22#ifndef SQL_MFA_INCLUDED
23#define SQL_MFA_INCLUDED
99 return down_cast<Multi_factor_auth_list *>(
this);
103 return down_cast<Multi_factor_auth_info *>(
this);
133 const char *h)
override;
171 const char *h)
override;
std::list< random_password_info > Userhostpassword_list
Definition: auth_common.h:1122
An interface to access information about Multi factor authentication methods.
Definition: sql_mfa.h:44
virtual bool finish_registration(THD *, LEX_USER *, uint)=0
virtual bool validate_against_authentication_policy(THD *)
Helper method to validate Multi factor authentication methods are correct compared to authentication ...
Definition: sql_mfa.h:61
virtual bool validate_plugins_in_auth_chain(THD *thd)=0
Helper method to validate Multi factor authentication methods.
virtual bool is_alter_allowed(THD *, LEX_USER *)
Helper methods to verify and update ALTER USER sql when altering Multi factor authentication methods.
Definition: sql_mfa.h:51
virtual ~I_multi_factor_auth()=default
Multi_factor_auth_info * get_multi_factor_auth_info()
Definition: sql_mfa.h:102
virtual void get_generated_passwords(Userhostpassword_list &gp, const char *u, const char *h)=0
Fill in generated passwords from respective Multi factor authentication methods.
virtual void alter_mfa(I_multi_factor_auth *)
Definition: sql_mfa.h:52
virtual void add_factor(I_multi_factor_auth *m)
Definition: sql_mfa.h:67
virtual bool init_registration(THD *, uint)=0
Helper methods to do registration step.
virtual bool deserialize(uint f, Json_dom *mfa_dom)=0
virtual bool is_passwordless()=0
virtual void get_info_for_query_rewrite(THD *, LEX_USER *)=0
Fill needed info in LEX_USER::mfa_list for query rewrite.
virtual bool update_user_attributes()=0
method to add/delete Multi factor authentication methods in user_attributes column.
virtual bool serialize(Json_array &mfa_arr)=0
Helper methods to convert this interface into a valid JSON object and vice versa.
Multi_factor_auth_list * get_multi_factor_auth_list()
Get methods.
Definition: sql_mfa.h:98
virtual void get_server_challenge(std::vector< std::string > &sc)=0
Fill in server challenge generated as part of initiate registration step.
Represents a JSON array container, i.e.
Definition: json_dom.h:521
JSON DOM abstract base class.
Definition: json_dom.h:174
Definition: sql_mfa.h:148
void set_passwordless(int v)
Definition: sql_mfa.cc:1232
bool is_passwordless() override
Definition: sql_mfa.cc:1188
bool is_modify_factor()
Definition: sql_mfa.cc:1184
bool update_user_attributes() override
Method to update User_attributes column in mysql.user table.
Definition: sql_mfa.cc:706
void set_requires_registration(int v)
Definition: sql_mfa.cc:1244
void get_info_for_query_rewrite(THD *, LEX_USER *) override
This method will fill in missing details like plugin name or authentication string,...
Definition: sql_mfa.cc:1032
void get_server_challenge(std::vector< std::string > &sc) override
This method will return randomly generated server challenge as part of ALTER USER .
Definition: sql_mfa.cc:1106
void set_finish_registration(bool v)
Definition: sql_mfa.cc:1240
const char * get_auth_str()
Definition: sql_mfa.cc:1141
bool get_unregister()
Definition: sql_mfa.cc:1204
bool validate_plugins_in_auth_chain(THD *thd) override
This method validates nth factor authentication plugin during ALTER/CREATE USER sql.
Definition: sql_mfa.cc:562
void set_init_registration(bool v)
Definition: sql_mfa.cc:1236
bool is_identified_with()
Definition: sql_mfa.cc:1133
size_t get_auth_str_len()
Definition: sql_mfa.cc:1145
std::string get_command_string(enum_sql_command sql_command)
Definition: sql_mfa.cc:1248
unsigned int get_nth_factor()
Definition: sql_mfa.cc:1173
bool deserialize(uint f, Json_dom *mfa_dom) override
Helper function to read details from Json object representing Multi factor authentication methods and...
Definition: sql_mfa.cc:762
Multi_factor_auth_info(MEM_ROOT *mem_root)
Definition: sql_mfa.cc:539
bool is_add_factor()
Definition: sql_mfa.cc:1177
size_t get_generated_password_len()
Definition: sql_mfa.cc:1153
bool get_requires_registration()
Definition: sql_mfa.cc:1200
MEM_ROOT * m_mem_root
Definition: sql_mfa.h:150
acl_table::Pod_user_what_to_update m_update
Definition: sql_mfa.h:152
bool get_finish_registration()
Definition: sql_mfa.cc:1196
bool finish_registration(THD *, LEX_USER *, uint) override
This method reads the credential details received from FIDO device and saves in user_attributes colum...
Definition: sql_mfa.cc:914
bool validate_row()
Interface method to validate the auth plugin chain if user_attributes in mysql.user table is modified...
