mirror of
https://github.com/zitadel/zitadel.git
synced 2025-01-05 14:37:45 +00:00
320679467b
* feat: change login to command side * feat: change login to command side * fix: fix push on user * feat: user command side * feat: sign out * feat: command side login * feat: command side login * feat: fix register user * feat: fix register user * feat: fix web auth n events * feat: add machine keys * feat: send codes * feat: move authrequest to domain * feat: move authrequest to domain * feat: webauthn working * feat: external users * feat: external users login * feat: notify users * fix: tests * feat: cascade remove user grants on project remove * fix: webauthn * fix: pr requests * fix: register human with member * fix: fix bugs * fix: fix bugs
70 lines
1.6 KiB
Go
70 lines
1.6 KiB
Go
package domain
|
|
|
|
import (
|
|
"bytes"
|
|
es_models "github.com/caos/zitadel/internal/eventstore/models"
|
|
)
|
|
|
|
type WebAuthNToken struct {
|
|
es_models.ObjectRoot
|
|
|
|
WebAuthNTokenID string
|
|
CredentialCreationData []byte
|
|
State MFAState
|
|
Challenge string
|
|
AllowedCredentialIDs [][]byte
|
|
UserVerification UserVerificationRequirement
|
|
KeyID []byte
|
|
PublicKey []byte
|
|
AttestationType string
|
|
AAGUID []byte
|
|
SignCount uint32
|
|
WebAuthNTokenName string
|
|
}
|
|
|
|
type WebAuthNLogin struct {
|
|
es_models.ObjectRoot
|
|
|
|
CredentialAssertionData []byte
|
|
Challenge string
|
|
AllowedCredentialIDs [][]byte
|
|
UserVerification UserVerificationRequirement
|
|
//TODO: Add Auth Request
|
|
//*model.AuthRequest
|
|
}
|
|
|
|
type UserVerificationRequirement int32
|
|
|
|
const (
|
|
UserVerificationRequirementUnspecified UserVerificationRequirement = iota
|
|
UserVerificationRequirementRequired
|
|
UserVerificationRequirementPreferred
|
|
UserVerificationRequirementDiscouraged
|
|
)
|
|
|
|
type AuthenticatorAttachment int32
|
|
|
|
const (
|
|
AuthenticatorAttachmentUnspecified AuthenticatorAttachment = iota
|
|
AuthenticatorAttachmentPlattform
|
|
AuthenticatorAttachmentCrossPlattform
|
|
)
|
|
|
|
func GetTokenToVerify(tokens []*WebAuthNToken) (int, *WebAuthNToken) {
|
|
for i, u2f := range tokens {
|
|
if u2f.State == MFAStateNotReady {
|
|
return i, u2f
|
|
}
|
|
}
|
|
return -1, nil
|
|
}
|
|
|
|
func GetTokenByKeyID(tokens []*WebAuthNToken, keyID []byte) (int, *WebAuthNToken) {
|
|
for i, token := range tokens {
|
|
if bytes.Compare(token.KeyID, keyID) == 0 {
|
|
return i, token
|
|
}
|
|
}
|
|
return -1, nil
|
|
}
|