessible(AllTables[i]->GetName()))
continue;
pArray->Insert(AllTables[i]->GetDesc());
}
// Reply
SendMessageReply(MSG_AEON_RESULT_TABLES, CDatum(pArray), Msg);
}
void CAeonEngine::MsgGetData (const SArchonMessage &Msg, const CHexeSecurityCtx *pSecurityCtx)
// MsgGetData
//
// Aeon.getData {tableName} {rowPath}
{
CString sError;
CAeonTable *pTable;
DWORD dwViewID;
CRowKey Path;
if (!ParseTableAndView(Msg,
pSecurityCtx,
Msg.dPayload.GetElement(0),
&pTable,
&dwViewID,
Msg.dPayload.GetElement(1),
&Path))
return;
// Do a lookup
CDatum dData;
if (!pTable->GetData(dwViewID, Path, &dData, NULL, &sError))
{
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, sError, Msg);
return;
}
// Done
SendMessageReply(MSG_REPLY_DATA, dData, Msg);
}
void CAeonEngine::MsgDeleteView (const SArchonMessage &Msg, const CHexeSecurityCtx *pSecurityCtx)
// MsgDeleteView
//
// Aeon.deleteView {tableAndView}
{
CAeonTable *pTable;
DWORD dwViewID;
if (!ParseTableAndView(Msg, pSecurityCtx, Msg.dPayload.GetElement(0), &pTable, &dwViewID))
return;
// Delete
CString sError;
if (!pTable->DeleteView(dwViewID, &sError))
{
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, sError, Msg);
return;
}
// Done
SendMessageReply(MSG_OK, CDatum(), Msg);
}
bool CAddModuleSession::OnProcessMessage (const SArchonMessage &Msg)
// OnProcessMessage
//
// Process a response
{
switch (m_iState)
{
case stateWaitForMsg:
{
if (IsError(Msg))
{
SendMessageReplyError(Msg.sMsg, Msg.dPayload.GetElement(0));
return false;
}
SendMessageReply(MSG_OK);
return false;
}
default:
return false;
}
}
void CAeonEngine::MsgGetViewInfo (const SArchonMessage &Msg, const CHexeSecurityCtx *pSecurityCtx)
// MsgGetViewInfo
//
// Aeon.getViewInfo {tableAndView}
{
if (!ValidateAdminAccess(Msg, pSecurityCtx))
return;
CAeonTable *pTable;
DWORD dwViewID;
if (!ParseTableAndView(Msg, pSecurityCtx, Msg.dPayload.GetElement(0), &pTable, &dwViewID))
return;
// Delete
CDatum dResult;
if (!pTable->DebugDumpView(dwViewID, &dResult))
{
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, dResult, Msg);
return;
}
// Done
SendMessageReply(MSG_REPLY_DATA, dResult, Msg);
}
bool CAeonEngine::GetKeyRange (const SArchonMessage &Msg, const CString &sTable, int iCount)
// GetKeyRange
//
// Processes a getKeyRange message
{
// If the table doesn't exist, then we can't continue
CAeonTable *pTable;
if (!FindTable(sTable, &pTable))
{
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, strPattern(STR_ERROR_UNKNOWN_TABLE, sTable), Msg);
return false;
}
// Create an iterator
CDatum dResult;
CString sError;
if (!pTable->GetKeyRange(iCount, &dResult, &sError))
{
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, sError, Msg);
return false;
}
// Reply
SendMessageReply(MSG_AEON_RESULT_KEYS, dResult, Msg);
return true;
}
bool CRunSession::HandleResult (CHexeProcess::ERunCodes iRun, CDatum dResult)
// HandleResult
//
// Handles the result from a run
{
switch (iRun)
{
case CHexeProcess::runOK:
case CHexeProcess::runError:
SendMessageReply(MSG_REPLY_DATA, dResult);
// FALSE means we're done with the session
return false;
case CHexeProcess::runAsyncRequest:
{
SendMessageCommand(dResult.GetElement(0),
dResult.GetElement(1),
GenerateAddress(PORT_HEXE_COMMAND),
dResult.GetElement(2),
MESSAGE_TIMEOUT);
m_iState = stateWaitingForHexarcReply;
return true;
}
default:
// LATER:
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, CString("LATER"));
return false;
}
}
void CResizeImageSession::OnFileDownloaded (CDatum dFileDesc, CDatum dData)
// OnFileDownloaded
//
// We have the original file. Now resize it, store it in our cache, and return
// it to the caller.
