MySQL 8.4.3
Source Code Documentation
|
#include <sql_mfa.h>
Public Member Functions | |
Multi_factor_auth_list (MEM_ROOT *) | |
~Multi_factor_auth_list () override | |
my_vector< I_multi_factor_auth * > & | get_mfa_list () |
size_t | get_mfa_list_size () |
bool | is_alter_allowed (THD *, LEX_USER *) override |
This method checks MFA methods present in ACL_USER against new factor specified as part of ALTER USER sql. More... | |
void | alter_mfa (I_multi_factor_auth *) override |
This method modifies the Multi factor authentication interface based on ALTER USER sql. More... | |
bool | validate_plugins_in_auth_chain (THD *thd, const authentication_policy::Factors &policy_factors) override |
Interface method to validate the auth plugin chain before updating the user_attributes in mysql.user table. More... | |
bool | validate_against_authentication_policy (THD *thd, const authentication_policy::Factors &policy_factors) override |
This method checks the modified Multi factor authentication interface methods based on ALTER USER sql against authentication policy. More... | |
bool | update_user_attributes () override |
Interface method to update user_attributes. More... | |
void | add_factor (I_multi_factor_auth *m) override |
bool | serialize (Json_array &mfa_arr) override |
Interface method to convert this interface into a valid JSON object. More... | |
bool | deserialize (uint f, Json_dom *mfa_dom) override |
Interface method to convert a valid JSON object into this interface. More... | |
bool | init_registration (THD *, uint) override |
Interface method to initiate registration. More... | |
bool | finish_registration (THD *, LEX_USER *, uint) override |
Interface method to finish registration step. More... | |
bool | is_passwordless () override |
Interface method to check if registration step in for passwordless authentication method. More... | |
void | get_info_for_query_rewrite (THD *, LEX_USER *) override |
Interface method to fill in Multi factor authentication method details during query rewrite. More... | |
void | get_generated_passwords (Userhostpassword_list &gp, const char *u, const char *h) override |
Interface method to fill in generated passwords from Multi factor authentication methods. More... | |
void | get_server_challenge_info (server_challenge_info_vector &sc) override |
Interface method to fill in generated server challenge from init registration step. More... | |
Public Member Functions inherited from I_multi_factor_auth | |
virtual | ~I_multi_factor_auth ()=default |
Multi_factor_auth_list * | get_multi_factor_auth_list () |
Get methods. More... | |
Multi_factor_auth_info * | get_multi_factor_auth_info () |
Private Member Functions | |
void | sort_mfa () |
Helper method to sort nth factor methods in multi-factor authentication interface such that 2nd factor method always precedes 3rd factor method. More... | |
Private Attributes | |
my_vector< I_multi_factor_auth * > | m_factor |
Multi_factor_auth_list::Multi_factor_auth_list | ( | MEM_ROOT * | mem_root | ) |
|
override |
|
overridevirtual |
Reimplemented from I_multi_factor_auth.
|
overridevirtual |
This method modifies the Multi factor authentication interface based on ALTER USER sql.
This method refers to Multi factor authentication interface present in ACL_USER against the new interface which is passed as an input and updates the nth factor method in new interface by either adding or dropping the nth factor methods. An expression like new_mfa_interface = ACL_USER::m_mfa;
[in,out] | m | handler to new Multi factor authentication interface |
Reimplemented from I_multi_factor_auth.
|
overridevirtual |
Interface method to convert a valid JSON object into this interface.
[in] | nth_factor | Refers to which factor needs to be deserialized |
[in] | mfa_dom | JSON dom object which should be deserialized |
false | Success |
true | Failure |
Implements I_multi_factor_auth.
|
overridevirtual |
Interface method to finish registration step.
[in] | thd | Connection handler |
[in] | user_name | Handler to LEX_USER |
[in] | nth_factor | Refers to which factor needs registration |
false | Success |
true | Failure |
Implements I_multi_factor_auth.
|
overridevirtual |
Interface method to fill in generated passwords from Multi factor authentication methods.
[out] | gp | List holding all generated passwords. |
[in] | u | Name of user |
[in] | h | Host name |
Implements I_multi_factor_auth.
|
overridevirtual |
Interface method to fill in Multi factor authentication method details during query rewrite.
[in] | thd | Connection handler |
[in] | user_name | Handler to LEX_USER |
Implements I_multi_factor_auth.
my_vector< I_multi_factor_auth * > & Multi_factor_auth_list::get_mfa_list | ( | ) |
size_t Multi_factor_auth_list::get_mfa_list_size | ( | ) |
|
overridevirtual |
Interface method to fill in generated server challenge from init registration step.
[out] | sc | Buffer to hold server challenge |
Implements I_multi_factor_auth.
|
overridevirtual |
Interface method to initiate registration.
[in] | thd | Connection handler |
[in] | nth_factor | Refers to which factor needs registration |
false | Success |
true | Failure |
Implements I_multi_factor_auth.
This method checks MFA methods present in ACL_USER against new factor specified as part of ALTER USER sql.
[in] | thd | Connection handler |
[in] | user | Handler to LEX_USER whose Multi Factor Auth methods will being added/dropped or modified |
false | Success ALTER USER can proceed further |
true | Failure report error for ALTER USER |
Reimplemented from I_multi_factor_auth.
|
overridevirtual |
Interface method to check if registration step in for passwordless authentication method.
false | Success |
true | Failure |
Implements I_multi_factor_auth.
|
overridevirtual |
Interface method to convert this interface into a valid JSON object.
[in,out] | mfa_arr | A json array into which nth factor Multi factor authentication methods needs to be added. |
false | Success |
true | Failure |
Implements I_multi_factor_auth.
|
private |
Helper method to sort nth factor methods in multi-factor authentication interface such that 2nd factor method always precedes 3rd factor method.
|
overridevirtual |
Interface method to update user_attributes.
false | Success |
true | Failure |
Implements I_multi_factor_auth.
|
overridevirtual |
This method checks the modified Multi factor authentication interface methods based on ALTER USER sql against authentication policy.
[in] | thd | Connection handle |
[in] | policy_factors | Authentication policy factors |
false | Success (modified mfa methods match policy) |
true | Failure (authentication policy is vioalted) |
Reimplemented from I_multi_factor_auth.
|
overridevirtual |
Interface method to validate the auth plugin chain before updating the user_attributes in mysql.user table.
[in] | thd | Connection handler |
[in] | policy_factors | Authentication policy factors |
false | Success |
true | Failure |
Implements I_multi_factor_auth.
|
private |