abstract const class fanr::WebRepoAuth
WebRepoAuth is used to plug in authentication and permission authorization for a WebRepoMod.
Is the given user allowed to publish the given pod? If pod is null, return if user is allowed to publish anything.
Is the given user allowed to query the given pod? If pod is null, return if user is allowed to query anything.
Is the given user allowed to read/download/install the given pod? If pod is null, return if user is allowed to install anything.
Get the salt used for the SALTED-HMAC-SHA1 secret algorithm for the given user. If the user doesn't exist or salts aren't supported, then return null.
Get the secret as a byte buffer for the given user and algorithm which can be used to verify the digital signature of a request. See
secretAlgorithmsfor list of algorithms (parameter is guaranteed to be in all upper case).
abstract Str secretAlgorithms()
What algorithms are supported to compute the "secret" to use for digital signatures. They should be sorted from most preferred to least preferred. Standard values are:
PASSWORD: simple plaintext password is used as secret
SALTED-HMAC-SHA1: HMAC of "user:salt" with password as key
virtual Str signatureAlgorithms()
What algorithms are supported for computing the signature of a request. They should be sorted from most preferred to least preferred. Standard values are:
HMAC-SHA1: SHA-1 HMAC using secret as key The default implementation of both client and server only supports "HMAC-SHA1".
Given a username, return an implementation specific object which models the user for the given username. Or return null if username doesn't map to a valid user.