MySQL 9.1.0
Source Code Documentation
Multi_factor_auth_info Class Reference

#include <sql_mfa.h>

Inheritance diagram for Multi_factor_auth_info:
[legend]

Public Member Functions

 Multi_factor_auth_info (MEM_ROOT *mem_root)
 
 Multi_factor_auth_info (MEM_ROOT *mem_root, LEX_MFA *m)
 
 ~Multi_factor_auth_info () override
 
bool validate_plugins_in_auth_chain (THD *thd, const authentication_policy::Factors &policy_factors) override
 This method validates nth factor authentication plugin during ALTER/CREATE USER sql. More...
 
bool update_user_attributes () override
 Method to update User_attributes column in mysql.user table. More...
 
bool serialize (Json_array &mfa_arr) override
 Helper function to convert an instance of Multi_factor_auth_info into a JSON object. More...
 
bool deserialize (uint f, Json_dom *mfa_dom) override
 Helper function to read details from Json object representing Multi factor authentication methods and filling details in Multi_factor_auth_info instance. More...
 
bool init_registration (THD *, uint) override
 This method initiates registration step. More...
 
bool finish_registration (THD *, LEX_USER *, uint) override
 This method reads the credential details received from FIDO device and saves in user_attributes column of mysql.user table. More...
 
bool is_passwordless () override
 
void get_info_for_query_rewrite (THD *, LEX_USER *) override
 This method will fill in missing details like plugin name or authentication string, during CREATE/ALTER user sql so that binlog is logged with correct Multi factor authentication methods. More...
 
void get_generated_passwords (Userhostpassword_list &gp, const char *u, const char *h) override
 This method will return randomly generated passwords as part of IDENTIFIED BY RANDOM PASSWORD clause, so that it can be sent to client. More...
 
void get_server_challenge_info (server_challenge_info_vector &sc) override
 This method will return randomly generated server challenge as part of ALTER USER . More...
 
Multi_factor_auth_infooperator= (Multi_factor_auth_info &new_af)
 
bool is_identified_by ()
 
bool is_identified_with ()
 
LEX_CSTRINGplugin_name ()
 
const char * get_auth_str ()
 
size_t get_auth_str_len ()
 
const char * get_plugin_str ()
 
size_t get_plugin_str_len ()
 
const char * get_generated_password_str ()
 
size_t get_generated_password_len ()
 
const char * get_client_plugin_str ()
 
size_t get_client_plugin_len ()
 
nthfactor get_factor ()
 
unsigned int get_nth_factor ()
 
bool is_add_factor ()
 
bool is_drop_factor ()
 
bool is_modify_factor ()
 
bool get_init_registration ()
 
bool get_finish_registration ()
 
bool get_requires_registration ()
 
bool get_unregister ()
 
LEX_MFAget_lex_mfa ()
 
void set_auth_str (const char *, size_t)
 
void set_plugin_str (const char *, size_t)
 
void set_generated_password (const char *, size_t)
 
void set_client_plugin (const char *, size_t)
 
void set_factor (nthfactor f)
 
void set_passwordless (int v)
 
void set_init_registration (bool v)
 
void set_finish_registration (bool v)
 
void set_requires_registration (int v)
 
std::string get_command_string (enum_sql_command sql_command)
 
- Public Member Functions inherited from I_multi_factor_auth
virtual ~I_multi_factor_auth ()=default
 
virtual bool is_alter_allowed (THD *, LEX_USER *)
 Helper methods to verify and update ALTER USER sql when altering Multi factor authentication methods. More...
 
virtual void alter_mfa (I_multi_factor_auth *)
 
virtual bool validate_against_authentication_policy (THD *, const authentication_policy::Factors &)
 Helper method to validate Multi factor authentication methods are correct compared to authentication policy. More...
 
virtual void add_factor (I_multi_factor_auth *m)
 
Multi_factor_auth_listget_multi_factor_auth_list ()
 Get methods. More...
 
Multi_factor_auth_infoget_multi_factor_auth_info ()
 

Private Member Functions

bool validate_row ()
 Interface method to validate the auth plugin chain if user_attributes in mysql.user table is modified using INSERT, UPDATE sql. More...
 

