mfa

package
v0.0.0-...-e8682ef Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 3, 2024 License: MPL-2.0 Imports: 6 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var File_helper_identity_mfa_types_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type Config

type Config struct {

	// @inject_tag: sentinel:"-"
	Type string `protobuf:"bytes,1,opt,name=type,proto3" json:"type,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	ID string `protobuf:"bytes,3,opt,name=id,proto3" json:"id,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	MountAccessor string `protobuf:"bytes,4,opt,name=mount_accessor,json=mountAccessor,proto3" json:"mount_accessor,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	UsernameFormat string `protobuf:"bytes,5,opt,name=username_format,json=usernameFormat,proto3" json:"username_format,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	//
	// Types that are assignable to Config:
	//
	//	*Config_TOTPConfig
	//	*Config_OktaConfig
	//	*Config_DuoConfig
	//	*Config_PingIDConfig
	Config isConfig_Config `protobuf_oneof:"config" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	NamespaceID string `protobuf:"bytes,10,opt,name=namespace_id,json=namespaceID,proto3" json:"namespace_id,omitempty" sentinel:"-"`
	// contains filtered or unexported fields
}

Config represents the configuration information used *along with* the MFA secret tied to caller's identity, to verify the MFA credentials supplied. Configuration information differs by type. Handler of each type should know what to expect from the Config field.

func (*Config) Clone

func (c *Config) Clone() (*Config, error)

func (*Config) Descriptor deprecated

func (*Config) Descriptor() ([]byte, []int)

Deprecated: Use Config.ProtoReflect.Descriptor instead.

func (*Config) GetConfig

func (m *Config) GetConfig() isConfig_Config

func (*Config) GetDuoConfig

func (x *Config) GetDuoConfig() *DuoConfig

func (*Config) GetID

func (x *Config) GetID() string

func (*Config) GetMountAccessor

func (x *Config) GetMountAccessor() string

func (*Config) GetName

func (x *Config) GetName() string

func (*Config) GetNamespaceID

func (x *Config) GetNamespaceID() string

func (*Config) GetOktaConfig

func (x *Config) GetOktaConfig() *OktaConfig

func (*Config) GetPingIDConfig

func (x *Config) GetPingIDConfig() *PingIDConfig

func (*Config) GetTOTPConfig

func (x *Config) GetTOTPConfig() *TOTPConfig

func (*Config) GetType

func (x *Config) GetType() string

func (*Config) GetUsernameFormat

func (x *Config) GetUsernameFormat() string

func (*Config) ProtoMessage

func (*Config) ProtoMessage()

func (*Config) ProtoReflect

func (x *Config) ProtoReflect() protoreflect.Message

func (*Config) Reset

func (x *Config) Reset()

func (*Config) SentinelGet

func (c *Config) SentinelGet(key string) (interface{}, error)

func (*Config) SentinelKeys

func (c *Config) SentinelKeys() []string

func (*Config) String

func (x *Config) String() string

type Config_DuoConfig

type Config_DuoConfig struct {
	DuoConfig *DuoConfig `protobuf:"bytes,8,opt,name=duo_config,json=duoConfig,proto3,oneof"`
}

type Config_OktaConfig

type Config_OktaConfig struct {
	OktaConfig *OktaConfig `protobuf:"bytes,7,opt,name=okta_config,json=oktaConfig,proto3,oneof"`
}

type Config_PingIDConfig

type Config_PingIDConfig struct {
	PingIDConfig *PingIDConfig `protobuf:"bytes,9,opt,name=pingid_config,json=pingidConfig,proto3,oneof"`
}

type Config_TOTPConfig

type Config_TOTPConfig struct {
	TOTPConfig *TOTPConfig `protobuf:"bytes,6,opt,name=totp_config,json=totpConfig,proto3,oneof"`
}

