MySQL 9.1.0
Source Code Documentation
|
#include <sql_mfa.h>
Public Member Functions | |
Multi_factor_auth_info (MEM_ROOT *mem_root) | |
Multi_factor_auth_info (MEM_ROOT *mem_root, LEX_MFA *m) | |
~Multi_factor_auth_info () override | |
bool | validate_plugins_in_auth_chain (THD *thd, const authentication_policy::Factors &policy_factors) override |
This method validates nth factor authentication plugin during ALTER/CREATE USER sql. More... | |
bool | update_user_attributes () override |
Method to update User_attributes column in mysql.user table. More... | |
bool | serialize (Json_array &mfa_arr) override |
Helper function to convert an instance of Multi_factor_auth_info into a JSON object. More... | |
bool | deserialize (uint f, Json_dom *mfa_dom) override |
Helper function to read details from Json object representing Multi factor authentication methods and filling details in Multi_factor_auth_info instance. More... | |
bool | init_registration (THD *, uint) override |
This method initiates registration step. More... | |
bool | finish_registration (THD *, LEX_USER *, uint) override |
This method reads the credential details received from FIDO device and saves in user_attributes column of mysql.user table. More... | |
bool | is_passwordless () override |
void | get_info_for_query_rewrite (THD *, LEX_USER *) override |
This method will fill in missing details like plugin name or authentication string, during CREATE/ALTER user sql so that binlog is logged with correct Multi factor authentication methods. More... | |
void | get_generated_passwords (Userhostpassword_list &gp, const char *u, const char *h) override |
This method will return randomly generated passwords as part of IDENTIFIED BY RANDOM PASSWORD clause, so that it can be sent to client. More... | |
void | get_server_challenge_info (server_challenge_info_vector &sc) override |
This method will return randomly generated server challenge as part of ALTER USER . More... | |
Multi_factor_auth_info & | operator= (Multi_factor_auth_info &new_af) |
bool | is_identified_by () |
bool | is_identified_with () |
LEX_CSTRING & | plugin_name () |
const char * | get_auth_str () |
size_t | get_auth_str_len () |
const char * | get_plugin_str () |
size_t | get_plugin_str_len () |
const char * | get_generated_password_str () |
size_t | get_generated_password_len () |
const char * | get_client_plugin_str () |
size_t | get_client_plugin_len () |
nthfactor | get_factor () |
unsigned int | get_nth_factor () |
bool | is_add_factor () |
bool | is_drop_factor () |
bool | is_modify_factor () |
bool | get_init_registration () |
bool | get_finish_registration () |
bool | get_requires_registration () |
bool | get_unregister () |
LEX_MFA * | get_lex_mfa () |
void | set_auth_str (const char *, size_t) |
void | set_plugin_str (const char *, size_t) |
void | set_generated_password (const char *, size_t) |
void | set_client_plugin (const char *, size_t) |
void | set_factor (nthfactor f) |
void | set_passwordless (int v) |
void | set_init_registration (bool v) |
void | set_finish_registration (bool v) |
void | set_requires_registration (int v) |
std::string | get_command_string (enum_sql_command sql_command) |
Public Member Functions inherited from I_multi_factor_auth | |
virtual | ~I_multi_factor_auth ()=default |
virtual bool | is_alter_allowed (THD *, LEX_USER *) |
Helper methods to verify and update ALTER USER sql when altering Multi factor authentication methods. More... | |
virtual void | alter_mfa (I_multi_factor_auth *) |
virtual bool | validate_against_authentication_policy (THD *, const authentication_policy::Factors &) |
Helper method to validate Multi factor authentication methods are correct compared to authentication policy. More... | |
virtual void | add_factor (I_multi_factor_auth *m) |
Multi_factor_auth_list * | get_multi_factor_auth_list () |
Get methods. More... | |
Multi_factor_auth_info * | get_multi_factor_auth_info () |
Private Member Functions | |
bool | validate_row () |
Interface method to validate the auth plugin chain if user_attributes in mysql.user table is modified using INSERT, UPDATE sql. More... | |
Private Attributes | |
MEM_ROOT * | m_mem_root |
LEX_MFA * | m_multi_factor_auth |
acl_table::Pod_user_what_to_update | m_update |
Multi_factor_auth_info::Multi_factor_auth_info | ( | MEM_ROOT * | mem_root | ) |
|
inlineoverride |
|
overridevirtual |
Helper function to read details from Json object representing Multi factor authentication methods and filling details in Multi_factor_auth_info instance.
[in] | nth_factor | Number referring to nth factor. |
[out] | mfa_dom | Json object holding details about Multi factor authentication method. |
false | Success |
true | Failure |
Implements I_multi_factor_auth.
|
overridevirtual |
This method reads the credential details received from FIDO device and saves in user_attributes column of mysql.user table.
