Documentation
¶
Index ¶
- Variables
- type ChallengeAllowReuse
- type ChallengeExtensions
- func (*ChallengeExtensions) Descriptor() ([]byte, []int)
- func (m *ChallengeExtensions) GetAllowReuse() ChallengeAllowReuse
- func (m *ChallengeExtensions) GetScope() ChallengeScope
- func (m *ChallengeExtensions) GetUserVerificationRequirement() string
- func (m *ChallengeExtensions) Marshal() (dAtA []byte, err error)
- func (m *ChallengeExtensions) MarshalTo(dAtA []byte) (int, error)
- func (m *ChallengeExtensions) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*ChallengeExtensions) ProtoMessage()
- func (m *ChallengeExtensions) Reset()
- func (m *ChallengeExtensions) Size() (n int)
- func (m *ChallengeExtensions) String() string
- func (m *ChallengeExtensions) Unmarshal(dAtA []byte) error
- func (m *ChallengeExtensions) XXX_DiscardUnknown()
- func (m *ChallengeExtensions) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *ChallengeExtensions) XXX_Merge(src proto.Message)
- func (m *ChallengeExtensions) XXX_Size() int
- func (m *ChallengeExtensions) XXX_Unmarshal(b []byte) error
- type ChallengeScope
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ErrInvalidLengthMfa = fmt.Errorf("proto: negative length found during unmarshaling") ErrIntOverflowMfa = fmt.Errorf("proto: integer overflow") ErrUnexpectedEndOfGroupMfa = fmt.Errorf("proto: unexpected end of group") )
View Source
var ChallengeAllowReuse_name = map[int32]string{
0: "CHALLENGE_ALLOW_REUSE_UNSPECIFIED",
1: "CHALLENGE_ALLOW_REUSE_YES",
2: "CHALLENGE_ALLOW_REUSE_NO",
}
View Source
var ChallengeAllowReuse_value = map[string]int32{
"CHALLENGE_ALLOW_REUSE_UNSPECIFIED": 0,
"CHALLENGE_ALLOW_REUSE_YES": 1,
"CHALLENGE_ALLOW_REUSE_NO": 2,
}
View Source
var ChallengeScope_name = map[int32]string{
0: "CHALLENGE_SCOPE_UNSPECIFIED",
1: "CHALLENGE_SCOPE_LOGIN",
2: "CHALLENGE_SCOPE_PASSWORDLESS_LOGIN",
3: "CHALLENGE_SCOPE_HEADLESS_LOGIN",
4: "CHALLENGE_SCOPE_MANAGE_DEVICES",
5: "CHALLENGE_SCOPE_ACCOUNT_RECOVERY",
6: "CHALLENGE_SCOPE_USER_SESSION",
7: "CHALLENGE_SCOPE_ADMIN_ACTION",
8: "CHALLENGE_SCOPE_CHANGE_PASSWORD",
}
View Source
var ChallengeScope_value = map[string]int32{
"CHALLENGE_SCOPE_UNSPECIFIED": 0,
"CHALLENGE_SCOPE_LOGIN": 1,
"CHALLENGE_SCOPE_PASSWORDLESS_LOGIN": 2,
"CHALLENGE_SCOPE_HEADLESS_LOGIN": 3,
"CHALLENGE_SCOPE_MANAGE_DEVICES": 4,
"CHALLENGE_SCOPE_ACCOUNT_RECOVERY": 5,
"CHALLENGE_SCOPE_USER_SESSION": 6,
"CHALLENGE_SCOPE_ADMIN_ACTION": 7,
"CHALLENGE_SCOPE_CHANGE_PASSWORD": 8,
}
Functions ¶
This section is empty.
Types ¶
type ChallengeAllowReuse ¶
type ChallengeAllowReuse int32
ChallengeAllowReuse determines whether an MFA challenge response can be used to authenticate the user more than once until the challenge expires.
Reuse is only permitted for specific actions by the discretion of the server. See the server implementation for details.
const ( // Reuse unspecified, treated as CHALLENGE_ALLOW_REUSE_NO. ChallengeAllowReuse_CHALLENGE_ALLOW_REUSE_UNSPECIFIED ChallengeAllowReuse = 0 // Reuse is permitted. ChallengeAllowReuse_CHALLENGE_ALLOW_REUSE_YES ChallengeAllowReuse = 1 // Reuse is not permitted. ChallengeAllowReuse_CHALLENGE_ALLOW_REUSE_NO ChallengeAllowReuse = 2 )
func (ChallengeAllowReuse) EnumDescriptor ¶
func (ChallengeAllowReuse) EnumDescriptor() ([]byte, []int)
func (ChallengeAllowReuse) String ¶
func (x ChallengeAllowReuse) String() string
type ChallengeExtensions ¶
type ChallengeExtensions struct {
// Scope is an authorization scope for this MFA challenge.
// Required.
Scope ChallengeScope `protobuf:"varint,1,opt,name=scope,proto3,enum=teleport.mfa.v1.ChallengeScope" json:"scope,omitempty"`
// AllowReuse determines whether the MFA challenge allows reuse.
// Defaults to CHALLENGE_ALLOW_REUSE_NO.
//
// Note that reuse is only permitted for specific actions by the discretion
// of the server. See the server implementation for details.
AllowReuse ChallengeAllowReuse `` /* 133-byte string literal not displayed */
// User verification requirement for the challenge.
//
// * https://www.w3.org/TR/webauthn-2/#enum-userVerificationRequirement.
// * https://pkg.go.dev/github.com/go-webauthn/webauthn/protocol#UserVerificationRequirement.
//
// Optional. Empty is equivalent to "discouraged".
UserVerificationRequirement string `` /* 144-byte string literal not displayed */
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
XXX_sizecache int32 `json:"-"`
}
ChallengeExtensions contains MFA challenge extensions used by Teleport during MFA authentication.
func (*ChallengeExtensions) Descriptor ¶
func (*ChallengeExtensions) Descriptor() ([]byte, []int)
func (*ChallengeExtensions) GetAllowReuse ¶
func (m *ChallengeExtensions) GetAllowReuse() ChallengeAllowReuse
func (*ChallengeExtensions) GetScope ¶
func (m *ChallengeExtensions) GetScope() ChallengeScope
func (*ChallengeExtensions) GetUserVerificationRequirement ¶
func (m *ChallengeExtensions) GetUserVerificationRequirement() string
func (*ChallengeExtensions) Marshal ¶
func (m *ChallengeExtensions) Marshal() (dAtA []byte, err error)
func (*ChallengeExtensions) MarshalTo ¶
func (m *ChallengeExtensions) MarshalTo(dAtA []byte) (int, error)
func (*ChallengeExtensions) MarshalToSizedBuffer ¶
func (m *ChallengeExtensions) MarshalToSizedBuffer(dAtA []byte) (int, error)
func (*ChallengeExtensions) ProtoMessage ¶
func (*ChallengeExtensions) ProtoMessage()
func (*ChallengeExtensions) Reset ¶
func (m *ChallengeExtensions) Reset()
func (*ChallengeExtensions) Size ¶
func (m *ChallengeExtensions) Size() (n int)
func (*ChallengeExtensions) String ¶
func (m *ChallengeExtensions) String() string
func (*ChallengeExtensions) Unmarshal ¶
func (m *ChallengeExtensions) Unmarshal(dAtA []byte) error
func (*ChallengeExtensions) XXX_DiscardUnknown ¶
func (m *ChallengeExtensions) XXX_DiscardUnknown()
func (*ChallengeExtensions) XXX_Marshal ¶
func (m *ChallengeExtensions) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*ChallengeExtensions) XXX_Merge ¶
func (m *ChallengeExtensions) XXX_Merge(src proto.Message)
func (*ChallengeExtensions) XXX_Size ¶
func (m *ChallengeExtensions) XXX_Size() int
func (*ChallengeExtensions) XXX_Unmarshal ¶
func (m *ChallengeExtensions) XXX_Unmarshal(b []byte) error
type ChallengeScope ¶
type ChallengeScope int32
ChallengeScope is a scope authorized by an MFA challenge resolution.
const ( // Scope unknown or not specified. ChallengeScope_CHALLENGE_SCOPE_UNSPECIFIED ChallengeScope = 0 // Standard webauthn login. ChallengeScope_CHALLENGE_SCOPE_LOGIN ChallengeScope = 1 // Passwordless webauthn login. ChallengeScope_CHALLENGE_SCOPE_PASSWORDLESS_LOGIN ChallengeScope = 2 // Headless login. ChallengeScope_CHALLENGE_SCOPE_HEADLESS_LOGIN ChallengeScope = 3 // MFA device management. ChallengeScope_CHALLENGE_SCOPE_MANAGE_DEVICES ChallengeScope = 4 // Account recovery. ChallengeScope_CHALLENGE_SCOPE_ACCOUNT_RECOVERY ChallengeScope = 5 // Used for per-session MFA and moderated session presence checks. ChallengeScope_CHALLENGE_SCOPE_USER_SESSION ChallengeScope = 6 // Used for various administrative actions, such as adding, updating, or // deleting administrative resources (users, roles, etc.). // // Note: this scope should not be used for new MFA capabilities that have // more precise scope. Instead, new scopes should be added. This scope may // also be split into multiple smaller scopes in the future. ChallengeScope_CHALLENGE_SCOPE_ADMIN_ACTION ChallengeScope = 7 // Used for changing user's password. ChallengeScope_CHALLENGE_SCOPE_CHANGE_PASSWORD ChallengeScope = 8 )
func (ChallengeScope) EnumDescriptor ¶
func (ChallengeScope) EnumDescriptor() ([]byte, []int)
func (ChallengeScope) String ¶
func (x ChallengeScope) String() string
Source Files
Click to show internal directories.
Click to hide internal directories.