1 files changed, 71 insertions, 0 deletions

diff --git a/src/crimson/auth/AuthClient.h b/src/crimson/auth/AuthClient.h
new file mode 100644
index 000000000..cd21b3838
--- /dev/null
+++ b/src/crimson/auth/AuthClient.h
@@ -0,0 +1,71 @@
+// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
+// vim: ts=8 sw=2 smarttab
+
+#pragma once
+
+#include <cstdint>
+#include <string>
+#include <tuple>
+#include <vector>
+#include "include/buffer_fwd.h"
+#include "crimson/net/Fwd.h"
+
+class CryptoKey;
+
+namespace crimson::auth {
+
+class error : public std::logic_error {
+public:
+  using std::logic_error::logic_error;
+};
+
+using method_t = uint32_t;
+
+// TODO: revisit interfaces for non-dummy implementations
+class AuthClient {
+public:
+  virtual ~AuthClient() {}
+
+  struct auth_request_t {
+    method_t auth_method;
+    std::vector<uint32_t> preferred_modes;
+    ceph::bufferlist auth_bl;
+  };
+  /// Build an authentication request to begin the handshake
+  ///
+  /// @throw auth::error if unable to build the request
+  virtual auth_request_t get_auth_request(crimson::net::ConnectionRef conn,
+					  AuthConnectionMetaRef auth_meta) = 0;
+
+  /// Handle server's request to continue the handshake
+  ///
+  /// @throw auth::error if unable to build the request
+  virtual ceph::bufferlist handle_auth_reply_more(
+    crimson::net::ConnectionRef conn,
+    AuthConnectionMetaRef auth_meta,
+    const ceph::bufferlist& bl) = 0;
+
+  /// Handle server's indication that authentication succeeded
+  ///
+  /// @return 0 if authenticated, a negative number otherwise
+  virtual int handle_auth_done(
+    crimson::net::ConnectionRef conn,
+    AuthConnectionMetaRef auth_meta,
+    uint64_t global_id,
+    uint32_t con_mode,
+    const bufferlist& bl) = 0;
+
+  /// Handle server's indication that the previous auth attempt failed
+  ///
+  /// @return 0 if will try next auth method, a negative number if we have no
+  ///         more options
+  virtual int handle_auth_bad_method(
+    crimson::net::ConnectionRef conn,
+    AuthConnectionMetaRef auth_meta,
+    uint32_t old_auth_method,
+    int result,
+    const std::vector<uint32_t>& allowed_methods,
+    const std::vector<uint32_t>& allowed_modes) = 0;
+};
+
+} // namespace crimson::auth