* The #SignonAuthSession object is responsible for handling the client
* authentication. #SignonAuthSession objects should be created from existing
* identities (via signon_identity_create_session() or by passing a non-NULL identity
- * to signon_auth_session_new()), in which case the authentication data such as
- * username and password will be implicitly taken from the identity.
+ * to signon_auth_session_new()).
*/
#include "signon-internals.h"
* @state: the current state of the #SignonAuthSession
* @message: the message associated with the state change
*
- * Emitted when the state of the #SignonAuthSession changes.
- * FIXME: @state should be registered as a GLib type (or use one from
+ * Emitted when the state of the #SignonAuthSession changes. The state change
+ * is initiated by #GSignondPlugin via #GSignondPlugin::state-changed signal.
+ */
+ /* FIXME: @state should be registered as a GLib type (or use one from
* libgsignond-common)
*/
auth_session_signals[STATE_CHANGED] =
/**
* signon_auth_session_new:
- * @parent: #SignonIdentity parent object.
+ * @id: the id of the #SignonIdentity to be used. Can be 0, if this session is
+ * not bound to any stored identity.
* @method_name: the name of the authentication method to be used.
* @err: a pointer to a location which will contain the error, in case this
* function fails.
* Returns: a new #SignonAuthSession.
*/
SignonAuthSession *
-signon_auth_session_new (GObject *parent,
+signon_auth_session_new (gint id,
const gchar *method_name,
GError **err)
{
- if (!SIGNON_IS_IDENTITY(parent))
+ DEBUG ("%s %d", G_STRFUNC, __LINE__);
+
+ SignonIdentity *identity = (id == 0) ?
+ signon_identity_new () : signon_identity_new_from_db (id);
+
+ SignonAuthSession *self = SIGNON_AUTH_SESSION(g_object_new (
+ SIGNON_TYPE_AUTH_SESSION,
+ "identity", identity,
+ NULL));
+ g_return_val_if_fail (self != NULL, NULL);
+ /* This will not destroy the identity, as long as it's used by the
+ * SignonAuthSession. */
+ g_object_unref (identity);
+
+ if (!auth_session_priv_init(self, method_name, err))
{
- g_set_error (err,
- signon_error_quark(),
- SIGNON_ERROR_UNKNOWN,
- "Parent object is wrong type");
+ if (*err)
+ g_warning ("%s returned error: %s", G_STRFUNC, (*err)->message);
+
+ g_object_unref (self);
return NULL;
}
- SignonIdentity *identity = SIGNON_IDENTITY(parent);
+
+ return self;
+}
+
+/**
+ * signon_auth_session_new_for_identity:
+ * @identity: #SignonIdentity parent object.
+ * @method_name: the name of the authentication method to be used.
+ * @err: a pointer to a location which will contain the error, in case this
+ * function fails.
+ *
+ * Creates a new #SignonAuthSession, which can be used to authenticate using
+ * the specified method.
+ *
+ * Returns: a new #SignonAuthSession.
+ */
+SignonAuthSession *
+signon_auth_session_new_for_identity (SignonIdentity *identity,
+ const gchar *method_name,
+ GError **err)
+{
+ g_return_val_if_fail (SIGNON_IS_IDENTITY (identity), NULL);
DEBUG ("%s %d", G_STRFUNC, __LINE__);
* authentication reply is available.
* @user_data: user data to be passed to the callback.
*
- * Performs one step of the authentication process. If the #SignonIdentity that
- * this session belongs to contains a username and a password, the daemon will
- * pass them to the authentication plugin, otherwise they should be set directly in
- * @session_data.
+ * Performs one step of the authentication process.
* @session_data should be used to add additional authentication parameters to the
- * session, or to override the parameters otherwise taken from the identity.
+ * session.
*
* What specific parameters should be used can be found from authentication plugins'
* documentation (look for parameters that are expected in gsignond_plugin_request_initial()
* for the first step, and parameters that are expected in gsignond_plugin_request() for
* the subsequent steps). See, for example, #GSignondPasswordPlugin and #GSignondDigestPlugin.
+ *
+ * If the #SignonIdentity that this session belongs to contains a username and a password,
+ * the daemon will pass them to the authentication plugin, otherwise they should be set directly in
+ * @session_data. The daemon also passes a list of identity's allowed realms to the plugin,
+ * and they cannot be overriden.
*
* Since: 1.8
*/