internal/configuration/schema/const.go


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162

package schema

import (
	"errors"
	"regexp"
	"time"
)

const (
	argon2   = "argon2"
	argon2id = "argon2id"
	sha512   = "sha512"
)

const (
	// TLSVersion13 is the textual representation of TLS 1.3.
	TLSVersion13 = "TLS1.3"

	// TLSVersion12 is the textual representation of TLS 1.2.
	TLSVersion12 = "TLS1.2"

	// TLSVersion11 is the textual representation of TLS 1.1.
	TLSVersion11 = "TLS1.1"

	// TLSVersion10 is the textual representation of TLS 1.0.
	TLSVersion10 = "TLS1.0"

	// SSLVersion30 is the textual representation of SSL 3.0.
	SSLVersion30 = "SSL3.0"

	// Version13 is the textual representation of version 1.3.
	Version13 = "1.3"

	// Version12 is the textual representation of version 1.2.
	Version12 = "1.2"

	// Version11 is the textual representation of version 1.1.
	Version11 = "1.1"

	// Version10 is the textual representation of version 1.0.
	Version10 = "1.0"
)

// ErrTLSVersionNotSupported returned when an unknown TLS version supplied.
var ErrTLSVersionNotSupported = errors.New("supplied tls version isn't supported")

const (
	// ProfileRefreshAlways represents a value for refresh_interval that's the same as 0ms.
	ProfileRefreshAlways = "always"

	// ProfileRefreshDisabled represents a Value for refresh_interval that disables the check entirely.
	ProfileRefreshDisabled = "disable"

	// RefreshIntervalDefault represents the default value of refresh_interval.
	RefreshIntervalDefault = time.Minute * 5
)

const (
	// LDAPImplementationCustom is the string for the custom LDAP implementation.
	LDAPImplementationCustom = "custom"

	// LDAPImplementationActiveDirectory is the string for the Active Directory LDAP implementation.
	LDAPImplementationActiveDirectory = "activedirectory"

	// LDAPImplementationRFC2307bis is the string for the RFC2307bis LDAP implementation.
	LDAPImplementationRFC2307bis = "rfc2307bis"

	// LDAPImplementationFreeIPA is the string for the FreeIPA LDAP implementation.
	LDAPImplementationFreeIPA = "freeipa"

	// LDAPImplementationLLDAP is the string for the lldap LDAP implementation.
	LDAPImplementationLLDAP = "lldap"

	// LDAPImplementationGLAuth is the string for the GLAuth LDAP implementation.
	LDAPImplementationGLAuth = "glauth"
)

const (
	// LDAPGroupSearchModeFilter is the string for the filter group search mode.
	LDAPGroupSearchModeFilter = "filter"

	// LDAPGroupSearchModeMemberOf is the string for the memberOf group search mode.
	LDAPGroupSearchModeMemberOf = "memberof"
)

// TOTP Algorithm.
const (
	TOTPAlgorithmSHA1   = "SHA1"
	TOTPAlgorithmSHA256 = "SHA256"
	TOTPAlgorithmSHA512 = "SHA512"
)

const (
	// RememberMeDisabled represents the duration for a disabled remember me session configuration.
	RememberMeDisabled = time.Second * -1
)

var (
	// TOTPPossibleAlgorithms is a list of valid TOTP Algorithms.
	TOTPPossibleAlgorithms = []string{TOTPAlgorithmSHA1, TOTPAlgorithmSHA256, TOTPAlgorithmSHA512}
)

const (
	// TOTPSecretSizeDefault is the default secret size.
	TOTPSecretSizeDefault = 32

	// TOTPSecretSizeMinimum is the minimum secret size.
	TOTPSecretSizeMinimum = 20
)

var (
	// regexpHasScheme checks if a string has a scheme. Valid characters for schemes include alphanumeric, hyphen,
	// period, and plus characters.
	regexpHasScheme = regexp.MustCompile(`^[-+.a-zA-Z\d]*(://|:$)`)

	regexpIsUmask = regexp.MustCompile(`^[0-7]{3,4}$`)
)

const (
	policyTwoFactor = "two_factor"
)

const (
	addressQueryParamUmask = "umask"
)

const (
	blockCERTIFICATE   = "CERTIFICATE"
	blockRSAPRIVATEKEY = "RSA PRIVATE KEY"
)

const (
	ldapGroupSearchModeFilter = "filter"
)

const (
	ldapAttrDistinguishedName = "distinguishedName"
	ldapAttrMail              = "mail"
	ldapAttrUserID            = "uid"
	ldapAttrSAMAccountName    = "sAMAccountName"
	ldapAttrDisplayName       = "displayName"
	ldapAttrDescription       = "description"
	ldapAttrCommonName        = "cn"
	ldapAttrMemberOf          = "memberOf"
)

// Address Schemes.
const (
	AddressSchemeTCP         = "tcp"
	AddressSchemeTCP4        = "tcp4"
	AddressSchemeTCP6        = "tcp6"
	AddressSchemeUDP         = "udp"
	AddressSchemeUDP4        = "udp4"
	AddressSchemeUDP6        = "udp6"
	AddressSchemeUnix        = "unix"
	AddressSchemeLDAP        = "ldap"
	AddressSchemeLDAPS       = "ldaps"
	AddressSchemeLDAPI       = "ldapi"
	AddressSchemeSMTP        = "smtp"
	AddressSchemeSUBMISSION  = "submission"
	AddressSchemeSUBMISSIONS = "submissions"
)