src/auth/Config.h

   1 /*
   2  * Copyright (C) 1996-2014 The Squid Software Foundation and contributors
   3  *
   4  * Squid software is distributed under GPLv2+ license and includes
   5  * contributions from numerous individuals and organizations.
   6  * Please see the COPYING and CONTRIBUTORS files for details.
   7  */
   8
   9 #ifndef SQUID_AUTH_CONFIG_H
  10 #define SQUID_AUTH_CONFIG_H
  11
  12 #if USE_AUTH
  13
  14 #include "AccessLogEntry.h"
  15 #include "auth/UserRequest.h"
  16 #include "helper/ChildConfig.h"
  17
  18 class StoreEntry;
  19 class HttpReply;
  20 class HttpRequest;
  21 class wordlist;
  22
  23 /* for http_hdr_type parameters-by-value */
  24 #include "HttpHeader.h"
  25
  26 namespace Format
  27 {
  28 class Format;
  29 }
  30
  31 namespace Auth
  32 {
  33
  34 /**
  35  * \ingroup AuthAPI
  36  * \par
  37  * I am the configuration for an auth scheme.
  38  * Currently each scheme has only one instance of me,
  39  * but this may change.
  40  * \par
  41  * This class is treated like a ref counted class.
  42  * If the children ever stop being singletons, implement the
  43  * ref counting...
  44  */
  45 class Config
  46 {
  47
  48 public:
  49     static UserRequest::Pointer CreateAuthUser(const char *proxy_auth, AccessLogEntry::Pointer &al);
  50
  51     static Config *Find(const char *proxy_auth);
  52     Config() : authenticateChildren(20), authenticateProgram(NULL), keyExtras(NULL) {}
  53
  54     virtual ~Config() {}
  55
  56     /**
  57      * Used by squid to determine whether the auth module has successfully initialised itself with the current configuration.
  58      *
  59      \retval true   Authentication Module loaded and running.
  60      \retval false  No Authentication Module loaded.
  61      */
  62     virtual bool active() const = 0;
  63
  64     /**
  65      * new decode API: virtual factory pattern
  66      \par
  67      * Responsible for decoding the passed authentication header, creating or
  68      * linking to a AuthUser object and for storing any needed details to complete
  69      * authentication in Auth::UserRequest::authenticate().
  70      *
  71      \param proxy_auth  Login Pattern to parse.
  72      \retval *      Details needed to authenticate.
  73      */
  74     virtual UserRequest::Pointer decode(char const *proxy_auth, const char *requestRealm) = 0;
  75
  76     /**
  77      * squid is finished with this config, release any unneeded resources.
  78      * If a singleton, delete will not occur. if not a singleton (future),
  79      * delete will occur when no references are held.
  80      *
  81      \todo we need a 'done for reconfigure' and a 'done permanently' concept.
  82      */
  83     virtual void done();
  84
  85     /**
  86      * The configured function is used to see if the auth module has been given valid
  87      * parameters and is able to handle authentication requests.
  88      *
  89      \retval true   Authentication Module configured ready for use.
  90      \retval false  Not configured or Configuration Error.
  91      *          No other module functions except Shutdown/Dump/Parse/FreeConfig will be called by Squid.
  92      */
  93     virtual bool configured() const = 0;
  94
  95     /**
  96      * Shutdown just the auth helpers.
  97      * For use by log rotate etc. where auth needs to stay running, with the helpers restarted.
  98      */
  99     virtual void rotateHelpers(void) = 0;
 100
 101     /**
 102      * Responsible for writing to the StoreEntry the configuration parameters that a user
 103      * would put in a config file to recreate the running configuration.
 104      * Returns whether the scheme is configured.
 105      */
 106     virtual bool dump(StoreEntry *, const char *, Config *) const;
 107
 108     /** add headers as needed when challenging for auth */
 109     virtual void fixHeader(UserRequest::Pointer, HttpReply *, http_hdr_type, HttpRequest *) = 0;
 110
 111     /// Find any existing user credentials in the authentication cache by name and type.
 112     virtual Auth::User::Pointer findUserInCache(const char *nameKey, Auth::Type type);
 113
 114     /** prepare to handle requests */
 115     virtual void init(Config *) = 0;
 116
 117     /** expose any/all statistics to a CacheManager */
 118     virtual void registerWithCacheManager(void);
 119
 120     /** parse config options */
 121     virtual void parse(Config *, int, char *);
 122
 123     /** the http string id */
 124     virtual const char * type() const = 0;
 125
 126 public:
 127     Helper::ChildConfig authenticateChildren;
 128     wordlist *authenticateProgram; ///< Helper program to run, includes all parameters
 129     String keyExtrasLine;  ///< The format of the request to the auth helper
 130     Format::Format *keyExtras; ///< The compiled request format
 131
 132 protected:
 133     /// RFC 7235 section 2.2 - Protection Space (Realm)
 134     SBuf realm;
 135 };
 136
 137 typedef std::vector<Config *> ConfigVector;
 138
 139 extern ConfigVector TheConfig;
 140
 141 } // namespace Auth
 142
 143 #endif /* USE_AUTH */
 144 #endif /* SQUID_AUTHCONFIG_H */
 145