2 * Copyright (C) 1996-2017 The Squid Software Foundation and contributors
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
9 #ifndef SQUID_SRC_AUTH_SCHEMECONFIG_H
10 #define SQUID_SRC_AUTH_SCHEMECONFIG_H
14 #include "AccessLogEntry.h"
15 #include "auth/forward.h"
16 #include "auth/UserRequest.h"
17 #include "helper/ChildConfig.h"
24 /* for Http::HdrType parameters-by-value */
25 #include "HttpHeader.h"
38 * I am the configuration for an auth scheme.
39 * Currently each scheme has only one instance of me,
40 * but this may change.
42 * This class is treated like a ref counted class.
43 * If the children ever stop being singletons, implement the
50 static UserRequest::Pointer
CreateAuthUser(const char *proxy_auth
, AccessLogEntry::Pointer
&al
);
52 static SchemeConfig
*Find(const char *proxy_auth
);
53 /// Call this method if you need a guarantee that all auth schemes has been
54 /// already configured.
55 static SchemeConfig
*GetParsed(const char *proxy_auth
);
56 SchemeConfig() : authenticateChildren(20) {}
58 virtual ~SchemeConfig() {}
61 * Used by squid to determine whether the auth module has successfully initialised itself with the current configuration.
63 \retval true Authentication Module loaded and running.
64 \retval false No Authentication Module loaded.
66 virtual bool active() const = 0;
69 * new decode API: virtual factory pattern
71 * Responsible for decoding the passed authentication header, creating or
72 * linking to a AuthUser object and for storing any needed details to complete
73 * authentication in Auth::UserRequest::authenticate().
75 \param proxy_auth Login Pattern to parse.
76 \retval * Details needed to authenticate.
78 virtual UserRequest::Pointer
decode(char const *proxy_auth
, const char *requestRealm
) = 0;
81 * squid is finished with this config, release any unneeded resources.
82 * If a singleton, delete will not occur. if not a singleton (future),
83 * delete will occur when no references are held.
85 \todo we need a 'done for reconfigure' and a 'done permanently' concept.
90 * The configured function is used to see if the auth module has been given valid
91 * parameters and is able to handle authentication requests.
93 \retval true Authentication Module configured ready for use.
94 \retval false Not configured or Configuration Error.
95 * No other module functions except Shutdown/Dump/Parse/FreeConfig will be called by Squid.
97 virtual bool configured() const = 0;
100 * Shutdown just the auth helpers.
101 * For use by log rotate etc. where auth needs to stay running, with the helpers restarted.
103 virtual void rotateHelpers(void) = 0;
106 * Responsible for writing to the StoreEntry the configuration parameters that a user
107 * would put in a config file to recreate the running configuration.
108 * Returns whether the scheme is configured.
110 virtual bool dump(StoreEntry
*, const char *, SchemeConfig
*) const;
112 /** add headers as needed when challenging for auth */
113 virtual void fixHeader(UserRequest::Pointer
, HttpReply
*, Http::HdrType
, HttpRequest
*) = 0;
115 /** prepare to handle requests */
116 virtual void init(SchemeConfig
*) = 0;
118 /** expose any/all statistics to a CacheManager */
119 virtual void registerWithCacheManager(void);
121 /** parse config options */
122 virtual void parse(SchemeConfig
*, int, char *);
124 /** the http string id */
125 virtual const char * type() const = 0;
128 Helper::ChildConfig authenticateChildren
;
129 wordlist
*authenticateProgram
= nullptr; ///< Helper program to run, includes all parameters
130 String keyExtrasLine
; ///< The format of the request to the auth helper
131 Format::Format
*keyExtras
= nullptr; ///< The compiled request format
132 int keep_alive
= 1; ///< whether to close the connection on auth challenges. default: on
133 int utf8
= 0; ///< wheter to accept UTF-8 characterset instead of ASCII. default: off
136 /// RFC 7235 section 2.2 - Protection Space (Realm)
142 #endif /* USE_AUTH */
143 #endif /* SQUID_SRC_AUTH_SCHEMECONFIG_H */