Private Attributes

MEM_ROOTm_mem_root
 
LEX_MFAm_multi_factor_auth
 
acl_table::Pod_user_what_to_update m_update
 

Constructor & Destructor Documentation

◆ Multi_factor_auth_info() [1/2]

Multi_factor_auth_info::Multi_factor_auth_info ( MEM_ROOT mem_root)

◆ Multi_factor_auth_info() [2/2]

Multi_factor_auth_info::Multi_factor_auth_info ( MEM_ROOT mem_root,
LEX_MFA m 
)

◆ ~Multi_factor_auth_info()

Multi_factor_auth_info::~Multi_factor_auth_info ( )
inlineoverride

Member Function Documentation

◆ deserialize()

bool Multi_factor_auth_info::deserialize ( uint  nth_factor,
Json_dom mfa_dom 
)
overridevirtual

Helper function to read details from Json object representing Multi factor authentication methods and filling details in Multi_factor_auth_info instance.

Parameters
[in]nth_factorNumber referring to nth factor.
[out]mfa_domJson object holding details about Multi factor authentication method.
Return values
falseSuccess
trueFailure

Implements I_multi_factor_auth.

◆ finish_registration()

bool Multi_factor_auth_info::finish_registration ( THD thd,
LEX_USER user_name,
uint  nth_factor 
)
overridevirtual

This method reads the credential details received from FIDO device and saves in user_attributes column of mysql.user table.

Parameters
[in]thdConnection handler
[in]user_nameHandler to LEX_USER
[in]nth_factorNumber referrering to nth factor
Return values
falseSuccess
trueFailure

Implements I_multi_factor_auth.

◆ get_auth_str()

const char * Multi_factor_auth_info::get_auth_str ( )

◆ get_auth_str_len()

size_t Multi_factor_auth_info::get_auth_str_len ( )

◆ get_client_plugin_len()

size_t Multi_factor_auth_info::get_client_plugin_len ( )

◆ get_client_plugin_str()

const char * Multi_factor_auth_info::get_client_plugin_str ( )

◆ get_command_string()

std::string Multi_factor_auth_info::get_command_string ( enum_sql_command  sql_command)

◆ get_factor()

nthfactor Multi_factor_auth_info::get_factor ( )

◆ get_finish_registration()

bool Multi_factor_auth_info::get_finish_registration ( )

◆ get_generated_password_len()

size_t Multi_factor_auth_info::get_generated_password_len ( )

◆ get_generated_password_str()

const char * Multi_factor_auth_info::get_generated_password_str ( )

◆ get_generated_passwords()

void Multi_factor_auth_info::get_generated_passwords ( Userhostpassword_list gp,
const char *  u,
const char *  h 
)
overridevirtual

This method will return randomly generated passwords as part of IDENTIFIED BY RANDOM PASSWORD clause, so that it can be sent to client.

Parameters
[out]gpList holding all generated passwords.
[in]uName of user
[in]hHost name

Implements I_multi_factor_auth.

◆ get_info_for_query_rewrite()

void Multi_factor_auth_info::get_info_for_query_rewrite ( THD thd,
LEX_USER user_name 
)
overridevirtual

This method will fill in missing details like plugin name or authentication string, during CREATE/ALTER user sql so that binlog is logged with correct Multi factor authentication methods.

Parameters
[in]thdconnection handler
[in]user_nameHandler to LEX_USER

Implements I_multi_factor_auth.

◆ get_init_registration()

bool Multi_factor_auth_info::get_init_registration ( )

◆ get_lex_mfa()

LEX_MFA * Multi_factor_auth_info::get_lex_mfa ( )

◆ get_nth_factor()

unsigned int Multi_factor_auth_info::get_nth_factor ( )

◆ get_plugin_str()

const char * Multi_factor_auth_info::get_plugin_str ( )

◆ get_plugin_str_len()

size_t Multi_factor_auth_info::get_plugin_str_len ( )

◆ get_requires_registration()

bool Multi_factor_auth_info::get_requires_registration ( )

◆ get_server_challenge_info()

void Multi_factor_auth_info::get_server_challenge_info ( server_challenge_info_vector sc)
overridevirtual

This method will return randomly generated server challenge as part of ALTER USER .

. INITIATE REGISTRATION clause, so that it can be sent to client.

Parameters
[out]scList holding all generated server challenges.

