home *** CD-ROM | disk | FTP | other *** search
- /* vim:set ts=4 sw=4 et cindent: */
- /* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is Mozilla.
- *
- * The Initial Developer of the Original Code is IBM Corporation.
- * Portions created by IBM Corporation are Copyright (C) 2003
- * IBM Corporation. All Rights Reserved.
- *
- * Contributor(s):
- * Darin Fisher <darin@meer.net>
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
- #include "nsISupports.idl"
- [uuid(6e35dbc0-49ef-4e2c-b1ea-b72ec64450a2)]
- interface nsIAuthModule : nsISupports
- {
- /**
- * Default behavior.
- */
- const unsigned long REQ_DEFAULT = 0;
-
- /**
- * Client and server will be authenticated.
- */
- const unsigned long REQ_MUTUAL_AUTH = (1 << 0);
-
- /**
- * The server is allowed to impersonate the client. The REQ_MUTUAL_AUTH
- * flag may also need to be specified in order for this flag to take
- * effect.
- */
- const unsigned long REQ_DELEGATE = (1 << 1);
-
- /** Other flags may be defined in the future */
-
- /**
- * Called to initialize an auth module. The other methods cannot be called
- * unless this method succeeds.
- *
- * @param aServiceName
- * the service name, which may be null if not applicable (e.g., for
- * NTLM, this parameter should be null).
- * @param aServiceFlags
- * a bitwise-or of the REQ_ flags defined above (pass REQ_DEFAULT
- * for default behavior).
- * @param aDomain
- * the authentication domain, which may be null if not applicable.
- * @param aUsername
- * the user's login name
- * @param aPassword
- * the user's password
- */
- void init(in string aServiceName,
- in unsigned long aServiceFlags,
- in wstring aDomain,
- in wstring aUsername,
- in wstring aPassword);
-
- /**
- * Called to get the next token in a sequence of authentication steps.
- *
- * @param aInToken
- * A buffer containing the input token (e.g., a challenge from a
- * server). This may be null.
- * @param aInTokenLength
- * The length of the input token.
- * @param aOutToken
- * If getNextToken succeeds, then aOutToken will point to a buffer
- * to be sent in response to the server challenge. The length of
- * this buffer is given by aOutTokenLength. The buffer at aOutToken
- * must be recycled with a call to nsMemory::Free.
- * @param aOutTokenLength
- * If getNextToken succeeds, then aOutTokenLength contains the
- * length of the buffer (number of bytes) pointed to by aOutToken.
- */
- void getNextToken([const] in voidPtr aInToken,
- in unsigned long aInTokenLength,
- out voidPtr aOutToken,
- out unsigned long aOutTokenLength);
- /**
- * Once a security context has been established through calls to GetNextToken()
- * it may be used to protect data exchanged between client and server. Calls
- * to Wrap() are used to protect items of data to be sent to the server.
- *
- * @param aInToken
- * A buffer containing the data to be sent to the server
- * @param aInTokenLength
- * The length of the input token
- * @param confidential
- * If set to true, Wrap() will encrypt the data, otherwise data will
- * just be integrity protected (checksummed)
- * @param aOutToken
- * A buffer containing the resulting data to be sent to the server
- * @param aOutTokenLength
- * The length of the output token buffer
- *
- * Wrap() may return NS_ERROR_NOT_IMPLEMENTED, if the underlying authentication
- * mechanism does not support security layers.
- */
- void wrap([const] in voidPtr aInToken,
- in unsigned long aInTokenLength,
- in boolean confidential,
- out voidPtr aOutToken,
- out unsigned long aOutTokenLength);
-
- /**
- * Unwrap() is used to unpack, decrypt, and verify the checksums on data
- * returned by a server when security layers are in use.
- *
- * @param aInToken
- * A buffer containing the data received from the server
- * @param aInTokenLength
- * The length of the input token
- * @param aOutToken
- * A buffer containing the plaintext data from the server
- * @param aOutTokenLength
- * The length of the output token buffer
- *
- * Unwrap() may return NS_ERROR_NOT_IMPLEMENTED, if the underlying
- * authentication mechanism does not support security layers.
- */
- void unwrap([const] in voidPtr aInToken,
- in unsigned long aInTokenLength,
- out voidPtr aOutToken,
- out unsigned long aOutTokenLength);
- };
-
- %{C++
- /**
- * nsIAuthModule implementations are registered under the following contract
- * ID prefix:
- */
- #define NS_AUTH_MODULE_CONTRACTID_PREFIX \
- "@mozilla.org/network/auth-module;1?name="
-
- /**
- * This success code may be returned by nsIAuthModule::getNextToken to
- * indicate that the authentication is finished and thus there's no need
- * to call getNextToken again.
- */
- #define NS_SUCCESS_AUTH_FINISHED \
- NS_ERROR_GENERATE_SUCCESS(NS_ERROR_MODULE_NETWORK, 40)
- %}
-