diff options
author | Vivien Kraus <vivien@planete-kraus.eu> | 2021-10-13 17:28:51 +0200 |
---|---|---|
committer | Vivien Kraus <vivien@planete-kraus.eu> | 2021-10-19 11:34:13 +0200 |
commit | b7476072a7550c29c04a9718af26ca947003418c (patch) | |
tree | 676d1fafa7855c42cc54bb7f2f560a3d13ee61ee /doc/disfluid.texi | |
parent | c2f4994c20072c11d407d506e7416e2c609d0ca3 (diff) |
server: add an authenticator endpoint
Diffstat (limited to 'doc/disfluid.texi')
-rw-r--r-- | doc/disfluid.texi | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/doc/disfluid.texi b/doc/disfluid.texi index 17a985c..de04b9b 100644 --- a/doc/disfluid.texi +++ b/doc/disfluid.texi @@ -1546,6 +1546,7 @@ the user. @menu * Error signalling:: * Router endpoint:: +* Request authentication:: * Reverse proxy:: @end menu @@ -1633,6 +1634,34 @@ turn, or return a 404 Not Found response if no endpoint is relevant. Return the list of endpoints for @var{router}. @end deffn +@node Request authentication +@section Request authentication +The @emph{(webid-oidc server endpoint authentication)} defines an +endpoint that authentifies the user and passes the annotated request +to a backend endpoint. + +@deftp {Class} <authenticator> (<endpoint>) @var{backend} @var{server-uri} +The authenticator calls the @var{backend} endpoint once it has +authentified the user. If the authentication is successful, the +request is annotated with a @code{'user} entry in the alist table +containing the URI of the user. Otherwise, it is passed as is. + +To check the validity of the DPoP proof, the endpoint must know the +public name of the server that is running, @var{server-uri}. + +It can be constructed with the @code{#:@var{backend}} and +@code{#:@var{server-uri}} keyword arguments, respectively an endpoint +and an URI. +@end deftp + +@deffn {Generic} backend @var{authenticator} +Return the backend endpoint of @var{authenticator}. +@end deffn + +@deffn {Generic} server-uri @var{authenticator} +Return the public server URI of @var{authenticator}. +@end deffn + @node Reverse proxy @section Reverse proxy The @emph{(webid-oidc server endpoint reverse-proxy)} module defines a |