{
// Resize the image.
// Compose a fileDownloadDesc for the newly resized image.
CDatum dResult(CDatum::typeStruct);
dResult.SetElement(FIELD_FILE_DESC, dFileDesc);
dResult.SetElement(FIELD_DATA, dData);
// Store it in our cache
m_Engine.GetCache().SetEntry(m_sCacheID, dResult);
// Reply to original caller
SendMessageReply(MSG_AEON_FILE_DOWNLOAD_DESC, dResult);
}
NS_IMETHODIMP
SmsRequest::NotifyThreadListFailed(int32_t aError)
{
if (mParent) {
return SendMessageReply(MessageReply(ReplyThreadListFail(aError)));
}
return NotifyError(aError);
}
NS_IMETHODIMP
SmsRequest::NotifyMessageMarkedRead(bool aRead)
{
if (mParent) {
return SendMessageReply(MessageReply(ReplyMarkeMessageRead(aRead)));
}
return NotifySuccess<bool>(aRead);
}
NS_IMETHODIMP
SmsRequest::NotifyMessageDeleted(bool aDeleted)
{
if (mParent) {
return SendMessageReply(MessageReply(ReplyMessageDelete(aDeleted)));
}
return NotifySuccess<bool>(aDeleted);
}
NS_IMETHODIMP
SmsRequest::NotifyDeleteMessageFailed(int32_t aError)
{
if (mParent) {
return SendMessageReply(MessageReply(ReplyMessageDeleteFail(aError)));
}
return NotifyError(aError);
}
void CAeonEngine::MsgMutate (const SArchonMessage &Msg, const CHexeSecurityCtx *pSecurityCtx)
// MsgMutate
//
// Aeon.mutate {tableName} {rowPath} {data} {mutationDesc}
{
AEONERR error;
const CString &sTable = Msg.dPayload.GetElement(0);
CDatum dRowPath = Msg.dPayload.GetElement(1);
CDatum dData = Msg.dPayload.GetElement(2);
CDatum dMutateDesc = Msg.dPayload.GetElement(3);
// Make sure we are allowed access to this table
if (!ValidateTableAccess(Msg, pSecurityCtx, sTable))
return;
// If the table doesn't exist, then we can't continue
CAeonTable *pTable;
if (!FindTable(sTable, &pTable))
{
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, strPattern(STR_ERROR_UNKNOWN_TABLE, sTable), Msg);
return;
}
// Parse the path
//
// NOTE: We don't need to validate that this is a valid path for create
// because we do that later inside Mutate. [Because Mutate accepts a nil
// path when generating a unique key.]
CString sError;
CRowKey Path;
if (!pTable->ParseDimensionPath(NULL_STR, dRowPath, &Path, &sError))
{
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, sError, Msg);
return;
}
// Mutate
CDatum dResult;
if (error = pTable->Mutate(Path, dData, dMutateDesc, &dResult, &sError))
{
if (error == AEONERR_OUT_OF_DATE)
SendMessageReplyError(MSG_ERROR_OUT_OF_DATE, sError, Msg);
else
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, sError, Msg);
return;
}
// Done
SendMessageReply(MSG_REPLY_DATA, dResult, Msg);
}
NS_IMETHODIMP
SmsRequest::NotifyMessageSent(nsIDOMMozSmsMessage *aMessage)
{
if (mParent) {
SmsMessageData data = SmsMessageData(static_cast<SmsMessage*>(aMessage)->GetData());
return SendMessageReply(MessageReply(ReplyMessageSend(data)));
}
return NotifySuccess<nsIDOMMozSmsMessage*>(aMessage);
}
void CAeonEngine::MsgFileDirectory (const SArchonMessage &Msg, const CHexeSecurityCtx *pSecurityCtx)
// MsgFileDirectory
//
// Aeon.fileDirectory {filePath} {requestedFields} {options}
{
CString sError;
// Get the filePath
CString sTable;
CString sFilePath;
if (!CAeonTable::ParseFilePath(Msg.dPayload.GetElement(0), &sTable, &sFilePath, &sError))
{
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, strPattern(STR_ERROR_PARSING_FILE_PATH, sError), Msg);
return;
}
// Make sure we are allowed access to this table
if (!ValidateTableAccess(Msg, pSecurityCtx, sTable))
return;
// Convert the filepath to a key
CString sDirKey = CRowKey::FilePathToKey(sFilePath);
