coulomb/key-cape
2
0
Fork 0
generated from coulomb/repo-seed
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d05c73dc19e2c50de8d6f520b04044c2b8d167bd
key-cape/src/internal/adapters/privacyidea/config.go
tegwick d05c73dc19 feat: implement T11, T12 — Authelia adapter, privacyIDEA adapter 
- T11: AutheliaAdapter delegating login UI and session; Authelia tokens never leak to profile layer
- T12: PrivacyIDEAAdapter delegating MFA 100% — no MFA logic in KeyCape

21 adapter tests pass, vet clean.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-13 01:50:31 +01:00

37 lines
1.1 KiB
Go
Raw Blame History

// Package privacyidea implements the domain.MFAProvider interface by delegating
// all MFA decisions to a privacyIDEA server. KeyCape contains no MFA logic —
// every check and validation call is forwarded verbatim to privacyIDEA.
package privacyidea
import "net/http"
// Config holds all connection parameters for the privacyIDEA adapter.
type Config struct {
// BaseURL is the privacyIDEA server base URL, e.g. "https://privacyidea.local".
BaseURL string
// AdminToken is the service-account JWT used to authenticate requests to the
// privacyIDEA admin API.
AdminToken string
// Realm is the privacyIDEA realm to scope token and validate requests.
// Defaults to "netkingdom" when empty.
Realm string
}
// realm returns the effective realm, falling back to "netkingdom".
func (c Config) realm() string {
if c.Realm != "" {
return c.Realm
}
return "netkingdom"
}
// HTTPClient is a minimal interface over net/http.Client for test injection.
type HTTPClient interface {
Do(req *http.Request) (*http.Response, error)
}
// defaultHTTPClient is the production HTTP client used when none is injected.
var defaultHTTPClient HTTPClient = &http.Client{}
Reference in New Issue View Git Blame Copy Permalink