account and endpoint security updates

3 files changed, 10 insertions, 47 deletions

diff --git a/lib/Plugins.Essentials/src/Accounts/AccountUtils.cs b/lib/Plugins.Essentials/src/Accounts/AccountUtils.cs
index 259f52a..a5fb074 100644
--- a/lib/Plugins.Essentials/src/Accounts/AccountUtils.cs
+++ b/lib/Plugins.Essentials/src/Accounts/AccountUtils.cs
@@ -387,7 +387,7 @@ namespace VNLib.Plugins.Essentials.Accounts
             IClientAuthorization auth = GenerateAuthorization(entity, secInfo, user);
 
             //Set client token
-            response.Token = auth.SecurityToken.ClientToken;
+            response.Token = auth.GetClientAuthDataString();
         }
 
         /// <summary>
@@ -421,7 +421,7 @@ namespace VNLib.Plugins.Essentials.Accounts
             IClientAuthorization auth = prov.ReAuthorizeClient(entity);
 
             //Store the client token in response message
-            response.Token = auth.SecurityToken.ClientToken;
+            response.Token = auth.GetClientAuthDataString();
 
             //Regen session id also
             entity.Session.RegenID();
diff --git a/lib/Plugins.Essentials/src/Accounts/ClientSecurityToken.cs b/lib/Plugins.Essentials/src/Accounts/ClientSecurityToken.cs
deleted file mode 100644
index 0d81344..0000000
--- a/lib/Plugins.Essentials/src/Accounts/ClientSecurityToken.cs
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
-* Copyright (c) 2023 Vaughn Nugent
-* 
-* Library: VNLib
-* Package: VNLib.Plugins.Essentials
-* File: ClientSecurityToken.cs 
-*
-* ClientSecurityToken.cs is part of VNLib.Plugins.Essentials which is part 
-* of the larger VNLib collection of libraries and utilities.
-*
-* VNLib.Plugins.Essentials is free software: you can redistribute it and/or modify 
-* it under the terms of the GNU Affero General Public License as 
-* published by the Free Software Foundation, either version 3 of the
-* License, or (at your option) any later version.
-*
-* VNLib.Plugins.Essentials is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-* GNU Affero General Public License for more details.
-*
-* You should have received a copy of the GNU Affero General Public License
-* along with this program.  If not, see https://www.gnu.org/licenses/.
-*/
-
-
-namespace VNLib.Plugins.Essentials.Accounts
-{
-    /// <summary>
-    /// A structure that contains the client/server information
-    /// for client/server authorization
-    /// </summary>
-    /// <param name="ClientToken">
-    /// The public portion of the token to send to the client
-    /// </param>
-    /// <param name="ServerToken">
-    /// The secret portion of the token that is to be 
-    /// stored on the server (usually in the client's session)
-    /// </param>
-    public readonly record struct ClientSecurityToken(string ClientToken, string ServerToken)
-    { }
-}
\ No newline at end of file
diff --git a/lib/Plugins.Essentials/src/Accounts/IClientAuthorization.cs b/lib/Plugins.Essentials/src/Accounts/IClientAuthorization.cs
index 73f97c0..608c639 100644
--- a/lib/Plugins.Essentials/src/Accounts/IClientAuthorization.cs
+++ b/lib/Plugins.Essentials/src/Accounts/IClientAuthorization.cs
@@ -31,13 +31,17 @@ namespace VNLib.Plugins.Essentials.Accounts
     public interface IClientAuthorization
     {
         /// <summary>
-        /// A security token that may be set as a cookie or used
+        /// Gets the client specific authorization data as a string, may be serialized
+        /// and will be sent to the client.
         /// </summary>
-        string? LoginSecurityString { get; }
+        /// <returns>A string representation of the client's authorization data</returns>
+        string GetClientAuthDataString();
 
         /// <summary>
-        /// The clients security token information
+        /// Gets the client specific authorization data raw object and may be serialized
+        /// as needed.
         /// </summary>
-        ClientSecurityToken SecurityToken { get; }
+        /// <returns>The authorization object to send to the client</returns>
+        object GetClientAuthData();
     }
 }
\ No newline at end of file