abstract const class fanr::WebRepoAuth
sys::Obj fanr::WebRepoAuth
WebRepoAuth is used to plug in authentication and permission authorization for a WebRepoMod.
- allowPublish
-
abstract Bool allowPublish(Obj? user, PodSpec? pod)Is the given user allowed to publish the given pod? If pod is null, return if user is allowed to publish anything.
- allowQuery
-
abstract Bool allowQuery(Obj? user, PodSpec? pod)Is the given user allowed to query the given pod? If pod is null, return if user is allowed to query anything.
- allowRead
-
abstract Bool allowRead(Obj? user, PodSpec? pod)Is the given user allowed to read/download/install the given pod? If pod is null, return if user is allowed to install anything.
- salt
-
Get the salt used for the SALTED-HMAC-SHA1 secret algorithm for the given user. If the user doesn't exist or salts aren't supported, then return null.
- secret
-
abstract Buf secret(Obj? user, Str algorithm)Get the secret as a byte buffer for the given user and algorithm which can be used to verify the digital signature of a request. See
secretAlgorithmsfor list of algorithms (parameter is guaranteed to be in all upper case). - secretAlgorithms
-
abstract Str[] secretAlgorithms()What algorithms are supported to compute the "secret" to use for digital signatures. They should be sorted from most preferred to least preferred. Standard values are:
PASSWORD: simple plaintext password is used as secretSALTED-HMAC-SHA1: HMAC of "user:salt" with password as key
- signatureAlgorithms
-
virtual Str[] signatureAlgorithms()What algorithms are supported for computing the signature of a request. They should be sorted from most preferred to least preferred. Standard values are:
HMAC-SHA1: SHA-1 HMAC using secret as key The default implementation of both client and server only supports "HMAC-SHA1".
- user
-
abstract Obj? user(Str username)Given a username, return an implementation specific object which models the user for the given username. Or return null if username doesn't map to a valid user.