gio/org.gtkkn.bindings.gio/DBusAuthObserver

DBusAuthObserver

open class DBusAuthObserver(pointer: <Error class: unknown class><<Error class: unknown class>>)

GDBusAuthObserver provides a mechanism for participating in how a class@Gio.DBusServer (or a class@Gio.DBusConnection) authenticates remote peers.

Simply instantiate a GDBusAuthObserver and connect to the signals you are interested in. Note that new signals may be added in the future.

Controlling Authentication Mechanisms

By default, a GDBusServer or server-side GDBusConnection will allow any authentication mechanism to be used. If you only want to allow D-Bus connections with the EXTERNAL mechanism, which makes use of credentials passing and is the recommended mechanism for modern Unix platforms such as Linux and the BSD family, you would use a signal handler like this:

static gboolean
on_allow_mechanism (GDBusAuthObserver *observer,
                    const gchar       *mechanism,
                    gpointer           user_data)
{
  if (g_strcmp0 (mechanism, "EXTERNAL") == 0)
    {
      return TRUE;
    }

  return FALSE;
}
Content copied to clipboard

Controlling Authorization

By default, a GDBusServer or server-side GDBusConnection will accept connections from any successfully authenticated user (but not from anonymous connections using the ANONYMOUS mechanism). If you only want to allow D-Bus connections from processes owned by the same uid as the server, since GLib 2.68, you should use the G_DBUS_SERVER_FLAGS_AUTHENTICATION_REQUIRE_SAME_USER flag. It’s equivalent to the following signal handler:

static gboolean
on_authorize_authenticated_peer (GDBusAuthObserver *observer,
                                 GIOStream         *stream,
                                 GCredentials      *credentials,
                                 gpointer           user_data)
{
  gboolean authorized;

  authorized = FALSE;
  if (credentials != NULL)
    {
      GCredentials *own_credentials;
      own_credentials = g_credentials_new ();
      if (g_credentials_is_same_user (credentials, own_credentials, NULL))
        authorized = TRUE;
      g_object_unref (own_credentials);
    }

  return authorized;
}
Content copied to clipboard

Since

2.26

Constructors

Link copied to clipboard
constructor()

Creates a new #GDBusAuthObserver object.

constructor(pointer: <Error class: unknown class><<Error class: unknown class>>)

Types

Link copied to clipboard
object Companion

Properties

Link copied to clipboard
val gioDBusAuthObserverPointer: <Error class: unknown class><<Error class: unknown class>>

Functions

Link copied to clipboard
open fun allowMechanism(mechanism: String): Boolean

Emits the #GDBusAuthObserver::allow-mechanism signal on @observer.

Link copied to clipboard
open fun authorizeAuthenticatedPeer(stream: IOStream, credentials: Credentials? = null): Boolean

Emits the #GDBusAuthObserver::authorize-authenticated-peer signal on @observer.

Link copied to clipboard
fun connectAllowMechanism(connectFlags: <Error class: unknown class> = ConnectFlags(0u), handler: (mechanism: String) -> Boolean): <Error class: unknown class>

Emitted to check if @mechanism is allowed to be used.

Link copied to clipboard
fun connectAuthorizeAuthenticatedPeer(connectFlags: <Error class: unknown class> = ConnectFlags(0u), handler: (stream: IOStream, credentials: Credentials?) -> Boolean): <Error class: unknown class>

Emitted to check if a peer that is successfully authenticated is authorized.