mfa

package
v1.13.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 21, 2023 License: MPL-2.0 Imports: 6 Imported by: 20

Documentation

Index

Constants

This section is empty.

Variables

View Source
var File_helper_identity_mfa_types_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type Config added in v1.1.1

type Config struct {

	// @inject_tag: sentinel:"-"
	Type string `protobuf:"bytes,1,opt,name=type,proto3" json:"type,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	ID string `protobuf:"bytes,3,opt,name=id,proto3" json:"id,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	MountAccessor string `protobuf:"bytes,4,opt,name=mount_accessor,json=mountAccessor,proto3" json:"mount_accessor,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	UsernameFormat string `protobuf:"bytes,5,opt,name=username_format,json=usernameFormat,proto3" json:"username_format,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	//
	// Types that are assignable to Config:
	//
	//	*Config_TOTPConfig
	//	*Config_OktaConfig
	//	*Config_DuoConfig
	//	*Config_PingIDConfig
	Config isConfig_Config `protobuf_oneof:"config" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	NamespaceID string `protobuf:"bytes,10,opt,name=namespace_id,json=namespaceID,proto3" json:"namespace_id,omitempty" sentinel:"-"`
	// contains filtered or unexported fields
}

Config represents the configuration information used *along with* the MFA secret tied to caller's identity, to verify the MFA credentials supplied. Configuration information differs by type. Handler of each type should know what to expect from the Config field.

func (*Config) Clone added in v1.1.1

func (c *Config) Clone() (*Config, error)

func (*Config) Descriptor deprecated added in v1.1.1

func (*Config) Descriptor() ([]byte, []int)

Deprecated: Use Config.ProtoReflect.Descriptor instead.

func (*Config) GetConfig added in v1.1.1

func (m *Config) GetConfig() isConfig_Config

func (*Config) GetDuoConfig added in v1.1.1

func (x *Config) GetDuoConfig() *DuoConfig

func (*Config) GetID added in v1.1.1

func (x *Config) GetID() string

func (*Config) GetMountAccessor added in v1.1.1

func (x *Config) GetMountAccessor() string

func (*Config) GetName added in v1.1.1

func (x *Config) GetName() string

func (*Config) GetNamespaceID added in v1.10.0

func (x *Config) GetNamespaceID() string

func (*Config) GetOktaConfig added in v1.1.1

func (x *Config) GetOktaConfig() *OktaConfig

func (*Config) GetPingIDConfig added in v1.1.1

func (x *Config) GetPingIDConfig() *PingIDConfig

func (*Config) GetTOTPConfig added in v1.1.1

func (x *Config) GetTOTPConfig() *TOTPConfig

func (*Config) GetType added in v1.1.1

func (x *Config) GetType() string

func (*Config) GetUsernameFormat added in v1.1.1

func (x *Config) GetUsernameFormat() string

func (*Config) ProtoMessage added in v1.1.1

func (*Config) ProtoMessage()

func (*Config) ProtoReflect added in v1.5.0

func (x *Config) ProtoReflect() protoreflect.Message

func (*Config) Reset added in v1.1.1

func (x *Config) Reset()

func (*Config) SentinelGet added in v1.1.1

func (c *Config) SentinelGet(key string) (interface{}, error)

func (*Config) SentinelKeys added in v1.1.1

func (c *Config) SentinelKeys() []string

func (*Config) String added in v1.1.1

func (x *Config) String() string

type Config_DuoConfig added in v1.1.1

type Config_DuoConfig struct {
	DuoConfig *DuoConfig `protobuf:"bytes,8,opt,name=duo_config,json=duoConfig,proto3,oneof"`
}

type Config_OktaConfig added in v1.1.1

type Config_OktaConfig struct {
	OktaConfig *OktaConfig `protobuf:"bytes,7,opt,name=okta_config,json=oktaConfig,proto3,oneof"`
}

type Config_PingIDConfig added in v1.1.1

type Config_PingIDConfig struct {
	PingIDConfig *PingIDConfig `protobuf:"bytes,9,opt,name=pingid_config,json=pingidConfig,proto3,oneof"`
}

type Config_TOTPConfig added in v1.1.1

type Config_TOTPConfig struct {
	TOTPConfig *TOTPConfig `protobuf:"bytes,6,opt,name=totp_config,json=totpConfig,proto3,oneof"`
}