type DuoConfig

type DuoConfig struct {

	// @inject_tag: sentinel:"-"
	IntegrationKey string `protobuf:"bytes,1,opt,name=integration_key,json=integrationKey,proto3" json:"integration_key,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	SecretKey string `protobuf:"bytes,2,opt,name=secret_key,json=secretKey,proto3" json:"secret_key,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	APIHostname string `protobuf:"bytes,3,opt,name=api_hostname,json=apiHostname,proto3" json:"api_hostname,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	PushInfo string `protobuf:"bytes,4,opt,name=push_info,json=pushInfo,proto3" json:"push_info,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	UsePasscode bool `protobuf:"varint,5,opt,name=use_passcode,json=usePasscode,proto3" json:"use_passcode,omitempty" sentinel:"-"`
	// contains filtered or unexported fields
}

DuoConfig represents the configuration information required to perform Duo authentication.

func (*DuoConfig) Descriptor deprecated

func (*DuoConfig) Descriptor() ([]byte, []int)

Deprecated: Use DuoConfig.ProtoReflect.Descriptor instead.

func (*DuoConfig) GetAPIHostname

func (x *DuoConfig) GetAPIHostname() string

func (*DuoConfig) GetIntegrationKey

func (x *DuoConfig) GetIntegrationKey() string

func (*DuoConfig) GetPushInfo

func (x *DuoConfig) GetPushInfo() string

func (*DuoConfig) GetSecretKey

func (x *DuoConfig) GetSecretKey() string

func (*DuoConfig) GetUsePasscode

func (x *DuoConfig) GetUsePasscode() bool

func (*DuoConfig) ProtoMessage

func (*DuoConfig) ProtoMessage()

func (*DuoConfig) ProtoReflect

func (x *DuoConfig) ProtoReflect() protoreflect.Message

func (*DuoConfig) Reset

func (x *DuoConfig) Reset()

func (*DuoConfig) String

func (x *DuoConfig) String() string

type MFAEnforcementConfig

type MFAEnforcementConfig struct {
	Name                string   `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	NamespaceID         string   `protobuf:"bytes,2,opt,name=namespace_id,json=namespaceID,proto3" json:"namespace_id,omitempty"`
	MFAMethodIDs        []string `protobuf:"bytes,3,rep,name=mfa_method_ids,json=mfaMethodIds,proto3" json:"mfa_method_ids,omitempty"`
	AuthMethodAccessors []string `protobuf:"bytes,4,rep,name=auth_method_accessors,json=authMethodAccessors,proto3" json:"auth_method_accessors,omitempty"`
	AuthMethodTypes     []string `protobuf:"bytes,5,rep,name=auth_method_types,json=authMethodTypes,proto3" json:"auth_method_types,omitempty"`
	IdentityGroupIds    []string `protobuf:"bytes,6,rep,name=identity_group_ids,json=identityGroupIds,proto3" json:"identity_group_ids,omitempty"`
	IdentityEntityIDs   []string `protobuf:"bytes,7,rep,name=identity_entity_ids,json=identityEntityIds,proto3" json:"identity_entity_ids,omitempty"`
	ID                  string   `protobuf:"bytes,8,opt,name=id,proto3" json:"id,omitempty"`
	// contains filtered or unexported fields
}

MFAEnforcementConfig is what the user provides to the mfa/login_enforcement endpoint.

func (*MFAEnforcementConfig) Clone

func (*MFAEnforcementConfig) Descriptor deprecated

func (*MFAEnforcementConfig) Descriptor() ([]byte, []int)

Deprecated: Use MFAEnforcementConfig.ProtoReflect.Descriptor instead.