Implements I_multi_factor_auth.

◆ get_unregister()

bool Multi_factor_auth_info::get_unregister ( )

◆ init_registration()

bool Multi_factor_auth_info::init_registration ( THD thd,
uint  nth_factor 
)
overridevirtual

This method initiates registration step.

This method calls plugin specific registration method to get details needed to do registration. This method further appends user name to it. This method will do nothing in case init registration is already done.

Parameters
[in]thdTHD handle
[in]nth_factorNumber representing which factor to init registration step

Format of buffer is a length encoded string. [salt length][random salt][relying party ID length][relying party ID] [user name length][user name]

Returns
registration status
Return values
falseSuccess
trueFailure

Implements I_multi_factor_auth.

◆ is_add_factor()

bool Multi_factor_auth_info::is_add_factor ( )

◆ is_drop_factor()

bool Multi_factor_auth_info::is_drop_factor ( )

◆ is_identified_by()

bool Multi_factor_auth_info::is_identified_by ( )

◆ is_identified_with()

bool Multi_factor_auth_info::is_identified_with ( )

◆ is_modify_factor()

bool Multi_factor_auth_info::is_modify_factor ( )

◆ is_passwordless()

bool Multi_factor_auth_info::is_passwordless ( )
overridevirtual

Implements I_multi_factor_auth.

◆ operator=()

Multi_factor_auth_info & Multi_factor_auth_info::operator= ( Multi_factor_auth_info new_af)

◆ plugin_name()

LEX_CSTRING & Multi_factor_auth_info::plugin_name ( )

◆ serialize()

bool Multi_factor_auth_info::serialize ( Json_array mfa_arr)
overridevirtual

Helper function to convert an instance of Multi_factor_auth_info into a JSON object.

Parameters
[out]mfa_arrJson Array holding details about Multi factor authentication methods.
Return values
falseSuccess
trueFailure

Implements I_multi_factor_auth.

◆ set_auth_str()

void Multi_factor_auth_info::set_auth_str ( const char *  str,
size_t  l 
)

◆ set_client_plugin()

void Multi_factor_auth_info::set_client_plugin ( const char *  str,
size_t  l 
)

◆ set_factor()

void Multi_factor_auth_info::set_factor ( nthfactor  f)

◆ set_finish_registration()

void Multi_factor_auth_info::set_finish_registration ( bool  v)

◆ set_generated_password()

void Multi_factor_auth_info::set_generated_password ( const char *  str,
size_t  l 
)

◆ set_init_registration()

void Multi_factor_auth_info::set_init_registration ( bool  v)

◆ set_passwordless()

void Multi_factor_auth_info::set_passwordless ( int  v)

◆ set_plugin_str()

void Multi_factor_auth_info::set_plugin_str ( const char *  str,
size_t  l 
)

◆ set_requires_registration()

void Multi_factor_auth_info::set_requires_registration ( int  v)

◆ update_user_attributes()

bool Multi_factor_auth_info::update_user_attributes ( )
overridevirtual

Method to update User_attributes column in mysql.user table.

Returns
status of the operation
Return values
falseSuccess
trueFailure

Implements I_multi_factor_auth.

◆ validate_plugins_in_auth_chain()

bool Multi_factor_auth_info::validate_plugins_in_auth_chain ( THD thd,
const authentication_policy::Factors policy_factors 
)
overridevirtual

This method validates nth factor authentication plugin during ALTER/CREATE USER sql.

Parameters
[in]thdConnection handler
[in]policy_factorsAuthentication policy factors
Returns
status of the validation
Return values
falseSuccess
trueFailure

Implements I_multi_factor_auth.

◆ validate_row()

bool Multi_factor_auth_info::validate_row ( )
private

Interface method to validate the auth plugin chain if user_attributes in mysql.user table is modified using INSERT, UPDATE sql.

Returns
status of row validation
Return values
falseSuccess
trueFailure

Member Data Documentation

◆ m_mem_root

MEM_ROOT* Multi_factor_auth_info::m_mem_root
private

◆ m_multi_factor_auth

LEX_MFA* Multi_factor_auth_info::m_multi_factor_auth
private

◆ m_update

acl_table::Pod_user_what_to_update Multi_factor_auth_info::m_update
private

The documentation for this class was generated from the following files: