Update auth

auth.capnp

@@ -28,23 +28,22 @@ $Rust.parentModule("schema");
 using CSharp = import "csharp.capnp";
 $CSharp.namespace("FabAccessAPI.Schema");
 
-struct AuthMessage {
+interface Authentication {
-    union {
+    mechanisms @0 () -> ( mechs :List(Text) );
-        mechanisms @0 :List(Text);
+    # Get the list of mechanisms supported by the server
-        # Message sent by a server supplying the list of available mechanisms.
 
-        request @1 :Request;    # Authentication initiation sent by the client.
+    start @1 ( request :Request ) -> ( response :Response );
-        challenge @2 :Data;     # Challenge sent by the server to the client
+    # Initiate an authentication exchange
-        response @3 :Data;      # Response sent by the client to the server
-        outcome @4 :Outcome;    # Final outcome sent by the server
 
-        abort @5 :Void;
+    step @2 ( response :Data ) -> ( response :Response );
-        # Abort the current exchange. This may be sent by both client and server
+    # Respond to a challenge with more data
-        # at any point during the exchange. It MUST not be sent by a server
+
-        # after sending an outcome or by a client after receiving an outcome.
+    abort @3 () -> ();
-        # A server receiving an abort after sending an outcome but before
+    # Abort the current exchange. This may be sent by both client and server
-        # receiving any non-authentication message MUST respect the abort.
+    # at any point during the exchange. It MUST not be sent by a server
-    }
+    # after sending an outcome or by a client after receiving an outcome.
+    # A server receiving an abort after sending an outcome but before
+    # receiving any non-authentication message MUST respect the abort.
 }
 
 struct Request {
@@ -66,7 +65,7 @@ struct Request {
     }
 }
 
-struct Outcome {
+struct Response {
     enum Result {
         # Result code of the outcome
         successful @0;
@@ -121,22 +120,27 @@ struct Outcome {
         # should notify the responsible system administrator.
     }
 
-    result @0 :Result; # Result code
+    union {
+        challence @0 :Data;
+        outcome :group {
+            result @1 :Result; # Result code
 
-    action @1 :Action; # Hints for the client how to proceed in case of an error
+            action @2 :Action; # Hints for the client how to proceed in case of an error
 
-    helpText @2 :Text; # Human-readable further information in case of an error
+            helpText @3 :Text; # Human-readable further information in case of an error
 
-    additionalData :union {
+            additionalData :union {
-        # Additional data that may be sent by the server to the client after a
+                # Additional data that may be sent by the server to the client after a
-        # successful authentication exchange.
+                # successful authentication exchange.
 
-        none @3 :Void;
+                none @4 :Void;
-        # No additional data is being sent. This MUST be set on unsuccessful
+                # No additional data is being sent. This MUST be set on unsuccessful
-        # outcomes.
+                # outcomes.
 
-        additional @4 :Data;
+                additional @5 :Data;
-        # Additional data may be any sequence of octets, including zero-length
+                # Additional data may be any sequence of octets, including zero-length
-        # sequences and zero-value octets.
+                # sequences and zero-value octets.
+            }
+        }
     }
 }

connection.capnp

@@ -38,7 +38,7 @@ struct Message {
 
         leave @1 :Leave;
 
-        auth @2 :Auth.AuthMessage;
+        auth @2 :Auth.Authentication;
         # Start an authenticaion exchange
 
         # TODO: RPC bootstrapping