using System;
using System.Collections.Generic;
using OwinFramework.InterfacesV1.Middleware;
namespace OwinFramework.InterfacesV1.Facilities
{
///
/// Encapsulates the information stored about a username/password combination
///
public interface ICredential
{
///
/// The unique identifier for the identity this credential belongs to
///
string Identity { get; }
///
/// The username used to sign in with this credential
///
string Username { get; }
///
/// The actions that are permitted on the identity identified by this credential
///
List Purposes { get; }
}
///
/// Defines a facility that stores username and password credentials that identify
/// users making requests to the system
///
public interface ICredentialStore
{
///
/// Returns true if this identity store can work with usernames and passwords
///
bool SupportsCredentials { get; }
///
/// Adds username/password credentials to an identity so that the identity can
/// log in using these credentials
///
/// A URL friendly string that uniquely identifies an identity
/// The username that they will use to login
/// The password that they will use to login
/// True to delete all existing credentials. This
/// will not delete any secret keys, certificates etc. False to add this as a
/// new login but keep the old credentials still active, this allows different
/// credentials to have different purposes on the same account.
/// Optional list of purposes to restrict what is allowed
/// when a user logs in with these credentials. If this is null then the
/// login is unrestricted
/// True if sucessful. Returns false if the identity was not found or the
/// password does not meet requirements for password complexity
bool AddCredentials(string identity, string userName, string password, bool replaceExisting = true, IEnumerable purposes = null);
///
/// Checks user supplied credentials and returns the identity of the user
///
/// The user id for this user (usually email address)
/// The user's password
/// The results of checking the user's credentials
IAuthenticationResult AuthenticateWithCredentials(string userName, string password);
///
/// Logs the user in using a stored Remember Me Token. This token
/// can be obtained from a full login with credentials or a secret key
///
/// The remember me token from a succesful
/// login
/// Details about the user and purposes permitted by this login
IAuthenticationResult RememberMe(string rememberMeToken);
///
/// Retrieves the username that was used to log in using credentials
///
/// A token returned from a sucessful login
/// Credentials if this login was a creddentials login, or null
/// if the user identified in some other way (for example with a cert)
ICredential GetRememberMeCredential(string rememberMeToken);
///
/// Retrieves the username that was used to log in using credentials
///
/// A username that is used to login to the system
/// Credentials if this username exists in the system, or null
/// if there is no such user
ICredential GetUsernameCredential(string username);
///
/// Retrieves a list of the credentials associated with an identity
///
/// The unique identifier for the identity
/// A list of credentials
IEnumerable GetCredentials(string identity);
///
/// Deletes a user credential from the system preventing any further login
/// attempts with that username.
///
/// The credential to delete
/// True if the deletion was sucessful and false if not found
bool DeleteCredential(ICredential credential);
///
/// Changes the password for a credential
///
///
///
///
bool ChangePassword(ICredential credential, string newPassword);
}
}