passwords

package
v15.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 1, 2024 License: MIT Imports: 4 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AuthenticateParams

type AuthenticateParams struct {
	// OrganizationID: Globally unique UUID that identifies a specific Organization. The `organization_id` is
	// critical to perform operations on an Organization, so be sure to preserve this value.
	OrganizationID string `json:"organization_id,omitempty"`
	// EmailAddress: The email address of the Member.
	EmailAddress string `json:"email_address,omitempty"`
	// Password: The password to authenticate, reset, or set for the first time. Any UTF8 character is allowed,
	// e.g. spaces, emojis, non-English characers, etc.
	Password string `json:"password,omitempty"`
	// SessionToken: A secret token for a given Stytch Session.
	SessionToken string `json:"session_token,omitempty"`
	// SessionDurationMinutes: Set the session lifetime to be this many minutes from now. This will start a new
	// session if one doesn't already exist,
	//   returning both an opaque `session_token` and `session_jwt` for this session. Remember that the
	// `session_jwt` will have a fixed lifetime of
	//   five minutes regardless of the underlying session duration, and will need to be refreshed over time.
	//
	//   This value must be a minimum of 5 and a maximum of 527040 minutes (366 days).
	//
	//   If a `session_token` or `session_jwt` is provided then a successful authentication will continue to
	// extend the session this many minutes.
	//
	//   If the `session_duration_minutes` parameter is not specified, a Stytch session will be created with a
	// 60 minute duration. If you don't want
	//   to use the Stytch session product, you can ignore the session fields in the response.
	SessionDurationMinutes int32 `json:"session_duration_minutes,omitempty"`
	// SessionJWT: The JSON Web Token (JWT) for a given Stytch Session.
	SessionJWT string `json:"session_jwt,omitempty"`
	// SessionCustomClaims: Add a custom claims map to the Session being authenticated. Claims are only created
	// if a Session is initialized by providing a value in
	//   `session_duration_minutes`. Claims will be included on the Session object and in the JWT. To update a
	// key in an existing Session, supply a new value. To
	//   delete a key, supply a null value. Custom claims made with reserved claims (`iss`, `sub`, `aud`,
	// `exp`, `nbf`, `iat`, `jti`) will be ignored.
	//   Total custom claims size cannot exceed four kilobytes.
	SessionCustomClaims map[string]any `json:"session_custom_claims,omitempty"`
	// Locale: If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint
	// will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will
	// be used to determine which language to use when sending the passcode.
	//
	// Parameter is a [IETF BCP 47 language tag](https://www.w3.org/International/articles/language-tags/),
	// e.g. `"en"`.
	//
	// Currently supported languages are English (`"en"`), Spanish (`"es"`), and Brazilian Portuguese
	// (`"pt-br"`); if no value is provided, the copy defaults to English.
	//
	// Request support for additional languages
	// [here](https://docs.google.com/forms/d/e/1FAIpQLScZSpAu_m2AmLXRT3F3kap-s_mcV6UTBitYn6CdyWP0-o7YjQ/viewform?usp=sf_link")!
	//
	Locale AuthenticateRequestLocale `json:"locale,omitempty"`
	// IntermediateSessionToken: Adds this primary authentication factor to the intermediate session token. If
	// the resulting set of factors satisfies the organization's primary authentication requirements and MFA
	// requirements, the intermediate session token will be consumed and converted to a member session. If not,
	// the same intermediate session token will be returned.
	IntermediateSessionToken string `json:"intermediate_session_token,omitempty"`
}

AuthenticateParams: Request type for `Passwords.Authenticate`.

