119 ProviderConfigProperty forceOtpUserAttribute =
new ProviderConfigProperty();
120 forceOtpUserAttribute.setType(STRING_TYPE);
121 forceOtpUserAttribute.setName(OTP_CONTROL_USER_ATTRIBUTE);
122 forceOtpUserAttribute.setLabel(
"OTP control User Attribute");
123 forceOtpUserAttribute.setHelpText(
"The name of the user attribute to explicitly control OTP auth. " +
124 "If attribute value is 'force' then OTP is always required. " +
125 "If value is 'skip' the OTP auth is skipped. Otherwise this check is ignored.");
127 ProviderConfigProperty skipOtpRole =
new ProviderConfigProperty();
128 skipOtpRole.setType(ROLE_TYPE);
129 skipOtpRole.setName(SKIP_OTP_ROLE);
130 skipOtpRole.setLabel(
"Skip OTP for Role");
131 skipOtpRole.setHelpText(
"OTP is always skipped if user has the given Role.");
133 ProviderConfigProperty forceOtpRole =
new ProviderConfigProperty();
134 forceOtpRole.setType(ROLE_TYPE);
135 forceOtpRole.setName(FORCE_OTP_ROLE);
136 forceOtpRole.setLabel(
"Force OTP for Role");
137 forceOtpRole.setHelpText(
"OTP is always required if user has the given Role.");
139 ProviderConfigProperty skipOtpForHttpHeader =
new ProviderConfigProperty();
140 skipOtpForHttpHeader.setType(STRING_TYPE);
141 skipOtpForHttpHeader.setName(SKIP_OTP_FOR_HTTP_HEADER);
142 skipOtpForHttpHeader.setLabel(
"Skip OTP for Header");
143 skipOtpForHttpHeader.setHelpText(
"OTP is skipped if a HTTP request header does matches the given pattern." +
144 "Can be used to specify trusted networks via: X-Forwarded-Host: (1.2.3.4|1.2.3.5)." +
145 "In this case requests from 1.2.3.4 and 1.2.3.5 come from a trusted source.");
146 skipOtpForHttpHeader.setDefaultValue(
"");
148 ProviderConfigProperty forceOtpForHttpHeader =
new ProviderConfigProperty();
149 forceOtpForHttpHeader.setType(STRING_TYPE);
150 forceOtpForHttpHeader.setName(FORCE_OTP_FOR_HTTP_HEADER);
151 forceOtpForHttpHeader.setLabel(
"Force OTP for Header");
152 forceOtpForHttpHeader.setHelpText(
"OTP required if a HTTP request header matches the given pattern.");
153 forceOtpForHttpHeader.setDefaultValue(
"");
155 ProviderConfigProperty defaultOutcome =
new ProviderConfigProperty();
156 defaultOutcome.setType(LIST_TYPE);
157 defaultOutcome.setName(DEFAULT_OTP_OUTCOME);
158 defaultOutcome.setLabel(
"Fallback OTP handling");
159 defaultOutcome.setOptions(asList(SKIP, FORCE));
160 defaultOutcome.setHelpText(
"What to do in case of every check abstains. Defaults to force OTP authentication.");
162 return asList(forceOtpUserAttribute, skipOtpRole, forceOtpRole, skipOtpForHttpHeader, forceOtpForHttpHeader, defaultOutcome);