/* * Copyright 2013 gitblit.com. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package com.gitblit.manager; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import com.gitblit.Constants.Role; import com.gitblit.models.TeamModel; import com.gitblit.models.UserModel; import com.gitblit.transport.ssh.SshKey; public interface IAuthenticationManager extends IManager { /** * Authenticate a user based on HTTP request parameters. * * Authentication by X509Certificate is tried first and then by cookie. * * @param httpRequest * @return a user object or null * @since 1.4.0 */ UserModel authenticate(HttpServletRequest httpRequest); /** * Authenticate a user based on a ssh public key. * * @param username * @param key * @return a user object or null * * @since 1.5.0 */ UserModel authenticate(String username, SshKey key); /** * Authenticate a user based on HTTP request parameters. * * Authentication by X509Certificate, servlet container principal, cookie, * and BASIC header. * * @param httpRequest * @param requiresCertificate * @return a user object or null * @since 1.4.0 */ UserModel authenticate(HttpServletRequest httpRequest, boolean requiresCertificate); /** * Authenticate a user based on a username and password. * * @see IUserService.authenticate(String, char[]) * @param username * @param password * @param remoteIP * @return a user object or null * @since 1.4.0 */ UserModel authenticate(String username, char[] password, String remoteIP); /** * Return the UserModel for already authenticated user. * * @see IUserService.authenticate(String, char[]) * @param username * @return a user object or null * @since 1.7.0 */ UserModel authenticate(String username); /** * Returns the Gitlbit cookie in the request. * * @param request * @return the Gitblit cookie for the request or null if not found * @since 1.4.0 */ String getCookie(HttpServletRequest request); /** * Sets a cookie for the specified user. * * @param response * @param user * @since 1.4.0 */ @Deprecated void setCookie(HttpServletResponse response, UserModel user); /** * Sets a cookie for the specified user. * * @param request * @param response * @param user * @since 1.6.1 */ void setCookie(HttpServletRequest request, HttpServletResponse response, UserModel user); /** * Logout a user. * * @param user * @since 1.4.0 */ @Deprecated void logout(HttpServletResponse response, UserModel user); /** * Logout a user. * * @param request * @param response * @param user * @since 1.6.1 */ void logout(HttpServletRequest request, HttpServletResponse response, UserModel user); /** * Does the user service support changes to credentials? * * @return true or false * @since 1.4.0 */ boolean supportsCredentialChanges(UserModel user); /** * Returns true if the user's display name can be changed. * * @param user * @return true if the user service supports display name changes * @since 1.4.0 */ boolean supportsDisplayNameChanges(UserModel user); /** * Returns true if the user's email address can be changed. * * @param user * @return true if the user service supports email address changes * @since 1.4.0 */ boolean supportsEmailAddressChanges(UserModel user); /** * Returns true if the user's team memberships can be changed. * * @param user * @return true if the user service supports team membership changes * @since 1.4.0 */ boolean supportsTeamMembershipChanges(UserModel user); /** * Returns true if the team memberships can be changed. * * @param user * @return true if the team memberships can be changed * @since 1.4.0 */ boolean supportsTeamMembershipChanges(TeamModel team); /** * Returns true if the specified role can be changed. * * @param user * @return true if the specified role can be changed * @since 1.6.1 */ boolean supportsRoleChanges(UserModel user, Role role); /** * Returns true if the specified role can be changed. * * @param team * @return true if the specified role can be changed * @since 1.6.1 */ boolean supportsRoleChanges(TeamModel team, Role role); }