type DuoConfig added in v1.1.1

type DuoConfig struct {

	// @inject_tag: sentinel:"-"
	IntegrationKey string `protobuf:"bytes,1,opt,name=integration_key,json=integrationKey,proto3" json:"integration_key,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	SecretKey string `protobuf:"bytes,2,opt,name=secret_key,json=secretKey,proto3" json:"secret_key,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	APIHostname string `protobuf:"bytes,3,opt,name=api_hostname,json=apiHostname,proto3" json:"api_hostname,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	PushInfo string `protobuf:"bytes,4,opt,name=push_info,json=pushInfo,proto3" json:"push_info,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	UsePasscode bool `protobuf:"varint,5,opt,name=use_passcode,json=usePasscode,proto3" json:"use_passcode,omitempty" sentinel:"-"`
	// contains filtered or unexported fields
}

DuoConfig represents the configuration information required to perform Duo authentication.

func (*DuoConfig) Descriptor deprecated added in v1.1.1

func (*DuoConfig) Descriptor() ([]byte, []int)

Deprecated: Use DuoConfig.ProtoReflect.Descriptor instead.

func (*DuoConfig) GetAPIHostname added in v1.1.1

func (x *DuoConfig) GetAPIHostname() string

func (*DuoConfig) GetIntegrationKey added in v1.1.1

func (x *DuoConfig) GetIntegrationKey() string

func (*DuoConfig) GetPushInfo added in v1.1.1

func (x *DuoConfig) GetPushInfo() string

func (*DuoConfig) GetSecretKey added in v1.1.1

func (x *DuoConfig) GetSecretKey() string

func (*DuoConfig) GetUsePasscode added in v1.10.0

func (x *DuoConfig) GetUsePasscode() bool

func (*DuoConfig) ProtoMessage added in v1.1.1

func (*DuoConfig) ProtoMessage()

func (*DuoConfig) ProtoReflect added in v1.5.0

func (x *DuoConfig) ProtoReflect() protoreflect.Message

func (*DuoConfig) Reset added in v1.1.1

func (x *DuoConfig) Reset()

func (*DuoConfig) String added in v1.1.1

func (x *DuoConfig) String() string

type MFAEnforcementConfig added in v1.10.0

type MFAEnforcementConfig struct {
	Name                string   `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	NamespaceID         string   `protobuf:"bytes,2,opt,name=namespace_id,json=namespaceID,proto3" json:"namespace_id,omitempty"`
	MFAMethodIDs        []string `protobuf:"bytes,3,rep,name=mfa_method_ids,json=mfaMethodIds,proto3" json:"mfa_method_ids,omitempty"`
	AuthMethodAccessors []string `protobuf:"bytes,4,rep,name=auth_method_accessors,json=authMethodAccessors,proto3" json:"auth_method_accessors,omitempty"`
	AuthMethodTypes     []string `protobuf:"bytes,5,rep,name=auth_method_types,json=authMethodTypes,proto3" json:"auth_method_types,omitempty"`
	IdentityGroupIds    []string `protobuf:"bytes,6,rep,name=identity_group_ids,json=identityGroupIds,proto3" json:"identity_group_ids,omitempty"`
	IdentityEntityIDs   []string `protobuf:"bytes,7,rep,name=identity_entity_ids,json=identityEntityIds,proto3" json:"identity_entity_ids,omitempty"`
	ID                  string   `protobuf:"bytes,8,opt,name=id,proto3" json:"id,omitempty"`
	// contains filtered or unexported fields
}

MFAEnforcementConfig is what the user provides to the mfa/login_enforcement endpoint.

func (*MFAEnforcementConfig) Clone added in v1.10.0

func (*MFAEnforcementConfig) Descriptor deprecated added in v1.10.0

func (*MFAEnforcementConfig) Descriptor() ([]byte, []int)

Deprecated: Use MFAEnforcementConfig.ProtoReflect.Descriptor instead.

