Mercurial > openid
comparison src/ur/openid.urs @ 39:f6b3fbf10dac
Proper handling of known vs. to-be-chosen identifiers
| author | Adam Chlipala <adam@chlipala.net> |
|---|---|
| date | Wed, 01 Jun 2011 07:51:55 -0400 |
| parents | 35bc4da563dd |
| children |
comparison
equal
deleted
inserted
replaced
| 38:8d23d76b5d48 | 39:f6b3fbf10dac |
|---|---|
| 70 datatype association_mode = | 70 datatype association_mode = |
| 71 Stateless | 71 Stateless |
| 72 | Stateful of {AssociationType : association_type, | 72 | Stateful of {AssociationType : association_type, |
| 73 AssociationSessionType : association_session_type} | 73 AssociationSessionType : association_session_type} |
| 74 | 74 |
| 75 (* It is possible to request authentication in two different modes: *) | |
| 76 | |
| 77 datatype authentication_mode = | |
| 78 ChooseIdentifier of string | |
| 79 (* The provider prompts the user to select his identity. | |
| 80 * The string argument should be a generic endpoint, e.g., | |
| 81 * "https://www.google.com/accounts/o8/id". *) | |
| 82 | KnownIdentifier of string | |
| 83 (* Require authentication as this precise identifier. *) | |
| 84 | |
| 75 (* An authentication attempt terminates in one of four ways. | 85 (* An authentication attempt terminates in one of four ways. |
| 76 * First, the user might get bored and surf away, never finishing the process. | 86 * First, the user might get bored and surf away, never finishing the process. |
| 77 * If so, your application will never be told explicitly. | 87 * If so, your application will never be told explicitly. |
| 78 * The other possibilities are captured by this datatype: *) | 88 * The other possibilities are captured by this datatype: *) |
| 79 | 89 |
| 108 (* Your preferences for statefulness and cryptography. | 118 (* Your preferences for statefulness and cryptography. |
| 109 * If the remote server doesn't support some kind of | 119 * If the remote server doesn't support some kind of |
| 110 * crypto that you ask for, the library automatically | 120 * crypto that you ask for, the library automatically |
| 111 * switches to a mode that the server advertises as | 121 * switches to a mode that the server advertises as |
| 112 * supported. *) | 122 * supported. *) |
| 113 Identifier : string, | 123 Identifier : authentication_mode, |
| 114 (* The URL that the user claims identifies him. | 124 (* The URL that the user claims identifies him. |
| 115 * It may also point to a generic authentication service | 125 * It may also point to a generic authentication service |
| 116 * that will take care of deciding the proper | 126 * that will take care of deciding the proper |
| 117 * username. *) | 127 * username. *) |
| 118 Realm : option string | 128 Realm : option string |