// Get the table
CAeonTable *pTable;
if (!FindTable(sTable, &pTable))
{
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, strPattern(STR_ERROR_UNKNOWN_TABLE, sTable), Msg);
return;
}
// Get the set of requested fields and options
CDatum dRequestedFields = Msg.dPayload.GetElement(1);
CDatum dOptions = Msg.dPayload.GetElement(2);
// Do it
CDatum dResult;
if (!pTable->FileDirectory(sDirKey, dRequestedFields, dOptions, &dResult, &sError))
{
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, sError, Msg);
return;
}
// Reply
SendMessageReply(MSG_REPLY_DATA, dResult, Msg);
}
void CCryptosaurEngine::MsgValidateAuthToken (const SArchonMessage &Msg, const CHexeSecurityCtx *pSecurityCtx)
// MsgValidateAuthToken
//
// Cryptosaur.validateAuthToken {authToken}
{
// Any service can validate a token
if (!ValidateMessage(Msg, pSecurityCtx, false))
return;
// Get the key to sign with (the key is guaranteed to exist because we
// checked at boot time).
CIPInteger *pAuthTokenKey = m_Keys.GetAt(KEY_CRYPTOSAUR_AUTH_TOKEN);
// Validate
CDatum dData;
if (!CCryptosaurInterface::ValidateAuthToken(Msg.dPayload.GetElement(0), *pAuthTokenKey, &dData))
{
SendMessageReply(MSG_REPLY_DATA, CDatum(), Msg);
return;
}
// A sandboxed authtoken is not valid outside of its scope.
// (But it is valid in admin services).
const CString &sScope = dData.GetElement(FIELD_SCOPE);
if (!sScope.IsEmpty()
&& pSecurityCtx
&& !pSecurityCtx->IsNamespaceAccessible(sScope))
{
SendMessageReply(MSG_REPLY_DATA, CDatum(), Msg);
return;
}
// Return the data in the auth token
SendMessageReply(MSG_REPLY_DATA, dData, Msg);
}
NS_IMETHODIMP
SmsRequest::NotifyReadMessageListFailed(int32_t aError)
{
if (mParent) {
return SendMessageReply(MessageReply(ReplyCreateMessageListFail(aError)));
}
if (mCursor) {
static_cast<SmsCursor*>(mCursor.get())->Disconnect();
}
return NotifyError(aError);
}
void CAeonEngine::MsgInsertNew (const SArchonMessage &Msg, const CHexeSecurityCtx *pSecurityCtx)
// MsgInsertNew
//
// Aeon.insertNew {tableName} {rowPath} {data}
//
// {rowPath} is an array with as many elements as the table dimensions
{
AEONERR error;
const CString &sTable = Msg.dPayload.GetElement(0);
CDatum dRowPath = Msg.dPayload.GetElement(1);
CDatum dData = Msg.dPayload.GetElement(2);
// Make sure we are allowed access to this table
if (!ValidateTableAccess(Msg, pSecurityCtx, sTable))
return;
// If the table doesn't exist, then we can't continue
CAeonTable *pTable;
if (!FindTable(sTable, &pTable))
{
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, strPattern(STR_ERROR_UNKNOWN_TABLE, sTable), Msg);
return;
}
// Parse the path
CString sError;
CRowKey Path;
if (!pTable->ParseDimensionPathForCreate(dRowPath, &Path, &sError))
{
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, sError, Msg);
return;
}
// Insert
if (error = pTable->Insert(Path, dData, true, &sError))
{
if (error == AEONERR_ALREADY_EXISTS)
SendMessageReplyError(MSG_ERROR_ALREADY_EXISTS, sError, Msg);
else
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, sError, Msg);
return;
}
// Done
SendMessageReply(MSG_OK, CDatum(), Msg);
}
NS_IMETHODIMP
SmsRequest::NotifyNextMessageInListGot(nsIDOMMozSmsMessage *aMessage)
{
if (mParent) {
SmsMessageData data = SmsMessageData(static_cast<SmsMessage*>(aMessage)->GetData());
return SendMessageReply(MessageReply(ReplyGetNextMessage(data)));
}
nsCOMPtr<SmsCursor> cursor = static_cast<SmsCursor*>(mCursor.get());
NS_ASSERTION(cursor, "Request should have an cursor in that case!");
cursor->SetMessage(aMessage);
