GSignondDigestPlugin

GSignondDigestPlugin — a plugin that performs HTTP Digest authentication

Object Hierarchy

    GObject
    ╰── GSignondDigestPlugin

Includes

#include <gsignond/gsignond-digest-plugin.h>

Description

GSignondDigestPlugin performs HTTP Digest authentication without exposing the password to the application. Digest authentication is described in

RFC 2617.

gsignond_plugin_request_initial() session_data parameter should include the following string items, whose meaning is described in the RFC:

  • username and secret. If they are absent, they are requested from the user via gSSO UI.

  • realm, allowed realms, "Algo", "Nonce", "Method", "DigestUri" - mandatory items.

  • "NonceCount", "Qop", "HEntity". "NonceCount" must be present if "Qop" is present, "HEntity" must be present if "Qop" is present and set to "auth-int".

If the plugin has all the data to calculate the digest, it issues “response-final” signal. session_data in that signal contains the username, "CNonce" item and the digest value under the "Response" key.

If some of the data is incorrect or not available, “error” signal is issued instead.

“type” property is set to "digest", and “mechanisms” property contains a single entry "digest".

Functions

Types and Values