forked from Olivine-Labs/Alchemy-Websockets
-
Notifications
You must be signed in to change notification settings - Fork 0
/
WebSocketAuthentication.cs
119 lines (103 loc) · 4.27 KB
/
WebSocketAuthentication.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
/*
Copyright 2011 Olivine Labs, LLC.
http://www.olivinelabs.com
*/
/*
This file is part of Alchemy Websockets.
Alchemy Websockets is free software: you can redistribute it and/or modify
it under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
Alchemy Websockets is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with Alchemy Websockets. If not, see <http://www.gnu.org/licenses/>.
*/
using System;
using System.Threading;
using Alchemy.Server.Classes;
using System.Security.Cryptography;
namespace Alchemy.Server.Handlers.WebSocket.hybi10
{
/// <summary>
/// Handles the handshaking between the client and the host, when a new connection is created
/// </summary>
public class WebSocketAuthentication : Alchemy.Server.Handlers.WebSocket.WebSocketAuthentication
{
public static string Origin = string.Empty;
public static string Location = string.Empty;
private static SemaphoreSlim _createLock = new SemaphoreSlim(1);
private static WebSocketAuthentication _instance = null;
private WebSocketAuthentication()
{
}
public static WebSocketAuthentication Instance
{
get
{
_createLock.Wait();
if (_instance == null)
{
_instance = new WebSocketAuthentication();
}
_createLock.Release();
return _instance;
}
}
public void SetOrigin(string origin)
{
Origin = origin;
}
public void SetLocation(string location)
{
Location = location;
}
public bool CheckHandshake(Context context)
{
if(context.ReceivedByteCount > 8)
{
ClientHandshake handshake = new ClientHandshake(context.Header);
// See if our header had the required information
if (handshake.IsValid())
{
// Optionally check Origin and Location if they're set.
if (Origin != string.Empty)
if (handshake.Origin != "http://" + Origin)
return false;
if (Location != string.Empty)
if (handshake.Host != Location + ":" + context.Server.Port.ToString())
return false;
// Generate response handshake for the client
ServerHandshake serverShake = GenerateResponseHandshake(handshake, context);
serverShake.SubProtocol = handshake.SubProtocol;
// Send the response handshake
SendServerHandshake(serverShake, context);
return true;
}
}
return false;
}
private static ServerHandshake GenerateResponseHandshake(ClientHandshake handshake, Context context)
{
ServerHandshake responseHandshake = new ServerHandshake();
responseHandshake.Accept = GenerateAccept(handshake.Key, context);
return responseHandshake;
}
private static void SendServerHandshake(ServerHandshake handshake, Context context)
{
// generate a byte array representation of the handshake including the answer to the challenge
string temp = handshake.ToString();
byte[] handshakeBytes = context.UserContext.Encoding.GetBytes(temp);
context.UserContext.SendRaw(handshakeBytes);
}
private static string GenerateAccept(string key, Context context)
{
string rawAnswer = key + "258EAFA5-E914-47DA-95CA-C5AB0DC85B11";
// Create a hash of the rawAnswer and return it
SHA1 hasher = SHA1.Create();
return Convert.ToBase64String(hasher.ComputeHash(context.UserContext.Encoding.GetBytes(rawAnswer)));
}
}
}