/* * Copyright 2016 Realm Inc. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package io.realm.internal.network; import java.net.URI; import java.net.URL; import io.realm.SyncCredentials; import io.realm.SyncUser; import io.realm.internal.objectserver.Token; /** * Interface for handling communication with Realm Object Servers. * <p> * Note, no implementation of this class is responsible for handling retries or error handling. It is * only responsible for executing a given network request. */ public interface AuthenticationServer { /** * Login a User on the Object Server. This will create a "UserToken" (Currently called RefreshToken) that acts as * the users credentials. */ AuthenticateResponse loginUser(SyncCredentials credentials, URL authenticationUrl); /** * Requests access to a specific Realm. Only users with a valid user token can ask for permission to a remote Realm. * Permission to a Realm is granted through an "AccessToken". Each Realm have their own access token, and all * tokens should be managed by {@link SyncUser}. */ AuthenticateResponse loginToRealm(Token userToken, URI serverUrl, URL authenticationUrl); /** * When the Object Server returns the user token, it also sends a timestamp for when the token expires. * Before it expires, the client should try to refresh the token, effectively keeping the user logged in on the * Object Server. Failing to do so will cause a "soft logout", where the User will have limited access rights. */ AuthenticateResponse refreshUser(Token userToken, URI serverUrl, URL authenticationUrl); /** * Logs out the user on the Object Server by invalidating the refresh token. Each device should be given their * own refresh token, but if the refresh token for some reason was shared or stolen all these devices will be * logged out as well. */ LogoutResponse logout(Token userToken, URL authenticationUrl); /** * Changes a user's password. */ ChangePasswordResponse changePassword(Token userToken, String newPassword, URL authenticationUrl); }