Module OBus_auth.Server

module Server: sig .. end

Server-side authentication

Mechanisms

type mechanism_return =

`\|`	`Mech_continue of OBus_auth.data`	`(*`	Continue the authentication with this challenge	`*)`
`\|`	`Mech_ok of int option`	`(*`	The client is authentified. The argument is the user id the client is authenticated with.	`*)`
`\|`	`Mech_reject`	`(*`	The client is rejected by the mechanism	`*)`

class virtual mechanism_handler : object .. end

type mechanism = {

	`mech_name : string;`	`(*`	The mechanism name	`*)`
	`mech_exec : int option -> mechanism_handler;`	`(*`	The mechanism creator. It receive the user id of the client, if available.	`*)`

}

A server-size authentication mechanism

val mech_name : mechanism -> string

mech_name projection

val mech_exec : mechanism ->
       int option -> mechanism_handler

mech_exec projection

Predefined mechanisms

val mech_anonymous : mechanism

val mech_external : mechanism

val mech_dbus_cookie_sha1 : mechanism

val default_mechanisms : mechanism list

Authentication

val authenticate : ?capabilities:OBus_auth.capability list ->
       ?mechanisms:mechanism list ->
       ?user_id:int ->
       guid:OBus_address.guid ->
       stream:OBus_auth.stream ->
       unit -> (int option * OBus_auth.capability list) Lwt.t

Launch server-side authentication on the given stream. On success it returns the client uid and the list of capabilities that were successfully negotiated. A client uid of None means that the clinet used anonymous authentication, and may be disconnected according to server policy.

Note: authenticate does not read the first zero byte. You must read it by hand, and maybe use it to receive credentials.

capabilities : defaults to []

mechanisms : default to OBus_auth.Server.default_mechanisms

user_id : is the user id determined by external method