func (*MFAEnforcementConfig) GetAuthMethodAccessors

func (x *MFAEnforcementConfig) GetAuthMethodAccessors() []string

func (*MFAEnforcementConfig) GetAuthMethodTypes

func (x *MFAEnforcementConfig) GetAuthMethodTypes() []string

func (*MFAEnforcementConfig) GetID

func (x *MFAEnforcementConfig) GetID() string

func (*MFAEnforcementConfig) GetIdentityEntityIDs

func (x *MFAEnforcementConfig) GetIdentityEntityIDs() []string

func (*MFAEnforcementConfig) GetIdentityGroupIds

func (x *MFAEnforcementConfig) GetIdentityGroupIds() []string

func (*MFAEnforcementConfig) GetMFAMethodIDs

func (x *MFAEnforcementConfig) GetMFAMethodIDs() []string

func (*MFAEnforcementConfig) GetName

func (x *MFAEnforcementConfig) GetName() string

func (*MFAEnforcementConfig) GetNamespaceID

func (x *MFAEnforcementConfig) GetNamespaceID() string

func (*MFAEnforcementConfig) ProtoMessage

func (*MFAEnforcementConfig) ProtoMessage()

func (*MFAEnforcementConfig) ProtoReflect

func (x *MFAEnforcementConfig) ProtoReflect() protoreflect.Message

func (*MFAEnforcementConfig) Reset

func (x *MFAEnforcementConfig) Reset()

func (*MFAEnforcementConfig) String

func (x *MFAEnforcementConfig) String() string

type OktaConfig

type OktaConfig struct {

	// @inject_tag: sentinel:"-"
	OrgName string `protobuf:"bytes,1,opt,name=org_name,json=orgName,proto3" json:"org_name,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	APIToken string `protobuf:"bytes,2,opt,name=api_token,json=apiToken,proto3" json:"api_token,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	Production bool `protobuf:"varint,3,opt,name=production,proto3" json:"production,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	BaseURL string `protobuf:"bytes,4,opt,name=base_url,json=baseUrl,proto3" json:"base_url,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	PrimaryEmail bool `protobuf:"varint,5,opt,name=primary_email,json=primaryEmail,proto3" json:"primary_email,omitempty" sentinel:"-"`
	// contains filtered or unexported fields
}

OktaConfig contains Okta configuration parameters required to perform Okta authentication.

func (*OktaConfig) Descriptor deprecated

func (*OktaConfig) Descriptor() ([]byte, []int)

Deprecated: Use OktaConfig.ProtoReflect.Descriptor instead.

func (*OktaConfig) GetAPIToken

func (x *OktaConfig) GetAPIToken() string

func (*OktaConfig) GetBaseURL

func (x *OktaConfig) GetBaseURL() string

func (*OktaConfig) GetOrgName

func (x *OktaConfig) GetOrgName() string

func (*OktaConfig) GetPrimaryEmail

func (x *OktaConfig) GetPrimaryEmail() bool

func (*OktaConfig) GetProduction

func (x *OktaConfig) GetProduction() bool

func (*OktaConfig) ProtoMessage

func (*OktaConfig) ProtoMessage()

func (*OktaConfig) ProtoReflect

func (x *OktaConfig) ProtoReflect() protoreflect.Message

func (*OktaConfig) Reset

func (x *OktaConfig) Reset()

func (*OktaConfig) String

func (x *OktaConfig) String() string

type PingIDConfig

type PingIDConfig struct {

	// @inject_tag: sentinel:"-"
	UseBase64Key string `protobuf:"bytes,1,opt,name=use_base64_key,json=useBase64Key,proto3" json:"use_base64_key,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	UseSignature bool `protobuf:"varint,2,opt,name=use_signature,json=useSignature,proto3" json:"use_signature,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	Token string `protobuf:"bytes,3,opt,name=token,proto3" json:"token,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	IDPURL string `protobuf:"bytes,4,opt,name=idp_url,json=idpUrl,proto3" json:"idp_url,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	OrgAlias string `protobuf:"bytes,5,opt,name=org_alias,json=orgAlias,proto3" json:"org_alias,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	AdminURL string `protobuf:"bytes,6,opt,name=admin_url,json=adminUrl,proto3" json:"admin_url,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	AuthenticatorURL string `protobuf:"bytes,7,opt,name=authenticator_url,json=authenticatorUrl,proto3" json:"authenticator_url,omitempty" sentinel:"-"`
	// contains filtered or unexported fields
}

PingIDConfig contains PingID configuration information

func (*PingIDConfig) Descriptor deprecated

func (*PingIDConfig) Descriptor() ([]byte, []int)

Deprecated: Use PingIDConfig.ProtoReflect.Descriptor instead.

func (*PingIDConfig) GetAdminURL

func (x *PingIDConfig) GetAdminURL() string

func (*PingIDConfig) GetAuthenticatorURL

func (x *PingIDConfig) GetAuthenticatorURL() string

func (*PingIDConfig) GetIDPURL

func (x *PingIDConfig) GetIDPURL() string

func (*PingIDConfig) GetOrgAlias

func (x *PingIDConfig) GetOrgAlias() string

func (*PingIDConfig) GetToken

func (x *PingIDConfig) GetToken() string

func (*PingIDConfig) GetUseBase64Key

func (x *PingIDConfig) GetUseBase64Key() string

func (*PingIDConfig) GetUseSignature

func (x *PingIDConfig) GetUseSignature() bool

func (*PingIDConfig) ProtoMessage

func (*PingIDConfig) ProtoMessage()

func (*PingIDConfig) ProtoReflect

func (x *PingIDConfig) ProtoReflect() protoreflect.Message

func (*PingIDConfig) Reset

func (x *PingIDConfig) Reset()

func (*PingIDConfig) String

func (x *PingIDConfig) String() string

type Secret

type Secret struct {

	// @inject_tag: sentinel:"-"
	MethodName string `protobuf:"bytes,1,opt,name=method_name,json=methodName,proto3" json:"method_name,omitempty" sentinel:"-"`
	// Types that are assignable to Value:
	//
	//	*Secret_TOTPSecret
	Value isSecret_Value `protobuf_oneof:"value"`
	// contains filtered or unexported fields
}

Secret represents all the types of secrets which the entity can hold. Each MFA type should add a secret type to the oneof block in this message.

func (*Secret) Descriptor deprecated

func (*Secret) Descriptor() ([]byte, []int)

Deprecated: Use Secret.ProtoReflect.Descriptor instead.

func (*Secret) GetMethodName

func (x *Secret) GetMethodName() string

func (*Secret) GetTOTPSecret

func (x *Secret) GetTOTPSecret() *TOTPSecret

func (*Secret) GetValue

func (m *Secret) GetValue() isSecret_Value

func (*Secret) ProtoMessage

func (*Secret) ProtoMessage()

func (*Secret) ProtoReflect

func (x *Secret) ProtoReflect() protoreflect.Message

func (*Secret) Reset

func (x *Secret) Reset()

func (*Secret) String

func (x *Secret) String() string

type Secret_TOTPSecret

type Secret_TOTPSecret struct {
	// @inject_tag: sentinel:"-"
	TOTPSecret *TOTPSecret `protobuf:"bytes,2,opt,name=totp_secret,json=totpSecret,proto3,oneof" sentinel:"-"`
}

type TOTPConfig

type TOTPConfig struct {

	// @inject_tag: sentinel:"-"
	Issuer string `protobuf:"bytes,1,opt,name=issuer,proto3" json:"issuer,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	Period uint32 `protobuf:"varint,2,opt,name=period,proto3" json:"period,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	Algorithm int32 `protobuf:"varint,3,opt,name=algorithm,proto3" json:"algorithm,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	Digits int32 `protobuf:"varint,4,opt,name=digits,proto3" json:"digits,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	Skew uint32 `protobuf:"varint,5,opt,name=skew,proto3" json:"skew,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	KeySize uint32 `protobuf:"varint,6,opt,name=key_size,json=keySize,proto3" json:"key_size,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	QRSize int32 `protobuf:"varint,7,opt,name=qr_size,json=qrSize,proto3" json:"qr_size,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	MaxValidationAttempts uint32 `` /* 140-byte string literal not displayed */
	// contains filtered or unexported fields
}

TOTPConfig represents the configuration information required to generate a TOTP key. The generated key will be stored in the entity along with these options. Validation of credentials supplied over the API will be validated by the information stored in the entity and not from the values in the configuration.

