001    package net.databinder.auth;
002    
003    import java.security.MessageDigest;
004    
005    import net.databinder.auth.data.DataUser;
006    
007    import org.apache.wicket.markup.html.WebPage;
008    
009    /**
010     * Application-specific authorization settings. Many components of Databinder authentication
011     * require that this be implemented by the current WebApplication instance.
012     * @author Nathan Hamblen
013     */
014    public interface AuthApplication {
015            /**
016             * @return class to be used for signed in users
017             */
018            public Class< ? extends DataUser> getUserClass();
019            /** 
020             * @return DataUser for the given username. 
021             */
022            public DataUser getUser(String username);
023            /**
024             * @return page to sign in users
025             */
026            public Class< ? extends WebPage> getSignInPageClass();
027            /**
028             * Cryptographic salt to be used in authentication. The default getDigest()
029             * implementation uses this value.
030             * @return app-specific salt
031             */
032            public abstract byte[] getSalt();
033            
034            /** @return application-salted hashing digest */
035            public MessageDigest getDigest();
036            
037            /**
038             * Get the restricted token for a user, passing an appropriate location parameter. 
039             * @param user source of token
040             * @return restricted token
041             */
042            public String getToken(DataUser user);
043    }