1 /*
2  * Copyright (C) the libgit2 contributors. All rights reserved.
3  *
4  * This file is part of libgit2, distributed under the GNU GPL v2 with
5  * a Linking Exception. For full terms see the included COPYING file.
6  */
7 module libgit2_d.credential;
8 
9 
10 private static import libgit2_d.sys.credential;
11 
12 /**
13  * @file git2/credential.h
14  * @brief Git authentication & credential management
15  * @defgroup git_credential Authentication & credential management
16  * @ingroup Git
17  * @{
18  */
19 extern (C):
20 nothrow @nogc:
21 public:
22 
23 /**
24  * Supported credential types
25  *
26  * This represents the various types of authentication methods supported by
27  * the library.
28  */
29 enum git_credential_t
30 {
31 	/**
32 	 * A vanilla user/password request
33 	 * @see git_credential_userpass_plaintext_new
34 	 */
35 	GIT_CREDENTIAL_USERPASS_PLAINTEXT = 1u << 0,
36 
37 	/**
38 	 * An SSH key-based authentication request
39 	 * @see git_credential_ssh_key_new
40 	 */
41 	GIT_CREDENTIAL_SSH_KEY = 1u << 1,
42 
43 	/**
44 	 * An SSH key-based authentication request, with a custom signature
45 	 * @see git_credential_ssh_custom_new
46 	 */
47 	GIT_CREDENTIAL_SSH_CUSTOM = 1u << 2,
48 
49 	/**
50 	 * An NTLM/Negotiate-based authentication request.
51 	 * @see git_credential_default
52 	 */
53 	GIT_CREDENTIAL_DEFAULT = 1u << 3,
54 
55 	/**
56 	 * An SSH interactive authentication request
57 	 * @see git_credential_ssh_interactive_new
58 	 */
59 	GIT_CREDENTIAL_SSH_INTERACTIVE = 1u << 4,
60 
61 	/**
62 	 * Username-only authentication request
63 	 *
64 	 * Used as a pre-authentication step if the underlying transport
65 	 * (eg. SSH, with no username in its URL) does not know which username
66 	 * to use.
67 	 *
68 	 * @see git_credential_username_new
69 	 */
70 	GIT_CREDENTIAL_USERNAME = 1u << 5,
71 
72 	/**
73 	 * An SSH key-based authentication request
74 	 *
75 	 * Allows credentials to be read from memory instead of files.
76 	 * Note that because of differences in crypto backend support, it might
77 	 * not be functional.
78 	 *
79 	 * @see git_credential_ssh_key_memory_new
80 	 */
81 	GIT_CREDENTIAL_SSH_MEMORY = 1u << 6,
82 }
83 
84 /**
85  * The base structure for all credential types
86  */
87 alias git_credential = libgit2_d.sys.credential.git_credential;
88 
89 alias git_credential_userpass_plaintext = libgit2_d.sys.credential.git_credential_userpass_plaintext;
90 
91 /**
92  * Username-only credential information
93  */
94 alias git_credential_username = libgit2_d.sys.credential.git_credential_username;
95 
96 /**
97  * A key for NTLM/Kerberos "default" credentials
98  */
99 alias git_credential_default = .git_credential;
100 
101 /**
102  * A ssh key from disk
103  */
104 alias git_credential_ssh_key = libgit2_d.sys.credential.git_credential_ssh_key;
105 
106 /**
107  * Keyboard-interactive based ssh authentication
108  */
109 alias git_credential_ssh_interactive = libgit2_d.sys.credential.git_credential_ssh_interactive;
110 
111 /**
112  * A key with a custom signature function
113  */
114 alias git_credential_ssh_custom = libgit2_d.sys.credential.git_credential_ssh_custom;
115 
116 /**
117  * Credential acquisition callback.
118  *
119  * This callback is usually involved any time another system might need
120  * authentication. As such, you are expected to provide a valid
121  * git_credential object back, depending on allowed_types (a
122  * git_credential_t bitmask).
123  *
124  * Note that most authentication details are your responsibility - this
125  * callback will be called until the authentication succeeds, or you report
126  * an error. As such, it's easy to get in a loop if you fail to stop providing
127  * the same incorrect credentials.
128  *
129  * @param out_ The newly created credential object.
130  * @param url The resource for which we are demanding a credential.
131  * @param username_from_url The username that was embedded in a "user\@host"
132  *                          remote url, or NULL if not included.
133  * @param allowed_types A bitmask stating which credential types are OK to return.
134  * @param payload The payload provided when specifying this callback.
135  * @return 0 for success, < 0 to indicate an error, > 0 to indicate
136  *       no credential was acquired
137  */
138 alias git_credential_acquire_cb = int function(.git_credential** out_, const (char)* url, const (char)* username_from_url, uint allowed_types, void* payload);
139 
140 /**
141  * Free a credential.
142  *
143  * This is only necessary if you own the object; that is, if you are a
144  * transport.
145  *
146  * @param cred the object to free
147  */
148 //GIT_EXTERN
149 void git_credential_free(.git_credential* cred);
150 
151 /**
152  * Check whether a credential object contains username information.
153  *
154  * @param cred object to check
155  * @return 1 if the credential object has non-NULL username, 0 otherwise
156  */
157 //GIT_EXTERN
158 int git_credential_has_username(.git_credential* cred);
159 
160 /**
161  * Return the username associated with a credential object.
162  *
163  * @param cred object to check
164  * @return the credential username, or NULL if not applicable
165  */
166 //GIT_EXTERN
167 const (char)* git_credential_get_username(.git_credential* cred);
168 
169 /**
170  * Create a new plain-text username and password credential object.
