| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101 |
- # ===============================================
- # AUTHENTICATION
- # ===============================================
- extend type Query {
- authentication: AuthenticationQuery
- }
- extend type Mutation {
- authentication: AuthenticationMutation
- }
- # -----------------------------------------------
- # QUERIES
- # -----------------------------------------------
- type AuthenticationQuery {
- strategies(
- isEnabled: Boolean
- ): [AuthenticationStrategy]
- }
- # -----------------------------------------------
- # MUTATIONS
- # -----------------------------------------------
- type AuthenticationMutation {
- login(
- username: String!
- password: String!
- strategy: String!
- ): AuthenticationLoginResponse @rateLimit(limit: 5, duration: 60)
- loginTFA(
- loginToken: String!
- securityCode: String!
- ): DefaultResponse @rateLimit(limit: 5, duration: 60)
- register(
- email: String!
- password: String!
- name: String!
- ): AuthenticationRegisterResponse
- updateStrategies(
- strategies: [AuthenticationStrategyInput]!
- config: AuthenticationConfigInput
- ): DefaultResponse @auth(requires: ["manage:system"])
- regenerateCertificates: DefaultResponse @auth(requires: ["manage:system"])
- resetGuestUser: DefaultResponse @auth(requires: ["manage:system"])
- }
- # -----------------------------------------------
- # TYPES
- # -----------------------------------------------
- type AuthenticationStrategy {
- isEnabled: Boolean!
- key: String!
- props: [String]
- title: String!
- description: String
- isAvailable: Boolean
- useForm: Boolean!
- logo: String
- color: String
- website: String
- icon: String
- config: [KeyValuePair] @auth(requires: ["manage:system"])
- selfRegistration: Boolean!
- domainWhitelist: [String]! @auth(requires: ["manage:system"])
- autoEnrollGroups: [Int]! @auth(requires: ["manage:system"])
- }
- type AuthenticationLoginResponse {
- responseResult: ResponseStatus
- jwt: String
- tfaRequired: Boolean
- tfaLoginToken: String
- }
- type AuthenticationRegisterResponse {
- responseResult: ResponseStatus
- jwt: String
- }
- input AuthenticationStrategyInput {
- isEnabled: Boolean!
- key: String!
- config: [KeyValuePairInput]
- selfRegistration: Boolean!
- domainWhitelist: [String]!
- autoEnrollGroups: [Int]!
- }
- input AuthenticationConfigInput {
- audience: String!
- tokenExpiration: String!
- tokenRenewal: String!
- }
|