func (*MFAEnforcementConfig) GetAuthMethodAccessors added in v1.10.0

func (x *MFAEnforcementConfig) GetAuthMethodAccessors() []string

func (*MFAEnforcementConfig) GetAuthMethodTypes added in v1.10.0

func (x *MFAEnforcementConfig) GetAuthMethodTypes() []string

func (*MFAEnforcementConfig) GetID added in v1.10.0

func (x *MFAEnforcementConfig) GetID() string

func (*MFAEnforcementConfig) GetIdentityEntityIDs added in v1.10.0

func (x *MFAEnforcementConfig) GetIdentityEntityIDs() []string

func (*MFAEnforcementConfig) GetIdentityGroupIds added in v1.10.0

func (x *MFAEnforcementConfig) GetIdentityGroupIds() []string

func (*MFAEnforcementConfig) GetMFAMethodIDs added in v1.10.0

func (x *MFAEnforcementConfig) GetMFAMethodIDs() []string

func (*MFAEnforcementConfig) GetName added in v1.10.0

func (x *MFAEnforcementConfig) GetName() string

func (*MFAEnforcementConfig) GetNamespaceID added in v1.10.0

func (x *MFAEnforcementConfig) GetNamespaceID() string

func (*MFAEnforcementConfig) ProtoMessage added in v1.10.0

func (*MFAEnforcementConfig) ProtoMessage()

func (*MFAEnforcementConfig) ProtoReflect added in v1.10.0

func (x *MFAEnforcementConfig) ProtoReflect() protoreflect.Message

func (*MFAEnforcementConfig) Reset added in v1.10.0

func (x *MFAEnforcementConfig) Reset()

func (*MFAEnforcementConfig) String added in v1.10.0

func (x *MFAEnforcementConfig) String() string

type OktaConfig added in v1.1.1

type OktaConfig struct {

	// @inject_tag: sentinel:"-"
	OrgName string `protobuf:"bytes,1,opt,name=org_name,json=orgName,proto3" json:"org_name,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	APIToken string `protobuf:"bytes,2,opt,name=api_token,json=apiToken,proto3" json:"api_token,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	Production bool `protobuf:"varint,3,opt,name=production,proto3" json:"production,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	BaseURL string `protobuf:"bytes,4,opt,name=base_url,json=baseUrl,proto3" json:"base_url,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	PrimaryEmail bool `protobuf:"varint,5,opt,name=primary_email,json=primaryEmail,proto3" json:"primary_email,omitempty" sentinel:"-"`
	// contains filtered or unexported fields
}

OktaConfig contains Okta configuration parameters required to perform Okta authentication.

func (*OktaConfig) Descriptor deprecated added in v1.1.1

func (*OktaConfig) Descriptor() ([]byte, []int)

Deprecated: Use OktaConfig.ProtoReflect.Descriptor instead.

func (*OktaConfig) GetAPIToken added in v1.1.1

func (x *OktaConfig) GetAPIToken() string

func (*OktaConfig) GetBaseURL added in v1.1.1

func (x *OktaConfig) GetBaseURL() string

func (*OktaConfig) GetOrgName added in v1.1.1

func (x *OktaConfig) GetOrgName() string

func (*OktaConfig) GetPrimaryEmail added in v1.1.1

func (x *OktaConfig) GetPrimaryEmail() bool

func (*OktaConfig) GetProduction added in v1.1.1

func (x *OktaConfig) GetProduction() bool

func (*OktaConfig) ProtoMessage added in v1.1.1

func (*OktaConfig) ProtoMessage()

func (*OktaConfig) ProtoReflect added in v1.5.0

func (x *OktaConfig) ProtoReflect() protoreflect.Message

func (*OktaConfig) Reset added in v1.1.1

func (x *OktaConfig) Reset()

func (*OktaConfig) String added in v1.1.1

func (x *OktaConfig) String() string

type PingIDConfig added in v1.1.1

type PingIDConfig struct {

	// @inject_tag: sentinel:"-"
	UseBase64Key string `protobuf:"bytes,1,opt,name=use_base64_key,json=useBase64Key,proto3" json:"use_base64_key,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	UseSignature bool `protobuf:"varint,2,opt,name=use_signature,json=useSignature,proto3" json:"use_signature,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	Token string `protobuf:"bytes,3,opt,name=token,proto3" json:"token,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	IDPURL string `protobuf:"bytes,4,opt,name=idp_url,json=idpUrl,proto3" json:"idp_url,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	OrgAlias string `protobuf:"bytes,5,opt,name=org_alias,json=orgAlias,proto3" json:"org_alias,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	AdminURL string `protobuf:"bytes,6,opt,name=admin_url,json=adminUrl,proto3" json:"admin_url,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	AuthenticatorURL string `protobuf:"bytes,7,opt,name=authenticator_url,json=authenticatorUrl,proto3" json:"authenticator_url,omitempty" sentinel:"-"`
	// contains filtered or unexported fields
}

PingIDConfig contains PingID configuration information

func (*PingIDConfig) Descriptor deprecated added in v1.1.1

func (*PingIDConfig) Descriptor() ([]byte, []int)

Deprecated: Use PingIDConfig.ProtoReflect.Descriptor instead.

func (*PingIDConfig) GetAdminURL added in v1.1.1

func (x *PingIDConfig) GetAdminURL() string

func (*PingIDConfig) GetAuthenticatorURL added in v1.1.1

func (x *PingIDConfig) GetAuthenticatorURL() string

func (*PingIDConfig) GetIDPURL added in v1.1.1

func (x *PingIDConfig) GetIDPURL() string

func (*PingIDConfig) GetOrgAlias added in v1.1.1

func (x *PingIDConfig) GetOrgAlias() string

func (*PingIDConfig) GetToken added in v1.1.1

func (x *PingIDConfig) GetToken() string

func (*PingIDConfig) GetUseBase64Key added in v1.1.1

func (x *PingIDConfig) GetUseBase64Key() string

func (*PingIDConfig) GetUseSignature added in v1.1.1

func (x *PingIDConfig) GetUseSignature() bool

func (*PingIDConfig) ProtoMessage added in v1.1.1

func (*PingIDConfig) ProtoMessage()

func (*PingIDConfig) ProtoReflect added in v1.5.0

func (x *PingIDConfig) ProtoReflect() protoreflect.Message

func (*PingIDConfig) Reset added in v1.1.1

func (x *PingIDConfig) Reset()

func (*PingIDConfig) String added in v1.1.1

func (x *PingIDConfig) String() string

type Secret

type Secret struct {

	// @inject_tag: sentinel:"-"
	MethodName string `protobuf:"bytes,1,opt,name=method_name,json=methodName,proto3" json:"method_name,omitempty" sentinel:"-"`
	// Types that are assignable to Value:
	//
	//	*Secret_TOTPSecret
	Value isSecret_Value `protobuf_oneof:"value"`
	// contains filtered or unexported fields
}

Secret represents all the types of secrets which the entity can hold. Each MFA type should add a secret type to the oneof block in this message.

func (*Secret) Descriptor deprecated

func (*Secret) Descriptor() ([]byte, []int)

Deprecated: Use Secret.ProtoReflect.Descriptor instead.

func (*Secret) GetMethodName added in v1.1.1

func (x *Secret) GetMethodName() string

func (*Secret) GetTOTPSecret added in v1.1.1

func (x *Secret) GetTOTPSecret() *TOTPSecret

func (*Secret) GetValue added in v1.1.1

func (m *Secret) GetValue() isSecret_Value

func (*Secret) ProtoMessage

func (*Secret) ProtoMessage()

func (*Secret) ProtoReflect added in v1.5.0

func (x *Secret) ProtoReflect() protoreflect.Message

func (*Secret) Reset

func (x *Secret) Reset()

func (*Secret) String

func (x *Secret) String() string

type Secret_TOTPSecret added in v1.1.1

type Secret_TOTPSecret struct {
	// @inject_tag: sentinel:"-"
	TOTPSecret *TOTPSecret `protobuf:"bytes,2,opt,name=totp_secret,json=totpSecret,proto3,oneof" sentinel:"-"`
}

type TOTPConfig added in v1.1.1

type TOTPConfig struct {

	// @inject_tag: sentinel:"-"
	Issuer string `protobuf:"bytes,1,opt,name=issuer,proto3" json:"issuer,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	Period uint32 `protobuf:"varint,2,opt,name=period,proto3" json:"period,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	Algorithm int32 `protobuf:"varint,3,opt,name=algorithm,proto3" json:"algorithm,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	Digits int32 `protobuf:"varint,4,opt,name=digits,proto3" json:"digits,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	Skew uint32 `protobuf:"varint,5,opt,name=skew,proto3" json:"skew,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	KeySize uint32 `protobuf:"varint,6,opt,name=key_size,json=keySize,proto3" json:"key_size,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	QRSize int32 `protobuf:"varint,7,opt,name=qr_size,json=qrSize,proto3" json:"qr_size,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	MaxValidationAttempts uint32 `` /* 140-byte string literal not displayed */
	// contains filtered or unexported fields
}

TOTPConfig represents the configuration information required to generate a TOTP key. The generated key will be stored in the entity along with these options. Validation of credentials supplied over the API will be validated by the information stored in the entity and not from the values in the configuration.

func (*TOTPConfig) Descriptor deprecated added in v1.1.1

func (*TOTPConfig) Descriptor() ([]byte, []int)

Deprecated: Use TOTPConfig.ProtoReflect.Descriptor instead.

func (*TOTPConfig) GetAlgorithm added in v1.1.1

func (x *TOTPConfig) GetAlgorithm() int32

func (*TOTPConfig) GetDigits added in v1.1.1

func (x *TOTPConfig) GetDigits() int32

func (*TOTPConfig) GetIssuer added in v1.1.1

func (x *TOTPConfig) GetIssuer() string

func (*TOTPConfig) GetKeySize added in v1.1.1

func (x *TOTPConfig) GetKeySize() uint32

func (*TOTPConfig) GetMaxValidationAttempts added in v1.10.1

func (x *TOTPConfig) GetMaxValidationAttempts() uint32

func (*TOTPConfig) GetPeriod added in v1.1.1

func (x *TOTPConfig) GetPeriod() uint32

func (*TOTPConfig) GetQRSize added in v1.1.1

func (x *TOTPConfig) GetQRSize() int32

func (*TOTPConfig) GetSkew added in v1.1.1

func (x *TOTPConfig) GetSkew() uint32

func (*TOTPConfig) ProtoMessage added in v1.1.1

func (*TOTPConfig) ProtoMessage()

func (*TOTPConfig) ProtoReflect added in v1.5.0

func (x *TOTPConfig) ProtoReflect() protoreflect.Message

func (*TOTPConfig) Reset added in v1.1.1

func (x *TOTPConfig) Reset()

func (*TOTPConfig) String added in v1.1.1

func (x *TOTPConfig) String() string

type TOTPSecret added in v1.1.1

type TOTPSecret struct {

	// @inject_tag: sentinel:"-"
	Issuer string `protobuf:"bytes,1,opt,name=issuer,proto3" json:"issuer,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	Period uint32 `protobuf:"varint,2,opt,name=period,proto3" json:"period,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	Algorithm int32 `protobuf:"varint,3,opt,name=algorithm,proto3" json:"algorithm,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	Digits int32 `protobuf:"varint,4,opt,name=digits,proto3" json:"digits,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	Skew uint32 `protobuf:"varint,5,opt,name=skew,proto3" json:"skew,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	KeySize uint32 `protobuf:"varint,6,opt,name=key_size,json=keySize,proto3" json:"key_size,omitempty" sentinel:"-"`
	// reserving 7 here just to keep parity with the config message above
	// @inject_tag: sentinel:"-"
	AccountName string `protobuf:"bytes,8,opt,name=account_name,json=accountName,proto3" json:"account_name,omitempty" sentinel:"-"`
	// @inject_tag: sentinel:"-"
	Key string `protobuf:"bytes,9,opt,name=key,proto3" json:"key,omitempty" sentinel:"-"`
	// contains filtered or unexported fields
}

TOTPSecret represents the secret that gets stored in the entity about a particular MFA method. This information is used to validate the MFA credential supplied over the API during request time.

func (*TOTPSecret) Descriptor deprecated added in v1.1.1

func (*TOTPSecret) Descriptor() ([]byte, []int)

Deprecated: Use TOTPSecret.ProtoReflect.Descriptor instead.

func (*TOTPSecret) GetAccountName added in v1.1.1

func (x *TOTPSecret) GetAccountName() string

func (*TOTPSecret) GetAlgorithm added in v1.1.1

func (x *TOTPSecret) GetAlgorithm() int32

func (*TOTPSecret) GetDigits added in v1.1.1

func (x *TOTPSecret) GetDigits() int32

func (*TOTPSecret) GetIssuer added in v1.1.1

func (x *TOTPSecret) GetIssuer() string

func (*TOTPSecret) GetKey added in v1.1.1

func (x *TOTPSecret) GetKey() string

func (*TOTPSecret) GetKeySize added in v1.1.1

func (x *TOTPSecret) GetKeySize() uint32

func (*TOTPSecret) GetPeriod added in v1.1.1

func (x *TOTPSecret) GetPeriod() uint32

func (*TOTPSecret) GetSkew added in v1.1.1

func (x *TOTPSecret) GetSkew() uint32

func (*TOTPSecret) ProtoMessage added in v1.1.1

func (*TOTPSecret) ProtoMessage()

func (*TOTPSecret) ProtoReflect added in v1.5.0

func (x *TOTPSecret) ProtoReflect() protoreflect.Message

func (*TOTPSecret) Reset added in v1.1.1

func (x *TOTPSecret) Reset()

func (*TOTPSecret) String added in v1.1.1

func (x *TOTPSecret) String() string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL