Struct kanidm::credential::Credential[][src]

pub struct Credential { /* fields omitted */ }
Expand description

This is how we store credentials in the server. An account can have many credentials, and a credential can have many factors. Only successful auth to a credential as a whole unit will succeed. For example: A: Credential { password: aaa } B: Credential { password: bbb, otp: … } In this case, if we selected credential B, and then provided password “aaa” we would deny the auth as the password of B was incorrect. Additionally, while A only needs the “password”, B requires both the password and otp to be valid.

In this way, each Credential provides it’s own password requirements and policy, and requires some metadata to support this such as it’s source and strength etc.

Implementations

Create a new credential that contains a CredentialType::Password

Create a new credential that contains a CredentialType::GeneratedPassword

Create a new credential that contains a CredentialType::Webauthn

Update the state of the Password on this credential, if a password is present. If possible this will convert the credential to a PasswordMFA in some cases, or fail in others.

Extend this credential with another alternate webauthn credential. This is especially useful for PasswordMfa where you can have many webauthn credentials and a password generally so that one is a backup.

Remove a webauthn token identified by label from this Credential.

After a successful authentication with Webauthn, we need to advance the credentials counter value to prevent certain classes of replay attacks.

Get a reference to the contained webuthn credentials, if any.

Get a reference to the contained password, if any.

Extract this credential into it’s Serialisable Database form, ready for persistence.

Trait Implementations

Returns a copy of the value. Read more

Performs copy-assignment from source. Read more

Formats the value using the given formatter. Read more

Performs the conversion.

The type returned in the event of a conversion error.

Performs the conversion.

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more

Immutably borrows from an owned value. Read more

Mutably borrows from an owned value. Read more

Performs the conversion.

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

Performs the conversion.

The alignment of pointer.

The type for initializers.

Initializes a with the given initializer. Read more

Dereferences the given pointer. Read more

Mutably dereferences the given pointer. Read more

Drops the object pointed to by the given pointer. Read more

Should always be Self

The resulting type after obtaining ownership.

Creates owned data from borrowed data, usually by cloning. Read more

🔬 This is a nightly-only experimental API. (toowned_clone_into)

Uses borrowed data to replace owned data, usually by cloning. Read more

The type returned in the event of a conversion error.

Performs the conversion.

The type returned in the event of a conversion error.

Performs the conversion.

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more