171  * The supplied credential parameter will be internally duplicated.
172  *
173  * @param out_ The newly created credential object.
174  * @param username The username of the credential.
175  * @param password The password of the credential.
176  * @return 0 for success or an error code for failure
177  */
178 //GIT_EXTERN
179 int git_credential_userpass_plaintext_new(.git_credential** out_, const (char)* username, const (char)* password);
180 
181 /**
182  * Create a "default" credential usable for Negotiate mechanisms like NTLM
183  * or Kerberos authentication.
184  *
185  * @param out_ The newly created credential object.
186  * @return 0 for success or an error code for failure
187  */
188 //GIT_EXTERN
189 int git_credential_default_new(.git_credential** out_);
190 
191 /**
192  * Create a credential to specify a username.
193  *
194  * This is used with ssh authentication to query for the username if
195  * none is specified in the url.
196  *
197  * @param out_ The newly created credential object.
198  * @param username The username to authenticate with
199  * @return 0 for success or an error code for failure
200  */
201 //GIT_EXTERN
202 int git_credential_username_new(.git_credential** out_, const (char)* username);
203 
204 /**
205  * Create a new passphrase-protected ssh key credential object.
206  * The supplied credential parameter will be internally duplicated.
207  *
208  * @param out_ The newly created credential object.
209  * @param username username to use to authenticate
210  * @param publickey The path to the public key of the credential.
211  * @param privatekey The path to the private key of the credential.
212  * @param passphrase The passphrase of the credential.
213  * @return 0 for success or an error code for failure
214  */
215 //GIT_EXTERN
216 int git_credential_ssh_key_new(.git_credential** out_, const (char)* username, const (char)* publickey, const (char)* privatekey, const (char)* passphrase);
217 
218 /**
219  * Create a new ssh key credential object reading the keys from memory.
220  *
221  * @param out_ The newly created credential object.
222  * @param username username to use to authenticate.
223  * @param publickey The public key of the credential.
224  * @param privatekey The private key of the credential.
225  * @param passphrase The passphrase of the credential.
226  * @return 0 for success or an error code for failure
227  */
228 //GIT_EXTERN
229 int git_credential_ssh_key_memory_new(.git_credential** out_, const (char)* username, const (char)* publickey, const (char)* privatekey, const (char)* passphrase);
230 
231 /*
232  * If the user hasn't included libssh2.h before git2.h, we need to
233  * define a few types for the callback signatures.
234  */
235 version (LIBSSH2_VERSION) {
236 } else {
237 	struct _LIBSSH2_SESSION;
238 	struct _LIBSSH2_USERAUTH_KBDINT_PROMPT;
239 	struct _LIBSSH2_USERAUTH_KBDINT_RESPONSE;
240 	alias LIBSSH2_SESSION = _LIBSSH2_SESSION;
241 	alias LIBSSH2_USERAUTH_KBDINT_PROMPT = _LIBSSH2_USERAUTH_KBDINT_PROMPT;
242 	alias LIBSSH2_USERAUTH_KBDINT_RESPONSE = _LIBSSH2_USERAUTH_KBDINT_RESPONSE;
243 }
244 
245 alias git_credential_ssh_interactive_cb = void function(const (char)* name, int name_len, const (char)* instruction, int instruction_len, int num_prompts, const (.LIBSSH2_USERAUTH_KBDINT_PROMPT)* prompts, .LIBSSH2_USERAUTH_KBDINT_RESPONSE* responses, void** abstract_);
246 
247 /**
248  * Create a new ssh keyboard-interactive based credential object.
249  * The supplied credential parameter will be internally duplicated.
250  *
251  * @param username Username to use to authenticate.
252  * @param prompt_callback The callback method used for prompts.
253  * @param payload Additional data to pass to the callback.
254  * @return 0 for success or an error code for failure.
255  */
256 //GIT_EXTERN
257 int git_credential_ssh_interactive_new(.git_credential** out_, const (char)* username, .git_credential_ssh_interactive_cb prompt_callback, void* payload);
258 
259 /**
260  * Create a new ssh key credential object used for querying an ssh-agent.
261  * The supplied credential parameter will be internally duplicated.
262  *
263  * @param out_ The newly created credential object.
264  * @param username username to use to authenticate
265  * @return 0 for success or an error code for failure
266  */
267 //GIT_EXTERN
268 int git_credential_ssh_key_from_agent(.git_credential** out_, const (char)* username);
269 
270 alias git_credential_sign_cb = int function(.LIBSSH2_SESSION* session, ubyte** sig, size_t* sig_len, const (ubyte)* data, size_t data_len, void** abstract_);
271 
272 /**
273  * Create an ssh key credential with a custom signing function.
274  *
275  * This lets you use your own function to sign the challenge.
276  *
277  * This function and its credential type is provided for completeness
278  * and wraps `libssh2_userauth_publickey()`, which is undocumented.
279  *
280  * The supplied credential parameter will be internally duplicated.
281  *
282  * @param out_ The newly created credential object.
283  * @param username username to use to authenticate
284  * @param publickey The bytes of the public key.
285  * @param publickey_len The length of the public key in bytes.
286  * @param sign_callback The callback method to sign the data during the challenge.
287  * @param payload Additional data to pass to the callback.
288  * @return 0 for success or an error code for failure
289  */
290 //GIT_EXTERN
291 int git_credential_ssh_custom_new(.git_credential** out_, const (char)* username, const (char)* publickey, size_t publickey_len, .git_credential_sign_cb sign_callback, void* payload);
292 
293 /** @} */