Copyright | Will Thompson Iñaki García Etxebarria and Jonas Platte |
---|---|
License | LGPL-2.1 |
Maintainer | Iñaki García Etxebarria (garetxe@gmail.com) |
Safe Haskell | None |
Language | Haskell2010 |
- newtype AuthDomain = AuthDomain (ManagedPtr AuthDomain)
- class GObject o => IsAuthDomain o
- toAuthDomain :: (MonadIO m, IsAuthDomain o) => o -> m AuthDomain
- noAuthDomain :: Maybe AuthDomain
- authDomainAccepts :: (HasCallStack, MonadIO m, IsAuthDomain a, IsMessage b) => a -> b -> m (Maybe Text)
- authDomainAddPath :: (HasCallStack, MonadIO m, IsAuthDomain a) => a -> Text -> m ()
- authDomainBasicSetAuthCallback :: (HasCallStack, MonadIO m, IsAuthDomain a) => a -> AuthDomainBasicAuthCallback -> m ()
- authDomainChallenge :: (HasCallStack, MonadIO m, IsAuthDomain a, IsMessage b) => a -> b -> m ()
- authDomainCheckPassword :: (HasCallStack, MonadIO m, IsAuthDomain a, IsMessage b) => a -> b -> Text -> Text -> m Bool
- authDomainCovers :: (HasCallStack, MonadIO m, IsAuthDomain a, IsMessage b) => a -> b -> m Bool
- authDomainDigestSetAuthCallback :: (HasCallStack, MonadIO m, IsAuthDomain a) => a -> AuthDomainDigestAuthCallback -> m ()
- authDomainGetRealm :: (HasCallStack, MonadIO m, IsAuthDomain a) => a -> m Text
- authDomainRemovePath :: (HasCallStack, MonadIO m, IsAuthDomain a) => a -> Text -> m ()
- authDomainSetFilter :: (HasCallStack, MonadIO m, IsAuthDomain a) => a -> AuthDomainFilter -> m ()
- authDomainSetGenericAuthCallback :: (HasCallStack, MonadIO m, IsAuthDomain a) => a -> AuthDomainGenericAuthCallback -> m ()
- authDomainTryGenericAuthCallback :: (HasCallStack, MonadIO m, IsAuthDomain a, IsMessage b) => a -> b -> Text -> m Bool
- clearAuthDomainAddPath :: (MonadIO m, IsAuthDomain o) => o -> m ()
- constructAuthDomainAddPath :: IsAuthDomain o => Text -> IO (GValueConstruct o)
- setAuthDomainAddPath :: (MonadIO m, IsAuthDomain o) => o -> Text -> m ()
- constructAuthDomainFilter :: IsAuthDomain o => Ptr () -> IO (GValueConstruct o)
- getAuthDomainFilter :: (MonadIO m, IsAuthDomain o) => o -> m (Ptr ())
- setAuthDomainFilter :: (MonadIO m, IsAuthDomain o) => o -> Ptr () -> m ()
- constructAuthDomainFilterData :: IsAuthDomain o => Ptr () -> IO (GValueConstruct o)
- getAuthDomainFilterData :: (MonadIO m, IsAuthDomain o) => o -> m (Ptr ())
- setAuthDomainFilterData :: (MonadIO m, IsAuthDomain o) => o -> Ptr () -> m ()
- constructAuthDomainGenericAuthCallback :: IsAuthDomain o => Ptr () -> IO (GValueConstruct o)
- getAuthDomainGenericAuthCallback :: (MonadIO m, IsAuthDomain o) => o -> m (Ptr ())
- setAuthDomainGenericAuthCallback :: (MonadIO m, IsAuthDomain o) => o -> Ptr () -> m ()
- constructAuthDomainGenericAuthData :: IsAuthDomain o => Ptr () -> IO (GValueConstruct o)
- getAuthDomainGenericAuthData :: (MonadIO m, IsAuthDomain o) => o -> m (Ptr ())
- setAuthDomainGenericAuthData :: (MonadIO m, IsAuthDomain o) => o -> Ptr () -> m ()
- constructAuthDomainProxy :: IsAuthDomain o => Bool -> IO (GValueConstruct o)
- getAuthDomainProxy :: (MonadIO m, IsAuthDomain o) => o -> m Bool
- constructAuthDomainRealm :: IsAuthDomain o => Text -> IO (GValueConstruct o)
- getAuthDomainRealm :: (MonadIO m, IsAuthDomain o) => o -> m Text
- clearAuthDomainRemovePath :: (MonadIO m, IsAuthDomain o) => o -> m ()
- constructAuthDomainRemovePath :: IsAuthDomain o => Text -> IO (GValueConstruct o)
- setAuthDomainRemovePath :: (MonadIO m, IsAuthDomain o) => o -> Text -> m ()
Exported types
newtype AuthDomain Source #
class GObject o => IsAuthDomain o Source #
toAuthDomain :: (MonadIO m, IsAuthDomain o) => o -> m AuthDomain Source #
Methods
accepts
:: (HasCallStack, MonadIO m, IsAuthDomain a, IsMessage b) | |
=> a |
|
-> b |
|
-> m (Maybe Text) | Returns: the username that |
Checks if msg
contains appropriate authorization for domain
to
accept it. Mirroring authDomainCovers
, this does not check
whether or not domain
<emphasis>cares</emphasis> if msg
is
authorized.
This is used by Server
internally and is probably of no use to
anyone else.
addPath
:: (HasCallStack, MonadIO m, IsAuthDomain a) | |
=> a |
|
-> Text |
|
-> m () |
Adds path
to domain
, such that requests under path
on domain
's
server will require authentication (unless overridden by
authDomainRemovePath
or authDomainSetFilter
).
You can also add paths by setting the AUTH_DOMAIN_ADD_PATH
property, which can also be used to add one or more paths at
construct time.
basicSetAuthCallback
authDomainBasicSetAuthCallback Source #
:: (HasCallStack, MonadIO m, IsAuthDomain a) | |
=> a |
|
-> AuthDomainBasicAuthCallback |
|
-> m () |
Sets the callback that domain
will use to authenticate incoming
requests. For each request containing authorization, domain
will
invoke the callback, and then either accept or reject the request
based on callback
's return value.
You can also set the auth callback by setting the
AUTH_DOMAIN_BASIC_AUTH_CALLBACK
and
AUTH_DOMAIN_BASIC_AUTH_DATA
properties, which can also be
used to set the callback at construct time.
challenge
:: (HasCallStack, MonadIO m, IsAuthDomain a, IsMessage b) | |
=> a |
|
-> b |
|
-> m () |
Adds a "WWW-Authenticate" or "Proxy-Authenticate" header to msg
,
requesting that the client authenticate, and sets msg
's status
accordingly.
This is used by Server
internally and is probably of no use to
anyone else.
checkPassword
authDomainCheckPassword Source #
:: (HasCallStack, MonadIO m, IsAuthDomain a, IsMessage b) | |
=> a |
|
-> b |
|
-> Text |
|
-> Text |
|
-> m Bool | Returns: whether or not the message is authenticated |
Checks if msg
authenticates to domain
via username
and
password
. This would normally be called from a
AuthDomainGenericAuthCallback
.
covers
:: (HasCallStack, MonadIO m, IsAuthDomain a, IsMessage b) | |
=> a |
|
-> b |
|
-> m Bool | Returns: |
Checks if domain
requires msg
to be authenticated (according to
its paths and filter function). This does not actually look at
whether msg
<emphasis>is</emphasis> authenticated, merely whether
or not it needs to be.
This is used by Server
internally and is probably of no use to
anyone else.
digestSetAuthCallback
authDomainDigestSetAuthCallback Source #
:: (HasCallStack, MonadIO m, IsAuthDomain a) | |
=> a |
|
-> AuthDomainDigestAuthCallback |
|
-> m () |
Sets the callback that domain
will use to authenticate incoming
requests. For each request containing authorization, domain
will
invoke the callback, and then either accept or reject the request
based on callback
's return value.
You can also set the auth callback by setting the
AUTH_DOMAIN_DIGEST_AUTH_CALLBACK
and
AUTH_DOMAIN_DIGEST_AUTH_DATA
properties, which can also be
used to set the callback at construct time.
getRealm
:: (HasCallStack, MonadIO m, IsAuthDomain a) | |
=> a |
|
-> m Text | Returns: |
Gets the realm name associated with domain
removePath
:: (HasCallStack, MonadIO m, IsAuthDomain a) | |
=> a |
|
-> Text |
|
-> m () |
Removes path
from domain
, such that requests under path
on
domain
's server will NOT require authentication.
This is not simply an undo-er for authDomainAddPath
; it
can be used to "carve out" a subtree that does not require
authentication inside a hierarchy that does. Note also that unlike
with authDomainAddPath
, this cannot be overridden by
adding a filter, as filters can only bypass authentication that
would otherwise be required, not require it where it would
otherwise be unnecessary.
You can also remove paths by setting the
AUTH_DOMAIN_REMOVE_PATH
property, which can also be used to
remove one or more paths at construct time.
setFilter
:: (HasCallStack, MonadIO m, IsAuthDomain a) | |
=> a |
|
-> AuthDomainFilter |
|
-> m () |
Adds filter
as an authentication filter to domain
. The filter
gets a chance to bypass authentication for certain requests that
would otherwise require it. Eg, it might check the message's path
in some way that is too complicated to do via the other methods, or
it might check the message's method, and allow GETs but not PUTs.
The filter function returns True
if the request should still
require authentication, or False
if authentication is unnecessary
for this request.
To help prevent security holes, your filter should return True
by
default, and only return False
under specifically-tested
circumstances, rather than the other way around. Eg, in the example
above, where you want to authenticate PUTs but not GETs, you should
check if the method is GET and return False
in that case, and then
return True
for all other methods (rather than returning True
for
PUT and False
for all other methods). This way if it turned out
(now or later) that some paths supported additional methods besides
GET and PUT, those methods would default to being NOT allowed for
unauthenticated users.
You can also set the filter by setting the AUTH_DOMAIN_FILTER
and AUTH_DOMAIN_FILTER_DATA
properties, which can also be
used to set the filter at construct time.
setGenericAuthCallback
authDomainSetGenericAuthCallback Source #
:: (HasCallStack, MonadIO m, IsAuthDomain a) | |
=> a |
|
-> AuthDomainGenericAuthCallback |
|
-> m () |
Sets authCallback
as an authentication-handling callback for
domain
. Whenever a request comes in to domain
which cannot be
authenticated via a domain-specific auth callback (eg,
AuthDomainDigestAuthCallback
), the generic auth callback
will be invoked. See AuthDomainGenericAuthCallback
for information
on what the callback should do.
tryGenericAuthCallback
authDomainTryGenericAuthCallback :: (HasCallStack, MonadIO m, IsAuthDomain a, IsMessage b) => a -> b -> Text -> m Bool Source #
No description available in the introspection data.
Properties
addPath
clearAuthDomainAddPath :: (MonadIO m, IsAuthDomain o) => o -> m () Source #
constructAuthDomainAddPath :: IsAuthDomain o => Text -> IO (GValueConstruct o) Source #
setAuthDomainAddPath :: (MonadIO m, IsAuthDomain o) => o -> Text -> m () Source #
filter
constructAuthDomainFilter :: IsAuthDomain o => Ptr () -> IO (GValueConstruct o) Source #
getAuthDomainFilter :: (MonadIO m, IsAuthDomain o) => o -> m (Ptr ()) Source #
setAuthDomainFilter :: (MonadIO m, IsAuthDomain o) => o -> Ptr () -> m () Source #
filterData
constructAuthDomainFilterData :: IsAuthDomain o => Ptr () -> IO (GValueConstruct o) Source #
getAuthDomainFilterData :: (MonadIO m, IsAuthDomain o) => o -> m (Ptr ()) Source #
setAuthDomainFilterData :: (MonadIO m, IsAuthDomain o) => o -> Ptr () -> m () Source #
genericAuthCallback
constructAuthDomainGenericAuthCallback :: IsAuthDomain o => Ptr () -> IO (GValueConstruct o) Source #
getAuthDomainGenericAuthCallback :: (MonadIO m, IsAuthDomain o) => o -> m (Ptr ()) Source #
setAuthDomainGenericAuthCallback :: (MonadIO m, IsAuthDomain o) => o -> Ptr () -> m () Source #
genericAuthData
constructAuthDomainGenericAuthData :: IsAuthDomain o => Ptr () -> IO (GValueConstruct o) Source #
getAuthDomainGenericAuthData :: (MonadIO m, IsAuthDomain o) => o -> m (Ptr ()) Source #
setAuthDomainGenericAuthData :: (MonadIO m, IsAuthDomain o) => o -> Ptr () -> m () Source #
proxy
constructAuthDomainProxy :: IsAuthDomain o => Bool -> IO (GValueConstruct o) Source #
getAuthDomainProxy :: (MonadIO m, IsAuthDomain o) => o -> m Bool Source #
realm
constructAuthDomainRealm :: IsAuthDomain o => Text -> IO (GValueConstruct o) Source #
getAuthDomainRealm :: (MonadIO m, IsAuthDomain o) => o -> m Text Source #
removePath
clearAuthDomainRemovePath :: (MonadIO m, IsAuthDomain o) => o -> m () Source #
constructAuthDomainRemovePath :: IsAuthDomain o => Text -> IO (GValueConstruct o) Source #
setAuthDomainRemovePath :: (MonadIO m, IsAuthDomain o) => o -> Text -> m () Source #