vault: github.com/hashicorp/vault/helper/identity/mfa Index | Files

package mfa

import "github.com/hashicorp/vault/helper/identity/mfa"

Index

Package Files

mfa.go sentinel.go types.pb.go

type Config Uses

type Config struct {
    Type           string `sentinel:"" protobuf:"bytes,1,opt,name=type,proto3" json:"type,omitempty"`
    Name           string `sentinel:"" protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"`
    ID             string `sentinel:"" protobuf:"bytes,3,opt,name=id,proto3" json:"id,omitempty"`
    MountAccessor  string `sentinel:"" protobuf:"bytes,4,opt,name=mount_accessor,json=mountAccessor,proto3" json:"mount_accessor,omitempty"`
    UsernameFormat string `sentinel:"" protobuf:"bytes,5,opt,name=username_format,json=usernameFormat,proto3" json:"username_format,omitempty"`
    // Types that are valid to be assigned to Config:
    //	*Config_TOTPConfig
    //	*Config_OktaConfig
    //	*Config_DuoConfig
    //	*Config_PingIDConfig
    Config               isConfig_Config `protobuf_oneof:"config"`
    XXX_NoUnkeyedLiteral struct{}        `json:"-"`
    XXX_unrecognized     []byte          `json:"-"`
    XXX_sizecache        int32           `json:"-"`
}

Config represents the configuration information used *along with* the MFA secret tied to caller's identity, to verify the MFA credentials supplied. Configuration information differs by type. Handler of each type should know what to expect from the Config field.

func (*Config) Clone Uses

func (c *Config) Clone() (*Config, error)

func (*Config) Descriptor Uses

func (*Config) Descriptor() ([]byte, []int)

func (*Config) GetConfig Uses

func (m *Config) GetConfig() isConfig_Config

func (*Config) GetDuoConfig Uses

func (m *Config) GetDuoConfig() *DuoConfig

func (*Config) GetID Uses

func (m *Config) GetID() string

func (*Config) GetMountAccessor Uses

func (m *Config) GetMountAccessor() string

func (*Config) GetName Uses

func (m *Config) GetName() string

func (*Config) GetOktaConfig Uses

func (m *Config) GetOktaConfig() *OktaConfig

func (*Config) GetPingIDConfig Uses

func (m *Config) GetPingIDConfig() *PingIDConfig

func (*Config) GetTOTPConfig Uses

func (m *Config) GetTOTPConfig() *TOTPConfig

func (*Config) GetType Uses

func (m *Config) GetType() string

func (*Config) GetUsernameFormat Uses

func (m *Config) GetUsernameFormat() string

func (*Config) ProtoMessage Uses

func (*Config) ProtoMessage()

func (*Config) Reset Uses

func (m *Config) Reset()

func (*Config) SentinelGet Uses

func (c *Config) SentinelGet(key string) (interface{}, error)

func (*Config) SentinelKeys Uses

func (c *Config) SentinelKeys() []string

func (*Config) String Uses

func (m *Config) String() string

func (*Config) XXX_DiscardUnknown Uses

func (m *Config) XXX_DiscardUnknown()

func (*Config) XXX_Marshal Uses

func (m *Config) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Config) XXX_Merge Uses

func (m *Config) XXX_Merge(src proto.Message)

func (*Config) XXX_OneofWrappers Uses

func (*Config) XXX_OneofWrappers() []interface{}

XXX_OneofWrappers is for the internal use of the proto package.

func (*Config) XXX_Size Uses

func (m *Config) XXX_Size() int

func (*Config) XXX_Unmarshal Uses

func (m *Config) XXX_Unmarshal(b []byte) error

type Config_DuoConfig Uses

type Config_DuoConfig struct {
    DuoConfig *DuoConfig `sentinel:"" protobuf:"bytes,8,opt,name=duo_config,json=duoConfig,proto3,oneof"`
}

type Config_OktaConfig Uses

type Config_OktaConfig struct {
    OktaConfig *OktaConfig `sentinel:"" protobuf:"bytes,7,opt,name=okta_config,json=oktaConfig,proto3,oneof"`
}

type Config_PingIDConfig Uses

type Config_PingIDConfig struct {
    PingIDConfig *PingIDConfig `sentinel:"" protobuf:"bytes,9,opt,name=pingid_config,json=pingidConfig,proto3,oneof"`
}

type Config_TOTPConfig Uses

type Config_TOTPConfig struct {
    TOTPConfig *TOTPConfig `sentinel:"" protobuf:"bytes,6,opt,name=totp_config,json=totpConfig,proto3,oneof"`
}

type DuoConfig Uses

type DuoConfig struct {
    IntegrationKey       string   `sentinel:"" protobuf:"bytes,1,opt,name=integration_key,json=integrationKey,proto3" json:"integration_key,omitempty"`
    SecretKey            string   `sentinel:"" protobuf:"bytes,2,opt,name=secret_key,json=secretKey,proto3" json:"secret_key,omitempty"`
    APIHostname          string   `sentinel:"" protobuf:"bytes,3,opt,name=api_hostname,json=apiHostname,proto3" json:"api_hostname,omitempty"`
    PushInfo             string   `sentinel:"" protobuf:"bytes,4,opt,name=push_info,json=pushInfo,proto3" json:"push_info,omitempty"`
    XXX_NoUnkeyedLiteral struct{} `json:"-"`
    XXX_unrecognized     []byte   `json:"-"`
    XXX_sizecache        int32    `json:"-"`
}

DuoConfig represents the configuration information required to perform Duo authentication.

func (*DuoConfig) Descriptor Uses

func (*DuoConfig) Descriptor() ([]byte, []int)

func (*DuoConfig) GetAPIHostname Uses

func (m *DuoConfig) GetAPIHostname() string

func (*DuoConfig) GetIntegrationKey Uses

func (m *DuoConfig) GetIntegrationKey() string

func (*DuoConfig) GetPushInfo Uses

func (m *DuoConfig) GetPushInfo() string

func (*DuoConfig) GetSecretKey Uses

func (m *DuoConfig) GetSecretKey() string

func (*DuoConfig) ProtoMessage Uses

func (*DuoConfig) ProtoMessage()

func (*DuoConfig) Reset Uses

func (m *DuoConfig) Reset()

func (*DuoConfig) String Uses

func (m *DuoConfig) String() string

func (*DuoConfig) XXX_DiscardUnknown Uses

func (m *DuoConfig) XXX_DiscardUnknown()

func (*DuoConfig) XXX_Marshal Uses

func (m *DuoConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*DuoConfig) XXX_Merge Uses

func (m *DuoConfig) XXX_Merge(src proto.Message)

func (*DuoConfig) XXX_Size Uses

func (m *DuoConfig) XXX_Size() int

func (*DuoConfig) XXX_Unmarshal Uses

func (m *DuoConfig) XXX_Unmarshal(b []byte) error

type OktaConfig Uses

type OktaConfig struct {
    OrgName              string   `sentinel:"" protobuf:"bytes,1,opt,name=org_name,json=orgName,proto3" json:"org_name,omitempty"`
    APIToken             string   `sentinel:"" protobuf:"bytes,2,opt,name=api_token,json=apiToken,proto3" json:"api_token,omitempty"`
    Production           bool     `sentinel:"" protobuf:"varint,3,opt,name=production,proto3" json:"production,omitempty"`
    BaseURL              string   `sentinel:"" protobuf:"bytes,4,opt,name=base_url,json=baseUrl,proto3" json:"base_url,omitempty"`
    PrimaryEmail         bool     `sentinel:"" protobuf:"varint,5,opt,name=primary_email,json=primaryEmail,proto3" json:"primary_email,omitempty"`
    XXX_NoUnkeyedLiteral struct{} `json:"-"`
    XXX_unrecognized     []byte   `json:"-"`
    XXX_sizecache        int32    `json:"-"`
}

OktaConfig contains Okta configuration parameters required to perform Okta authentication.