type AuthenticateRequestLocale

type AuthenticateRequestLocale string
const (
	AuthenticateRequestLocaleEn   AuthenticateRequestLocale = "en"
	AuthenticateRequestLocaleEs   AuthenticateRequestLocale = "es"
	AuthenticateRequestLocalePtbr AuthenticateRequestLocale = "pt-br"
)

type AuthenticateResponse

type AuthenticateResponse struct {
	// RequestID: Globally unique UUID that is returned with every API call. This value is important to log for
	// debugging purposes; we may ask for this value to help identify a specific API call when helping you
	// debug an issue.
	RequestID string `json:"request_id,omitempty"`
	// MemberID: Globally unique UUID that identifies a specific Member.
	MemberID string `json:"member_id,omitempty"`
	// OrganizationID: Globally unique UUID that identifies a specific Organization. The `organization_id` is
	// critical to perform operations on an Organization, so be sure to preserve this value.
	OrganizationID string `json:"organization_id,omitempty"`
	// Member: The [Member object](https://stytch.com/docs/b2b/api/member-object)
	Member organizations.Member `json:"member,omitempty"`
	// SessionToken: A secret token for a given Stytch Session.
	SessionToken string `json:"session_token,omitempty"`
	// SessionJWT: The JSON Web Token (JWT) for a given Stytch Session.
	SessionJWT string `json:"session_jwt,omitempty"`
	// Organization: The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
	Organization organizations.Organization `json:"organization,omitempty"`
	// IntermediateSessionToken: The returned Intermediate Session Token contains a password factor associated
	// with the Member. If this value is non-empty, the member must complete an MFA step to finish logging in
	// to the Organization. The token can be used with the
	// [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms),
	// [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or
	// [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an
	// MFA flow and log in to the Organization. Password factors are not transferable between Organizations, so
	// the intermediate session token is not valid for use with discovery endpoints.
	IntermediateSessionToken string `json:"intermediate_session_token,omitempty"`
	// MemberAuthenticated: Indicates whether the Member is fully authenticated. If false, the Member needs to
	// complete an MFA step to log in to the Organization.
	MemberAuthenticated bool `json:"member_authenticated,omitempty"`
	// StatusCode: The HTTP status code of the response. Stytch follows standard HTTP response status code
	// patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX
	// are server errors.
	StatusCode int32 `json:"status_code,omitempty"`
	// MemberSession: The [Session object](https://stytch.com/docs/b2b/api/session-object).
	MemberSession *sessions.MemberSession `json:"member_session,omitempty"`
	// MFARequired: Information about the MFA requirements of the Organization and the Member's options for
	// fulfilling MFA.
	MFARequired *mfa.MfaRequired `json:"mfa_required,omitempty"`
}

AuthenticateResponse: Response type for `Passwords.Authenticate`.

type LudsFeedback

type LudsFeedback struct {
	// HasLowerCase: For LUDS validation, whether the password contains at least one lowercase letter.
	HasLowerCase bool `json:"has_lower_case,omitempty"`
	// HasUpperCase: For LUDS validation, whether the password contains at least one uppercase letter.
	HasUpperCase bool `json:"has_upper_case,omitempty"`
	// HasDigit: For LUDS validation, whether the password contains at least one digit.
	HasDigit bool `json:"has_digit,omitempty"`
	// HasSymbol: For LUDS validation, whether the password contains at least one symbol. Any UTF8 character
	// outside of a-z or A-Z may count as a valid symbol.
	HasSymbol bool `json:"has_symbol,omitempty"`
	// MissingComplexity: For LUDS validation, the number of complexity requirements that are missing from the
	// password.
	//       Check the complexity fields to see which requirements are missing.
	MissingComplexity int32 `json:"missing_complexity,omitempty"`
	// MissingCharacters: For LUDS validation, this is the required length of the password that you've set
	// minus the length of the password being checked.
	//       The user will need to add this many characters to the password to make it valid.
	MissingCharacters int32 `json:"missing_characters,omitempty"`
}

LudsFeedback:

