-
Notifications
You must be signed in to change notification settings - Fork 7
/
UAServer.cs
99 lines (83 loc) · 3.9 KB
/
UAServer.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
namespace Opc.Ua.Edge.Translator
{
using Opc.Ua;
using Opc.Ua.Server;
using System;
using System.Collections.Generic;
public partial class UAServer : ReverseConnectServer
{
protected override MasterNodeManager CreateMasterNodeManager(IServerInternal server, ApplicationConfiguration configuration)
{
List<INodeManager> nodeManagers = new List<INodeManager>
{
new UANodeManager(server, configuration)
};
return new MasterNodeManager(server, configuration, null, nodeManagers.ToArray());
}
protected override ServerProperties LoadServerProperties()
{
ServerProperties properties = new ServerProperties
{
ManufacturerName = "OPC Foundation",
ProductName = "UA Edge Translator",
ProductUri = "http://opcfoundation.org/UA/EdgeTranslator",
SoftwareVersion = Utils.GetAssemblySoftwareVersion(),
BuildNumber = Utils.GetAssemblyBuildNumber(),
BuildDate = Utils.GetAssemblyTimestamp()
};
return properties;
}
protected override void OnServerStarted(IServerInternal server)
{
base.OnServerStarted(server);
server.SessionManager.ImpersonateUser += new ImpersonateEventHandler(SessionManager_ImpersonateUser);
}
private void SessionManager_ImpersonateUser(Session session, ImpersonateEventArgs args)
{
UserNameIdentityToken userNameToken = args.NewIdentity as UserNameIdentityToken;
if (userNameToken != null)
{
args.Identity = VerifyPassword(userNameToken);
Utils.LogInfo(Utils.TraceMasks.Security, "Username Token Accepted: {0}", args.Identity?.DisplayName);
return;
}
throw ServiceResultException.Create(StatusCodes.BadIdentityTokenInvalid, "Not supported user token type: {0}.", args.NewIdentity);
}
private IUserIdentity VerifyPassword(UserNameIdentityToken userNameToken)
{
var userName = userNameToken.UserName;
var password = userNameToken.DecryptedPassword;
if (string.IsNullOrEmpty(userName))
{
throw ServiceResultException.Create(StatusCodes.BadIdentityTokenInvalid,
"Security token is not a valid username token. An empty username is not accepted.");
}
if (string.IsNullOrEmpty(password))
{
throw ServiceResultException.Create(StatusCodes.BadIdentityTokenRejected,
"Security token is not a valid username token. An empty password is not accepted.");
}
string configuredUsername = Environment.GetEnvironmentVariable("OPCUA_USERNAME");
string configuredPassword = Environment.GetEnvironmentVariable("OPCUA_PASSWORD");
if (!string.IsNullOrEmpty(configuredUsername)
&& !string.IsNullOrEmpty(configuredPassword)
&& (userName == configuredUsername)
&& (password == configuredPassword))
{
return new SystemConfigurationIdentity(new UserIdentity(userNameToken));
}
// construct translation object with default text.
TranslationInfo info = new TranslationInfo(
"InvalidPassword",
"en-US",
"Invalid username or password.",
userName);
// create an exception with a vendor defined sub-code.
throw new ServiceResultException(new ServiceResult(
StatusCodes.BadUserAccessDenied,
"InvalidPassword",
LoadServerProperties().ProductUri,
new LocalizedText(info)));
}
}
}