return NotifySuccess<nsIDOMMozSmsCursor*>(cursor);
}
NS_IMETHODIMP
SmsRequest::NotifyMessageListCreated(int32_t aListId,
nsIDOMMozSmsMessage *aMessage)
{
if (mParent) {
SmsMessageData data = SmsMessageData(static_cast<SmsMessage*>(aMessage)->GetData());
return SendMessageReply(MessageReply(ReplyCreateMessageList(aListId, data)));
} else {
nsCOMPtr<SmsCursor> cursor = new SmsCursor(aListId, this);
cursor->SetMessage(aMessage);
return NotifySuccess<nsIDOMMozSmsCursor*>(cursor);
}
}
void CAeonEngine::MsgFileGetDesc (const SArchonMessage &Msg, const CHexeSecurityCtx *pSecurityCtx)
// MsgFileGetDesc
//
// Aeon.fileGetDesc {filePath}
{
CString sError;
// Get the filePath
CString sTable;
CString sFilePath;
if (!CAeonTable::ParseFilePath(Msg.dPayload.GetElement(0), &sTable, &sFilePath, &sError))
{
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, strPattern(STR_ERROR_PARSING_FILE_PATH, sError), Msg);
return;
}
// Make sure we are allowed access to this table
if (!ValidateTableAccess(Msg, pSecurityCtx, sTable))
return;
// Get the table
CAeonTable *pTable;
if (!FindTable(sTable, &pTable))
{
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, strPattern(STR_ERROR_UNKNOWN_TABLE, sTable), Msg);
return;
}
// Get the descriptor
CDatum dFileDesc;
if (!pTable->GetFileDesc(sFilePath, &dFileDesc, &sError))
{
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, sError, Msg);
return;
}
// Prepare the descriptor for return
CDatum dNewFileDesc = CAeonTable::PrepareFileDesc(sTable, sFilePath, dFileDesc);
// Done
SendMessageReply(MSG_REPLY_DATA, dNewFileDesc, Msg);
}
NS_IMETHODIMP
SmsRequest::NotifyNoMessageInList()
{
if (mParent) {
return SendMessageReply(MessageReply(ReplyNoMessageInList()));
}
nsCOMPtr<nsIDOMMozSmsCursor> cursor = mCursor;
if (!cursor) {
cursor = new SmsCursor();
} else {
static_cast<SmsCursor*>(cursor.get())->Disconnect();
}
return NotifySuccess<nsIDOMMozSmsCursor*>(cursor);
}
void CAeonEngine::MsgDeleteTable (const SArchonMessage &Msg, const CHexeSecurityCtx *pSecurityCtx)
// MsgDeleteTable
//
// Aeon.deleteTable {tableName}
{
// Parameters
const CString &sTable = Msg.dPayload.GetElement(0);
// Make sure we are allowed access to this table
if (!ValidateTableAccess(Msg, pSecurityCtx, sTable))
return;
// Lock while we remove the table
CSmartLock Lock(m_cs);
// If the table doesn't exist, then we can't continue
int iTablePos;
if (!m_Tables.FindPos(sTable, &iTablePos))
{
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, strPattern(STR_ERROR_UNKNOWN_TABLE, sTable), Msg);
return;
}
// Remove the table from the array
CAeonTable *pTable = m_Tables.GetValue(iTablePos);
m_Tables.Delete(iTablePos);
// Clean up the table
if (!pTable->Delete())
Log(MSG_LOG_ERROR, STR_UNABLE_TO_DELETE_TABLE_FILES);
delete pTable;
// We can unlock now
Lock.Unlock();
// Done
SendMessageReply(MSG_OK, CDatum(), Msg);
}
void CAeonEngine::MsgCreateTable (const SArchonMessage &Msg, const CHexeSecurityCtx *pSecurityCtx)
// MsgCreateTable
//
// Aeon.createTable {tableDesc}
//
// {tableDesc} = { name:MyTable1 type:standard x:{keyType:utf8} y:{keyType:int32} z:{keyType:dateTime} }
{
CString sError;
// Get the table desc and table name
CDatum dTableDesc = Msg.dPayload.GetElement(0);
const CString &sTable = dTableDesc.GetElement(FIELD_NAME);
// Make sure we are allowed access to this table
if (!ValidateTableAccess(Msg, pSecurityCtx, sTable))
return;
// See if the table descriptor specifies storage volumes; if so, then we
// make sure that the calling service has admin rights.
