Skip to content

Commit

Permalink
Add fileconf and warning logs.
Browse files Browse the repository at this point in the history
  • Loading branch information
Joerger committed Oct 4, 2024
1 parent 57cae08 commit 10c8b33
Show file tree
Hide file tree
Showing 2 changed files with 26 additions and 0 deletions.
6 changes: 6 additions & 0 deletions api/types/authentication.go
Original file line number Diff line number Diff line change
Expand Up @@ -1217,6 +1217,12 @@ const (
SecondFactorTypeSSOString = "sso"
)

// ToString returns the user friendly string representation of the second factor type.
func (s *SecondFactorType) ToString() string {
str, _ := s.encode()
return str
}

func (s *SecondFactorType) encode() (string, error) {
switch *s {
case SecondFactorType_SECOND_FACTOR_TYPE_UNSPECIFIED:
Expand Down
20 changes: 20 additions & 0 deletions lib/config/fileconf.go
Original file line number Diff line number Diff line change
Expand Up @@ -1000,6 +1000,7 @@ func (t StaticToken) Parse() ([]types.ProvisionTokenV1, error) {
type AuthenticationConfig struct {
Type string `yaml:"type"`
SecondFactor constants.SecondFactorType `yaml:"second_factor,omitempty"`
SecondFactors []types.SecondFactorType `yaml:"second_factors,omitempty"`
ConnectorName string `yaml:"connector_name,omitempty"`
U2F *UniversalSecondFactor `yaml:"u2f,omitempty"`
Webauthn *Webauthn `yaml:"webauthn,omitempty"`
Expand Down Expand Up @@ -1084,9 +1085,28 @@ func (a *AuthenticationConfig) Parse() (types.AuthPreference, error) {
}
}

if a.SecondFactor != "" {
secondFactors := types.SecondFactorsFromLegacySecondFactor(a.SecondFactor, w != nil || u != nil)
var secondFactorStrings []string
for _, sf := range secondFactors {
secondFactorStrings = append(secondFactorStrings, sf.ToString())
}

log.Warnf(``+
`The "second_factor" setting is marked for removal in favor of second_factors. `+
`Please update your configuration to use second_factors. e.g. "second_factors: %v".`, secondFactorStrings)

if a.SecondFactors != nil {
log.Warnf(`` +
`second_factor and second_factors are both set. second_factors will take precedence. ` +
`second_factor should be unset to remove this warning.`)
}
}

return types.NewAuthPreferenceFromConfigFile(types.AuthPreferenceSpecV2{
Type: a.Type,
SecondFactor: a.SecondFactor,
SecondFactors: a.SecondFactors,
ConnectorName: a.ConnectorName,
U2F: u,
Webauthn: w,
Expand Down

0 comments on commit 10c8b33

Please sign in to comment.