NetworkAuthenticationHelper.h   [plain text]

#import <CoreFoundation/CoreFoundation.h>

typedef struct NAHData *NAHRef;
typedef struct NAHSelectionData *NAHSelectionRef;

 * Flow:
 * netauth = NAHCreate(CFSTR("hostname"), CFSTR("service"),
 *             { username = "foo", supportedMechs = mechs } );
 * selections = NAHGetSelections(netauth);
 * foreach s (selections) { 
 *    acquiredict = [[NSMutableDictionary alloc] init];
 *    [acquiredict setValue:@"password" forKey:kNAHPassword];
 *    if !(NAHSelectionAcquireCredential(s, acquiredict, NULL))  #blocking
 *          continue;
 *    dict = NAHSelectionCopyAuthInfo(s)
 *    res = NetFSOpenSesssion(dict);
 *    if (res == sucess) {
 *        CFRelese(dict);
 *        break;
 *    } else if (sucess == authentication_failed) {
 *    } else {
 *         #ignore all other failures
 *    }
 *    CFRelese(dict);
 * }
 * CFRelese(netauth);

extern const CFStringRef kNAHErrorDomain;

/* service keys */

extern const CFStringRef kNAHServiceAFPServer;
extern const CFStringRef kNAHServiceCIFSServer;
extern const CFStringRef kNAHServiceHostServer;
extern const CFStringRef kNAHServiceVNCServer;

extern const CFStringRef kNAHNegTokenInit; /* private - CFDictRef */
extern const CFStringRef kNAHUserName; /* CFStringRef */

 * Default is to consider all certficates accessable in key chain.
 * If this key is used, only these will only considered, pass in a
 * empty CFArrayRef if you want to disable using certificates.

extern const CFStringRef kNAHCertificates; /* SecIdentityRef/CFArrayRef */
extern const CFStringRef kNAHPassword;

NAHCreate(CFAllocatorRef alloc,
	 CFStringRef hostname,
	 CFStringRef service,
	 CFDictionaryRef info);

 * Return a ordered list of authentication


extern const CFStringRef kNAHForceRefreshCredential;

NAHSelectionAcquireCredential(NAHSelectionRef selection,
			     CFDictionaryRef info,
			     CFErrorRef *error);

NAHSelectionAcquireCredentialAsync(NAHSelectionRef selection,
				  CFDictionaryRef info,
				  dispatch_queue_t q,
				  void (^result)(CFErrorRef error));

NAHCancel(NAHRef na);

 * Status of selection

extern const CFStringRef kNAHSelectionHaveCredential;
extern const CFStringRef kNAHSelectionUserPrintable;
extern const CFStringRef kNAHClientPrincipal;
extern const CFStringRef kNAHServerPrincipal;
extern const CFStringRef kNAHMechanism;
extern const CFStringRef kNAHInnerMechanism;
extern const CFStringRef kNAHCredentialType;
extern const CFStringRef kNAHUseSPNEGO;

extern const CFStringRef kNAHClientNameType;
extern const CFStringRef kNAHClientNameTypeGSSD;

extern const CFStringRef kNAHServerNameType;
extern const CFStringRef kNAHServerNameTypeGSSD;

extern const CFStringRef kNAHInferredLabel;

extern const CFStringRef kNAHNTUsername;
extern const CFStringRef kNAHNTServiceBasedName;
extern const CFStringRef kNAHNTKRB5PrincipalReferral;
extern const CFStringRef kNAHNTKRB5Principal;
extern const CFStringRef kNAHNTUUID;

NAHSelectionGetInfoForKey(NAHSelectionRef selection, CFStringRef key);

NAHSelectionCopyAuthInfo(NAHSelectionRef selection);

 * Reference counting

NAHCopyReferenceKey(NAHSelectionRef selection);

NAHAddReferenceAndLabel(NAHSelectionRef client, CFStringRef identifier);
NAHFindByLabelAndRelease(CFStringRef identifier);

NAHCredAddReference(CFStringRef referenceKey);

NAHCredRemoveReference(CFStringRef referenceKey);

extern CFStringRef kGSSAPIMechNTLM;
extern CFStringRef kGSSAPIMechKerberos;
extern CFStringRef kGSSAPIMechKerberosU2U;
extern CFStringRef kGSSAPIMechKerberosMicrosoft;
extern CFStringRef kGSSAPIMechPKU2U;
extern CFStringRef kGSSAPIMechIAKerb;
extern CFStringRef kGSSAPIMechSPNEGO;