using System;
using System.Collections.Generic;
using OwinFramework.InterfacesV1.Middleware;
namespace OwinFramework.InterfacesV1.Facilities
{
///
/// Defines a facility that stores certificates that identify identities
/// making requests to the system
///
public interface ICertificateStore
{
///
/// Returns true if this identity store can work with certificates
///
bool SupportsCertificates { get; }
///
/// Generates a certificate and associates it with an identity
///
/// The identity to associate the certificate with
/// How long is this certificate valid for
/// Optional list of purposes to limit the scope of this certificate
/// A certificate that a 3rd party can store on their system and use to access
/// services for specific purposes
byte[] AddCertificate(string identity, TimeSpan? lifetime = null, IEnumerable purposes = null);
///
/// Deletes a specific certificate from the identity store
///
bool DeleteCertificate(byte[] certificate);
///
/// Deletes all of the certificates associated with an identity
///
int DeleteCertificates(string identity);
///
/// Checks the supplied certifcate and returns status of the identity associated with
/// that certificate. This mechanism is useful when you want to issue certificates to
/// trusted external systems and be able to identify those systems by the certificate
/// that they present.
///
IAuthenticationResult AuthenticateWithCertificate(byte[] certificate);
}
}