external/mailinabox
1
0
Fork 0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2025-04-03 00:07:05 +00:00
Code Issues Releases Wiki Activity
bf63ca827e
mailinabox/conf/schema/mfa-totp.schema
downtownallday bf63ca827e Add copyright to source files
2022-09-19 14:45:11 -04:00

70 lines
2.0 KiB
Plaintext
Raw Blame History

#####
##### This file is part of Mail-in-a-Box-LDAP which is released under the
##### terms of the GNU Affero General Public License as published by the
##### Free Software Foundation, either version 3 of the License, or (at
##### your option) any later version. See file LICENSE or go to
##### https://github.com/downtownallday/mailinabox-ldap for full license
##### details.
#####
#
# MiaB-LDAP's directory schema for time-based one time passwords (TOTP)
#
objectIdentifier MiabLDAPmfa MiabLDAProot:1
objectIdentifier MiabLDAPmfaAttributeType MiabLDAPmfa:2
objectIdentifier MiabLDAPmfaObjectClass MiabLDAPmfa:3
# secret consists of base32 characters (see RFC 4648)
attributetype ( MiabLDAPmfaAttributeType:1
DESC 'TOTP secret'
NAME 'totpSecret'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
X-ORDERED 'VALUES'
EQUALITY caseExactIA5Match )
# tokens are a base-10 string of N digits, but set the syntax to
# IA5String anyway
attributetype ( MiabLDAPmfaAttributeType:2
DESC 'TOTP last token used'
NAME 'totpMruToken'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
X-ORDERED 'VALUES'
EQUALITY caseExactIA5Match )
# the time in nanoseconds since the epoch when the mru token was last
# used. the time will also be set when a new entry is created even if
# the corresponding mru token is blank
attributetype ( MiabLDAPmfaAttributeType:3
DESC 'TOTP last token used time'
NAME 'totpMruTokenTime'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
X-ORDERED 'VALUES'
EQUALITY caseExactIA5Match )
# The label is currently any text supplied by the user, which is used
# as a reminder of where the secret is stored when logging in (where
# the authenticator app is, that holds the secret). eg "my samsung
# phone"
attributetype ( MiabLDAPmfaAttributeType:4
DESC 'TOTP device label'
NAME 'totpLabel'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
X-ORDERED 'VALUES'
EQUALITY caseIgnoreIA5Match )
# The TOTP objectClass
objectClass ( MiabLDAPmfaObjectClass:1
NAME 'totpUser'
DESC 'MiaB-LDAP TOTP settings for a user'
SUP top
AUXILIARY
MUST ( totpSecret $ totpMruToken $ totpMruTokenTime $ totpLabel ) )
Reference in New Issue View Git Blame Copy Permalink