package obus
Legend:
Library
Module
Module type
Parameter
Class
Class type

Server-side authentication

Mechanisms
type mechanism_return =
  1. | Mech_continue of data
    (*

    Continue the authentication with this challenge

    *)
  2. | Mech_ok of int option
    (*

    The client is authenticated. The argument is the user id the client is authenticated with.

    *)
  3. | Mech_reject
    (*

    The client is rejected by the mechanism

    *)
class virtual mechanism_handler : object ... end
type mechanism = {
  1. mech_name : string;
    (*

    The mechanism name

    *)
  2. mech_exec : int option -> mechanism_handler;
    (*

    The mechanism creator. It receive the user id of the client, if available.

    *)
}

A server-side authentication mechanism

val mech_name : mechanism -> string

mech_name projection

val mech_exec : mechanism -> int option -> mechanism_handler

mech_name projection

mech_exec projection

Predefined mechanisms
val mech_anonymous : mechanism
val mech_external : mechanism
val default_mechanisms : mechanism list
Authentication
val authenticate : ?capabilities:capability list -> ?mechanisms:mechanism list -> ?user_id:int -> guid:OBus_address.guid -> stream:stream -> unit -> (int option * capability list) Lwt.t

Launch server-side authentication on the given stream. On success it returns the client uid and the list of capabilities that were successfully negotiated. A client uid of None means that the client used anonymous authentication, and may be disconnected according to server policy.

Note: authenticate does not read the first zero byte. You must read it by hand, and maybe use it to receive credentials.

  • parameter user_id

    is the user id determined by external method

  • parameter capabilities

    defaults to []