From b7476072a7550c29c04a9718af26ca947003418c Mon Sep 17 00:00:00 2001 From: Vivien Kraus Date: Wed, 13 Oct 2021 17:28:51 +0200 Subject: server: add an authenticator endpoint --- doc/disfluid.texi | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) (limited to 'doc/disfluid.texi') diff --git a/doc/disfluid.texi b/doc/disfluid.texi index 17a985c..de04b9b 100644 --- a/doc/disfluid.texi +++ b/doc/disfluid.texi @@ -1546,6 +1546,7 @@ the user. @menu * Error signalling:: * Router endpoint:: +* Request authentication:: * Reverse proxy:: @end menu @@ -1633,6 +1634,34 @@ turn, or return a 404 Not Found response if no endpoint is relevant. Return the list of endpoints for @var{router}. @end deffn +@node Request authentication +@section Request authentication +The @emph{(webid-oidc server endpoint authentication)} defines an +endpoint that authentifies the user and passes the annotated request +to a backend endpoint. + +@deftp {Class} () @var{backend} @var{server-uri} +The authenticator calls the @var{backend} endpoint once it has +authentified the user. If the authentication is successful, the +request is annotated with a @code{'user} entry in the alist table +containing the URI of the user. Otherwise, it is passed as is. + +To check the validity of the DPoP proof, the endpoint must know the +public name of the server that is running, @var{server-uri}. + +It can be constructed with the @code{#:@var{backend}} and +@code{#:@var{server-uri}} keyword arguments, respectively an endpoint +and an URI. +@end deftp + +@deffn {Generic} backend @var{authenticator} +Return the backend endpoint of @var{authenticator}. +@end deffn + +@deffn {Generic} server-uri @var{authenticator} +Return the public server URI of @var{authenticator}. +@end deffn + @node Reverse proxy @section Reverse proxy The @emph{(webid-oidc server endpoint reverse-proxy)} module defines a -- cgit v1.2.3