if (!dTableDesc.GetElement(FIELD_PRIMARY_VOLUME).IsNil()
|| !dTableDesc.GetElement(FIELD_BACKUP_VOLUMES).IsNil())
{
if (!ValidateAdminAccess(Msg, pSecurityCtx))
return;
}
// Create
bool bExists;
if (!CreateTable(dTableDesc, NULL, &bExists, &sError))
{
if (bExists)
SendMessageReplyError(MSG_ERROR_ALREADY_EXISTS, sError, Msg);
else
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, sError, Msg);
return;
}
// Done
SendMessageReply(MSG_OK, CDatum(), Msg);
}
void CAeonEngine::MsgFlushDb (const SArchonMessage &Msg, const CHexeSecurityCtx *pSecurityCtx)
// MsgFlushDb
//
// Aeon.flushDb
{
if (!ValidateAdminAccess(Msg, pSecurityCtx))
return;
if (!FlushTableRows())
{
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, ERR_UNABLE_TO_FLUSH, Msg);
return;
}
SendMessageReply(MSG_OK, CDatum(), Msg);
}
NS_IMETHODIMP
SmsRequest::NotifyThreadList(const jsval& aThreadList, JSContext* aCx)
{
MOZ_ASSERT(aThreadList.isObject());
if (mParent) {
JSObject* array = const_cast<JSObject*>(&aThreadList.toObject());
uint32_t length;
bool ok = JS_GetArrayLength(aCx, array, &length);
NS_ENSURE_TRUE(ok, NS_ERROR_FAILURE);
ReplyThreadList reply;
InfallibleTArray<ThreadListItem>& ipcItems = reply.items();
if (length) {
ipcItems.SetCapacity(length);
for (uint32_t i = 0; i < length; i++) {
jsval arrayEntry;
ok = JS_GetElement(aCx, array, i, &arrayEntry);
NS_ENSURE_TRUE(ok, NS_ERROR_FAILURE);
MOZ_ASSERT(arrayEntry.isObject());
mozilla::idl::SmsThreadListItem item;
nsresult rv = item.Init(aCx, &arrayEntry);
NS_ENSURE_SUCCESS(rv, rv);
ThreadListItem* ipcItem = ipcItems.AppendElement();
ipcItem->senderOrReceiver() = item.senderOrReceiver;
ipcItem->timestamp() = item.timestamp;
ipcItem->body() = item.body;
ipcItem->unreadCount() = item.unreadCount;
}
}
return SendMessageReply(reply);
}
return NotifySuccess(aThreadList);
}
void CEsperEngine::MsgEsperSetConnectionProperty (const SArchonMessage &Msg)
// MsgEsperSetConnectionProperty
//
// Esper.setConnectionProperty {socket} {property} {value}
{
CDatum dConnection = Msg.dPayload.GetElement(0);
CString sProperty = Msg.dPayload.GetElement(1);
CDatum dValue = Msg.dPayload.GetElement(2);
CString sError;
if (!m_Connections.SetProperty(dConnection, sProperty, dValue, &sError))
{
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, sError, Msg);
return;
}
SendMessageReply(MSG_OK, CDatum(), Msg);
}
void CHyperionEngine::MsgResizeImage (const SArchonMessage &Msg, const CHexeSecurityCtx *pSecurityCtx)
// MsgResizeImage
//
// Hyperion.resizeImage filePath newSize [options]
{
// Get parameters
CString sFilePath = Msg.dPayload.GetElement(0);
if (sFilePath.IsEmpty())
{
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, ERR_BAD_PARAMS, Msg);
return;
}
DWORD dwSize = (DWORD)Msg.dPayload.GetElement(1);
if (dwSize == 0)
{
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, ERR_BAD_PARAMS, Msg);
return;
}
// Generate an ID for the generated file.