func (*TOTPConfig) Descriptor deprecated

func (*TOTPConfig) Descriptor() ([]byte, []int)

Deprecated: Use TOTPConfig.ProtoReflect.Descriptor instead.

func (*TOTPConfig) GetAlgorithm

func (x *TOTPConfig) GetAlgorithm() int32

func (*TOTPConfig) GetDigits

func (x *TOTPConfig) GetDigits() int32

func (*TOTPConfig) GetIssuer

func (x *TOTPConfig) GetIssuer() string

func (*TOTPConfig) GetKeySize

func (x *TOTPConfig) GetKeySize() uint32

func (*TOTPConfig) GetMaxValidationAttempts

func (x *TOTPConfig) GetMaxValidationAttempts() uint32

func (*TOTPConfig) GetPeriod

func (x *TOTPConfig) GetPeriod() uint32

func (*TOTPConfig) GetQRSize

func (x *TOTPConfig) GetQRSize() int32

func (*TOTPConfig) GetSkew

func (x *TOTPConfig) GetSkew() uint32

func (*TOTPConfig) ProtoMessage

func (*TOTPConfig) ProtoMessage()

func (*TOTPConfig) ProtoReflect

func (x *TOTPConfig) ProtoReflect() protoreflect.Message

func (*TOTPConfig) Reset

func (x *TOTPConfig) Reset()

func (*TOTPConfig) String

func (x *TOTPConfig) String() string

type TOTPSecret

type TOTPSecret struct {

	// @inject_tag: sentinel:"-"
	Issuer string `protobuf:"bytes,1,opt,name=issuer,proto3" json:"issuer,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	Period uint32 `protobuf:"varint,2,opt,name=period,proto3" json:"period,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	Algorithm int32 `protobuf:"varint,3,opt,name=algorithm,proto3" json:"algorithm,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	Digits int32 `protobuf:"varint,4,opt,name=digits,proto3" json:"digits,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	Skew uint32 `protobuf:"varint,5,opt,name=skew,proto3" json:"skew,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	KeySize uint32 `protobuf:"varint,6,opt,name=key_size,json=keySize,proto3" json:"key_size,omitempty" sentinel:"-"`
	// reserving 7 here just to keep parity with the config message above
	// @inject_tag: sentinel:"-"
	AccountName string `protobuf:"bytes,8,opt,name=account_name,json=accountName,proto3" json:"account_name,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	Key string `protobuf:"bytes,9,opt,name=key,proto3" json:"key,omitempty" sentinel:"-"`
	// contains filtered or unexported fields
}

TOTPSecret represents the secret that gets stored in the entity about a particular MFA method. This information is used to validate the MFA credential supplied over the API during request time.

func (*TOTPSecret) Descriptor deprecated

func (*TOTPSecret) Descriptor() ([]byte, []int)

Deprecated: Use TOTPSecret.ProtoReflect.Descriptor instead.

func (*TOTPSecret) GetAccountName

func (x *TOTPSecret) GetAccountName() string

func (*TOTPSecret) GetAlgorithm

func (x *TOTPSecret) GetAlgorithm() int32

func (*TOTPSecret) GetDigits

func (x *TOTPSecret) GetDigits() int32

func (*TOTPSecret) GetIssuer

func (x *TOTPSecret) GetIssuer() string

func (*TOTPSecret) GetKey

func (x *TOTPSecret) GetKey() string

func (*TOTPSecret) GetKeySize

func (x *TOTPSecret) GetKeySize() uint32

func (*TOTPSecret) GetPeriod

func (x *TOTPSecret) GetPeriod() uint32

func (*TOTPSecret) GetSkew

func (x *TOTPSecret) GetSkew() uint32

func (*TOTPSecret) ProtoMessage

func (*TOTPSecret) ProtoMessage()

func (*TOTPSecret) ProtoReflect

func (x *TOTPSecret) ProtoReflect() protoreflect.Message

func (*TOTPSecret) Reset

func (x *TOTPSecret) Reset()

func (*TOTPSecret) String

func (x *TOTPSecret) String() string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL