/*
   jGuard is a security framework based on top of jaas (java authentication and authorization security).
   it is written for web applications, to resolve simply, access control problems.
   version $Name$
   http://sourceforge.net/projects/jguard/
   
   Copyright (C) 2004  Charles GAY
   
   This library is free software; you can redistribute it and/or
  modify it under the terms of the GNU Lesser General Public
  License as published by the Free Software Foundation; either
  version 2.1 of the License, or (at your option) any later version.
  
  This library is distributed in the hope that it will be useful,
  but WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  Lesser General Public License for more details.
  
  You should have received a copy of the GNU Lesser General Public
  License along with this library; if not, write to the Free Software
  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  
  
  jGuard project home page:
  http://sourceforge.net/projects/jguard/
  
  */
  
  package net.sf.jguard.core.authentication.schemes;
  
  import java.security.PermissionCollection;
  import java.util.Collection;
  import java.util.List;
  import javax.security.auth.callback.Callback;
  import javax.security.auth.callback.UnsupportedCallbackException;
  import javax.security.auth.spi.LoginModule;
  import net.sf.jguard.core.authentication.AccessContext;
  import net.sf.jguard.core.authentication.AuthenticationException;
  
  /**
   * represents the way a user authenticate against a challenge <b>through a SPECIFIC underlying technology</b>.
   * for example, a challenge like a username and password token, can be
   * enforced in different ways(FORM and BASIC for example), and with different
   * underlying technologies (HttpServlet and Swing for example).
   * Note that multiple exchanges can be encountered between client and server to establish
   * a securized communication. These exchanges are <b>NOT</b> decided by any {@link AuthenticationSchemeHandler}
   * implementations but by {@link LoginModule}s which enforce an Authentication Scheme.
   * AuthenticationSchemeHandler only help the loginModule to communicate with the client
   * through its supported underlying technology.
   * @author <a href="mailto:diabolo512@users.sourceforge.net">Charles Gay</a>
   */
  public interface AuthenticationSchemeHandler {
  
      /**
       * unique name of the Authentication Scheme.
       * @return
       */
      public String getName();
      
      
      /**
       * return Callbacks classes needed by LoginModules to authenticate the client.
       * @return
       */
      public Collection<Class> getCallbackTypes();
      
      
      /**
       * evaluate if the user <b>tries</b> to answer to the challenge.
       * @param context
       * @return
       */
      public boolean answerToChallenge(AccessContext context);
      
      
      /**
       * create a challenge in the underlying technology way.
       * @param context
       * @throws net.sf.jguard.core.authentication.AuthenticationException
       */
      public void buildChallenge(AccessContext accessContext)throws AuthenticationException;
  
      public PermissionCollection getGrantedPermissions();
      
      /**
       * translate in the underlying technology the authentication success.
       * @param context
       */
      public void authenticationSucceed(AccessContext context)throws AuthenticationException;
      
      /**
       * translate in the underlying technology the authentication failure.
       * @param context
       */
      public void authenticationFailed(AccessContext context)throws AuthenticationException;
  
      
      public void handleSchemeCallbacks(AccessContext context,List<Callback> cbks)throws UnsupportedCallbackException;
  }