func (*OktaConfig) Descriptor Uses

func (*OktaConfig) Descriptor() ([]byte, []int)

func (*OktaConfig) GetAPIToken Uses

func (m *OktaConfig) GetAPIToken() string

func (*OktaConfig) GetBaseURL Uses

func (m *OktaConfig) GetBaseURL() string

func (*OktaConfig) GetOrgName Uses

func (m *OktaConfig) GetOrgName() string

func (*OktaConfig) GetPrimaryEmail Uses

func (m *OktaConfig) GetPrimaryEmail() bool

func (*OktaConfig) GetProduction Uses

func (m *OktaConfig) GetProduction() bool

func (*OktaConfig) ProtoMessage Uses

func (*OktaConfig) ProtoMessage()

func (*OktaConfig) Reset Uses

func (m *OktaConfig) Reset()

func (*OktaConfig) String Uses

func (m *OktaConfig) String() string

func (*OktaConfig) XXX_DiscardUnknown Uses

func (m *OktaConfig) XXX_DiscardUnknown()

func (*OktaConfig) XXX_Marshal Uses

func (m *OktaConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*OktaConfig) XXX_Merge Uses

func (m *OktaConfig) XXX_Merge(src proto.Message)

func (*OktaConfig) XXX_Size Uses

func (m *OktaConfig) XXX_Size() int

func (*OktaConfig) XXX_Unmarshal Uses

func (m *OktaConfig) XXX_Unmarshal(b []byte) error

type PingIDConfig Uses

type PingIDConfig struct {
    UseBase64Key         string   `sentinel:"" protobuf:"bytes,1,opt,name=use_base64_key,json=useBase64Key,proto3" json:"use_base64_key,omitempty"`
    UseSignature         bool     `sentinel:"" protobuf:"varint,2,opt,name=use_signature,json=useSignature,proto3" json:"use_signature,omitempty"`
    Token                string   `sentinel:"" protobuf:"bytes,3,opt,name=token,proto3" json:"token,omitempty"`
    IDPURL               string   `sentinel:"" protobuf:"bytes,4,opt,name=idp_url,json=idpUrl,proto3" json:"idp_url,omitempty"`
    OrgAlias             string   `sentinel:"" protobuf:"bytes,5,opt,name=org_alias,json=orgAlias,proto3" json:"org_alias,omitempty"`
    AdminURL             string   `sentinel:"" protobuf:"bytes,6,opt,name=admin_url,json=adminUrl,proto3" json:"admin_url,omitempty"`
    AuthenticatorURL     string   `sentinel:"" protobuf:"bytes,7,opt,name=authenticator_url,json=authenticatorUrl,proto3" json:"authenticator_url,omitempty"`
    XXX_NoUnkeyedLiteral struct{} `json:"-"`
    XXX_unrecognized     []byte   `json:"-"`
    XXX_sizecache        int32    `json:"-"`
}

PingIDConfig contains PingID configuration information

func (*PingIDConfig) Descriptor Uses

func (*PingIDConfig) Descriptor() ([]byte, []int)

func (*PingIDConfig) GetAdminURL Uses

func (m *PingIDConfig) GetAdminURL() string

func (*PingIDConfig) GetAuthenticatorURL Uses

func (m *PingIDConfig) GetAuthenticatorURL() string

func (*PingIDConfig) GetIDPURL Uses

func (m *PingIDConfig) GetIDPURL() string

func (*PingIDConfig) GetOrgAlias Uses

func (m *PingIDConfig) GetOrgAlias() string

func (*PingIDConfig) GetToken Uses

func (m *PingIDConfig) GetToken() string

func (*PingIDConfig) GetUseBase64Key Uses

func (m *PingIDConfig) GetUseBase64Key() string

func (*PingIDConfig) GetUseSignature Uses

func (m *PingIDConfig) GetUseSignature() bool

func (*PingIDConfig) ProtoMessage Uses

func (*PingIDConfig) ProtoMessage()

func (*PingIDConfig) Reset Uses

func (m *PingIDConfig) Reset()

func (*PingIDConfig) String Uses

func (m *PingIDConfig) String() string

func (*PingIDConfig) XXX_DiscardUnknown Uses

func (m *PingIDConfig) XXX_DiscardUnknown()

func (*PingIDConfig) XXX_Marshal Uses

func (m *PingIDConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PingIDConfig) XXX_Merge Uses

func (m *PingIDConfig) XXX_Merge(src proto.Message)

func (*PingIDConfig) XXX_Size Uses

func (m *PingIDConfig) XXX_Size() int

func (*PingIDConfig) XXX_Unmarshal Uses

func (m *PingIDConfig) XXX_Unmarshal(b []byte) error

type Secret Uses

type Secret struct {
    MethodName string `sentinel:"" protobuf:"bytes,1,opt,name=method_name,json=methodName,proto3" json:"method_name,omitempty"`
    // Types that are valid to be assigned to Value:
    //	*Secret_TOTPSecret
    Value                isSecret_Value `protobuf_oneof:"value"`
    XXX_NoUnkeyedLiteral struct{}       `json:"-"`
    XXX_unrecognized     []byte         `json:"-"`
    XXX_sizecache        int32          `json:"-"`
}

Secret represents all the types of secrets which the entity can hold. Each MFA type should add a secret type to the oneof block in this message.

func (*Secret) Descriptor Uses

func (*Secret) Descriptor() ([]byte, []int)

func (*Secret) GetMethodName Uses

func (m *Secret) GetMethodName() string

func (*Secret) GetTOTPSecret Uses

func (m *Secret) GetTOTPSecret() *TOTPSecret

func (*Secret) GetValue Uses

func (m *Secret) GetValue() isSecret_Value

func (*Secret) ProtoMessage Uses

func (*Secret) ProtoMessage()

func (*Secret) Reset Uses

func (m *Secret) Reset()

func (*Secret) String Uses

func (m *Secret) String() string

func (*Secret) XXX_DiscardUnknown Uses

func (m *Secret) XXX_DiscardUnknown()

func (*Secret) XXX_Marshal Uses

func (m *Secret) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Secret) XXX_Merge Uses

func (m *Secret) XXX_Merge(src proto.Message)

func (*Secret) XXX_OneofWrappers Uses

func (*Secret) XXX_OneofWrappers() []interface{}

XXX_OneofWrappers is for the internal use of the proto package.

func (*Secret) XXX_Size Uses

func (m *Secret) XXX_Size() int

func (*Secret) XXX_Unmarshal Uses

func (m *Secret) XXX_Unmarshal(b []byte) error

type Secret_TOTPSecret Uses

type Secret_TOTPSecret struct {
    TOTPSecret *TOTPSecret `sentinel:"" protobuf:"bytes,2,opt,name=totp_secret,json=totpSecret,proto3,oneof"`
}

type TOTPConfig Uses

type TOTPConfig struct {
    Issuer               string   `sentinel:"" protobuf:"bytes,1,opt,name=issuer,proto3" json:"issuer,omitempty"`
    Period               uint32   `sentinel:"" protobuf:"varint,2,opt,name=period,proto3" json:"period,omitempty"`
    Algorithm            int32    `sentinel:"" protobuf:"varint,3,opt,name=algorithm,proto3" json:"algorithm,omitempty"`
    Digits               int32    `sentinel:"" protobuf:"varint,4,opt,name=digits,proto3" json:"digits,omitempty"`
    Skew                 uint32   `sentinel:"" protobuf:"varint,5,opt,name=skew,proto3" json:"skew,omitempty"`
    KeySize              uint32   `sentinel:"" protobuf:"varint,6,opt,name=key_size,json=keySize,proto3" json:"key_size,omitempty"`
    QRSize               int32    `sentinel:"" protobuf:"varint,7,opt,name=qr_size,json=qrSize,proto3" json:"qr_size,omitempty"`
    XXX_NoUnkeyedLiteral struct{} `json:"-"`
    XXX_unrecognized     []byte   `json:"-"`
    XXX_sizecache        int32    `json:"-"`
}

TOTPConfig represents the configuration information required to generate a TOTP key. The generated key will be stored in the entity along with these options. Validation of credentials supplied over the API will be validated by the information stored in the entity and not from the values in the configuration.

func (*TOTPConfig) Descriptor Uses

func (*TOTPConfig) Descriptor() ([]byte, []int)

func (*TOTPConfig) GetAlgorithm Uses

func (m *TOTPConfig) GetAlgorithm() int32

func (*TOTPConfig) GetDigits Uses

func (m *TOTPConfig) GetDigits() int32

func (*TOTPConfig) GetIssuer Uses

func (m *TOTPConfig) GetIssuer() string

func (*TOTPConfig) GetKeySize Uses

func (m *TOTPConfig) GetKeySize() uint32

func (*TOTPConfig) GetPeriod Uses

func (m *TOTPConfig) GetPeriod() uint32

func (*TOTPConfig) GetQRSize Uses

func (m *TOTPConfig) GetQRSize() int32

func (*TOTPConfig) GetSkew Uses

func (m *TOTPConfig) GetSkew() uint32

func (*TOTPConfig) ProtoMessage Uses

func (*TOTPConfig) ProtoMessage()

func (*TOTPConfig) Reset Uses

func (m *TOTPConfig) Reset()

func (*TOTPConfig) String Uses

func (m *TOTPConfig) String() string

func (*TOTPConfig) XXX_DiscardUnknown Uses

func (m *TOTPConfig) XXX_DiscardUnknown()

func (*TOTPConfig) XXX_Marshal Uses

func (m *TOTPConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*TOTPConfig) XXX_Merge Uses

func (m *TOTPConfig) XXX_Merge(src proto.Message)

func (*TOTPConfig) XXX_Size Uses

func (m *TOTPConfig) XXX_Size() int

func (*TOTPConfig) XXX_Unmarshal Uses

func (m *TOTPConfig) XXX_Unmarshal(b []byte) error

type TOTPSecret Uses

type TOTPSecret struct {
    Issuer    string `sentinel:"" protobuf:"bytes,1,opt,name=issuer,proto3" json:"issuer,omitempty"`
    Period    uint32 `sentinel:"" protobuf:"varint,2,opt,name=period,proto3" json:"period,omitempty"`
    Algorithm int32  `sentinel:"" protobuf:"varint,3,opt,name=algorithm,proto3" json:"algorithm,omitempty"`
    Digits    int32  `sentinel:"" protobuf:"varint,4,opt,name=digits,proto3" json:"digits,omitempty"`
    Skew      uint32 `sentinel:"" protobuf:"varint,5,opt,name=skew,proto3" json:"skew,omitempty"`
    KeySize   uint32 `sentinel:"" protobuf:"varint,6,opt,name=key_size,json=keySize,proto3" json:"key_size,omitempty"`
    // reserving 7 here just to keep parity with the config message above
    AccountName          string   `sentinel:"" protobuf:"bytes,8,opt,name=account_name,json=accountName,proto3" json:"account_name,omitempty"`
    Key                  string   `sentinel:"" protobuf:"bytes,9,opt,name=key,proto3" json:"key,omitempty"`
    XXX_NoUnkeyedLiteral struct{} `json:"-"`
    XXX_unrecognized     []byte   `json:"-"`
    XXX_sizecache        int32    `json:"-"`
}

TOTPSecret represents the secret that gets stored in the entity about a particular MFA method. This information is used to validate the MFA credential supplied over the API during request time.

func (*TOTPSecret) Descriptor Uses

func (*TOTPSecret) Descriptor() ([]byte, []int)

func (*TOTPSecret) GetAccountName Uses

func (m *TOTPSecret) GetAccountName() string

func (*TOTPSecret) GetAlgorithm Uses

func (m *TOTPSecret) GetAlgorithm() int32

func (*TOTPSecret) GetDigits Uses

func (m *TOTPSecret) GetDigits() int32

func (*TOTPSecret) GetIssuer Uses

func (m *TOTPSecret) GetIssuer() string

func (*TOTPSecret) GetKey Uses

func (m *TOTPSecret) GetKey() string

func (*TOTPSecret) GetKeySize Uses

func (m *TOTPSecret) GetKeySize() uint32

func (*TOTPSecret) GetPeriod Uses

func (m *TOTPSecret) GetPeriod() uint32

func (*TOTPSecret) GetSkew Uses

func (m *TOTPSecret) GetSkew() uint32

func (*TOTPSecret) ProtoMessage Uses

func (*TOTPSecret) ProtoMessage()

func (*TOTPSecret) Reset Uses

func (m *TOTPSecret) Reset()

func (*TOTPSecret) String Uses

func (m *TOTPSecret) String() string

func (*TOTPSecret) XXX_DiscardUnknown Uses

func (m *TOTPSecret) XXX_DiscardUnknown()

func (*TOTPSecret) XXX_Marshal Uses

func (m *TOTPSecret) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*TOTPSecret) XXX_Merge Uses

func (m *TOTPSecret) XXX_Merge(src proto.Message)

func (*TOTPSecret) XXX_Size Uses

func (m *TOTPSecret) XXX_Size() int

func (*TOTPSecret) XXX_Unmarshal Uses

func (m *TOTPSecret) XXX_Unmarshal(b []byte) error

Package mfa imports 4 packages (graph) and is imported by 5 packages. Updated 2019-05-14. Refresh now. Tools for package owners.