netwerk/base/nsIAuthModule.idl
author Edwin Gao <egao@mozilla.com>
Wed, 13 Mar 2019 19:47:25 +0000
changeset 463893 15c16889e3b7f6e871a518b5f3254459ed5e0213
parent 443939 5662f3757fb48b894966f7d36841a9dbd6f66b98
child 475212 020c8c871c0d3b3920fe95935cfef06501976c0f
permissions -rw-r--r--
Bug 1531590, 1531598, 1534811, 1336075, 1531571, 1531572, 1531572, 1531574, 1534855, 1534857, 1535082 - skip tests in mochitest-dev-tools and mochitest-browser-chrome suites for windows10-aarch64 r=jmaher Bug 1531598 - disable browser_markup_copy_image_data.js Bug 1531598 - disable browser_markup_links_04.js Bug 1531598 - disable browser_inspector_menu-01-sensitivity.js Bug 1534811 - disable accessible/tests/browser/general Bug 1336075 - disable browser_largeAllocation_non_win32.js Bug 1531571 - disable browser_jsterm_context_menu_labels.js Bug 1531572 - disable browser_jsterm_helper_dollar_x.js Bug 1531573 - disable browser_jsterm_no_input_and_tab_key_pressed.js Bug 1531574 - disable browser_jsterm_syntax_highlight_output.js Bug 1534855 - disable accessible/tests/browser/ Bug 1534857 - disable browser_ext_slow_script.js Bug 1535082 - disable browser_jsterm_helper_dollar_dollar.js Differential Revision: https://phabricator.services.mozilla.com/D23369

/* vim:set ts=4 sw=4 et cindent: */
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

#include "nsISupports.idl"
[uuid(6e35dbc0-49ef-4e2c-b1ea-b72ec64450a2)]
interface nsIAuthModule : nsISupports
{
    /**
     * Default behavior.
     */
    const unsigned long REQ_DEFAULT = 0;

    /**
     * Client and server will be authenticated.
     */
    const unsigned long REQ_MUTUAL_AUTH = (1 << 0);

    /**
     * The server is allowed to impersonate the client.  The REQ_MUTUAL_AUTH
     * flag may also need to be specified in order for this flag to take
     * effect.
     */
    const unsigned long REQ_DELEGATE = (1 << 1);

    /**
     * The authentication is required for a proxy connection.
     */
    const unsigned long REQ_PROXY_AUTH = (1 << 2);

    /**
     * Flags used for telemetry.
     */
    const unsigned long NTLM_MODULE_SAMBA_AUTH_PROXY = 0;
    const unsigned long NTLM_MODULE_SAMBA_AUTH_DIRECT = 1;
    const unsigned long NTLM_MODULE_WIN_API_PROXY = 2;
    const unsigned long NTLM_MODULE_WIN_API_DIRECT = 3;
    const unsigned long NTLM_MODULE_GENERIC_PROXY = 4;
    const unsigned long NTLM_MODULE_GENERIC_DIRECT = 5;
    const unsigned long NTLM_MODULE_KERBEROS_PROXY = 6;
    const unsigned long NTLM_MODULE_KERBEROS_DIRECT = 7;

    /** Other flags may be defined in the future */

    /**
     * Called to initialize an auth module.  The other methods cannot be called
     * unless this method succeeds.
     *
     * @param aServiceName
     *        the service name, which may be null if not applicable (e.g., for
     *        NTLM, this parameter should be null).
     * @param aServiceFlags
     *        a bitwise-or of the REQ_ flags defined above (pass REQ_DEFAULT
     *        for default behavior).
     * @param aDomain
     *        the authentication domain, which may be null if not applicable.
     * @param aUsername
     *        the user's login name
     * @param aPassword
     *        the user's password
     */
    void init(in string        aServiceName,
              in unsigned long aServiceFlags,
              in wstring       aDomain,
              in wstring       aUsername,
              in wstring       aPassword);

    /**
     * Called to get the next token in a sequence of authentication steps.
     *
     * @param aInToken
     *        A buffer containing the input token (e.g., a challenge from a
     *        server).  This may be null.
     * @param aInTokenLength
     *        The length of the input token.
     * @param aOutToken
     *        If getNextToken succeeds, then aOutToken will point to a buffer
     *        to be sent in response to the server challenge.  The length of
     *        this buffer is given by aOutTokenLength.  The buffer at aOutToken
     *        must be recycled with a call to free.
     * @param aOutTokenLength
     *        If getNextToken succeeds, then aOutTokenLength contains the
     *        length of the buffer (number of bytes) pointed to by aOutToken.
     */
    void getNextToken([const] in voidPtr  aInToken,
                      in unsigned long    aInTokenLength,
                      out voidPtr         aOutToken,
                      out unsigned long   aOutTokenLength);
    /** 
     * Once a security context has been established through calls to GetNextToken()
     * it may be used to protect data exchanged between client and server. Calls
     * to Wrap() are used to protect items of data to be sent to the server.
     * 
     * @param aInToken
     *        A buffer containing the data to be sent to the server
     * @param aInTokenLength
     *        The length of the input token
     * @param confidential
     *        If set to true, Wrap() will encrypt the data, otherwise data will
     *        just be integrity protected (checksummed)
     * @param aOutToken
     *        A buffer containing the resulting data to be sent to the server
     * @param aOutTokenLength
     *        The length of the output token buffer
     *
     * Wrap() may return NS_ERROR_NOT_IMPLEMENTED, if the underlying authentication
     * mechanism does not support security layers.
     */    
    void wrap([const] in voidPtr aInToken,
              in unsigned long   aInTokenLength,
              in boolean         confidential, 
              out voidPtr        aOutToken,
              out unsigned long  aOutTokenLength);

    /** 
     * Unwrap() is used to unpack, decrypt, and verify the checksums on data
     * returned by a server when security layers are in use.
     * 
     * @param aInToken
     *        A buffer containing the data received from the server
     * @param aInTokenLength
     *        The length of the input token
     * @param aOutToken
     *        A buffer containing the plaintext data from the server
     * @param aOutTokenLength
     *        The length of the output token buffer
     *
     * Unwrap() may return NS_ERROR_NOT_IMPLEMENTED, if the underlying  
     * authentication mechanism does not support security layers.
     */
    void unwrap([const] in voidPtr aInToken,
                in unsigned long   aInTokenLength,
                out voidPtr        aOutToken,
                out unsigned long  aOutTokenLength);

%{C++
    /**
     * Create a new instance of an auth module.
     *
     * @param aType
     *        The type of the auth module to be constructed.
     */
    static already_AddRefed<nsIAuthModule> CreateInstance(const char* aType);
%}
};