type MigrateParams

type MigrateParams struct {
	// EmailAddress: The email address of the Member.
	EmailAddress string `json:"email_address,omitempty"`
	// Hash: The password hash. For a Scrypt or PBKDF2 hash, the hash needs to be a base64 encoded string.
	Hash string `json:"hash,omitempty"`
	// HashType: The password hash used. Currently `bcrypt`, `scrypt`, `argon2i`, `argon2id`, `md_5`, `sha_1`,
	// and `pbkdf_2` are supported.
	HashType MigrateRequestHashType `json:"hash_type,omitempty"`
	// OrganizationID: Globally unique UUID that identifies a specific Organization. The `organization_id` is
	// critical to perform operations on an Organization, so be sure to preserve this value.
	OrganizationID string `json:"organization_id,omitempty"`
	// Md5Config: Optional parameters for MD-5 hash types.
	Md5Config *passwords.MD5Config `json:"md_5_config,omitempty"`
	// Argon2Config: Required parameters if the argon2 hex form, as opposed to the encoded form, is supplied.
	Argon2Config *passwords.Argon2Config `json:"argon_2_config,omitempty"`
	// Sha1Config: Optional parameters for SHA-1 hash types.
	Sha1Config *passwords.SHA1Config `json:"sha_1_config,omitempty"`
	// ScryptConfig: Required parameters if the scrypt is not provided in a **PHC encoded form**.
	ScryptConfig *passwords.ScryptConfig `json:"scrypt_config,omitempty"`
	// Pbkdf2Config: Required additional parameters for PBKDF2 hash keys. Note that we use the SHA-256 by
	// default, please contact [support@stytch.com](mailto:support@stytch.com) if you use another hashing
	// function.
	Pbkdf2Config *passwords.PBKDF2Config `json:"pbkdf_2_config,omitempty"`
	// Name: The name of the Member. Each field in the name object is optional.
	Name string `json:"name,omitempty"`
	// TrustedMetadata: An arbitrary JSON object for storing application-specific data or
	// identity-provider-specific data.
	TrustedMetadata map[string]any `json:"trusted_metadata,omitempty"`
	// UntrustedMetadata: An arbitrary JSON object of application-specific data. These fields can be edited
	// directly by the
	//   frontend SDK, and should not be used to store critical information. See the
	// [Metadata resource](https://stytch.com/docs/b2b/api/metadata)
	//   for complete field behavior details.
	UntrustedMetadata map[string]any `json:"untrusted_metadata,omitempty"`
	// Roles to explicitly assign to this Member.
	//  Will completely replace any existing explicitly assigned roles. See the
	//  [RBAC guide](https://stytch.com/docs/b2b/guides/rbac/role-assignment) for more information about role
	// assignment.
	//
	//    If a Role is removed from a Member, and the Member is also implicitly assigned this Role from an SSO
	// connection
	//    or an SSO group, we will by default revoke any existing sessions for the Member that contain any SSO
	//    authentication factors with the affected connection ID. You can preserve these sessions by passing in
	// the
	//    `preserve_existing_sessions` parameter with a value of `true`.
	Roles []string `json:"roles,omitempty"`
	// PreserveExistingSessions: Whether to preserve existing sessions when explicit Roles that are revoked are
	// also implicitly assigned
	//   by SSO connection or SSO group. Defaults to `false` - that is, existing Member Sessions that contain
	// SSO
	//   authentication factors with the affected SSO connection IDs will be revoked.
	PreserveExistingSessions bool `json:"preserve_existing_sessions,omitempty"`
}

MigrateParams: Request type for `Passwords.Migrate`.

type MigrateRequestHashType

type MigrateRequestHashType string
const (
	MigrateRequestHashTypeBcrypt   MigrateRequestHashType = "bcrypt"
	MigrateRequestHashTypeMd5      MigrateRequestHashType = "md_5"
	MigrateRequestHashTypeArgon2i  MigrateRequestHashType = "argon_2i"
	MigrateRequestHashTypeArgon2id MigrateRequestHashType = "argon_2id"
	MigrateRequestHashTypeSha1     MigrateRequestHashType = "sha_1"
	MigrateRequestHashTypeScrypt   MigrateRequestHashType = "scrypt"
	MigrateRequestHashTypePhpass   MigrateRequestHashType = "phpass"
	MigrateRequestHashTypePbkdf2   MigrateRequestHashType = "pbkdf_2"
)

type MigrateResponse

type MigrateResponse struct {
	// RequestID: Globally unique UUID that is returned with every API call. This value is important to log for
	// debugging purposes; we may ask for this value to help identify a specific API call when helping you
	// debug an issue.
	RequestID string `json:"request_id,omitempty"`
	// MemberID: Globally unique UUID that identifies a specific Member.
	MemberID string `json:"member_id,omitempty"`
	// MemberCreated: A flag indicating `true` if a new Member object was created and `false` if the Member
	// object already existed.
	MemberCreated bool `json:"member_created,omitempty"`
	// Member: The [Member object](https://stytch.com/docs/b2b/api/member-object)
	Member organizations.Member `json:"member,omitempty"`
	// Organization: The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
	Organization organizations.Organization `json:"organization,omitempty"`
	// StatusCode: The HTTP status code of the response. Stytch follows standard HTTP response status code
	// patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX
	// are server errors.
	StatusCode int32 `json:"status_code,omitempty"`
}

