You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

97 lines
2.1 KiB

  1. # ===============================================
  2. # AUTHENTICATION
  3. # ===============================================
  4. extend type Query {
  5. authentication: AuthenticationQuery
  6. }
  7. extend type Mutation {
  8. authentication: AuthenticationMutation
  9. }
  10. # -----------------------------------------------
  11. # QUERIES
  12. # -----------------------------------------------
  13. type AuthenticationQuery {
  14. strategies(
  15. isEnabled: Boolean
  16. ): [AuthenticationStrategy]
  17. }
  18. # -----------------------------------------------
  19. # MUTATIONS
  20. # -----------------------------------------------
  21. type AuthenticationMutation {
  22. login(
  23. username: String!
  24. password: String!
  25. strategy: String!
  26. ): AuthenticationLoginResponse @rateLimit(limit: 5, duration: 60)
  27. loginTFA(
  28. loginToken: String!
  29. securityCode: String!
  30. ): DefaultResponse @rateLimit(limit: 5, duration: 60)
  31. register(
  32. email: String!
  33. password: String!
  34. name: String!
  35. ): AuthenticationRegisterResponse
  36. updateStrategies(
  37. strategies: [AuthenticationStrategyInput]!
  38. config: AuthenticationConfigInput
  39. ): DefaultResponse @auth(requires: ["manage:system"])
  40. }
  41. # -----------------------------------------------
  42. # TYPES
  43. # -----------------------------------------------
  44. type AuthenticationStrategy {
  45. isEnabled: Boolean!
  46. key: String!
  47. props: [String]
  48. title: String!
  49. description: String
  50. useForm: Boolean!
  51. logo: String
  52. color: String
  53. website: String
  54. icon: String
  55. config: [KeyValuePair] @auth(requires: ["manage:system"])
  56. selfRegistration: Boolean!
  57. domainWhitelist: [String]! @auth(requires: ["manage:system"])
  58. autoEnrollGroups: [Int]! @auth(requires: ["manage:system"])
  59. }
  60. type AuthenticationLoginResponse {
  61. responseResult: ResponseStatus
  62. jwt: String
  63. tfaRequired: Boolean
  64. tfaLoginToken: String
  65. }
  66. type AuthenticationRegisterResponse {
  67. responseResult: ResponseStatus
  68. jwt: String
  69. }
  70. input AuthenticationStrategyInput {
  71. isEnabled: Boolean!
  72. key: String!
  73. config: [KeyValuePairInput]
  74. selfRegistration: Boolean!
  75. domainWhitelist: [String]!
  76. autoEnrollGroups: [Int]!
  77. }
  78. input AuthenticationConfigInput {
  79. audience: String!
  80. tokenExpiration: String!
  81. tokenRenewal: String!
  82. }