mfa

package

v0.0.0-...-5c79d48 Latest Latest Go to latest Published: Feb 15, 2024 License: AGPL-3.0 Imports: 13 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/juser0719/teleport

Documentation ¶

Index ¶

func HandleMFAPromptGoroutines(ctx context.Context, ...) (*proto.MFAAuthenticateResponse, error)
type CLIPrompt
- func NewCLIPrompt(cfg *PromptConfig, writer io.Writer) *CLIPrompt
- func (c *CLIPrompt) Run(ctx context.Context, chal *proto.MFAAuthenticateChallenge) (*proto.MFAAuthenticateResponse, error)
type MFAGoroutineResponse
type PromptConfig
- func NewPromptConfig(proxyAddr string, opts ...mfa.PromptOpt) *PromptConfig
- func (c PromptConfig) GetRunOptions(ctx context.Context, chal *proto.MFAAuthenticateChallenge) (RunOpts, error)
- func (c PromptConfig) GetWebauthnOrigin() string
type RunOpts

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func HandleMFAPromptGoroutines ¶

func HandleMFAPromptGoroutines(ctx context.Context, startGoroutines func(context.Context, *sync.WaitGroup, chan<- MFAGoroutineResponse)) (*proto.MFAAuthenticateResponse, error)

HandleMFAPromptGoroutines spawns MFA prompt goroutines and returns the first successful response, terminating error, or an aggregated error if they all fail.

Types ¶

type CLIPrompt ¶

type CLIPrompt struct {
	// contains filtered or unexported fields
}

CLIPrompt is the default CLI mfa prompt implementation.

func NewCLIPrompt ¶

func NewCLIPrompt(cfg *PromptConfig, writer io.Writer) *CLIPrompt

NewCLIPrompt returns a new CLI mfa prompt with the config and writer.

func (*CLIPrompt) Run ¶

func (c *CLIPrompt) Run(ctx context.Context, chal *proto.MFAAuthenticateChallenge) (*proto.MFAAuthenticateResponse, error)

Run prompts the user to complete an MFA authentication challenge.

type MFAGoroutineResponse ¶

type MFAGoroutineResponse struct {
	Resp *proto.MFAAuthenticateResponse
	Err  error
}

MFAGoroutineResponse is an MFA goroutine response.

type PromptConfig ¶

type PromptConfig struct {
	mfa.PromptConfig
	// ProxyAddress is the address of the authenticating proxy. required.
	ProxyAddress string
	// WebauthnLoginFunc performs client-side Webauthn login.
	WebauthnLoginFunc func(ctx context.Context, origin string, assertion *wantypes.CredentialAssertion, prompt wancli.LoginPrompt, opts *wancli.LoginOpts) (*proto.MFAAuthenticateResponse, string, error)
	// AllowStdinHijack allows stdin hijack during MFA prompts.
	// Stdin hijack provides a better login UX, but it can be difficult to reason
	// about and is often a source of bugs.
	// Do not set this options unless you deeply understand what you are doing.
	// If false then only the strongest auth method is prompted.
	AllowStdinHijack bool
	// AuthenticatorAttachment specifies the desired authenticator attachment.
	AuthenticatorAttachment wancli.AuthenticatorAttachment
	// PreferOTP favors OTP challenges, if applicable.
	// Takes precedence over AuthenticatorAttachment settings.
	PreferOTP bool
	// WebauthnSupported indicates whether Webauthn is supported.
	WebauthnSupported bool
}

PromptConfig contains common mfa prompt config options.

func NewPromptConfig ¶

func NewPromptConfig(proxyAddr string, opts ...mfa.PromptOpt) *PromptConfig

NewPromptConfig returns a prompt config that will induce default behavior.

func (PromptConfig) GetRunOptions ¶

func (c PromptConfig) GetRunOptions(ctx context.Context, chal *proto.MFAAuthenticateChallenge) (RunOpts, error)

GetRunOptions gets mfa prompt run options by cross referencing the mfa challenge with prompt configuration.

func (PromptConfig) GetWebauthnOrigin ¶

func (c PromptConfig) GetWebauthnOrigin() string

type RunOpts ¶

type RunOpts struct {
	PromptTOTP     bool
	PromptWebauthn bool
}

RunOpts are mfa prompt run options.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL