rosbridge protocol should support generic authentication

[rctoris]

The current rosbridge protocol supports no kind of authentication mechanism. I move enhance the protocol to support a new op type called auth. Authentication will be based on the MAC (message authentication code) scheme discussed at previous Robot Web Tools meetings and provided by rosauth https://github.com/WPI-RAIL/rosauth

The key to using MAC is that it does not tie users to a single "user database." It simply requires some trusted third-party to provide the hash-keys. An example could be RMS but it makes not difference if it comes from any other source.

The idea behind the auth operation would be that any server that enabled authentication would wait for this request to come in first before accepting any other op code from the client. Once the request comes in, it would verify the information (in a ROS system, using rosauth, however, the verification method is not tied to ROS). If the authentication is good, the connection would be kept and rosbridge would function as normal. If the authentication is bad, the connection would be severed. In the case that authentication is not enabled on the server, the op code can be ignored.

Authentication Operation:
{op: 'auth', mac: <string>, client: <string>, dest: <string>, rand: <string>, t: <int>, level: <string>, end: <int>}

mac - MAC (hashed) string given by the client
client - IP of the client
dest - IP of the destination
rand - Random string given by the client
t - Time of the authorization request given by the client
level - User level as a string given by the client
end - End time of the client's session given by the client

[jihoonl]

@rctoris is this issue resolved?

[rctoris]

Yup!