1/*
2 *  Copyright (c) 2003-2009 Apple Inc. All Rights Reserved.
3 *
4 *  @APPLE_LICENSE_HEADER_START@
5 *
6 *  This file contains Original Code and/or Modifications of Original Code
7 *  as defined in and that are subject to the Apple Public Source License
8 *  Version 2.0 (the 'License'). You may not use this file except in
9 *  compliance with the License. Please obtain a copy of the License at
10 *  http://www.opensource.apple.com/apsl/ and read it before using this
11 *  file.
12 *
13 *  The Original Code and all software distributed under the License are
14 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 *  Please see the License for the specific language governing rights and
19 *  limitations under the License.
20 *
21 *  @APPLE_LICENSE_HEADER_END@
22 *
23 *  AuthorizationMechEval.h
24 *  securityd
25 *
26 */
27
28#include <string>
29#include <map>
30#include <security_utilities/refcount.h>
31#include "agentquery.h"
32#include "AuthorizationRule.h"
33#include "authority.h"
34#include "session.h"
35
36
37namespace Authorization {
38
39class AgentMechanismRef : public RefPointer<QueryInvokeMechanism>
40{
41public:
42    AgentMechanismRef(const AuthHostType type, Session &session);
43};
44
45class AgentMechanismEvaluator
46{
47public:
48    AgentMechanismEvaluator(uid_t uid, Session &session, const vector<string>& inMechanisms);
49    OSStatus run(const AuthValueVector &inArguments, const AuthItemSet &inHints, const AuthorizationToken &auth);
50
51    AuthorizationResult authinternal(AuthItemSet &context);
52
53    AuthItemSet &hints() { return mHints; }
54    AuthItemSet &context() { return mContext; }
55
56private:
57    vector<std::string> mMechanisms;
58    typedef map<std::string, AgentMechanismRef> ClientMap;
59    ClientMap mClients;
60
61    uid_t mClientUid;
62    Session &mSession;
63
64    AuthItemSet mHints;
65    AuthItemSet mContext;
66    AuthItemSet mStickyContext;
67};
68
69} /* namespace Authorization */
70