CString sID = strPattern("%s#size=%d", sFilePath, dwSize);
// If we have it in the cache, then we're done.
CDatum dData;
if (m_Cache.FindEntry(sID, &dData))
{
SendMessageReply(MSG_AEON_FILE_DOWNLOAD_DESC, dData, Msg);
return;
}
// Otherwise, we need to resize the file. Start a session to get the
// original file bits.
StartSession(Msg, new CResizeImageSession(*this, sFilePath, dwSize, sID, pSecurityCtx));
}
void CAeonEngine::MsgRecoverTableTest (const SArchonMessage &Msg, const CHexeSecurityCtx *pSecurityCtx)
// MsgRecoverTableTest
//
// Aeon.recoverTableTest {tableName}
{
// This is an admin operation
if (!ValidateAdminAccess(Msg, pSecurityCtx))
return;
// Get the table
const CString &sTable = Msg.dPayload.GetElement(0);
// If the table doesn't exist, then we can't continue
CAeonTable *pTable;
if (!FindTable(sTable, &pTable))
{
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, strPattern(STR_ERROR_UNKNOWN_TABLE, sTable), Msg);
return;
}
// Recover
CString sError;
if (!pTable->RecoverTableRows(&sError))
{
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, sError, Msg);
return;
}
// Done
SendMessageReply(MSG_OK, CDatum(), Msg);
}
bool CUserInfoSession::OnProcessMessage (const SArchonMessage &Msg)
// OnProcessMessage
//
// We received a reply from Aeon
{
int i;
// If this is an error, then we return the error back to the client
if (IsError(Msg))
{
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, Msg.dPayload);
return false;
}
// If we're waiting for the user record, then see if we can process it now.
if (m_iState == stateWaitingForUserRecord)
{
// Cryptosaur.getUser
if (strEquals(GetOriginalMsg().sMsg, MSG_CRYPTOSAUR_GET_USER))
{
CDatum dUserData = Msg.dPayload;
// If the user does not exist, then we return Nil
if (dUserData.IsNil())
{
SendMessageReply(MSG_REPLY_DATA, CDatum());
return false;
}
// Generate a sanitized user record
CComplexStruct *pReply = new CComplexStruct;
pReply->SetElement(FIELD_USERNAME, dUserData.GetElement(FIELD_USERNAME));
// Sanitize rights
CDatum dRights = dUserData.GetElement(FIELD_RIGHTS);
if (!m_sScope.IsEmpty())
{
CComplexArray *pRights = new CComplexArray;
for (i = 0; i < dRights.GetCount(); i++)
if (strStartsWith(dRights.GetElement(i), m_sScope))
pRights->Insert(dRights.GetElement(i));
pReply->SetElement(FIELD_RIGHTS, CDatum(pRights));
}
else
pReply->SetElement(FIELD_RIGHTS, dRights);
// Done
SendMessageReply(MSG_REPLY_DATA, CDatum(pReply));
return false;
}
// If we get back nil then the user does not exist.
else if (Msg.dPayload.IsNil())
{
SendMessageReplyError(MSG_ERROR_DOES_NOT_EXIST, strPattern(ERR_UNKNOWN_USERNAME, m_sUsername));
return false;
}
// Otherwise, we handle the result based on the original message
else if (strEquals(GetOriginalMsg().sMsg, MSG_CRYPTOSAUR_CHECK_PASSWORD_SHA1))
{
// Get the parameters from the original message
CDatum dChallenge = GetOriginalMsg().dPayload.GetElement(1);
CDatum dResponse = GetOriginalMsg().dPayload.GetElement(2);
// Get the password has from the response
CDatum dAuthDesc = Msg.dPayload.GetElement(FIELD_AUTH_DESC);
CDatum dPasswordHash = dAuthDesc.GetElement(FIELD_CREDENTIALS);
// Create a response to the challenge based on the password hash that
// we have stored.
