summaryrefslogtreecommitdiff
path: root/internal/configuration/schema/identity_validation.go
diff options
context:
space:
mode:
Diffstat (limited to 'internal/configuration/schema/identity_validation.go')
-rw-r--r--internal/configuration/schema/identity_validation.go20
1 files changed, 10 insertions, 10 deletions
diff --git a/internal/configuration/schema/identity_validation.go b/internal/configuration/schema/identity_validation.go
index ba1bc5054..120ea6165 100644
--- a/internal/configuration/schema/identity_validation.go
+++ b/internal/configuration/schema/identity_validation.go
@@ -12,15 +12,15 @@ type IdentityValidation struct {
// IdentityValidationResetPassword represents the tunable aspects of the reset password identity verification action/flow.
type IdentityValidationResetPassword struct {
- Expiration time.Duration `koanf:"expiration" json:"expiration" jsonschema:"title=Expiration,default=5 minutes" jsonschema_description:"Duration of time the JWT is considered valid."`
- JWTAlgorithm string `koanf:"jwt_algorithm" json:"jwt_algorithm" jsonschema:"title=JWT Algorithm,default=HS256,enum=HS256,enum=HS384,enum=HS512" jsonschema_description:"The JWT Algorithm (JWA) used to sign the Reset Password flow JWT's."`
- JWTSecret string `koanf:"jwt_secret" json:"jwt_secret" jsonschema:"title=JWT Secret" jsonschema_description:"The JWT secret used to sign the Reset Password flow JWT's."`
+ JWTExpiration time.Duration `koanf:"jwt_lifespan" json:"jwt_lifespan" jsonschema:"title=JWT Lifespan,default=5 minutes" jsonschema_description:"The lifespan of the JSON Web Token after it's initially generated after which it's considered invalid."`
+ JWTAlgorithm string `koanf:"jwt_algorithm" json:"jwt_algorithm" jsonschema:"title=JWT Algorithm,default=HS256,enum=HS256,enum=HS384,enum=HS512" jsonschema_description:"The JSON Web Token Algorithm (JWA) used to sign the Reset Password flow JSON Web Token's."`
+ JWTSecret string `koanf:"jwt_secret" json:"jwt_secret" jsonschema:"title=JWT Secret" jsonschema_description:"The secret key used to sign the Reset Password flow JSON Web Token's."`
}
// IdentityValidationElevatedSession represents the tunable aspects of the credential control identity verification action/flow.
type IdentityValidationElevatedSession struct {
- Expiration time.Duration `koanf:"expiration" json:"expiration" jsonschema:"title=Expiration,default=5 minutes" jsonschema_description:"Duration of time the OTP code is considered valid."`
- ElevationExpiration time.Duration `koanf:"elevation_expiration" json:"elevation_expiration" jsonschema:"title=Elevation Expiration,default=10 minutes" jsonschema_description:"Duration of time the elevation can exist for after the user performs the validation."`
+ CodeLifespan time.Duration `koanf:"code_lifespan" json:"code_lifespan" jsonschema:"title=Code Lifespan,default=5 minutes" jsonschema_description:"The lifespan of the randomly generated One Time Code after which it's considered invalid."`
+ ElevationLifespan time.Duration `koanf:"elevation_lifespan" json:"elevation_lifespan" jsonschema:"title=Elevation Lifespan,default=10 minutes" jsonschema_description:"The lifespan of the elevation after initially validating the One-Time Code before it expires."`
Characters int `koanf:"characters" json:"otp_characters" jsonschema:"title=OTP Characters,minimum=6,maximum=12,default=8" jsonschema_description:"Number of characters in the generated OTP codes."`
RequireSecondFactor bool `koanf:"require_second_factor" json:"require_second_factor" jsonschema:"title=Require Second Factor,default=false" jsonschema_description:"Requires the user use a second factor if they have any known second factor methods."`
SkipSecondFactor bool `koanf:"skip_second_factor" json:"skip_second_factor" jsonschema:"title=Skip Second Factor,default=false" jsonschema_description:"Skips the primary identity verification process if the user has authenticated with a second factor."`
@@ -29,12 +29,12 @@ type IdentityValidationElevatedSession struct {
// DefaultIdentityValidation has the default values for the IdentityValidation configuration.
var DefaultIdentityValidation = IdentityValidation{
ResetPassword: IdentityValidationResetPassword{
- Expiration: time.Minute * 5,
- JWTAlgorithm: "HS256",
+ JWTExpiration: time.Minute * 5,
+ JWTAlgorithm: "HS256",
},
ElevatedSession: IdentityValidationElevatedSession{
- Expiration: time.Minute * 5,
- ElevationExpiration: time.Minute * 10,
- Characters: 8,
+ CodeLifespan: time.Minute * 5,
+ ElevationLifespan: time.Minute * 10,
+ Characters: 8,
},
}