2 * Copyright (C) 1996-2014 The Squid Software Foundation and contributors
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
9 #ifndef SQUID_AUTH_CONFIG_H
10 #define SQUID_AUTH_CONFIG_H
14 #include "AccessLogEntry.h"
15 #include "auth/UserRequest.h"
16 #include "HelperChildConfig.h"
23 /* for http_hdr_type parameters-by-value */
24 #include "HttpHeader.h"
37 * I am the configuration for an auth scheme.
38 * Currently each scheme has only one instance of me,
39 * but this may change.
41 * This class is treated like a ref counted class.
42 * If the children ever stop being singletons, implement the
49 static UserRequest::Pointer
CreateAuthUser(const char *proxy_auth
, AccessLogEntry::Pointer
&al
);
51 static Config
*Find(const char *proxy_auth
);
52 Config() : authenticateChildren(20), authenticateProgram(NULL
), keyExtras(NULL
) {}
57 * Used by squid to determine whether the auth module has successfully initialised itself with the current configuration.
59 \retval true Authentication Module loaded and running.
60 \retval false No Authentication Module loaded.
62 virtual bool active() const = 0;
65 * new decode API: virtual factory pattern
67 * Responsible for decoding the passed authentication header, creating or
68 * linking to a AuthUser object and for storing any needed details to complete
69 * authentication in Auth::UserRequest::authenticate().
71 \param proxy_auth Login Pattern to parse.
72 \retval * Details needed to authenticate.
74 virtual UserRequest::Pointer
decode(char const *proxy_auth
, const char *requestRealm
) = 0;
77 * squid is finished with this config, release any unneeded resources.
78 * If a singleton, delete will not occur. if not a singleton (future),
79 * delete will occur when no references are held.
81 \todo we need a 'done for reconfigure' and a 'done permanently' concept.
86 * The configured function is used to see if the auth module has been given valid
87 * parameters and is able to handle authentication requests.
89 \retval true Authentication Module configured ready for use.
90 \retval false Not configured or Configuration Error.
91 * No other module functions except Shutdown/Dump/Parse/FreeConfig will be called by Squid.
93 virtual bool configured() const = 0;
96 * Shutdown just the auth helpers.
97 * For use by log rotate etc. where auth needs to stay running, with the helpers restarted.
99 virtual void rotateHelpers(void) = 0;
102 * Responsible for writing to the StoreEntry the configuration parameters that a user
103 * would put in a config file to recreate the running configuration.
104 * Returns whether the scheme is configured.
106 virtual bool dump(StoreEntry
*, const char *, Config
*) const;
108 /** add headers as needed when challenging for auth */
109 virtual void fixHeader(UserRequest::Pointer
, HttpReply
*, http_hdr_type
, HttpRequest
*) = 0;
111 /// Find any existing user credentials in the authentication cache by name and type.
112 virtual Auth::User::Pointer
findUserInCache(const char *nameKey
, Auth::Type type
);
114 /** prepare to handle requests */
115 virtual void init(Config
*) = 0;
117 /** expose any/all statistics to a CacheManager */
118 virtual void registerWithCacheManager(void);
120 /** parse config options */
121 virtual void parse(Config
*, int, char *);
123 /** the http string id */
124 virtual const char * type() const = 0;
127 HelperChildConfig authenticateChildren
;
128 wordlist
*authenticateProgram
; ///< Helper program to run, includes all parameters
129 String keyExtrasLine
; ///< The format of the request to the auth helper
130 Format::Format
*keyExtras
; ///< The compiled request format
133 /// RFC 7235 section 2.2 - Protection Space (Realm)
137 typedef std::vector
<Config
*> ConfigVector
;
139 extern ConfigVector TheConfig
;
143 #endif /* USE_AUTH */
144 #endif /* SQUID_AUTHCONFIG_H */