[in] | thd | Connection handler |
[in] | user_name | Handler to LEX_USER |
[in] | nth_factor | Number referrering to nth factor |
false | Success |
true | Failure |
Implements I_multi_factor_auth.
const char * Multi_factor_auth_info::get_auth_str | ( | ) |
size_t Multi_factor_auth_info::get_auth_str_len | ( | ) |
size_t Multi_factor_auth_info::get_client_plugin_len | ( | ) |
const char * Multi_factor_auth_info::get_client_plugin_str | ( | ) |
std::string Multi_factor_auth_info::get_command_string | ( | enum_sql_command | sql_command | ) |
nthfactor Multi_factor_auth_info::get_factor | ( | ) |
bool Multi_factor_auth_info::get_finish_registration | ( | ) |
size_t Multi_factor_auth_info::get_generated_password_len | ( | ) |
const char * Multi_factor_auth_info::get_generated_password_str | ( | ) |
|
overridevirtual |
This method will return randomly generated passwords as part of IDENTIFIED BY RANDOM PASSWORD clause, so that it can be sent to client.
[out] | gp | List holding all generated passwords. |
[in] | u | Name of user |
[in] | h | Host name |
Implements I_multi_factor_auth.
|
overridevirtual |
This method will fill in missing details like plugin name or authentication string, during CREATE/ALTER user sql so that binlog is logged with correct Multi factor authentication methods.
[in] | thd | connection handler |
[in] | user_name | Handler to LEX_USER |
Implements I_multi_factor_auth.
bool Multi_factor_auth_info::get_init_registration | ( | ) |
LEX_MFA * Multi_factor_auth_info::get_lex_mfa | ( | ) |
unsigned int Multi_factor_auth_info::get_nth_factor | ( | ) |
const char * Multi_factor_auth_info::get_plugin_str | ( | ) |
size_t Multi_factor_auth_info::get_plugin_str_len | ( | ) |
bool Multi_factor_auth_info::get_requires_registration | ( | ) |
|
overridevirtual |
This method will return randomly generated server challenge as part of ALTER USER .
. INITIATE REGISTRATION clause, so that it can be sent to client.
[out] | sc | List holding all generated server challenges. |
Implements I_multi_factor_auth.
bool Multi_factor_auth_info::get_unregister | ( | ) |
|
overridevirtual |
This method initiates registration step.
This method calls plugin specific registration method to get details needed to do registration. This method further appends user name to it. This method will do nothing in case init registration is already done.
[in] | thd | THD handle |
[in] | nth_factor | Number representing which factor to init registration step |
Format of buffer is a length encoded string. [salt length][random salt][relying party ID length][relying party ID] [user name length][user name]
false | Success |
true | Failure |
Implements I_multi_factor_auth.
bool Multi_factor_auth_info::is_add_factor | ( | ) |
bool Multi_factor_auth_info::is_drop_factor | ( | ) |
bool Multi_factor_auth_info::is_identified_by | ( | ) |
bool Multi_factor_auth_info::is_identified_with | ( | ) |
bool Multi_factor_auth_info::is_modify_factor | ( | ) |
|
overridevirtual |
Implements I_multi_factor_auth.
Multi_factor_auth_info & Multi_factor_auth_info::operator= | ( | Multi_factor_auth_info & | new_af | ) |
LEX_CSTRING & Multi_factor_auth_info::plugin_name | ( | ) |
|
overridevirtual |
Helper function to convert an instance of Multi_factor_auth_info into a JSON object.
[out] | mfa_arr | Json Array holding details about Multi factor authentication methods. |
false | Success |
true | Failure |
Implements I_multi_factor_auth.
void Multi_factor_auth_info::set_auth_str | ( | const char * | str, |
size_t | l | ||
) |
void Multi_factor_auth_info::set_client_plugin | ( | const char * | str, |
size_t | l | ||
) |
void Multi_factor_auth_info::set_factor | ( | nthfactor | f | ) |
void Multi_factor_auth_info::set_finish_registration | ( | bool | v | ) |
void Multi_factor_auth_info::set_generated_password | ( | const char * | str, |
size_t | l | ||
) |
void Multi_factor_auth_info::set_init_registration | ( | bool | v | ) |
void Multi_factor_auth_info::set_passwordless | ( | int | v | ) |
void Multi_factor_auth_info::set_plugin_str | ( | const char * | str, |
size_t | l | ||
) |
void Multi_factor_auth_info::set_requires_registration | ( | int | v | ) |
|
overridevirtual |
Method to update User_attributes column in mysql.user table.
false | Success |
true | Failure |
Implements I_multi_factor_auth.
|
overridevirtual |
This method validates nth factor authentication plugin during ALTER/CREATE USER sql.
[in] | thd | Connection handler |
[in] | policy_factors | Authentication policy factors |
false | Success |
true | Failure |
Implements I_multi_factor_auth.
|
private |
Interface method to validate the auth plugin chain if user_attributes in mysql.user table is modified using INSERT, UPDATE sql.
false | Success |
true | Failure |
|
private |
|
private |
|
private |