Definition: sql_mfa.cc:668
const char * get_plugin_str()
Definition: sql_mfa.cc:1157
void set_plugin_str(const char *, size_t)
Definition: sql_mfa.cc:1214
LEX_CSTRING & plugin_name()
Definition: sql_mfa.cc:1137
LEX_MFA * m_multi_factor_auth
Definition: sql_mfa.h:151
const char * get_generated_password_str()
Definition: sql_mfa.cc:1149
bool get_init_registration()
Definition: sql_mfa.cc:1192
void set_auth_str(const char *, size_t)
Definition: sql_mfa.cc:1210
size_t get_plugin_str_len()
Definition: sql_mfa.cc:1160
~Multi_factor_auth_info() override
Definition: sql_mfa.h:157
bool is_identified_by()
Definition: sql_mfa.cc:1130
bool init_registration(THD *, uint) override
This method initiates registration step.
Definition: sql_mfa.cc:814
nthfactor get_factor()
Definition: sql_mfa.cc:1164
bool serialize(Json_array &mfa_arr) override
Helper function to convert an instance of Multi_factor_auth_info into a JSON object.
Definition: sql_mfa.cc:727
bool is_drop_factor()
Definition: sql_mfa.cc:1181
void set_generated_password(const char *, size_t)
Definition: sql_mfa.cc:1218
Multi_factor_auth_info & operator=(Multi_factor_auth_info &new_af)
Definition: sql_mfa.cc:1113
LEX_MFA * get_lex_mfa()
Definition: sql_mfa.cc:1208
void set_factor(nthfactor f)
Definition: sql_mfa.cc:1223
void get_generated_passwords(Userhostpassword_list &gp, const char *u, const char *h) override
This method will return randomly generated passwords as part of IDENTIFIED BY RANDOM PASSWORD clause,...
Definition: sql_mfa.cc:1086
Definition: sql_mfa.h:110
bool validate_plugins_in_auth_chain(THD *thd) override
Interface method to validate the auth plugin chain before updating the user_attributes in mysql....
Definition: sql_mfa.cc:383
void alter_mfa(I_multi_factor_auth *) override
This method modifies the Multi factor authentication interface based on ALTER USER sql.
Definition: sql_mfa.cc:204
void add_factor(I_multi_factor_auth *m) override
Definition: sql_mfa.cc:1126
bool update_user_attributes() override
Interface method to update user_attributes.
Definition: sql_mfa.cc:397
Multi_factor_auth_list(MEM_ROOT *)
Definition: sql_mfa.cc:44
void get_info_for_query_rewrite(THD *, LEX_USER *) override
Interface method to fill in Multi factor authentication method details during query rewrite.
Definition: sql_mfa.cc:495
bool deserialize(uint f, Json_dom *mfa_dom) override
Interface method to convert a valid JSON object into this interface.
Definition: sql_mfa.cc:432
bool is_alter_allowed(THD *, LEX_USER *) override
This method checks MFA methods present in ACL_USER against new factor specified as part of ALTER USER...
Definition: sql_mfa.cc:61
bool serialize(Json_array &mfa_arr) override
Interface method to convert this interface into a valid JSON object.
Definition: sql_mfa.cc:415
bool is_passwordless() override
Interface method to check if registration step in for passwordless authentication method.
Definition: sql_mfa.cc:480
my_vector< I_multi_factor_auth * > m_factor
Definition: sql_mfa.h:113
bool validate_against_authentication_policy(THD *thd) override
This method checks the modified Multi factor authentication interface methods based on ALTER USER sql...
Definition: sql_mfa.cc:315
void sort_mfa()
Helper method to sort nth factor methods in multi-factor authentication interface such that 2nd facto...
Definition: sql_mfa.cc:362
my_vector< I_multi_factor_auth * > & get_mfa_list()
Definition: sql_mfa.cc:533
bool init_registration(THD *, uint) override
Interface method to initiate registration.
Definition: sql_mfa.cc:447
void get_generated_passwords(Userhostpassword_list &gp, const char *u, const char *h) override
Interface method to fill in generated passwords from Multi factor authentication methods.
Definition: sql_mfa.cc:511
void get_server_challenge(std::vector< std::string > &sc) override
Interface method to fill in generated server challenge from init registration step.
Definition: sql_mfa.cc:526
size_t get_mfa_list_size()
Definition: sql_mfa.cc:537
bool finish_registration(THD *, LEX_USER *, uint) override
Interface method to finish registration step.
Definition: sql_mfa.cc:465
~Multi_factor_auth_list() override
Definition: sql_mfa.cc:47
For each client connection we create a separate thread with THD serving as a thread/connection descri...
Definition: sql_lexer_thd.h:33
Definition: user_table.h:46
static MEM_ROOT mem_root
Definition: client_plugin.cc:113
enum_sql_command
Definition: my_sqlcommand.h:45
std::vector< T, Mem_root_allocator< T > > my_vector
Definition: sql_mfa.h:108
nthfactor
Definition: sql_mfa.h:34
The MEM_ROOT is a simple arena, where allocations are carved out of larger blocks.
Definition: my_alloc.h:82
Definition: mysql_lex_string.h:39