FabInfra-Mirror/api.fabaccess-api
1
0
Fork 0
mirror of https://gitlab.com/fabinfra/fabaccess/fabaccess-api.git synced 2025-03-12 23:01:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add continue result to authentication

Browse Source
This commit is contained in:
Nadja von Reitzenstein Čerpnjak 2024-04-22 12:23:13 +02:00
parent 637e56c4ad
commit b6c35cabc6
2 changed files with 19 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
auth.capnp
View File

@ -6,6 +6,11 @@ $CSharp.namespace("FabAccessAPI.Schema");
using import "utils.capnp".L10NString;
using import "main.capnp".Session;
struct AuthSupported {
mechs @0 :List(Mechanism);
cbtypes @1 :List(Text);
}
struct Mechanism {
name @0 :Text;
additionalInfo @1 :AnyPointer;
@ -95,7 +100,18 @@ struct Response {
# non-NULL list ptr of zero bytes which clients MUST pass to their SASL implementation
# as "no additional data" and "some additional data of zero length" respectively.
}
# TODO: Continue for successful step but additional mech needed
continue :group {
# The current authentication exchange was successful, but the client needs to perform
# a second round of authentication (e.g. 2FA) to continue.
nextMechanisms @6 :List(Mechanism);
# List of mechanisms now available to the client.
additionalData @7 :Data;
# SASL may send additional data with the continue result. This MAY be a NULL-ptr or a
# non-NULL list ptr of zero bytes which clients MUST pass to their SASL implementation
# as "no additional data" and "some additional data of zero length" respectively.
}
}
}

5
main.capnp
View File

@ -4,6 +4,7 @@ using CSharp = import "programming_language/csharp.capnp";
$CSharp.namespace("FabAccessAPI.Schema");
using import "auth.capnp".Authentication;
using import "auth.capnp".AuthSupported;
using import "auth.capnp".Mechanism;
using import "resources.capnp".Resources;
using import "users.capnp".Users;
@ -31,10 +32,8 @@ interface Bootstrap
getServerInfo @2 () -> ( spacename :Text, instanceurl :Text );
# Returns information about the server, which can be used to resolve MDNS to DNS and display the server name to the user.
mechanisms @3 () -> ( mechs :List(Mechanism), cbtypes :List(Text) );
mechanisms @3 () -> AuthSupported;
# Get a list of Mechanisms this server allows in this context.
# TODO: Channel Bindings
# TODO: List of groups of mechs
createSession @4 ( mechanism :Text ) -> ( authentication :Authentication );
# Create a new session with the server that you wish to authenticate using `mechanism`. If the