CDatum dCorrect = CAI1Protocol::CreateSHAPasswordChallengeResponse(dPasswordHash, dChallenge);
// Compare the correct response to the actual
if ((const CIPInteger &)dResponse == (const CIPInteger &)dCorrect)
return UpdateLoginSuccess(stateWaitingForSuccessUpdate);
else
return UpdateLoginFailure();
}
// Cryptosaur.hasRights
else if (strEquals(GetOriginalMsg().sMsg, MSG_CRYPTOSAUR_HAS_RIGHTS))
{
CDatum dRights = Msg.dPayload.GetElement(FIELD_RIGHTS);
CDatum dRightsRequired = m_dPayload.GetElement(1);
// Get the rights from the user
CAttributeList Rights;
dRights.AsAttributeList(&Rights);
// Check
for (i = 0; i < dRightsRequired.GetCount(); i++)
{
if (!Rights.HasAttribute(dRightsRequired.GetElement(i)))
{
SendMessageReply(MSG_REPLY_DATA, CDatum());
return false;
}
}
// We have all rights
SendMessageReply(MSG_REPLY_DATA, CDatum(CDatum::constTrue));
return false;
}
// Cryptosaur.loginUser
else if (strEquals(GetOriginalMsg().sMsg, MSG_CRYPTOSAUR_LOGIN_USER))
{
// Get the parameters from the original message
CDatum dRequestAuthDesc = GetOriginalMsg().dPayload.GetElement(1);
CDatum dCredentials = dRequestAuthDesc.GetElement(FIELD_CREDENTIALS);
CDatum dChallengeCredentials = dRequestAuthDesc.GetElement(FIELD_CHALLENGE_CREDENTIALS);
CDatum dPassword = dRequestAuthDesc.GetElement(FIELD_PASSWORD);
m_bActual = !dRequestAuthDesc.GetElement(FIELD_ACTUAL).IsNil();
if (!dRequestAuthDesc.GetElement(FIELD_AUTH_TOKEN_INFINITE).IsNil())
m_dwAuthTokenLifetime = 0;
else
{
m_dwAuthTokenLifetime = (DWORD)(int)dRequestAuthDesc.GetElement(FIELD_AUTH_TOKEN_LIFETIME);
if (m_dwAuthTokenLifetime == 0)
m_dwAuthTokenLifetime = DEFAULT_AUTH_TOKEN_TIMEOUT;
}
// If we're not actual and have no scope, then we can't continue
if (!m_bActual && m_sScope.IsEmpty())
{
SendMessageReplyError(MSG_ERROR_UNABLE_TO_COMPLY, ERR_SCOPE_REQUIRED);
return false;
}
// User data
CDatum dUserData = Msg.dPayload;
CDatum dAuthDesc;
if (m_bActual)
dAuthDesc = dUserData.GetElement(FIELD_AUTH_DESC);
else
dAuthDesc = dUserData.GetElement(strPattern("%s%s", m_sScope, FIELD_AUTH_DESC));
// If we have no authdesc, then we can't continue. This is likely
// because the client is in a sandbox that the user has not registered
// with. We treat it the same as a username/password failure.
if (dAuthDesc.IsNil())
{
SendMessageReplyError(MSG_ERROR_DOES_NOT_EXIST, ERR_INVALID_USERNAME_OR_PASSWORD);
return false;
}
// If we've failed more than 5 consecutive times, we may need to delay
// the next login attempt.
if ((int)dUserData.GetElement(FIELD_LOGIN_FAILURE_COUNT) > MAX_LOGIN_ATTEMPTS)
{
CDateTime LastLoginFailure = dUserData.GetElement(FIELD_LAST_LOGIN_FAILURE_ON);
CTimeSpan TimeSinceLastFailure = timeSpan(LastLoginFailure, CDateTime(CDateTime::Now));
// If it has not been at least 1 hour, we return an error.
if (TimeSinceLastFailure.Days() == 0 && TimeSinceLastFailure.Seconds() < LOGIN_TIMEOUT)
{
// Timeout
SendMessageReplyError(MSG_ERROR_DOES_NOT_EXIST, ERR_FAILURE_TIMEOUT);
return false;
}
}
// If we have straight credentials, then just compare
bool bSuccess;
if (!dCredentials.IsNil())
bSuccess = ((const CIPInteger &)dCredentials == (const CIPInteger &)dAuthDesc.GetElement(FIELD_CREDENTIALS));
// Otherwise, we compare against the challenge
else if (!dChallengeCredentials.IsNil())
{
// Get the challenge. If not provided then we get it from the user
// record.
