Mirrors/overte
3
0
Fork 0
mirror of https://github.com/overte-org/overte.git synced 2025-08-10 04:12:46 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Tidy processing user connect request

Browse source
This commit is contained in:
David Rowe 2020-08-02 20:54:09 +12:00
parent c3769a5f74
commit fdb4a5605a
2 changed files with 20 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

31
domain-server/src/DomainGatekeeper.cpp
View file

@ -517,20 +517,15 @@ SharedNodePointer DomainGatekeeper::processAgentConnectRequest(const NodeConnect
#endif #endif
return SharedNodePointer(); return SharedNodePointer();
} else if (!_verifiedDomainUserIdentities.contains(domainUsername) } else if (needToVerifyDomainUserIdentity(domainUsername, domainAccessToken, domainRefreshToken)) {
|| _verifiedDomainUserIdentities[domainUsername] != QPair<QString, QString>(domainAccessToken, domainRefreshToken)) {
// ####### TODO: Write a function for the above test.
// User's domain identity needs to be confirmed. // User's domain identity needs to be confirmed.
if (_verifiedDomainUserIdentities.contains(domainUsername)) {
_verifiedDomainUserIdentities.remove(domainUsername);
}
requestDomainUser(domainUsername, domainAccessToken, domainRefreshToken); requestDomainUser(domainUsername, domainAccessToken, domainRefreshToken);
#ifdef WANT_DEBUG #ifdef WANT_DEBUG
qDebug() << "Stalling login because we haven't authenticated user yet:" << domainUsername; qDebug() << "Stalling login because we haven't authenticated user yet:" << domainUsername;
#endif #endif
} else if (verifyDomainUserSignature(domainUsername, domainAccessToken, domainRefreshToken, } else if (verifyDomainUserIdentity(domainUsername, domainAccessToken, domainRefreshToken,
nodeConnection.senderSockAddr)) { nodeConnection.senderSockAddr)) {
// User's domain identity is confirmed. // User's domain identity is confirmed.
getDomainGroupMemberships(domainUsername); getDomainGroupMemberships(domainUsername);
verifiedDomainUsername = domainUsername.toLower(); verifiedDomainUsername = domainUsername.toLower();
@ -758,13 +753,17 @@ bool DomainGatekeeper::verifyUserSignature(const QString& username,
return false; return false;
} }
// ####### TODO: Rename to verifyDomainUser()?
bool DomainGatekeeper::verifyDomainUserSignature(const QString& username, const QString& accessToken,
const QString& refreshToken, const HifiSockAddr& senderSockAddr) {
// ####### TODO: Verify response from domain OAuth2 request to WordPress, if it's arrived yet. bool DomainGatekeeper::needToVerifyDomainUserIdentity(const QString& username, const QString& accessToken,
// #### Or assume the verification step has already occurred? const QString& refreshToken) {
if (_verifiedDomainUserIdentities.contains(username)) { return !_verifiedDomainUserIdentities.contains(username)
|| _verifiedDomainUserIdentities.value(username) != QPair<QString, QString>(accessToken, refreshToken);
}
bool DomainGatekeeper::verifyDomainUserIdentity(const QString& username, const QString& accessToken,
const QString& refreshToken, const HifiSockAddr& senderSockAddr) {
if (_verifiedDomainUserIdentities.contains(username)
&& _verifiedDomainUserIdentities.value(username) == QPair<QString, QString>(accessToken, refreshToken)) {
return true; return true;
} }
@ -1236,6 +1235,10 @@ void DomainGatekeeper::requestDomainUser(const QString& username, const QString&
} }
_inFlightDomainUserIdentityRequests.insert(username, QPair<QString, QString>(accessToken, refreshToken)); _inFlightDomainUserIdentityRequests.insert(username, QPair<QString, QString>(accessToken, refreshToken));
if (_verifiedDomainUserIdentities.contains(username)) {
_verifiedDomainUserIdentities.remove(username);
}
QString apiBase = _server->_settingsManager.valueForKeyPath(AUTHENTICATION_WORDPRESS_URL_BASE).toString(); QString apiBase = _server->_settingsManager.valueForKeyPath(AUTHENTICATION_WORDPRESS_URL_BASE).toString();
if (!apiBase.endsWith("/")) { if (!apiBase.endsWith("/")) {
apiBase += "/"; apiBase += "/";

5
domain-server/src/DomainGatekeeper.h
View file

@ -90,8 +90,9 @@ private:
bool verifyUserSignature(const QString& username, const QByteArray& usernameSignature, bool verifyUserSignature(const QString& username, const QByteArray& usernameSignature,
const HifiSockAddr& senderSockAddr); const HifiSockAddr& senderSockAddr);
bool verifyDomainUserSignature(const QString& username, const QString& accessToken, const QString& refreshToken, bool needToVerifyDomainUserIdentity(const QString& username, const QString& accessToken, const QString& refreshToken);
const HifiSockAddr& senderSockAddr); bool verifyDomainUserIdentity(const QString& username, const QString& accessToken, const QString& refreshToken,
const HifiSockAddr& senderSockAddr);
bool isWithinMaxCapacity(); bool isWithinMaxCapacity();