FabInfra-Mirror/api.fabaccess-api
1
0
Fork 0
mirror of https://gitlab.com/fabinfra/fabaccess/fabaccess-api.git synced 2025-03-12 23:01:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update auth

Browse Source
This commit is contained in:
Gregor Reitzenstein 2020-10-23 10:28:41 +02:00
parent 9fb856a4db
commit 43aaac69a0
2 changed files with 33 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
auth.capnp
View File

@ -28,24 +28,23 @@ $Rust.parentModule("schema");
using CSharp = import "csharp.capnp"; using CSharp = import "csharp.capnp";
$CSharp.namespace("FabAccessAPI.Schema"); $CSharp.namespace("FabAccessAPI.Schema");
struct AuthMessage { interface Authentication {
union { mechanisms @0 () -> ( mechs :List(Text) );
mechanisms @0 :List(Text); # Get the list of mechanisms supported by the server
# Message sent by a server supplying the list of available mechanisms.
request @1 :Request; # Authentication initiation sent by the client. start @1 ( request :Request ) -> ( response :Response );
challenge @2 :Data; # Challenge sent by the server to the client # Initiate an authentication exchange
response @3 :Data; # Response sent by the client to the server
outcome @4 :Outcome; # Final outcome sent by the server
abort @5 :Void; step @2 ( response :Data ) -> ( response :Response );
# Respond to a challenge with more data
abort @3 () -> ();
# Abort the current exchange. This may be sent by both client and server # Abort the current exchange. This may be sent by both client and server
# at any point during the exchange. It MUST not be sent by a server # at any point during the exchange. It MUST not be sent by a server
# after sending an outcome or by a client after receiving an outcome. # after sending an outcome or by a client after receiving an outcome.
# A server receiving an abort after sending an outcome but before # A server receiving an abort after sending an outcome but before
# receiving any non-authentication message MUST respect the abort. # receiving any non-authentication message MUST respect the abort.
} }
}
struct Request { struct Request {
mechanism @0 :Text; # The SASL mechanism name. mechanism @0 :Text; # The SASL mechanism name.
@ -66,7 +65,7 @@ struct Request {
} }
} }
struct Outcome { struct Response {
enum Result { enum Result {
# Result code of the outcome # Result code of the outcome
successful @0; successful @0;
@ -121,22 +120,27 @@ struct Outcome {
# should notify the responsible system administrator. # should notify the responsible system administrator.
} }
result @0 :Result; # Result code union {
challence @0 :Data;
outcome :group {
result @1 :Result; # Result code
action @1 :Action; # Hints for the client how to proceed in case of an error action @2 :Action; # Hints for the client how to proceed in case of an error
helpText @2 :Text; # Human-readable further information in case of an error helpText @3 :Text; # Human-readable further information in case of an error
additionalData :union { additionalData :union {
# Additional data that may be sent by the server to the client after a # Additional data that may be sent by the server to the client after a
# successful authentication exchange. # successful authentication exchange.
none @3 :Void; none @4 :Void;
# No additional data is being sent. This MUST be set on unsuccessful # No additional data is being sent. This MUST be set on unsuccessful
# outcomes. # outcomes.
additional @4 :Data; additional @5 :Data;
# Additional data may be any sequence of octets, including zero-length # Additional data may be any sequence of octets, including zero-length
# sequences and zero-value octets. # sequences and zero-value octets.
} }
} }
}
}

2
connection.capnp
View File

@ -38,7 +38,7 @@ struct Message {
leave @1 :Leave; leave @1 :Leave;
auth @2 :Auth.AuthMessage; auth @2 :Auth.Authentication;
# Start an authenticaion exchange # Start an authenticaion exchange
# TODO: RPC bootstrapping # TODO: RPC bootstrapping