MigrateResponse: Response type for `Passwords.Migrate`.

type StrengthCheckParams

type StrengthCheckParams struct {
	// Password: The password to authenticate, reset, or set for the first time. Any UTF8 character is allowed,
	// e.g. spaces, emojis, non-English characers, etc.
	Password string `json:"password,omitempty"`
	// EmailAddress: The email address of the Member.
	EmailAddress string `json:"email_address,omitempty"`
}

StrengthCheckParams: Request type for `Passwords.StrengthCheck`.

type StrengthCheckResponse

type StrengthCheckResponse struct {
	// RequestID: Globally unique UUID that is returned with every API call. This value is important to log for
	// debugging purposes; we may ask for this value to help identify a specific API call when helping you
	// debug an issue.
	RequestID string `json:"request_id,omitempty"`
	// ValidPassword: Returns `true` if the password passes our password validation. We offer two validation
	// options,
	//   [zxcvbn](https://stytch.com/docs/passwords#strength-requirements) is the default option which offers a
	// high level of sophistication.
	//   We also offer [LUDS](https://stytch.com/docs/passwords#strength-requirements). If an email address is
	// included in the call we also
	//   require that the password hasn't been compromised using built-in breach detection powered by
	// [HaveIBeenPwned](https://haveibeenpwned.com/)
	ValidPassword bool `json:"valid_password,omitempty"`
	// Score: The score of the password determined by [zxcvbn](https://github.com/dropbox/zxcvbn). Values will
	// be between 1 and 4, a 3 or greater is required to pass validation.
	Score int32 `json:"score,omitempty"`
	// BreachedPassword: Returns `true` if the password has been breached. Powered by
	// [HaveIBeenPwned](https://haveibeenpwned.com/).
	BreachedPassword bool `json:"breached_password,omitempty"`
	// StrengthPolicy: The strength policy type enforced, either `zxcvbn` or `luds`.
	StrengthPolicy string `json:"strength_policy,omitempty"`
	// BreachDetectionOnCreate: Will return `true` if breach detection will be evaluated. By default this
	// option is enabled.
	//   This option can be disabled by contacting
	// [support@stytch.com](mailto:support@stytch.com?subject=Password%20strength%20configuration).
	//   If this value is false then `breached_password` will always be `false` as well.
	BreachDetectionOnCreate bool `json:"breach_detection_on_create,omitempty"`
	// StatusCode: The HTTP status code of the response. Stytch follows standard HTTP response status code
	// patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX
	// are server errors.
	StatusCode int32 `json:"status_code,omitempty"`
	// LudsFeedback: Feedback for how to improve the password's strength using
	// [luds](https://stytch.com/docs/passwords#strength-requirements).
	LudsFeedback *LudsFeedback `json:"luds_feedback,omitempty"`
	// ZxcvbnFeedback: Feedback for how to improve the password's strength using
	// [zxcvbn](https://stytch.com/docs/passwords#strength-requirements).
	ZxcvbnFeedback *ZxcvbnFeedback `json:"zxcvbn_feedback,omitempty"`
}

StrengthCheckResponse: Response type for `Passwords.StrengthCheck`.

type ZxcvbnFeedback

type ZxcvbnFeedback struct {
	// Warning: For zxcvbn validation, contains an end user consumable warning if the password is valid but not
	// strong enough.
	Warning string `json:"warning,omitempty"`
	// Suggestions: For zxcvbn validation, contains end user consumable suggestions on how to improve the
	// strength of the password.
	Suggestions []string `json:"suggestions,omitempty"`
}

ZxcvbnFeedback:

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL