diff options
| author | goodNETnick <pknet@ya.ru> | 2022-02-07 02:04:28 -0500 |
|---|---|---|
| committer | goodNETnick <pknet@ya.ru> | 2022-03-16 01:46:26 -0400 |
| commit | b776003cf55e1035ac83186e44f72764e52e9e0d (patch) | |
| tree | 65ce5c16f46ab2471a3345b289b8cac90edded6a /interface-definitions/include | |
| parent | 0a0d4abc02da89f68d453495ec002d2afecfca7b (diff) | |
| download | vyos-1x-b776003cf55e1035ac83186e44f72764e52e9e0d.tar.gz vyos-1x-b776003cf55e1035ac83186e44f72764e52e9e0d.zip | |
ocserv: T4231: Added OTP support for Openconnect 2FA
Diffstat (limited to 'interface-definitions/include')
| -rw-r--r-- | interface-definitions/include/auth-local-users.xml.i | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/interface-definitions/include/auth-local-users.xml.i b/interface-definitions/include/auth-local-users.xml.i index 8ef09554e..add2fc8e1 100644 --- a/interface-definitions/include/auth-local-users.xml.i +++ b/interface-definitions/include/auth-local-users.xml.i @@ -7,6 +7,10 @@ <tagNode name="username"> <properties> <help>Username used for authentication</help> + <valueHelp> + <format>txt</format> + <description>Username used for authentication</description> + </valueHelp> </properties> <children> #include <include/generic-disable-node.xml.i> @@ -15,6 +19,71 @@ <help>Password used for authentication</help> </properties> </leafNode> + <node name="otp"> + <properties> + <help>2FA OTP authentication parameters</help> + </properties> + <children> + <leafNode name="key"> + <properties> + <help>Token Key Secret key for the token algorithm (see RFC 4226)</help> + <valueHelp> + <format>txt</format> + <description>OTP key in hex-encoded format</description> + </valueHelp> + <constraint> + <regex>[a-fA-F0-9]{20,10000}</regex> + </constraint> + <constraintErrorMessage>Key name must in hex be alphanumerical only (min. 20 hex characters)</constraintErrorMessage> + </properties> + </leafNode> + <leafNode name="otp-length"> + <properties> + <help>Optional. Number of digits in OTP code (default: 6)</help> + <valueHelp> + <format>u32:6-8</format> + <description>Number of digits in OTP code (default: 6)</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 6-8"/> + </constraint> + <constraintErrorMessage>Number of digits in OTP code must be between 6 and 8</constraintErrorMessage> + </properties> + </leafNode> + <leafNode name="interval"> + <properties> + <help>Optional. Time tokens interval in seconds (for time tokens) (default: 30)</help> + <valueHelp> + <format>u32:5-86400</format> + <description>Time tokens interval in seconds (for time tokens). (default: 30)</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 5-86400"/> + </constraint> + <constraintErrorMessage>Time token interval must be between 5 and 86400 seconds</constraintErrorMessage> + </properties> + </leafNode> + <leafNode name="token-type"> + <properties> + <help>Optional. Token type (default: hotp-time)</help> + <valueHelp> + <format>hotp-time</format> + <description>time-based OTP algorithm</description> + </valueHelp> + <valueHelp> + <format>hotp-event</format> + <description>event-based OTP algorithm</description> + </valueHelp> + <constraint> + <regex>(hotp-time|hotp-event)</regex> + </constraint> + <completionHelp> + <list>hotp-time hotp-event</list> + </completionHelp> + </properties> + </leafNode> + </children> + </node> </children> </tagNode> </children> |