1/* Copyright (c) 2012 Apple Inc. All rights reserved. */ 2 3#ifndef _SECURITY_AUTH_AUTHTOKEN_H_ 4#define _SECURITY_AUTH_AUTHTOKEN_H_ 5 6#include "credential.h" 7#include <CoreFoundation/CoreFoundation.h> 8 9#if defined(__cplusplus) 10extern "C" { 11#endif 12 13enum { 14 auth_token_state_zombie = 1 << 0, 15 auth_token_state_registered = 1 << 1 16}; 17typedef uint32_t auth_token_state_t; 18 19extern const CFDictionaryKeyCallBacks kAuthTokenKeyCallBacks; 20 21AUTH_WARN_RESULT AUTH_MALLOC AUTH_NONNULL_ALL AUTH_RETURNS_RETAINED 22auth_token_t auth_token_create(process_t,bool operateAsLeastPrivileged); 23 24AUTH_WARN_RESULT AUTH_MALLOC AUTH_NONNULL_ALL AUTH_RETURNS_RETAINED 25auth_token_t auth_token_create_with_audit_info(const audit_info_s*,bool operateAsLeastPrivileged); 26 27AUTH_NONNULL_ALL 28bool auth_token_get_sandboxed(auth_token_t); 29 30AUTH_NONNULL_ALL 31const char * auth_token_get_code_url(auth_token_t); 32 33AUTH_NONNULL_ALL 34const void * auth_token_get_key(auth_token_t); 35 36AUTH_NONNULL_ALL 37auth_items_t auth_token_get_context(auth_token_t); 38 39AUTH_NONNULL_ALL 40bool auth_token_least_privileged(auth_token_t); 41 42AUTH_NONNULL_ALL 43uid_t auth_token_get_uid(auth_token_t); 44 45AUTH_NONNULL_ALL 46pid_t auth_token_get_pid(auth_token_t); 47 48AUTH_NONNULL_ALL 49session_t auth_token_get_session(auth_token_t); 50 51AUTH_NONNULL_ALL 52const AuthorizationBlob * auth_token_get_blob(auth_token_t); 53 54AUTH_NONNULL_ALL 55const audit_info_s * auth_token_get_audit_info(auth_token_t); 56 57AUTH_NONNULL_ALL 58mach_port_t auth_token_get_creator_bootstrap(auth_token_t auth); 59 60AUTH_NONNULL_ALL 61CFIndex auth_token_add_process(auth_token_t,process_t); 62 63AUTH_NONNULL_ALL 64CFIndex auth_token_remove_process(auth_token_t,process_t); 65 66AUTH_NONNULL_ALL 67CFIndex auth_token_get_process_count(auth_token_t); 68 69AUTH_NONNULL_ALL 70void auth_token_set_credential(auth_token_t,credential_t); 71 72AUTH_NONNULL_ALL 73bool auth_token_credentials_iterate(auth_token_t, credential_iterator_t iter); 74 75AUTH_NONNULL_ALL 76void auth_token_set_right(auth_token_t,credential_t); 77 78AUTH_NONNULL_ALL 79bool auth_token_rights_iterate(auth_token_t, credential_iterator_t iter); 80 81AUTH_NONNULL_ALL 82CFTypeRef auth_token_copy_entitlement_value(auth_token_t, const char * entitlement); 83 84AUTH_NONNULL_ALL 85bool auth_token_has_entitlement(auth_token_t, const char * entitlement); 86 87AUTH_NONNULL_ALL 88bool auth_token_has_entitlement_for_right(auth_token_t, const char * right); 89 90AUTH_NONNULL_ALL 91credential_t auth_token_get_credential(auth_token_t); 92 93AUTH_NONNULL_ALL 94bool auth_token_apple_signed(auth_token_t); 95 96AUTH_NONNULL_ALL 97bool auth_token_is_creator(auth_token_t,process_t); 98 99AUTH_NONNULL_ALL 100void auth_token_set_state(auth_token_t,auth_token_state_t); 101 102AUTH_NONNULL_ALL 103void auth_token_clear_state(auth_token_t,auth_token_state_t); 104 105AUTH_WARN_RESULT AUTH_NONNULL_ALL 106auth_token_state_t auth_token_get_state(auth_token_t); 107 108AUTH_NONNULL_ALL 109bool auth_token_check_state(auth_token_t, auth_token_state_t); 110 111#if defined(__cplusplus) 112} 113#endif 114 115#endif /* !_SECURITY_AUTH_AUTHTOKEN_H_ */ 116