CDatum dChallenge = GetOriginalMsg().dPayload.GetElement(2);
if (dChallenge.IsNil())
{
// Get the expiration time of the challenge
const CDateTime &Expires = dAuthDesc.GetElement(FIELD_CHALLENGE_EXPIRATION);
if (Expires < CDateTime(CDateTime::Now))
{
SendMessageReplyError(MSG_ERROR_DOES_NOT_EXIST, ERR_INVALID_USERNAME_OR_PASSWORD);
return false;
}
dChallenge = dAuthDesc.GetElement(FIELD_CHALLENGE);
}
// Create a response to the challenge based on the password hash that
// we have stored.
CDatum dCorrectChallenge = CAI1Protocol::CreateSHAPasswordChallengeResponse(
dAuthDesc.GetElement(FIELD_CREDENTIALS),
dChallenge
);
bSuccess = ((const CIPInteger &)dChallengeCredentials == (const CIPInteger &)dCorrectChallenge);
}
// Otherwise we expect a clear text password
else if (!dPassword.IsNil())
{
// We have to hash the password to compare with credentials.
CIPInteger Credentials;
CCryptosaurInterface::CreateCredentials(dUserData.GetElement(FIELD_USERNAME), dPassword, &Credentials);
// Compare
bSuccess = (Credentials == (const CIPInteger &)dAuthDesc.GetElement(FIELD_CREDENTIALS));
}
else
bSuccess = false;
// Success or failure
if (bSuccess)
return UpdateLoginSuccess(stateWaitingForCredentials);
else
return UpdateLoginFailure();
}
// Can never get here.
else
{
ASSERT(false);
return false;
}
}
// Otherwise, if we're waiting for the user record update, then continue
else if (m_iState == stateWaitingForSuccessUpdate)
{
// Since we succeeded, we send the user sanitized user record back.
SendMessageReply(MSG_REPLY_DATA, CreateSanitizedUserRecord(Msg.dPayload));
return false;
}
// If we're waiting for credentials, compose them
else if (m_iState == stateWaitingForCredentials)
{
// The mutation returns the full record
CDatum dUserData = Msg.dPayload;
// Compute the result
CComplexStruct *pAuthToken = new CComplexStruct;
pAuthToken->SetElement(FIELD_USERNAME, dUserData.GetElement(FIELD_USERNAME));
pAuthToken->SetElement(FIELD_RIGHTS, dUserData.GetElement(FIELD_RIGHTS));
if (!m_bActual)
pAuthToken->SetElement(FIELD_SCOPE, m_sScope);
CDatum dAuthToken = m_pEngine->GenerateAuthToken(CDatum(pAuthToken), m_dwAuthTokenLifetime);
// Compose a basic user record
CComplexStruct *pReply = new CComplexStruct;
pReply->SetElement(FIELD_AUTH_TOKEN, dAuthToken);
pReply->SetElement(FIELD_RIGHTS, dUserData.GetElement(FIELD_RIGHTS));
pReply->SetElement(FIELD_USERNAME, dUserData.GetElement(FIELD_USERNAME));
// Send the reply
SendMessageReply(MSG_REPLY_DATA, CDatum(pReply));
// Done
return false;
}
// Otherwise, failure
else if (m_iState == stateWaitingForFailureUpdate)
{
CDatum dUserData = Msg.dPayload;
// If we've exceeded our limit, log it
int iAttempts = (int)dUserData.GetElement(FIELD_LOGIN_FAILURE_COUNT);
if (iAttempts > MAX_LOGIN_ATTEMPTS)
GetProcessCtx()->Log(MSG_LOG_INFO, strPattern(ERR_USERNAME_TIMEOUT, m_sUsername, iAttempts));
// Send a failure
SendMessageReplyError(MSG_ERROR_DOES_NOT_EXIST, ERR_INVALID_USERNAME_OR_PASSWORD);
return false;
}
// Can never get here
else
{
ASSERT(false);
return false;
}
}
