Alien-SVN
view release on metacpan or search on metacpan
src/subversion/subversion/libsvn_subr/auth.c view on Meta::CPAN
/*
* auth.c: authentication support functions for Subversion
*
* ====================================================================
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
* ====================================================================
*/
#include <apr_pools.h>
#include <apr_tables.h>
#include <apr_strings.h>
#include "svn_hash.h"
#include "svn_types.h"
#include "svn_string.h"
#include "svn_error.h"
#include "svn_auth.h"
#include "svn_config.h"
#include "svn_private_config.h"
#include "svn_dso.h"
#include "svn_version.h"
#include "private/svn_auth_private.h"
#include "private/svn_dep_compat.h"
#include "private/svn_subr_private.h"
#include "auth.h"
/* AN OVERVIEW
===========
A good way to think of this machinery is as a set of tables.
- Each type of credentials selects a single table.
- In a given table, each row is a 'provider' capable of returning
the same type of credentials. Each column represents a
provider's repeated attempts to provide credentials.
Fetching Credentials from Providers
-----------------------------------
When the caller asks for a particular type of credentials, the
machinery in this file walks over the appropriate table. It starts
with the first provider (first row), and calls first_credentials()
to get the first set of credentials (first column). If the caller
is unhappy with the credentials, then each subsequent call to
next_credentials() traverses the row from left to right. If the
provider returns error at any point, then we go to the next provider
(row). We continue this way until every provider fails, or
until the client is happy with the returned credentials.
Note that the caller cannot see the table traversal, and thus has
no idea when we switch providers.
Storing Credentials with Providers
----------------------------------
When the server has validated a set of credentials, and when
credential caching is enabled, we have the chance to store those
credentials for later use. The provider which provided the working
credentials is the first one given the opportunity to (re)cache
those credentials. Its save_credentials() function is invoked with
the working credentials. If that provider reports that it
successfully stored the credentials, we're done. Otherwise, we
walk the providers (rows) for that type of credentials in order
from the top of the table, allowing each in turn the opportunity to
store the credentials. When one reports that it has done so
successfully -- or when we run out of providers (rows) to try --
the table walk ends.
*/
/* This effectively defines a single table. Every provider in this
array returns the same kind of credentials. */
typedef struct provider_set_t
{
/* ordered array of svn_auth_provider_object_t */
apr_array_header_t *providers;
} provider_set_t;
/* The main auth baton. */
struct svn_auth_baton_t
{
/* a collection of tables. maps cred_kind -> provider_set */
apr_hash_t *tables;
/* the pool I'm allocated in. */
apr_pool_t *pool;
( run in 0.648 second using v1.01-cache-2.11-cpan-677af5a14d3 )