| /* |
| * Copyright 2013 gitblit.com. |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| package com.gitblit.manager; |
| |
| import javax.servlet.http.HttpServletRequest; |
| import javax.servlet.http.HttpServletResponse; |
| |
| import com.gitblit.Constants.Role; |
| import com.gitblit.models.TeamModel; |
| import com.gitblit.models.UserModel; |
| import com.gitblit.transport.ssh.SshKey; |
| |
| public interface IAuthenticationManager extends IManager { |
| |
| /** |
| * Authenticate a user based on HTTP request parameters. |
| * |
| * Authentication by X509Certificate is tried first and then by cookie. |
| * |
| * @param httpRequest |
| * @return a user object or null |
| * @since 1.4.0 |
| */ |
| UserModel authenticate(HttpServletRequest httpRequest); |
| |
| /** |
| * Authenticate a user based on a ssh public key. |
| * |
| * @param username |
| * @param key |
| * @return a user object or null |
| * * @since 1.5.0 |
| */ |
| UserModel authenticate(String username, SshKey key); |
| |
| /** |
| * Authenticate a user based on HTTP request parameters. |
| * |
| * Authentication by X509Certificate, servlet container principal, cookie, |
| * and BASIC header. |
| * |
| * @param httpRequest |
| * @param requiresCertificate |
| * @return a user object or null |
| * @since 1.4.0 |
| */ |
| UserModel authenticate(HttpServletRequest httpRequest, boolean requiresCertificate); |
| |
| /** |
| * Authenticate a user based on a username and password. |
| * |
| * @see IUserService.authenticate(String, char[]) |
| * @param username |
| * @param password |
| * @param remoteIP |
| * @return a user object or null |
| * @since 1.4.0 |
| */ |
| UserModel authenticate(String username, char[] password, String remoteIP); |
| |
| /** |
| * Return the UserModel for already authenticated user. |
| * |
| * @see IUserService.authenticate(String, char[]) |
| * @param username |
| * @return a user object or null |
| * @since 1.7.0 |
| */ |
| UserModel authenticate(String username); |
| |
| /** |
| * Returns the Gitlbit cookie in the request. |
| * |
| * @param request |
| * @return the Gitblit cookie for the request or null if not found |
| * @since 1.4.0 |
| */ |
| String getCookie(HttpServletRequest request); |
| |
| /** |
| * Sets a cookie for the specified user. |
| * |
| * @param response |
| * @param user |
| * @since 1.4.0 |
| */ |
| @Deprecated |
| void setCookie(HttpServletResponse response, UserModel user); |
| |
| /** |
| * Sets a cookie for the specified user. |
| * |
| * @param request |
| * @param response |
| * @param user |
| * @since 1.6.1 |
| */ |
| void setCookie(HttpServletRequest request, HttpServletResponse response, UserModel user); |
| |
| /** |
| * Logout a user. |
| * |
| * @param user |
| * @since 1.4.0 |
| */ |
| @Deprecated |
| void logout(HttpServletResponse response, UserModel user); |
| |
| /** |
| * Logout a user. |
| * |
| * @param request |
| * @param response |
| * @param user |
| * @since 1.6.1 |
| */ |
| void logout(HttpServletRequest request, HttpServletResponse response, UserModel user); |
| |
| /** |
| * Does the user service support changes to credentials? |
| * |
| * @return true or false |
| * @since 1.4.0 |
| */ |
| boolean supportsCredentialChanges(UserModel user); |
| |
| /** |
| * Returns true if the user's display name can be changed. |
| * |
| * @param user |
| * @return true if the user service supports display name changes |
| * @since 1.4.0 |
| */ |
| boolean supportsDisplayNameChanges(UserModel user); |
| |
| /** |
| * Returns true if the user's email address can be changed. |
| * |
| * @param user |
| * @return true if the user service supports email address changes |
| * @since 1.4.0 |
| */ |
| boolean supportsEmailAddressChanges(UserModel user); |
| |
| /** |
| * Returns true if the user's team memberships can be changed. |
| * |
| * @param user |
| * @return true if the user service supports team membership changes |
| * @since 1.4.0 |
| */ |
| boolean supportsTeamMembershipChanges(UserModel user); |
| |
| /** |
| * Returns true if the team memberships can be changed. |
| * |
| * @param user |
| * @return true if the team memberships can be changed |
| * @since 1.4.0 |
| */ |
| boolean supportsTeamMembershipChanges(TeamModel team); |
| |
| /** |
| * Returns true if the specified role can be changed. |
| * |
| * @param user |
| * @return true if the specified role can be changed |
| * @since 1.6.1 |
| */ |
| boolean supportsRoleChanges(UserModel user, Role role); |
| |
| /** |
| * Returns true if the specified role can be changed. |
| * |
| * @param team |
| * @return true if the specified role can be changed |
| * @since 1.6.1 |
| */ |
| boolean supportsRoleChanges(TeamModel team, Role role); |
| |
| } |